Bonum Certa Men Certa
Links 6/3/2021: Linux 5.12 RC2 and OpenSUSE Tumbleweed Woes | Links 6/3/2021: “SLS” Mitigation and Exiv2/KDE Project

How To Deal With Your Raspberry Spy -- Part III: Fundamentals

By Gavin L. Rebeiro

Contents



Cover

Copyright

1 Acknowledgements

2 Introduction

2.1 Prerequisite Knowledge 2.2 Apparatus

3 YOU ARE HERE ☞ Fundamentals

3.1 Communication 3.2 Kernel Ring Buffer 3.3 Drivers 3.4 Operating Systems 3.5 Special Files

4 Doing The Task

4.1 Preparing The Boot Media 4.2 Connecting Physical Components 4.3 Using Picocom 4.4 OS Installation

5 Thanks

6 OpenPGP Key

A Malicious Hardware

B Linux Kernel Source Tree Analysis

C Digital Multimeter Tests

Summary: Following the introductory and preliminary parts (Part I and Part II) we dive deeper into the steps taken to replace the Raspberry Pi's GNU- and Linux-based OS with something like NetBSD

Now that you know what you need to get started, let’s gently walk through an overview of the fundamental ideas and topics that we’ll be engaging and experimenting with.



The order of topics may seem strange at first but things should make sense as you move on.

3.1 Communication

If we want two computers to communicate, there needs to be some protocol that they both speak.

If we want two computers to communicate, there needs to be a physical medium over which they can communicate.

Almost all computers and their peripherals communicate over USB these days. But when it comes to getting into the nitty-gritty details, you will often find UART humbly serving the same purpose it has for decades of computing. Fortunately for us, almost every embedded system these days supports UART; this includes the Raspberry Spy.

"Why bother with this anachronistic technology? Glad you asked!"We’ll be using our UTUB to install a new OS on our Raspberry Spy over a serial interface (UART). The program that we’ll be using to do this serial communication is picocom(1).

Why bother with this anachronistic technology? Glad you asked! Once you know how to operate something like a UTUB and a program like picocom(1), you can “break into” several devices and modify them how you wish. Routers, motherboards, embedded systems, etc. all tend to have some sort of serial interface on them. Once you learn the basics, you are equipped to liberate yourself and gain more computing freedom.

But wait. Isn’t all this embedded stuff way too difficult and only for “experts”? HOGWASH! You can do it too. Don’t fall for the propaganda. You are perfectly capable of doing a bit of serial hacking to liberate your devices. You paid for them, after all. You should be able to do whatever you want with them (and you will). Onwards!

3.2 Kernel Ring Buffer

What on earth is a “kernel ring buffer” (KRB)? Ever heard of dmesg(1)? dmesg(1) is what you use to read the KRB. Not so scary now. Is it?

Why is the KRB important? Well: when you plug in (or out) a device, you can see the messages show up in the KRB. If you learn how to pay attention to the KRB, when you are working with hardware, you will become a lot better at trouble-shooting your own problems. Take strings you don’t understand and plop them into your favourite search engine; try the apropos(1) command as well.

As we progress with our project, we’ll see how to leverage dmesg(1) to our advantage. Learning proper use of dmesg(1) is an essential skill if you want to improve and maintain your computing freedom; dmesg(1) allows you to demystify the inner workings of your computer and get clues on how to fix problems yourself.

3.3 Drivers

Say you plug in your mouse or keyboard into your computer; or even plug them out. The software responsible for translating the physical signals from the mouse or keyboard, to the intermediary physical devices, to the more abstract layers of your operating system (like stuff you see on the screen) is called the kernel; this is the “Linux” part of GNU/Linux.

The kernel is the layer of software that sits between the physical hardware and the more abstract levels of software that gives you an “operating system”. When you plug in or out your keyboard or mouse, the Kernel has programs which recognise those types of devices and then loads the appropriate software required to use those physical devices; such software are called “device drivers”.

