RTL-SDR: Seven Years Later

Before swearing my fealty to the Jolly Wrencher, I wrote for several other sites, creating more or less the same sort of content I do now. In fact, the topical overlap was enough that occasionally those articles would get picked up here on Hackaday. One of those articles, which graced the pages of this site a little more than seven years ago, was Getting Started with RTL-SDR. The original linked article has long since disappeared, and the site it was hosted on is now apparently dedicated to Nintendo games, but you can probably get the gist of what it was about from the title alone.

An “Old School” RTL-SDR Receiver

When I wrote that article in 2012, the RTL-SDR project and its community were still in their infancy. It took some real digging to find out which TV tuners based on the Realtek RTL2832U were supported, what adapters you needed to connect more capable antennas, and how to compile all the software necessary to get them listening outside of their advertised frequency range. It wasn’t exactly the most user-friendly experience, and when it was all said and done, you were left largely to your own devices. If you didn’t know how to create your own receivers in GNU Radio, there wasn’t a whole lot you could do other than eavesdrop on hams or tune into local FM broadcasts.

Nearly a decade later, things have changed dramatically. The RTL-SDR hardware and software has itself improved enormously, but perhaps more importantly, the success of the project has kicked off something of a revolution in the software defined radio (SDR) world. Prior to 2012, SDRs were certainly not unobtainable, but they were considerably more expensive. Back then, the most comparable device on the market would have been the FUNcube dongle, a nearly $200 USD receiver that was actually designed for receiving data from CubeSats. Anything cheaper than that was likely to be a kit, and often operated within a narrower range of frequencies.

Today, we would argue that an RTL-SDR receiver is a must-have tool. For the cost of a cheap set of screwdrivers, you can gain access to a world that not so long ago would have been all but hidden to the amateur hacker. Let’s take a closer look at a few obvious ways that everyone’s favorite low-cost SDR has helped free the RF hacking genie from its bottle in the last few years.

Hardware Evolution

Even though the project is called RTL-SDR, the Realtek RTL2832U chip is in reality just half of the equation; it’s a USB demodulator chip that needs to be paired with a tuner to function. In the early days, there were a number of different tuners in use, and figuring out which one you were getting was a pretty big deal. The Elonics E4000 was the most desirable tuner as it had the widest frequency range, but it could be difficult to know ahead of time what you were getting.

The packaging and documentation were all but useless; either the manufacturer didn’t bother to include the information, or if they did, it would often become outdated as new revisions of the product were produced. The only way to be sure about what you were getting was to see if somebody had already purchased that particular model and reported on their findings. Luckily, the tuners were cheap enough that you could buy a couple and experiment. In those days, it wasn’t uncommon to find RTL-SDR compatible devices for less than $10 from import sites.

Opening up a contemporary RTL2832U+E4000 receiver, we can see they were relatively simple affairs. The flimsy plastic case doesn’t do much to prevent interference, and the Belling-Lee connector connector is intended for use with a traditional TV antenna. Note this particular model features an IR receiver so the user could change TV channels with the included remote; a reminder of what this device was actually built for.

These days, you don’t need to wade through pages of nearly identical looking USB TV tuners to find compatible hardware. There are now several RTL2832U-based receivers which are specifically designed for RTL-SDR use, generally selling for around $30. These devices not only address the shortcomings of the original hardware offerings, but in many cases add in new capabilities that simply wouldn’t have made sense to include back when they were just for watching TV on your computer.

Here we have the “RTL-SDR Blog v3” receiver, which is one of the most popular “next generation” RTL-SDR receivers. The plastic case has been replaced with an aluminum one that not only reduces interference, but helps the board dissipate heat while in operation. The crystal has been upgraded to a temperature compensated oscillator (TCXO) which helps reduce temperature drift. The R820T2 tuner is paired with a standard SMA antenna connector, and both it and the RTL2832U have some unused pins broken out if you’re looking to get into developing modifications or expansions to the core hardware.

Software Library

The improvements to the base RTL-SDR hardware are welcome, and it’s nice to not have to worry about whether or not the receiver you’ve purchased is actually going to work with the drivers, but realistically those changes mainly benefit the more hardcore users who are pushing the edge of the envelope. If you’re just looking to sniff some 433 MHz thermometers, you don’t exactly need a TCXO. For most users, the biggest improvements have come in the software side of things.

For one, the RTL-SDR package is almost certainly going to be in the repository of your favorite GNU/Linux distribution. Unless you need some bleeding edge feature, you won’t have to compile the driver and userland tools from source anymore. The same will generally be true for the SDR graphical frontend, namely gqrx by Alexandru Csete. Those two packages are enough to get you on the air and browsing for interesting signals, but that’s just the beginning. The rise of cheap SDRs has inspired a number of fantastic new software packages that are light-years ahead of what was available previously.

