Radio Hacks

1333 Articles

Shmoocon 2017: On Not Reverse Engineering Through Emulation

January 14, 2017 by 12 Comments

Right now, I’m at Shmoocon, and it’s living up to all expectations. That’s a tall order — last year, the breakout talk was from [Travis Goodspeed] on his efforts to reverse engineer the firmware for a cheap Chinese radio. Four people in the room for that talk last year bought the radio on Amazon, and now there’s a legitimate open source project dedicated to building firmware and tools to support this radio.

tyteraNow that [Travis] has a few compatriots working on firmware for this radio, he has the same challenges as any other team. The project needs unit tests, and this isn’t easy to do when all the code is locked up inside a radio. Instead of setting up an entire development platform based around a cheap radio, [Travis] came up with a toolchain that’s unlike anything I’ve ever seen. Instead of reverse engineering the firmware for this radio, he’s simply emulating the ARM firmware on the desktop. Development is quick and easy, and he has the live demos to prove it.

The heart of the Tytera radio in question is an STM32F405. This is a pretty common part, and thanks to [Travis]’ work last year, he has all the firmware that ships on this radio. This doesn’t mean he has access to all the radio’s capabilities, though; there’s a black box in the code somewhere that translates .wav files to radio packets and back again. Open sourcing this would usually mean reverse engineering, but [Travis] had a better idea.

Instead of reverse engineering the entire radio, [Travis] is using QEMU to emulate an ARM microcontroller on his desktop, run the relevant code, and completely ignore any actual reverse engineering. Since this radio is already jailbroken and the community has a pretty good idea of where all the functions and subroutines are in the firmware, the most difficult part of pulling this trick off is setting up QEMU.

As a proof of concept, [Travis] downloaded raw AMBE packets from the radio to his laptop. These were then sent through the emulated radio, producing raw audio that was then converted into a .wav file. Effectively, a black box in this radio was emulated, which means [Travis] doesn’t need to know how the black box works.

All the code for this weird emulation / unit test, as well as everything the community has released for this radio is available on the GitHub. A lot of work has gone into the jailbreaking, reverse engineering, and emulation efforts here, making this radio somewhat ironically one of the most open radios you can buy.

Pumping Up An Antenna From A Stream Of Sea Water

January 9, 2017 by 31 Comments

Our Hackaday readership represent a huge breadth of engineering experience and knowledge, and we get a significant number of our story tips from you. For instance, today we are indebted to [sonofthunderboanerges] for delivering us a tip in the comment stream of one of our posts, detailing an antenna created by coupling RF into a jet of sea water created with a pump. It’s a few years old so we’re presenting it as an object of interest rather than as a news story, but it remains a no less fascinating project for that.

The antenna relies on the conductivity of sea water to view a jet of water as simply another conductor to which RF can be coupled. The jet is simply adjusted by altering the flow rate until it is a quarter wavelength long at the desired frequency, at which point it is a good analogue of a metal whip antenna. The RF is coupled at the base by a ferrite cored transformer that clips around the nozzle ejecting the water, and a bandwidth from 2MHz to 400MHz is claimed. If you work with RF you will probably wince at the sight of salt water coming near the RF connector, as we did.

The advantage of the system is that it allows antennas of multiple frequencies to be created at very short notice and using very little space or weight when not in use. The creator of the antenna at the US Navy’s SPAWAR technology organization points to its obvious application on Navy warships. Whether or not the sailors are using these antennas now isn’t clear, but one thing’s for certain, the idea hasn’t gone away. Early last year Popular Mechanics reported on a similar project under way courtesy of Mitsubishi, in Japan.

Continue reading “Pumping Up An Antenna From A Stream Of Sea Water”

Anatomy Of A Digital Broadcast Radio System

January 9, 2017 by 33 Comments

What does a Hackaday writer do when a couple of days after Christmas she’s having a beer or two with a long-term friend from her university days who’s made a career in the technical side of digital broadcasting? Pick his brains about the transmission scheme and write it all down of course, for behind the consumer’s shiny digital radio lies a wealth of interesting technology to try to squeeze the most from the available resources.

In the UK, our digital broadcast radio uses a system called DAB, for Digital Audio Broadcasting. There are a variety of standards used around the world for digital radio, and it’s fair to say that DAB as one of the older ones is not necessarily the best in today’s marketplace. This aside there is still a lot to be learned from its transmission scheme, and from how some of its shortcomings were addressed in later standards. Continue reading “Anatomy Of A Digital Broadcast Radio System”

Did A Russian Physicist Invent Radio?