All of the above is a bit vague. Let’s take a look at what this looks like in practice; I’m going to plug out and plug back in my mouse while staring at dmesg(1): 

1   # dmesg --human --follow
2   ...
3   [Feb19 17:26] usb 7-4: USB disconnect, device number 2
4   [ +25.036175] usb 7-4: new low-speed USB device number
            → 4 using ohci-pci
5   [ +0.193047] usb 7-4: New USB device found, 
            → idVendor=0461, idProduct=4d81, bcdDevice= 2.00
6   [ +0.000006] usb 7-4: New USB device strings: Mfr=0,
            → Product=2, SerialNumber=0
7   [ +0.000004] usb 7-4: Product: USB Optical Mouse
8   [ +0.007570] input: USB Optical Mouse as 
            → /devices/pci0000:00/0000:00:16.0/usb7/7-4/7-4:1.0/0 c
            → 003:0461:4D81.0005/input/input18
9   [ +0.000303] hid-generic 0003:0461:4D81.0005: 
            → input,hidraw3: USB HID v1.11 Mouse [USB Optical
            → Mouse] on usb-0000:00:16.0-4/input0


We’ll briefly analyse this output and introduce a few important tools in the process.

The first thing to note is this string “using ohci-pci”. It’s time to bring in the Linux-specific tool modinfo(8); let’s take a look at what we’re dealing with: 

1 $ modinfo ohci_pci
2   name:        ohci_pci
3   filename:    (builtin)
4   softdep:     pre: ehci_pci
5   license:     GPL
6   file:        drivers/usb/host/ohci-pci
7   description: OHCI PCI platform driver


That output is quite self-explanatory. We see the name of the kernel module; we see that its a builtin kernel module (which means it’s compiled into the kernel). “softdep” stands for soft dependency. We see that the license is GPL. We see the location in the kernel source tree this kernel module resides. And, finally, we see a short description of the kernel module.

I hope, at the point, you’ve realised that “kernel module” is synonymous with “driver”. See? Not that complicated.

So what does this have to do with our USB mouse? Well: when it comes to interfaces, there’s usually a few things that sit between your device and the userspace of your operating system. I’ll leave it as a research project for you to figure out what “HCI”, “OHCI”, “EHCI”, “PCI”, etc. mean.

The next crucial bit of driver information here is the “hid-generic” part; find out what this kernel module does with modinfo(8).

The next thing I want you to do is have a look at the output of the Linux-specific tool lsmod(8); Note the column headers. grep(1) through the lsmod(8) output for the following strings:

● usbhid ● hid_generic ● hid

The “USB HID v1.11 Mouse” from our dmesg(1) output should give us a good idea of what’s going on here. Don’t know what “USB HID” means? Look it up. Find out what the above kernel modules do, from the stuff you’ve already learned so far.

Let’s take a look at some sample lsmod(8) output: 

1 $ cat <(lsmod | head -n 1) <(lsmod | grep hid)
2 Module                     Size Used by
3 mac_hid               16384  0
4 hid_generic           16384  0
5 usbhid                57344  0
6 hid                  135168  2 usbhid,hid_generic


You’ve now got a bit of background knowledge to make sense of what’s going on when you plug things in and out of your GNU/Linux unit.

3.4 Operating Systems

We’re going to be a bit adventurous with our choice of OS to put on the Raspberry Spy. We’re going to go with NetBSD; this is a great OS for embedded systems and one you should be familiar with if you plan on doing any embedded work.

NetBSD is an OS with its own kernel and userspace. Thus, NetBSD runs the NetBSD kernel and NetBSD userspace utilities; this is in contrast to the Linux kernel and GNU userspace (GNU/Linux)1.

NetBSD is quite a beginner-friendly BSD because it has ample documentation; the fact that NetBSD has the primary focus of portability also means you can learn a great deal about portability from several perspectives.

A side note here. Avoid usage of package managers. They are bad for your freedom; to most people, package managers are entirely opaque systems that turn the computer operator into a mere consumer. Learn how to build your software from source code. This way you see all the dependencies2.

The opaque package manager is exactly how the Raspberry Spy Foundation smuggled in spyware into the Raspberry Spy. If you build all your programs from source code, you would be less vulnerable to these espionage tactics3.

You should be the operator of your computer, not a “user”. A “user” is effectively being “used” because they are treated like stupid consumers that get dictated to by other people. Don’t fall for this “user” trap. Be the operator of your computer; take back control; education is the true path to computing freedom.

