Books You Should Read: Making A Transistor Radio

When a Hackaday article proclaims that its subject is a book you should read, you might imagine that we would be talking of a seminal text known only by its authors’ names. Horowitz and Hill, perhaps, or maybe Kernigan and Ritchie. The kind of book from which you learn your craft, and to which you continuously return to as a work of reference. Those books that you don’t sell on at the end of your university career.

Ladybird books covered a huge range of topics.
Ladybird books covered a huge range of topics.

So you might find it a little unexpected then that our subject here is a children’s book. Making A Transistor Radio, by [George Dobbs, G3RJV] is one of the huge series of books published in the UK under the Ladybird imprint that were a staple of British childhoods for a large part of the twentieth century. These slim volumes in a distinctive 7″ by 4.5″ (180 x 115 mm) hard cover format were published on a huge range of subjects, and contained well written and informative text paired with illustrations that often came from the foremost artists of the day. This one was published at the start of the 1970s when Ladybird books were in their heyday, and has the simple objective of taking the reader through the construction of a simple three transistor radio. It’s a book you must read not because it is a seminal work in the vein of Horrowitz and Hill, but because it is the book that will have provided the first introduction to electronics for many people whose path took them from this humble start into taking the subject up as a career. Including me as it happens, I received my copy in about 1979, and never looked back. Continue reading “Books You Should Read: Making A Transistor Radio”

Everyone Should Build At Least One Regenerative Radio Receiver

When we build an electronic project in 2016, the chances are that the active components will be integrated circuits containing an extremely large amount of functionality in a small space. Where once we might have used an op-amp or two, a 555 timer, or a logic gate, it’s ever more common to use a microcontroller or even an IC that though it presents an analog face to the world does all its internal work in the digital domain.

Making A Transistor Radio, 2nd edition cover. Fair use, via Internet Archive.
Making A Transistor Radio, 2nd edition cover. Fair use, via Internet Archive.

There was a time when active components such as tubes or transistors were likely to be significantly expensive, and integrated circuits, if they even existed, were out of the reach of most constructors. In those days people still used electronics to do a lot of the same jobs we do today, but they relied on extremely clever circuitry rather than the brute force of a do-anything super-component. It was not uncommon to see circuits with only a few transistors or tubes that exploited all the capabilities of the devices to deliver something well beyond that which you might expect.

One of the first electronic projects I worked on was just such a circuit. It came courtesy of a children’s book, one of the Ladybird series that will be familiar to British people of a Certain Age: [George Dobbs, G3RJV]’s Making A Transistor Radio. This book built the reader up through a series of steps to a fully-functional 3-transistor Medium Wave (AM) radio with a small loudspeaker.

Two of the transistors formed the project’s audio amplifier, leaving the radio part to just one device. How on earth could a single transistor form the heart of a radio receiver with enough sensitivity and selectivity to be useful, you ask? The answer lies in an extremely clever circuit: the regenerative detector. A small amount of positive feedback is applied to an amplifier that has a tuned circuit in its path, and the effect is to both increase its gain and narrow its bandwidth. It’s still not the highest performance receiver in the world, but it’s astoundingly simple and in the early years of the 20th century it offered a huge improvement over the much simpler tuned radio frequency (TRF) receivers that were the order of the day.

Continue reading “Everyone Should Build At Least One Regenerative Radio Receiver”

PCB Design Guidelines to Minimize RF Transmissions

There are certain design guidelines for PCBs that don’t make a lot of sense, and practices that seem excessive and unnecessary. Often these are motivated by the black magic that is RF transmission. This is either an unfortunate and unintended consequence of electronic circuits, or a magical and useful feature of them, and a lot of design time goes into reducing or removing these effects or tuning them.

You’re wondering how important this is for your projects and whether you should worry about unintentional radiated emissions. On the Baddeley scale of importance:

  • Pffffft – You’re building a one-off project that uses battery power and a single microcontroller with a few GPIO. Basically all your Arduino projects and around-the-house fun.
  • Meh – You’re building a one-off that plugs into a wall or has an intentional radio on board — a run-of-the-mill IoT thingamajig. Or you’re selling a product that is battery powered but doesn’t intentionally transmit anything.
  • Yeeeaaaaahhhhhhh – You’re selling a product that is wall powered.
  • YES – You’re selling a product that is an intentional transmitter, or has a lot of fast signals, or is manufactured in large volumes.
  • SMH – You’re the manufacturer of a neon sign that is taking out all wireless signals within a few blocks.

Continue reading “PCB Design Guidelines to Minimize RF Transmissions”

Recapture Radio’s Roots with an Updated Regenerative Receiver

Crystal radios used to be the “gateway drug” into hobby electronics. Trouble was, there’s only so much one can hope to accomplish with a wire-wrapped oatmeal carton, a safety-pin, and a razor blade. Adding a few components and exploring the regenerative circuit can prove to be a little more engaging, and that’s where this simple breadboard regen radio comes in.

Sometimes it’s the simple concepts that can capture the imagination, and revisiting the classics is a great way to do it. Basically a reiteration of [Armstrong]’s original 1912 regenerative design, [VonAcht] uses silicon where glass was used, but the principle is the same. A little of the amplified RF signal is fed back into the tuned circuit through an additional coil on the ferrite rod that acts as the receiver’s antenna. Positive feedback amplifies the RF even more, a germanium diode envelope detector demodulates the signal, and the audio is passed to a simple op amp stage for driving a headphone.