Certainly one of the best examples is Universal Radio Hacker, an all-in-one tool that lets you search for, capture, and ultimately decode wireless signals. Whether it’s a known protocol for which it already has a built-in decoder, or something entirely new that you need to reverse engineer, Universal Radio Hacker is a powerful tool for literally pulling binary data out of thin air. Those looking to reverse unknown wireless protocols should also take a look at inspectrum, another tool developed in the last few years that can be used to analyze captured waveforms.

Decoding a captured ASK OOK signal in Universal Radio Hacker

If you’re more interested in the practical application of these radios, there have also been a number of very impressive “turn-key” applications developed that leverage the high availability of low-cost SDRs. One such project is dump1090, a ADS-B decoder that was specifically developed for use with the RTL-SDR. With a distributed network of receivers, the software has allowed the community to democratize flight tracking through the creation of open data aircraft databases.

The Gift of Inspiration

In the years since its inception, the RTL-SDR project has become the de facto “first step” for anyone looking to experiment with radio. It’s cheap, it’s easy, and since the hardware is incapable of transmission, you don’t have to worry about accidentally running afoul of the FCC or your local equivalent. Honestly, it’s difficult to think of a valid reason not to add one of these little USB receivers to your bag of tricks; even if you only use it once, it will more than pay for itself.

Ultimately, this is the greatest achievement of the RTL-SDR project. It drove the entry barrier for radio experimentation and hacking so low that it’s spawned a whole new era. From the unique vantage point offered by Hackaday, we can see the sharp uptick of RF projects that correspond to the introduction of an easy to use and extremely affordable software defined radio. People who might never have owned a “real” radio beyond the one in their car can now peel back the layers of obscurity that in the past kept the vast majority of us off the airwaves. This is a very exciting time for wireless hacking, and things are only going to get more interesting from here on out. Long live RTL-SDR!

27 thoughts on “RTL-SDR: Seven Years Later

  1. I use RTL-SDR every day to scan for clean frequencies to set up In Ear Monitors – instead of thousands of dollars worth of specialized gear, I can use a $25 dongle!

    1. Geez, 7 years already. Back then I was still a university student and experimented with osmo-gmr and osmo-tetra with the original Funcube Dongle (96 kHz RF bandwidth), and was looking for an SDR with higher bandwidth. The only thing that you could buy at this time was the USRP, which was a bit outside of my price range.
      Thus, some fellow Osmocom hackers set to create a cheaper SDR called the OsmoSDR using the Elonics E4000 tuner.
      But when I read by coincidence on the linux-media mailing list that some Kernel hackers were seeing large amounts of data being transferred from the RTL2832 when in FM and DAB mode, with the assumption of being IQ data, I immediately bought a Terratec NOXON stick at my local electronics store and started reverse engineering the Windows driver to create rtl-sdr. This made the effort put into the OsmoSDR obsolete unfortunately, but on the bright side was an even cheaper alternative.
      I’m very happy to see all the interest, cool applicatons and new SDRs it sparked in recent years!

      Also make sure to check out osmo-fl2k if you haven’t already, which I created as a cheap counterpart to rtl-sdr for bench-testing SDR transmission.

      1. I use SDRs every day for work. They range from the rtl-sdr to some that are over $200K. In my opinion there should be an rtlsdr that you can snap onto a Pi via GPIO and keep the four USB ports open on the front. I’m amazed at what you can do with an SDR and the software that is available today.

    1. http://web.archive.org/web/20120630005903/http://www.thepowerbase.com/2012/06/getting-started-with-rtl-sdr

      Actually in doing this I learnt something new about wayback and how to form URL’s without visiting the site and navigating the calendar.

      Form up a URL starting with:
      http://web.archive.org/web/

      Add the year you first want the site from:
      http://web.archive.org/web/2009

      Then add the site:
      http://web.archive.org/web/2009/http://www.thepowerbase.com/2012/06/getting-started-with-rtl-sdr

      It’ll find the next nearest match in time and serve that page up.
      Clever !!

      HTH

  2. “People who might never have owned a “real” radio beyond the one in their car can now peel back the layers of obscurity that in the past kept the vast majority of us off the airwaves. ”

    Economic and intellectual obscurity. The knowledge to build a “real” radio has been out there for years. What’s out there and how it works too. The tale of RTL-SDR is as much about free and easy to use software as it has been cheap hardware.

    1. “The knowledge to build a “real” radio has been out there for years.”

      The same could be said for the arduino. The knowledge to build microcontroller boards was there for years, but the arduino made it easy for noobs.

      We need more products for noobs.

    2. Yes.

      I can remember when there were introductory articles about SDR, “this will be the future”, but before it was practical among hobbyists. Sadly, there was a shortage of hobby projects that used t he concept, so it’s a black box to many.

      These USB receivers make it easy, buy t he hardware and get the software. So the bulk of what we read is people using it for off t he shelf solutions, rather than high performance or pursuing experimental modes.

      Fifty years ago, some would build intricate high performance receivers, others might bui ld fairly generic receivers to receive uncommon frequencies like LF or t he police band. Popular Electronics regularly had single cinversion receivers that had fairly low specs.