Note that a lot of these operating systems we’re talking about follow some version of the POSIX specification (with varying degrees of compliance).

3.5 Special Files

It’s important to understand how special files relate to device drivers. What’s a special file? Glad you asked.

Let’s take a look at our friend dmesg(1) as we plug in our UTUB: 

1  [Feb22 12:13] usb 7-1: new full-speed USB device number
    → 3 using ohci-pci
2  [ +0.202882] usb 7-1: New USB device found,
    → idVendor=10c4, idProduct=ea60, bcdDevice= 1.00
3  [ +0.000006] usb 7-1: New USB device strings: Mfr=1,
    → Product=2, SerialNumber=3
4  [ +0.000003] usb 7-1: Product: CP2104 USB to UART
    → Bridge Controller
5  [ +0.000003] usb 7-1: Manufacturer: Silicon Labs
6  [ +0.000003] usb 7-1: SerialNumber: 010C48B4
7  [ +0.024088] usbcore: registered new interface driver
    → usbserial_generic
8  [ +0.000010] usbserial: USB Serial support registered
    → for generic
9  [  +0.003272] usbcore: registered new interface driver
    → cp210x
10 [  +0.000025] usbserial: USB Serial support registered
    → for cp210x
11 [  +0.000081] cp210x 7-1:1.0: cp210x converter detected
12 [  +0.010528] usb 7-1: cp210x converter now attached to
    → ttyUSB0


Bit of a mouthful. Let’s break it down into pieces that we can actually digest:

● Take a look at the Linux kernel modules usbcore, usbserial, and cp210x with modinfo(8). Not so scary now. Is it?

● Next, have a look at the line “usb 7-1: cp210x converter now attached to ttyUSB0”. You should understand all the lines leading up to this one; however, we need to do a bit of digging to find out what this whole “ttyUSB0” business is about. We’ll look into some other helpful things in the process.

Here we have a special file called ttyUSB0; So uh where is this file? Let’s see: 

1  $ find / -name "ttyUSB0" 2> /dev/null
2  /dev/ttyUSB0
3  /sys/class/tty/ttyUSB0
4  /sys/devices/pci0000:00/0000:00:16.0/usb7/7-1/7-1:1.0/t c
       → tyUSB0
5  /sys/devices/pci0000:00/0000:00:16.0/usb7/7-1/7-1:1.0/t c
       → tyUSB0/tty/ttyUSB0
6  /sys/bus/usb-serial/devices/ttyUSB0
7  /sys/bus/usb-serial/drivers/cp210x/ttyUSB0


The path we really want here is “/dev/ttyUSB0”4. Time to do a quick check: 

1  $ ls -al /dev/ttyUSB0
2  crw-rw---- 1 root dialout 188, 0 Feb 22 12:13
      → /dev/ttyUSB0


The “c” in “crw-rw--” tells us that this is a character file. The “188, 0” tells us that the “major” and “minor” number, respectively, of this special “character file”. These files are created with mknod(1). The following can be a useful pointer, when you are lost: 

1  $ file --mime /dev/ttyUSB0
2  /dev/ttyUSB0: inode/chardevice; charset=binary


Good stuff. We’re getting somewhere. To find a full list of what these major and minor numbers refer to, we can have a look in the Linux kernel source tree: 

1  $ less linux/Documentation/admin-guide/devices.txt
2 ...
3  188 char       USB serial converters
4           0 = /dev/ttyUSB0     First USB
                    → serial converter
5           1 = /dev/ttyUSB1     Second USB
                    → serial converter
6             ...
7 ...


That’s that part demystified. Isn’t learning great? Now you know where to get the right numbers if you want to use mknod(1) manually on GNU/Linux systems5.

Now what does all of this mean? We essentially have “cp210x” which is a discrete Linux kernel module; this Linux kernel module is then “attached” to the special file ttyUSB0; it’s this special file ttyUSB0 that the program picocom(1) will be attached to, in order to perform serial communications.

