Radio Hacks

1402 Articles

Trunking Police Scanning With SDRTrunk

July 28, 2020 by 20 Comments

There was a time when it was easy to eavesdrop on police and other service radio networks. Police scanners fans can hear live police, fire, and ambulance calls. However, it isn’t as easy as it used to be because nearly all radios now are trunked. That means conversations might jump from channel to channel. However, P25 can unscramble trunked radio calls intercepted by a cheap SDR dongle and let you listen in. [SignalsEverywhere] shows you how to set it up for Windows or Linux and you can see the video below.

Trunking radio makes sense. In the old days, you might have a dozen channels for different purposes. But most channels would be empty most of the time. With trunking radio, a radio’s computer is set to be in a talk group and a control channel sorts out what channel the talk group should use at any given time. That means that one channel might have several transmissions in a row from different talk groups and one talk group might hop to a new channel on each transmission.

Continue reading “Trunking Police Scanning With SDRTrunk”

RadioGlobe Takes The World Of Internet Radio For A Spin

July 27, 2020 by 26 Comments

There’s no denying that the reach and variety of internet radio is super cool. The problem is that none of the available interfaces really give the enormity of the thing the justice it deserves. We long for a more physical and satisfying interface for tuning in stations from around the globe, and [Jude] has made just the thing.

RadioGlobe lets the user tune in over 2000 stations from around the world by spinning a real globe. It works by using two absolute rotary encoders that each have a whopping 1024 positions available. One encoder is stuck into the South Pole, and it reads the lines of longitude as the user spins the globe.

The other encoder is on the left side of the globe, and reads whatever latitude is focused in the reticle. Both encoder are connected to a Raspberry Pi 4, though if you want to replicate this open-source project using the incredibly detailed instructions, he says a Raspberry Pi 3 B+ will work, too.

In the base there’s an LCD that shows the coordinates, the city, and the station ID. Other stations in the area are tune-able with the jog wheel on the base. There’s also an RGB LED that blinks red while the station is being tuned in, and turns green when it’s done. We totally dig the clean and minimalist look of this build — especially the surprise transparent bottom panel that lets you see all the guts.

There are three videos after theĀ  break – a short demo that gives you the gist of how it works, a longer demonstration, and a nice explanation of absolute rotary encoders. Those are just the tip of the iceberg, because [Jude] kept a daily vlog of the build.

Maybe you just long for a web radio that dials in vintage appeal. This antique internet radio has a lot of features, but you wouldn’t know it from the outside.

Continue reading “RadioGlobe Takes The World Of Internet Radio For A Spin”

Modern Radio Receiver Architecture: From Regenerative To Direct Conversion

July 17, 2020 by 5 Comments

Modern radio receivers have a distinct advantage over the common early designs which I covered in my previous article. Most of the receivers you will have worked with over the past couple decades are designs by Edwin Armstrong; regenerative, superregenerative, or most commonly superheterodyne. These are distinguished by a few fascinating key traits that bring both benefits and drawbacks.

Today let’s dive into Mr. Armstrong’s receivers. I’ll also talk about DC receivers which, despite the name, are not made to listen to batteries. These are receivers you are much more likely to encounter in modern equipment.

Regenerative and Superregenerative

The regenerative receiver is all about doing more with less. You still see some of these in simple applications like RF remote controls. The idea derives from how an oscillator works. In a simple way of thinking, an oscillator is an amplifier with enough positive feedback that any tiny signal at the right frequency will amplify and then, through feedback, continue to output over and over. If everything were perfect, then, an oscillator would have infinite gain at a given frequency.

Continue reading “Modern Radio Receiver Architecture: From Regenerative To Direct Conversion”

Speech To Morse Code, Courtesy Of Google

July 16, 2020 by 16 Comments

Google has been responsible for unleashing some pretty incredible hardware and software on the world, but they can only take partial credit for the voice to Morse code gadget that [WhiskeyTangoHotel] recently completed.

With the Google AIY Voice Bonnet, [WhiskeyTangoHotel] had everything he needed to pick up on human speech and turn that into text the Raspberry Pi can parse and act on. Usually this would get passed to some kind of virtual assistant software, but in this case, a Python script breaks the speech down into individual characters and looks up their Morse representations. All those “dits” and “dahs” are then sent to one of the Pi’s GPIO pins, to which a relay has been connected.

At this point, you’ve got an interesting little toy that can sit on your desk and turn your speech into audible Morse code as the relay clicks and clacks its way through the message. In fact, if you don’t have a ham radio license, this is probably where you should stop. But if you’ve done the appropriate paperwork to transmit over the air, the relay can be connected to a radio to actually transmit messages.

If you think giving Google access to the content of your Morse code messages is a step too far, you’ll just have to learn it yourself. It might not be necessary to get your amateur license anymore, but that doesn’t mean it’s not worth knowing.