Amenable to solderless breadboarding, or even literal breadboard construction using dead bug or Manhattan wiring, the circuit invites experimentation and looks like fun to fiddle with. And getting a handle on analog and RF concepts is always a treat.

[via r/electronics]

Shmoocon 2017: Dig Out Your Old Brick Phone

The 90s were a wonderful time for portable communications devices. Cell phones had mass, real buttons, and thick batteries – everything you want in next year’s flagship phone. Unfortunately, Zach Morris’ phone hasn’t been able to find a tower for the last decade, but that doesn’t mean these phones are dead. This weekend at Shmoocon, [Brandon Creighton] brought these phones back to life. The Motorola DynaTAC lives again.

[Brandon] has a history of building ad-hoc cell phone networks. A few years ago, he was part of Ninja Tel, the group that set up their own cell phone network at DEF CON. That was a GSM network, and brickphones are so much cooler, so for the last few months he’s set his sights on building out a 1G network. All the code is up on GitHub, and the hardware requirements for building a 1G tower are pretty light; you can roll your own 1G network for about $400.

The first step in building a 1G network, properly referred to as an AMPS network, is simply reading the documentation. The entire spec is only 136 pages, it’s simple enough for a single person to wrap their head around, and the concept of a ‘call’ really doesn’t exist. AMPS looks more like a trunking system, and the voice channels are just FM. All of this info was translated into GNU Radio blocks, and [Brandon] could place a call to an old Motorola flip phone.

As far as hardware is concerned, AMPS is pretty lightweight when compared to the capabilities of modern SDR hardware. The live demo setup used an Ettus Research USRP N210, but this is overkill. These phones operate around 824-849 MHz with minimal bandwidth, so a base station could easily be assembled from a single HackRF and an RTL-SDR dongle.

Yes, the phones are old, but there is one great bonus concerning AMPS. Nobody is really using these frequencies anymore in the US. That’s not to say building your own unlicensed 1G tower in the US is legally permissible, but if nobody reports you, you can probably get away with it.

Shmoocon 2017: A Simple Tool For Reverse Engineering RF

Anyone can hack a radio, but that doesn’t mean it’s easy: there’s a lot of mechanics that go into formatting a signal before you can decode the ones and zeros.

At his Shmoocon talk, [Paul Clark] introduced a great new tool for RF Reverse Engineering. It’s called WaveConverter, and it is possibly the single most interesting tool we’ve seen in radio in a long time.

If you wanted to hack an RF system — read the data from a tire pressure monitor, a car’s key fob, a garage door opener, or a signal from a home security system’s sensor — you’ll be doing the same thing for each attack. The first is to capture the signal, probably with a software defined radio. Take this data into GNU Radio, and you’ll have to figure out the modulation, the framing, the encoding, extract the data, and finally figure out what the ones and zeros mean. Only that last part, figuring out what the ones and zeros actually do, is the real hack. Everything before that is just a highly advanced form of data entry and manipulation.

[Paul]’s WaveConverter is the tool built for this data manipulation. Take WaveConverter, input an IQ file of the relevant radio sample you’d like to reverse engineer, and you have all the tools to turn a radio signal into ones and zeros at your disposal. Everything from determining the preamble of a signal, figuring out the encoding, to determining CRC checksums is right there.

All of this is great for reverse engineering a single radio protocol, but it gets even better. Once you’re able to decode a signal in WaveConverter, it’s set up to decode every other signal from that device. You can save your settings, too, which means this might be the beginnings of an open source library of protocol analyzers. If someone on the Internet has already decoded the signals from the keyfob of a 1995 Ford Taurus, they could share those settings to allow you to decode the same keyfob. This is the very beginnings of something very, very cool.

The Github repo for WaveConverter includes a few sample IQ files, and you can try it out for yourself right now. [Paul] admits there are a few problems with the app, but most of those are UI changes he has in mind. If you know your way around programming GUIs, [Paul] would appreciate your input.

Shmoocon 2017: So You Want To Hack RF

Far too much stuff is wireless these days. Home security systems have dozens of radios for door and window sensors, thermostats aren’t just a wire to the furnace anymore, and we are annoyed when we can’t start our cars from across a parking lot. This is a golden era for anyone who wants to hack RF. This year at Shmoocon, [Marc Newlin] and [Matt Knight] of Bastille Networks gave an overview of how to get into hacking RF. These are guys who know a few things about hacking RF; [Marc] is responsible for MouseJack and KeySniffer, and [Matt] reverse engineered the LoRa PHY.

In their talk, [Marc] and [Matt] outlined five steps to reverse engineering any RF signal. First, characterize the channel. Determine the modulation. Determine the symbol rate. Synchronize a receiver against the data. Finally, extract the symbols, or get the ones and zeros out of the analog soup.

From [Marc] and [Matt]’s experience, most of this process doesn’t require a radio, software or otherwise. Open source intelligence or information from regulatory databases can be a treasure trove of information regarding the operating frequency of the device, the modulation, and even the bit rate. The pertinent example from the talk was the FCC ID for a Z-wave module. A simple search revealed the frequency of the device. Since the stated symbol rate was twice the stated data rate, the device obviously used Manchester encoding. These sorts of insights become obvious once you know what you’re looking for.

In their demo, [Marc] and [Matt] went through the entire process of firing up GNU Radio, running a Z-wave decoder and receiving Z-wave frames. All of this was done with a minimum of hardware and required zero understanding of what radio actually is, imaginary numbers, or anything else a ham license will hopefully teach you. It’s a great introduction to RF hacking, and shows anyone how to do it.