You can also see where the different parameters like “idVendor” and “idProduct” come from by taking a look at the appropriate path in the Linux kernel source tree: 

1  find ./ -regex ".*cp210x.*"
2  ./drivers/usb/serial/cp210x.c
3  $ less drivers/usb/serial/cp210x.c
4  ...
5  { USB_DEVICE(0x10C4, 0xEA60) }, /* Silicon Labs
        → factory default */
6  ...
On GNU/Linux systems, you should also take a look at the path /usr/share/misc/usd.ids: 

1  $ less /usr/share/misc/usb.ids
2  ...
3  10c4 Silicon Labs
4  ...
5           ea60 CP210x UART Bridge
6  ...


Now let’s have a look at what it looks like when we pull out our UTUB: 

1  $ dmesg --human --follow
2  ...
3  [Feb22 15:45] usb 7-1: USB disconnect, device number 3
4  [ +0.000384] cp210x ttyUSB0: cp210x converter now
       → disconnected from ttyUSB0
5  [ +0.000164] cp210x 7-1:1.0: device disconnected


There you have it! You should understand what’s going on in that output, with your new knowledge of Linux kernel internals. Remember, tools like lsmod(8), modinfo(8), and dmesg(1) are the first things you should look at when you plug things in and out of your GNU/Linux box. This stuff is incredibly simple, if you know where to look; now you know where to look! No need to be afraid.

Finally, we have the commands: 

 $ lscpi -k


and 

 $ lsusb -t


You now know enough to figure out yourself what you get from lspci -k and lsusb -t6.

You now have a healthy dose of knowledge injected into your grey matter to enable you to handle special files on GNU/Linux systems7. _____ 1 Technically, there’s also different bootloaders to worry about but we’re going to ignore bootloaders for now as we have enough to deal with. It’s also very unfair to GNU to just call it “userspace”; GNU gave the world things like the GNU Compiler Collection and GNU Autotools - things without which much of software today wouldn’t exist; there seems to be mass amnesia in the computing world around this, whether it be deliberate or not. And guess what? GNU was about freedom, first and foremost. 2 i.e., how much junk the software you want to use depends on. It’s a great way to filter out bloatware. You will also be able to learn to spot “common denominator” programs software of a certain type depends on. Often, this will enable you to refine your criteria for a program in order to find exactly what you need - opposed to what you think you need (or what others make you think you need). 3 However, don’t think you’re entirely immune, if you compile everything from source. Much has been infiltrated at the source code level. 4 The other paths are just as interesting. See Appendix B for details on the specifics. 5 A skill every GNU/Linux operator should have. 6 Don’t know what the options mean? RTFM. 7 Some of this special file handling knowledge applies to other POSIX-like operating systems as well, with minor details changed.
Links 6/3/2021: Linux 5.12 RC2 and OpenSUSE Tumbleweed Woes | Links 6/3/2021: “SLS” Mitigation and Exiv2/KDE Project

Recent Techrights' Posts

Mobbing at the European Patent Office (EPO) - Part IV - EPO Can Get Away With Murders, Suicide Clusters, and Systematic and Prolonged Bullying by 'Team Campinos' ("Alicante Mafia" as Insiders Call It)
Nobody in the Council or the EU/EC/EP gives a damn as long as laws are broken to fabricate 'growth'
Jeff Bezos Isn't Just Killing the Washington Post, He's Killing Thousands of News Sites/Newsrooms (in Dozens of Languages) That Rely on It for Many Decades Already
Not just slopfarms; even the Ukraine-based reporters are culled by Bezos, who's looking to please the dictators of the world
Central Staff Committee Confronted António Campinos for Giving His Cocaine-Addicted Friend Over 100,000 Euros to Do Nothing, Just Pretend to be Ill, While Cutting the Salaries of Everybody Else
"On the agenda: Amicale framework & Financial assistance for courses"
How to Win Lawsuits in 5 Simple Steps
Keep issuing threats every week and send 60 kilograms of legal papers to the target
Living in Freedom When 'False Flag Operations' Like EFF Get Captured by Billionaires to Take Freedom Away
There are many ways to think of Software Freedom
Changes at the Solicitors Regulation Authority (SRA)
SRA is basically a waste of money
 
