SDR IF Experiments

The R820T tuner IC is used in the popular Airspy software defined radio (SDR) as well as many of the inexpensive RTL SDR dongles. [TLeconte] did some experiments on intermediate frequency (IF) configuration of the chip, and you’ll find his results interesting.

Using 5 million samples per second and the device’s real mode, the tests look at a what comes out when the IC reads a noise source. There are two registers that set the IF parameters, but the tests show the effects these registers have in precise terms.

Continue reading “SDR IF Experiments”

The Raspberry Pi 3B+ As An SDR – Without The SDR!

We’ve become used to software-defined radio as the future of radio experimentation, and many of us will have some form of SDR hardware. From the $10 RTL USB sticks through to all-singing, all-dancing models at eye-watering prices, there is an SDR for everyone.

What about the idea of an SDR without any external hardware? Instead of plugging something into your Raspberry Pi, how about using the Pi itself, unmodified? That’s just what the Nexmon SDR project has achieved, and this has been made possible through clever use of the on-board Broadcom 802.11ac WiFi chip. The result is a TX-capable SDR, albeit one only capable of operating within the 2.4 GHz and 5 GHz spectrum used by WiFi.

The team had previously worked extensively with the chipset in the Nexus 5 phone, and the SDR extension was first available on that platform. Then along came the Raspberry Pi 3 B+ with a similar-enough WiFi chipset that the same hack was portable to that platform, et voilá: WiFi SDR on a Pi 3 B+.

If you’ve not looked at the Pi 3 B+ we’d like to direct you to our review. If you don’t have a Nexus 5 kicking around, and you’d like to do some WiFi-band SDR work, it’s looking like an amazing deal.

Via rtl-sdr.com.

Eavesdropping on a VGA Monitor’s Conversations

Did you ever wonder what your monitor and your computer are talking about behind your back? As it turns out, there’s quite a conversation going on while the monitor and the computer decide how to get along, and sniffing out VGA communications can reveal some pretty fascinating stuff about the I²C protocol.

To reverse engineer the configuration information exchanged between a VGA monitor and a video card, [Ken Shirriff] began by lopping a VGA cable in two. The inside of such cables is surprisingly complex, with separate shielding wires for each color and sync channel and a host of control wires, all bundled in multiple layers of shielding foil and braid to reduce EMI. [Ken] identified the clock and data lines used for the I²C interface and broke those out into a PocketBeagle for analysis using the tiny Linux machine’s I²C tools.

With a Python script to help decode the monitor’s Extended Display Identification Data (EDID) data, [Ken] was able to see everything the monitor knows about itself — manufacturer, serial number, all the supported resolution modes, and even deprecated timing and signal information left over from the days when CRTs ruled the desktop. Particularly interesting are the surprisingly limited capabilities of a VGA display in terms of color reproduction, as well as [Ken]’s detailed discussion on the I²C bus in general and how it works.

We always enjoy these looks under the hood that [Ken] is so good at, and we look forward to his reverse engineering write-ups. His recent efforts include a look at core memory from a 50-year old mainframe and reverse engineering at the silicon level.

Review: LimeSDR Mini Software Defined Radio Transceiver

It’s fair to say that software-defined radio represents the most significant advance in affordable radio equipment that we have seen over the last decade or so. Moving signal processing from purpose-built analogue hardware into the realm of software has opened up so many exciting possibilities in terms of what can be done both with more traditional modes of radio communication and with newer ones made possible only by the new technology.

It’s also fair to say that radio enthusiasts seeking a high-performance SDR would also have to be prepared with a hefty bank balance, as some of the components required to deliver software defined radios have been rather expensive. Thus the budget end of the market has been the preserve of radios using the limited baseband bandwidth of an existing analogue interface such as a computer sound card, or of happy accidents in driver hacking such as the discovery that the cheap and now-ubiquitous RTL2832 chipset digital TV receivers could function as an SDR receiver. Transmitting has been, and still is, more expensive.

The LimeSDR Mini's chunky USB stick form factor.
The LimeSDR Mini’s chunky USB stick form factor.

A new generation of budget SDRs, as typified by today’s subject the LimeSDR Mini, have brought down the price of transmitting. This is the latest addition to the LimeSDR range of products, an SDR transceiver and FPGA development board in a USB stick format that uses the same Lime Microsystems LMS7002M at its heart as the existing LimeSDR USB, but with a lower specification. Chief among the changes are that there is only one receive and one transmit channel to the USB’s two each, the bandwidth of 30.72 MHz is halved, and the lower-end frequency range jumps from 100 kHz to 10 MHz. The most interesting lower figure associated with the Mini though is its price, with the early birds snapping it up for $99 — half that of its predecessor. (It’s now available on Kickstarter for $139.)

Continue reading “Review: LimeSDR Mini Software Defined Radio Transceiver”

Art Eavesdrops on Life and Pagers

Before cell phones, pagers were the way to communicate on the go. At first, they were almost a status symbol. Eventually, they became the mark of someone who couldn’t or wouldn’t carry a cell phone. However, apparently, there are still some users that clutch their pagers with a death grip, including medical professionals. In an art project called HolyPager, [Brannon Dorsey] intercepted all the pager messages in a city and printed them on a few old-style roll printers. The results were a little surprising. You can check out the video below.

Almost all the pages were medical and many of them had sensitive information. From a technical standpoint, [Brannon’s] page doesn’t shed much light, but an article about the project says that it and other art projects that show the hidden world or radio waves are using our old friend the RTL-SDR dongle.

Pagers use a protocol — POCSAG — that predates our modern (and well-founded) obsession with privacy and security. That isn’t surprising although the idea that private medical data is flying through the air like this is. Decoding POCSAG isn’t hard. GNU Radio, for example, can easily handle the task.

We’ve looked at pager hacking in the past. You can even run your own pager network, but don’t blame us if you get fined.

Continue reading “Art Eavesdrops on Life and Pagers”

Read Home Power Meters With RTL-SDR

[k-roy] hates electricity. Especially the kind that can be lethal if you’re not careful. Annoyed by the constant advertisements for the popular Sense Home Energy monitors (which must be installed in the main breaker box by an electrician), [k-roy] set out to find a cheaper and easier way. He wondered how the power company monitored his meter, and guessed correctly that it must be transmitting the information wirelessly. Maybe he could just listen in?

Using a cheap RTL-SDR, it didn’t take long for [k-roy] to tap into this transmission and stumbled across the power readings for his entire neighborhood using a simple command:

~/gocode/bin/rtlamr -msgtype=idm --format=json -msgtype=scm+

Ironically, the hardest part wasn’t snooping on everyone’s power and water usage patterns in the neighborhood, it was trying to figure out which meter was his. In the end, he was able to make some nice graphical layouts of the data with PHP.

We’ve seen some righteous power meter hacks in our time, but this one stands out for its simplicity and elegance. Be sure to check out [k-roy’s] blog for more details, and [rtlamr’s] github for the program used to read the meters.

Thanks to [Jasper J] for the tip!

Neural Network Learns SDR Ham Radio

Identifying ham radio signals used to be easy. Beeps were Morse code, voice was AM unless it sounded like Donald Duck in which case it was sideband. But there are dozens of modes in common use now including TV, digital data, digital voice, FM, and more coming on line every day. [Randaller] used CUDA to build a neural network that could interface with an RTL-SDR dongle and can classify the signals it hears. Since it is a neural network, it isn’t so much programmed to do it as it is trained. The proof of concept has training to distinguish FM, SECAM, and tetra. However, you can train it to recognize other modulation schemes if you want to invest the time into it.

Continue reading “Neural Network Learns SDR Ham Radio”