      A lot of what I read about these SDR receivers is people using them as off the shelf ways of receing, made easy because they cover a wide range and mostly VHF/UHF.

      I remember getting mailings from Maxim about IC’s intended for cellphone use and wondering if they had better frequency coverage. That was when SDR was still rare, and the ICs gave at least the I/Q splitging ( and quadrature oscillator) needed before moving from A/D.

      I.may finally.buy one of these USB things, but one can still build SDR from less integrated devices.

      Michael

    3. “It’s about the software” is an understatement. The importance of SDR is taking what was previously a tricky, tweaky hardware problem and recasting it _all_ into software. Instantly reconfigurable, vastly more generic, incredibly more powerful.

      But yeah. The price point and the good demos/documentation are magnificent icing on the cake.

  3. ” that in the past kept the vast majority of us off the airwaves”. I’m not sure how to interpret that. What is meant by off the airwaves? when I read that I read radio transmissions, in most places on planent Earth, that requires licensing of some sort. Hell here in the US, many, if not most hams, would pay the exam fee for kids, and others. For reception the cost for receiving analog signal across the spect was/is quite low, and to information how to do so was readily available, more so available with presence of the internet.

    I admit ignorance when it comes to copyright issues, and contracts between author, and publisher. Having said that, I have think it surprise, authors don’t have copies of their work at hand, accepting catastrophic destruction, as reason for unavailability. Ain’t I generous? ;)

    1. Good software, not really… Usable software, yes. RF Analyzer and SDRtouch are two decent spectrum analyzers for Android. Both support the RTL-SDR and HackRF. There is also Avare ADSB for the RTL-SDR on Android.

  4. What (practical) difference is there in the cheap $9 (from China) SDRs and the $30+ others? Is there a certain frequency range you want to look for when SDR shopping?

    1. What I have found to be the biggest difference between cheaper and more expensive RTL-SDRs has been the oscillator… the cheap ones are “all over the place” when it comes to trying to specify a particular frequency. Many of the software packages that use RTL-SDRs allow you to set an off-set frequency, but this varies based on how long it has been powered up, as it warms up, the oscillator frequency varies. This is why a more expensive unit with a TCXO or a temperature-compensated crystal oscillator is desired. I started off with ones without the TCXO but now insist that all my new devices have a TCXO.

      My primary use is monitoring P25 trunked radio networks. There are three completely different P25 systems near my house. A P25-capable radio scanner is quite expensive but these devices are cheap, on top of using an older PC, it is cheaper and more capable than a purpose-built, stand-alone radio scanner. For example, I can listen to certain talkgroups, share other talkgroups online, record traffic and actually SEE what traffic is taking place. One system usually has about 10 simultaneous conversations taking place at any moment, but I’ve seen upwards of 16 simultaneous conversations taking place simultaneously. I would have never known this with just a simple, $500+ radio scanner (but I DO know it using my sub $100 scanner… used parts plus RTL-SDR).

  5. The earliest capture can be received via `http://web.archive.org/web/0//`, and the latest via a shorter `http://web.archive.org//`. Also, add `_im` to the date if you want the raw content without the bar on the top – useful for streaming music/video.

  6. The tool that started my amateur radio, electronics and RF engineering studies.

    Props to Spektrum also since has come in handy to identify signals in wider bandwidth review, albeit slower sweep/sampling rate:
    https://www.rtl-sdr.com/tag/spektrum/

    Kerberos is an interesting development also, would be nice to read an update with more examples of use and has a write up
    by Tom too:
    https://hackaday.com/2018/09/10/direction-finding-and-passive-radar-with-rtl-sdr/

    Thinking something regarding direct sampling is worth noting:
    https://www.rtl-sdr.com/?s=RTL-SDR+direct+sampling

    Finally, the DIY EMC testing probe with an RTL-SDR is a very worthy note for those on a limited budget wanting to sniff some signals:
    https://hackaday.com/2019/04/24/a-diy-emc-probe-from-semi-rigid-coax-and-an-sdr/

      1. I was just looking into my youtube saved videos regarding making what I was calling a “discriminator tap” using an RTL-SDR, though now realized what I was thinking and referenced is more correctly called a “pan adapter.”

        Here is what I saved that I think at the time was the best detail I found: https://www.youtube.com/watch?v=5Bixdd0UHwo

        Since I’m wanting to put on the PRO-2006, a better reference is the Hackaday article:
        https://hackaday.com/2015/12/19/sdr-pan-adapter/

        This is a really detailed method with feedback, though not quite the RTL-SDR:
        https://hackaday.com/2017/12/10/tapping-into-a-ham-radios-potential-with-sdrplay/

  7. I bought one of the early RTL-SDR receivers on Ebay from a guy in China. He wrote an email wondering why I was interested in it because it would not work for a US TV, A couple months later there were hundreds of them listed on Ebay.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.