IBM's CEO Speaks of Layoffs, Resorts to Mythical (False) Excuses
This has nothing to do with slop
Links 06/02/2026: Voter Intimidation and Press Shutdowns in US, Web Traffic Warped by LLM Sludge
Links for the day
Does Linux Torvalds Regret Having Dinners With Bill 'Russian Girls' Gates?
See, the rules that govern the Linux Foundation and its big sponsors aren't the same rules that apply to all of us
IBM: Cheapening Code, Cheapening Staff, Cheapening Everything
IBM's management runs IBM like it's a local branch of McDonald's. IBM is a junk company with morbid innards.
GNU/Linux Measured at 6% in One of the World's Largest Nations
Democratic Republic Of The Congo
Linux Foundation Operative Says We and Our Software All "Owe an Enormous Debt of Gratitude" to a Software Patents Reinforcer
The only true solution is to entirely get rid of all software patents
More Than 99% of "AI" Companies Aren't AI, They're Pure BS
We need to discard those stupid debates about "AI" and reject media that gets paid to participate in such overt narrative control (manipulation like The Register MS)
AI Used to Save Lives, Now "AI" is a Grifting Scheme That Burns the Planet and Will Crash the Economy
What the media calls "AI" (it gets paid to call it that) is the same stuff that could instead be dubbed "algorithms"
Amutable is a Microsoft Siege Against Freedom in GNU/Linux, Just Like the People Who Brought You 'Secure Boot' Controlled by Microsoft
Do whatever is possible to avoid Amutable and its "products"
Growing Focus on Publication
Over the past ~10 days we always served more than a million Web hits per day
"Going to be a large number of Microsoft layoffs announced soon"
Everybody knows a giant wave of layoffs is coming Microsoft's way
End of the 'GPU Bubble' and NVIDIA Finally Admits It Won't Bail Out Microsoft OpenAI Anymore
circular financing (financial/accounting fraud)
Corrupt Media Won't Hold Accountable Rich People for Role in Pedophilia
Journalistic misconduct or malpractice is a real thing
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, February 05, 2026
IRC logs for Thursday, February 05, 2026
EPO Management ("Alicante Mafia") Not Properly Sharing Information on Scale of Strikes by EPO Staff
disproportionate (double) deductions in salaries against people who participate in strikes, which are protected by law
Gemini Links 06/02/2026: Slop/Microslop, Home Assistant, and Valid Ex Commands
Links for the day
Blackmail evidence: Debian social engineering exposed in ClueCon 2024 talk on politics
Reprinted with permission from Daniel Pocock
Bitcoin crash: opportunity or the end game?
Reprinted with permission from Daniel Pocock
Claims That IBM Will Lay Off 20% (or 15%) of Its Workforce This Year Unless It Finds a Way to Push Them All Out by Threats, Shame, Guilt
Where are the articles about IBM layoffs?
IBM Isn't a Serious Company Anymore, It's a Ponzi Scheme Operated by a Clique and It Misuses Companies It Acquires to Prop Up or Legitimise the Scheme
IBM seems like it's nothing but a "Scheme"
Google News Drowning in Slop About "Linux" (Slopfarms Galore)
Google should know better than to link to any of these slopfarms, but today's Google is itself a pusher of slop
Links 05/02/2026: EU Commission Gutting Net Neutrality
Links for the day
Gemini Links 05/02/2026: NixOS Books and Monochrome Emojis
Links for the day
Links 05/02/2026: Canadian Government Uses US LLMs to Override Expert Opinions, NVIDIA Troubles Due to Enablement of Mass Plagiarism ('Piracy') Misleadingly Obscured as "Hey Hi"
Links for the day
Explaining the Letter From JUDGE SYKES FRIXOU, Threatening Me Around the Time GNOME's Nat Friedman Lost His CEO Job at Microsoft GitHub and His Best Friend Got Arrested for Strangulation
this letter (with annotation) is critical
Linuxiac Not Rehabilitated, It's Still Full of LLM Slop (Part of a Trend)
The Web as a resource/source of information is perishing
"Sponsored by Azul" to Write Fake 'Article' About Azul, Quoting Azul Itself
The "journalism" industry [sic] became so utterly corrupt
JuristGate is for sale: three billion Swiss francs for a domain name
Reprinted with permission from Daniel Pocock
Like Microsoft and IBM, the 'Alicante Mafia'-Governed EPO Does PIPs Nowadays (at the EPO, It's "Professional Incompetence Procedure")