January 9, 2017 by 122 Comments

It is said that “success has many fathers, but failure is an orphan.” Given the world-changing success of radio in the late 19th and early 20th centuries, it’s no wonder that so many scientists, physicists, and engineers have been credited with its invention. The fact that electromagnetic radiation is a natural phenomenon that no one can reasonably claim to have invented sometimes seems lost in the shuffle to claim the prize.

But it was exactly through the study of natural phenomena that one of the earliest pioneers in radio research came to have a reasonable claim to at least be the inventor of the radio receiver, well before anyone had learned how to reliably produce electromagnetic waves. This is the story of how a Russian physicist harnessed the power of lightning and became one of the many fathers of radio.

Continue reading “Did A Russian Physicist Invent Radio?”

The Poynting Vector Antenna

January 6, 2017 by 45 Comments

Radio amateurs are inventive people, and though not all of them choose to follow it there is a healthy culture of buildng radio equipment among them. In particular the field of antennas is where you’ll find a lot of their work, because the barrier to entry can be as low as the cost of a reel of wire.

Over the years a number of innovative antenna designs have come from radio amateurs’ experimentation, and it’s one of the more recent we’d like to share with you today following a [Southgate ARC] story about a book describing its theory (Here’s an Amazon link to the book itself). The Poynting Vector antenna has been one of those novel designs on the fringes for a while now, it has been variously described as the “Super-T”, or the “flute”. Its party piece is tiny dimensions, a fraction of the size of a conventional dipole, and it achieves that by the interaction between a magnetic field across the plates of a capacitor in a tuned circuit and the electric field between a very short pair of dipole radiators. The trade-off is that it has an extremely high Q and thus a narrow bandwidth, and since its feeder can become part of its resonant circuit it is notoriously difficult to match to a transmitter. [Alan MacDonald, VE3TET] and [Paul Birke, VE3PVB] have a detailed page on the development of their Poynting antenna which takes the reader through the details of its theory and the development of their practical version.

In the roof space above the room in which this is being written there hangs a traditional dipole for the 20m amateur band. Though it is a very effective antenna given that it is made from a couple of pieces of wire and a ferrite core it takes most of the length of the space, and as we’re sure Hackaday readers with callsigns will agree a relatively tiny alternative is always very welcome.

If antennas are a mystery to you then we’d suggest you read an introduction to antenna basics to get you started.

Visualization Of A Phased Array Antenna System

January 5, 2017 by 39 Comments

Phased array antenna systems are at the cusp of ubiquity. We now see Multiple-Input Multiple-Output (MIMO) antenna systems on WiFi routers. Soon phased array weather radar systems will help to predict the weather and keep air travel safe, and phased array base stations will be the backbone of 5G which is the next generation of wireless data communication.  But what is a phased array antenna system?  How do they work?  With the help of 1024 LEDs we’ll show you.

Continue reading “Visualization Of A Phased Array Antenna System”

Junkyard Dish Mount Tracks Weather Satellites

January 2, 2017 by 11 Comments

There’s a magnificent constellation of spacecraft in orbit around Earth right now, many sending useful data back down to the surface in the clear, ready to be exploited. Trouble is, it often takes specialized equipment that can be a real budget buster. But with a well-stocked scrap bin, a few strategic eBay purchases, and a little elbow grease, a powered azimuth-elevation satellite dish mount can become affordable.

The satellites of interest for [devnulling]’s efforts are NOAA’s Polar-orbiting Operational Environmental Satellites (POES), a system of low-Earth orbit weather birds. [devnulling] is particularly interested in direct reception of high-definition images from the satellites’ L-band downlink. The mount he came up with to track satellites during lengthy downloads is a tour de force of junkyard build skills.

The azimuth axis rotates on a rear wheel bearing from a Chevy, the elevation axis uses cheap pillow blocks, and the frame is welded from scrap angle iron and tubing. A NEMA-23 stepper with 15:1 gearhead rotates the azimuth while a 36″ linear actuator takes care of elevation. The mount has yet to be tested in the wind; we worry that sail area presented by the dish might cause problems. Here’s hoping the mount is as stout as it seems, and we’ll look forward to a follow-up.

It would work for us, but a 4-foot dish slewing around in the back yard might not be everyone’s taste in lawn appurtenances. If that’s you and you still want to get your weather data right from the source, try using an SDR dongle and chunk of wire.

Continue reading “Junkyard Dish Mount Tracks Weather Satellites”