Continue reading “Speech To Morse Code, Courtesy Of Google”

Exposing Computer Monitor Side-Channel Vulnerabilities With TempestSDR

July 15, 2020 by 12 Comments

Having been endlessly regaled with tales of side-channel attacks and remote exploits, most of us by now realize that almost every piece of gear leaks data like a sieve. Everything from routers to TVs to the power supplies and cooling fans of computers can be made to give up their secrets. It’s scary stuff, but it also sounds like a heck of a lot of fun, and with an SDR and a little software, you too can get in on the side-channel action.

Coming to us via software-defined radio buff [Tech Minds], the video below gives a quick tour of how to snoop in on what’s being displayed on a monitor for almost no effort or expense. The software that makes it possible is TempestSDR, which was designed specifically for the job. With nothing but an AirSpy Mini and a rubber duck antenna, [Tech Minds] was able to reconstruct a readable black and white image of his screen at a range of a few inches; a better antenna and some fiddling might improve that range to several meters. He also shares a trick for getting TempestSDR set up for all the popular SDRs, including SPRplay, HackRF, and RTL-SDR.

Learning what’s possible with side-channel attacks is the key to avoiding them, so hats off to [Tech Minds] for putting together this simple, easy-to-replicate demo. To learn even more, listen to what [Samy Kamkar] has to say about the subject, or check out where power supplies, cryptocurrency wallets, and mixed-signal microcontrollers are all vulnerable.

Continue reading “Exposing Computer Monitor Side-Channel Vulnerabilities With TempestSDR”

High-End Ham Radio Gives Up Its Firmware Secrets

July 14, 2020 by 46 Comments

Amateur radio operators have always been at the top of their game when they’ve been hacking radios. A ham license gives you permission to open up a radio and modify it, or even to build a radio from scratch. True, as technology has advanced the opportunities for old school radio hacking have diminished, but that doesn’t mean that the new computerized radios aren’t vulnerable to the diligent ham’s tender ministrations.

A case in point: the Kenwood TH-D74A’s firmware has been dumped and partially decoded. A somewhat informal collaboration between [Hash (AG5OW)] and [Travis Goodspeed (KK4VCZ)], the process that started with [Hash]’s teardown of his radio, seen in the video below. The radio, a tri-band handy talkie with capabilities miles beyond even the most complex of the cheap imports and with a price tag to match, had a serial port and JTAG connector. A JTAGulator allowed him to probe some of the secrets, but a full exploration required spending $140 on a spare PCB for the radio and some deft work removing the BGA-packaged Flash ROM and dumping its image to disk.

[Travis] picked up the analysis from there. He found three programs within the image, including the radio’s firmware and a bunch of strings used in the radio’s UI, in both English and Japanese. The work is far from complete, but the foundation is there for further exploration and potential future firmware patches to give the radio a different feature set.

This is a great case study in reverse engineering, and it’s really worth a trip down the rabbit hole to learn more. If you’re looking for a more formal exploration of reverse engineering, you could do a lot worse than HackadayU’s “Reverse Engineering with Ghidra” course, which just wrapping up. Watch for the class videos soon. Continue reading “High-End Ham Radio Gives Up Its Firmware Secrets”

NASA Making Big Upgrades To Their Big Dish DSS43

July 13, 2020 by 16 Comments

When it comes to antenna projects, we usually cover little ones here. From copper traces on a circuit board to hand-made units for ham radio. But every once in a while it’s fun to look at the opposite end of the spectrum, and anyone who craves such change of pace should check out DSS43’s upgrade currently underway.

Part of NASA’s Deep Space Network (DSN) built to communicate with spacecraft that venture far beyond Earth, Deep Space Station 43 is a large dish antenna with a diameter of 70 meters and largest of the Canberra, Australia DSN complex. However, the raw reflective surface area is only as good as the radio equipment at its center, which are now outdated and thus focus of this round of upgrades.

The NASA page linked above offers a few pieces of fun trivia about DSS43 and its capabilities. If that whets an appetite for more, head over to Twitter for a huge treasure trove. Whoever is in charge of Canberra DSN’s Twitter account has an endless fountain of facts and very eager to share them in response to questions, usually tagged with #DSS43. Example: the weight of DSS43 is roughly 8.5 million kilograms, 4 million of which is moving structure. They also shared time lapse video clips of work in progress, one of which is embedded after the break.

Taking the uniquely capable DSS43 offline for upgrades does have some consequences, one of which is losing our ability to send commands to distant interplanetary probe Voyager 2. (Apparently smaller DSN dishes can be arrayed to receive data, but only DSS43 can send commands.) Such sacrifices are necessary as an investment for the future, with upgrade completion scheduled for January 2021. Just in time to help support Perseverance (formerly “Mars 2020”) rover‘s arrival in February and many more missions for years to come.

Continue reading “NASA Making Big Upgrades To Their Big Dish DSS43”