We may someday reach a point where it's easier to ask, “What can't run Doom?” That's because YouTuber and gadget hacker Aaron Christophel has found a way to perform the classic shoot 'em with an electric toothbrush.
Thanks to the rise of internet connectivity with smart technology, sensors and displays are being integrated into all types of home devices, including toasters, trash cans and even electric toothbrushes. And it was using the latter – in this case an Evowera Planck Mini smart toothbrush – that Christophel was able to execute Doom.
The Evowera Planck Mini is a somewhat advanced smart electric toothbrush, with a color screen, Wi-Fi connectivity and a brushing training app; There's enough technology here to make people who still use a manual toothbrush feel like a primitive human who's just been handed a fork. But it also means that the toothbrush is ripe for hacking.
Christophel was able to use the smart toothbrush's over-the-air (OTA) update functionality to install custom firmware on the Planck Mini's ESP32-C3 microcontroller via his own ESP32 development board. From there, the YouTuber loaded Doom on the toothbrush; A fairly easy process because others have already run Doom on ESP32 microcontrollers.
Despite having access to the toothbrush hardware and sensor data, to control Doom, Christophel needed to connect a Bluetooth mouse, with the movements of the player character, Doom Guy, mapped to the forward and backward movements of the mouse. .
As you can see in the video above, it seems to work reasonably well; It wouldn't be my first gaming platform of choice, as I'd rather play Doom on a PC or Nintendo Switch, but it's great nonetheless.
However, this raises a security issue.
Smart stuff, sloppy security?
Being able to hack another smart device, seemingly without much effort, raises concerns about how secure smart devices are from opportunistic hackers. Ever since companies and so-called IT thought leaders touted the potential of the 'Internet of Things' (IoT) for all kinds of smart grids and home automation, people have pointed out security issues and hacking attacks have occurred.
But the ESP32-C3 microcontroller comes with built-in security, such as secure boot functionality, which should prevent malicious code from being executed on it. However, Side channel attacks have been able to prevent this. and extract data from the chip's flash memory. These attacks require a lot of effort and require close access to the target microcontroller.
So while no smart device is perfectly secure, you can be reasonably sure that no one can easily hack your smart toothbrush and drive it crazy while you shine your teeth. However, if you have a house full of smart devices, there's nothing wrong with checking that they're connected to secure apps and networks and working as they should.
