01/27/2018 at 03:33 •
After a ton of excellent feedback regarding IP68 protection, I have decided to use buttons instead of a trackball for the initial version of the Zamek. I will keep the code for the trackball in comments and possibly revisit it for version 2, but right now my priority is to get this out the door soon!
I'll finish testing when my battery comes in, then start looking at simple watertight enclosures. I'm thinking clear silicone?
05/12/2017 at 23:26 •
Sorry about the lack of screen! I couldn't wait until the screen came to start fitting it together :)
I'll take more pictures after the screen comes in. In the mean time I'll explore whether this case design is viable for production, or try to come up with a more manufacturable solution.
04/18/2017 at 18:11 •
I sent a spare Zamek beta unit to a Youtube Electronics Channel; check out their take on it here!
04/18/2017 at 18:06 •
Exciting news! After much waiting, I've finally found an easily source-able battery to use for the Zamek, meaning I can finally fit together an attractive case :) The first draft of the case has been sent to Ponoko; stay tuned!
Some background: Zamek has been on hold for a while as I searched for ways to easily create a case that fit around the strange shape consisting of the Screen/Battery/PCB sandwich with the trackball right next to it. Every solution that was attempted was either ugly or impractical to produce.
I recently got my hands on some ultra-thin batteries, only 1.5mm thick! These guys don't hold a lot of juice ( 30mAh ), but my calculations estimate that that's enough to check your password about 700 times before you need to top up ( 15 seconds of on-time at 10mA avg draw ). I'm working with the battery manufacturer to see if we can push the charging rate of the battery up to 2 or even 4C, so the battery could be charged in a matter of minutes. Case parts should be in early next week, next update then!
09/09/2016 at 02:35 •
After some back and forths with designing the case, I realized that it would be much easier to produce the device if I re-engineered some of the sticking points around the previous design. So I cleaned up the entire back of the circuit board so that it can sit flush up against the housing. I also added a trackball for faster and more accurate navigation.
05/10/2016 at 03:17 •
Latest PCB Revision, fabbed and assembled by the fine crew at www.macrofab.com !
I'm working on putting together a group-buy campaign for a batch of these with attractive cases! Sign up at https://www.crowdsupply.com/soniktech/zamek to find out when you can sign up for your own!
This project will release its source files, containing board layout, source code, and enclosure designs, on the day the campaign launches, all published here on https://hackaday.io/project/3555-zamek-the-offline-pocket-password-manager !
See all the details: https://hackaday.io/project/3555-zamek-the-offline-pocket-password-manager
Here is a video showing the screen layout and data entry using the joystick: https://hackaday.io/project/3555-zamek-the-offline-pocket-password-manager/log/33748-drum-roll-please
There is also a PC app planned which will provide backup and restore to hard disk functionality, as well as make inputting credentials to your Zamek easier: https://hackaday.io/project/3555/log/36334-pc-app-is-functionally-finished
04/27/2016 at 13:57 •
The next PCB revision is in, but my display vendor has delayed shipment of my order. Expect pics of the new revision some time next week!
04/21/2016 at 00:20 •
A bare ATMega32u4 has 1KB of EEPROM. This means that by itself, it can store 20 typical account entries (consisting of a 16 character site name, a 16 character user name, and a 16 character password). In order to expand this repository, I have added on a footprint for common EEPROM chips. This will allow up to 100 accounts to be stored!
I'm also starting to think of ways to implement an additional layer of security to secure the EEPROM payload against brute-forcing attacks. This usually means taking the route of longer keys and/or longer computation time. I thought about all the literature I've read on the subject and parsed through chat logs with the excellent folks on the Hacker Channel chat, and am thinking about writing a method to encrypt the EEPROM with a very long key that would be stored in the microcontroller's RAM. This key would itself be encrypted with the relatively shorter PIN. This means that if an attacker simply tries to dump the EEPROM, they would be met with a very resistant payload. If the attacker were to try to dump the RAM, they would likely erase the contents of the RAM in the process (I'll give the chip a warm jacket in case security researchers try to freeze the chip ;) ).
04/20/2016 at 05:09 •
All the features are finished and tested: reading and editing individual accounts, and full encrypted EEPROM dumps and restores. Now to give it a good helping of UI design :)
04/15/2016 at 20:55 •
One of the biggest 'asks' has been "can I use my PC to enter the credentials more quickly?"
Now you can. Still a WIP, need to clean up the UI and figure out how to do terminators, but it definitely works!