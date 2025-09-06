Your kid has a toy remote control fire truck. You have an RTL SDR. See where this is going? [Jacob] couldn’t resist tearing into the why and how of the truck’s remote control protocol.

The entire process began with a basic GNU Radio setup to determine the exact frequency of the signal. Then a little analysis suggested that it might be using amplitude shift keying. That is, the information is in the amplitude of the signal, where one possible amplitude is completely off in some cases.

Some FFT decoding started to reveal the coding when someone pressed a remote button. None of the standard GNU Radio blocks would get the right decoding, so that called for a custom Python block.

When you get to the end of the post, don’t forget to scan back up to the top where the final diagram is. It will make more sense after you’ve read the post, although it is reasonably straightforward except for the custom block, of course.

This is a great example of how you can reverse engineer something like this. Cheap SDRs and computers make something like this less of a science project and more of an afternoon puzzle to solve. What will he do with it? Our guess is nothing. And we totally get that.

Toys can have sophisticated wireless tech, surprisingly. Not just new ones, either.