So "PIPs" are definitely in the EPO and we saw letters sent to staff
Time for Change, More New Articles, Less Curation
The oligarchy wants to gut the real press and replace media with slop and social control media (or social control media with slop in it, i.e. their own voices, mechanised)
Gemini Links 05/02/2026: Coercion, Antibiotics, and LVDT Project
Links for the day
Almost 1,600 EPO Employees Went on Strike Last Week
There is another strike coming 2.5 weeks from now
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, February 04, 2026
IRC logs for Wednesday, February 04, 2026
Links 04/02/2026: Extreme Malice in Microsoft's Visual Studio Code on GNU/Linux, More Hey Hi (AI) Chaos
Links for the day
Sexism & GNOME: shaming men, hiding women, Sonny Piers update
Reprinted with permission from Daniel Pocock
You Know Microsoft's "Value" is 100% Fictional When in One Single "Trading" Day in Wall Street It Loses THREE TIMES More in "Value" Than It Was 'Worth' in 2009
Microsoft does not behave like a company riding trillions but like a company that struggles with payroll
Gemini Links 04/02/2026: Humanity and Animality, systemd (Controlled by Amutable, a Proxy of Microsoft) Moves on to "Extinguish" Phase
Links for the day
Better Outcomes When Facing the Discomfort of Conflict
Don't take the easy way out when the "hard way" is the right way and it can result in positive revelations
Certificate Authority Let's Encrypt Used to be Widely Used in Geminispace, Now It's Down to Just 0.2% of the Whole
Let's Encrypt is not your friend
What IBM Does Is Clearly Illegal in the US: Tying Severance Packages to NDAs (Non-Disparagement Agreement/Clause)
The NDAs make things worse; they keep people isolated and silent
Microsoft's Giant Snowball of Layoffs and PIPs (in 2026)
They would delay until March or April if they wanted to, but then we can expect numbers exceeding 10,000 layoffs (Microsoft always low-balls the real figure/s)
Mozilla Turned Firefox Into Shovelware, Adding 'Kill Switch' for Slop Still Means Mozilla is Participating in a Pyramid Scheme, Plagiarism, Grifting
Mozilla is still a slop pusher
Leaving the United States 3 Years Ago Was the Best Decision We Made
A lot of stuff is being consolidated
Links 04/02/2026: "Laws of Succession" and Microsoft's VS Code as Code-Stealing Malware
Links for the day
BillBC (BBC) Covered Up Pedophilia, Now It's Covering Up for Its Sponsor Bill Gates by Reprinting His Lies, Which His Own Wife Disputes
Is Bill Gates having orgies (group sex)?
Phoronix Swims With the Real Trolls, People Who Fancy Proprietary Software and Back Doors
If Larabel begins to actively participate in provocation with the "Microsoft GitHub fans club", what does this tell us about Phoronix?
They Know Microsoft Layoffs Are About to Hit Them Hard
The gaming division at Microsoft is a complete catastrophe, lots of money (debt) down the drain [...] Buying Activision was all about misleading shareholders or hiding the deep trouble/problems XBox was having
Red Hat is Not a Linux Company, It's IBM's Ponzi Scheme Enabler
Had we still been stuck in 2021, perhaps IBM would plaster "NFT" or "metaverse" all over RedHat.com
Keep Grinding
"Don't let the bastards grind you down"
Mobbing at the European Patent Office (EPO) - Part III - Who's Going to Pay for the EPO's Corruption? (Aside From European Citizens)
Some people inside the EPO reached out to us
"Investors Are Concerned About an AI Bubble" (That GAFAM and IBM Ride)
A few decades from now IBM will only be remembered in the same sense many so-called 'AI' companies will be remembered
EPO Staff Union: "Very High Strike Participation on Friday 30 January", Another Strike Starts 19 Days From Now
EPO management in a bit of a panic
Censorship/Free Speech and Social Control Media
It's important to have a grasp of how contemporary censorship works and how to tackle it
Google News as Slop Booster
this is what Google links to
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, February 03, 2026
IRC logs for Tuesday, February 03, 2026
Gemini Links 04/02/2026: "Raspberry Pi Relaxes the Rules for Its RP2040 Hacking Challenge" and "Long Web Society"
Links for the day