The OpticSpy modules provide a platform to explore, evaluate, and experiment with optical data transmissions. They capture, amplify, and convert optical signals into digital form that can be analyzed or decoded with a computer.

All designs are distributed under a Creative Commons Attribution-3.0 United States license.

Application Ideas:

• Search for optical covert channels (methods of exfiltrating data in a way undetectable to the human eye) that may exist within devices
• Add data transfer functionality to a project
• Discover Li-Fi, Visible Light Communication (VLC), or other optical networking systems

Documentation:

• Slides: Searching for the Light: Adventures with OpticSpy
• Video: Hardware Developers Didactic Galactic 31, June 7, 2018 (YouTube)

Hardware:

OpticSpy Analog (Crowd Supply):

• Product Page
• Technical Manual
• Schematic
• Bill-of-Materials
• Assembly Drawing
• PCB: Gerber Plots and OSH Park
• Test Procedure
• Campaign Video (Vimeo)
• 3D Model: Photodiode Housing by Thomas Flummer (Thingiverse)
• 3D Model: OpticSpy Case by EtTuRoot (Thingiverse)

OpticSpy Analog (Kit Version):

• Technical Manual
• Schematic
• Bill-of-Materials
• Assembly Drawing
• PCB: Gerber Plots and OSH Park

OpticSpy Digital (Kit Version):

• Schematic
• Bill-of-Materials
• Assembly Drawing
• PCB: Gerber Plots and OSH Park
• Video (YouTube)

Laser Diode Module Driver:

• Schematic
• Bill-of-Materials
• Assembly Drawing
• PCB: Gerber Plots and OSH Park

microSD-to-Serial Interface:

• Block Diagram
• Schematic
• Bill-of-Materials
• PCB: Gerber Plots and OSH Park
• Source Code: Arduino

Demonstrations:

Arduino:

Using an Arduino Uno with external LED to send a secret message via optical covert channel.

• Source Code
• Block Diagram
  

Parallax Propeller:

Using the Propeller-based Hackable Electronic Badge to send a secret message via infrared LED. The LCD displays the message being transmitted.

• Source Code
• Video (YouTube)

Tomu:

Using Tomu’s red LED to send a secret message via optical covert channel.

• Source Code and Prebuilt DFU Image (Interactive mode to set/clear message, cross compiled with GNU Arm Embedded Toolchain) (GitHub)
• Source Code (Hard-coded message, cross compiled with Silicon Labs’ EFM32 Happy Gecko SDK patched for Tomu)

TP-link TL-WR841N:

Using the router’s WAN LED to exfiltrate data via optical covert channel. As a proof-of-concept, the payload is loaded onto the device with known administrator credentials.

• Source Code (Cross compiled with dd-wrt’s toolchain-mips_24kc_gcc-7.2.0_musl)
• Video: Preliminary testing (YouTube)
• Video: Exfiltrating /etc/passwd (YouTube)

MacBook Pro Keyboard Backlight:

Using the MacBook Pro’s keyboard backlight LEDs as a proof-of-concept optical covert channel. OS X modulates the LEDs at 100Hz, 75% duty cycle, which prevents the use of a high data rate and presents a noticeable flicker when data is being sent.

• Source Code (Based on Nick Sweeting’s mac-keyboard-brightness project)