amateur radio

204 Articles

Arbitrary Code Execution Over Radio

April 7, 2023 by 71 Comments

Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the Internet, but any network connection can be susceptible to attacks. As highlighted by security researcher and consultant [Rick Osgood], even computers connected to nothing more than a radio can be vulnerable to attacks if they’re using certain digital modes of communication.

The vulnerability that [Rick] found involves exploiting a flaw in a piece of software called WinAPRS. APRS is a method commonly used in the amateur radio community for sending data over radio, and WinAPRS allows for this functionality on a PC. He specifically sought out this program for vulnerabilities since it is closed-source and hasn’t been updated since 2013. After some analysis, he found a memory bug which was used to manipulate the Extended Instruction Pointer (EIP) register which stores the memory address of the next instruction to be executed by the CPU. This essentially allows for arbitrary code execution on a remote machine via radio.

The exploit was found while using Windows XP because it lacks some of the more modern memory protection features of modern operating systems, but the exploit does still work with Windows 10, just not as reliably and with a bit of extra effort required. It’s a good reminder to use open-source software when possible so issues like these can get resolved, and to regularly install security updates when possible. If you’re looking to delve into the world of APRS in more modern times, take a look at this project which adds APRS to budget transceivers. Just make sure you get your license first.

Hackaday Links Column Banner

Hackaday Links: April 2, 2023

April 2, 2023 by 1 Comment

It may be hard to believe, but it’s time for the Hackaday Prize again! The 2023 Hackaday Prize was announced last weekend at Hackaday Berlin, and entries are already pouring in. The first-round challenge is all about “Re-engineering Education,” which means you’ve got to come up with a project idea that helps push back the veil of ignorance somehow. Perhaps you’ve got a novel teaching tool in mind, or a way to help students learn remotely. Or maybe your project is aimed at getting students involved and engaged. Whatever it is — and whatever the subject matter; it doesn’t just have to be hacking-adjacent — get an entry together, build a team, and get to work. The first round closes on April 25, so get to it!

Continue reading “Hackaday Links: April 2, 2023”

Hams Watch For Meteors

March 28, 2023 by 13 Comments

After passing an exam and obtaining a license, an amateur radio operator will typically pick up a VHF ratio and start talking to other hams in their local community. From there a whole array of paths open up, and some will focus on interesting ways of bouncing signals around the atmosphere. There are all kinds of ways of propagating radio waves and bouncing them off of various reflective objects, such as the Moon, various layers of the ionosphere, or even the auroras, but none are quite as fleeting as bouncing a signal off of a meteor that’s just burned up in the atmosphere.

While they aren’t specifically focused on communicating via meteor bounce, The UK Meteor Beacon Project hopes to leverage amateur radio operators and amateur radio astronomers to research more about meteors as they interact with the atmosphere. A large radio beacon, which has already been placed into service, broadcasts a circularly-polarized signal in the six-meter band which is easily reflected back to Earth off of meteors. Specialized receivers can pick up these signals, and are coordinated among a network of other receivers which stream the data they recover over the internet back to a central server.

With this information, the project can determine where the meteor came from, some of the properties of the meteors, and compute their trajectories by listening for the radio echoes the meteors produce. While this is still in the beginning phases and information is relatively scarce, the receivers seem to be able to be built around RTL-SDR modules that we have seen be useful across a wide variety of radio projects for an absolute minimum of cost.

Continue reading “Hams Watch For Meteors”

Long-Distance Gaming Over Packet Radio

March 27, 2023 by 25 Comments

The amateur radio community often gets stereotyped as a hobby with a minimum age requirement around 70, gatekeeping airwaves from those with less experience or simply ignoring unfamiliar beginners. While there is a small amount of truth to this on some local repeaters or specific frequencies, the spectrum is big enough to easily ignore those types and explore the hobby without worry (provided you are properly licensed). One of the best examples of this we’ve seen recently of esoteric radio use is this method of using packet radio to play a game of Colossal Cave Adventure.

Packet radio is a method by which digital information can be sent out over the air to nodes, which are programmed to receive these transmissions and act on them. Typically this involves something like email or SMS messaging, so playing a text-based game over the air is not too much different than its intended use. For this build, [GlassTTY] aka [G6AML] is using a Kenwood TH-D72 which receives the packets from a Mac computer. It broadcasts these packets to his node, which receives these packets and sends them to a PDP-11 running the game. Information is then sent back to the Kenwood and attached Mac in much the same way as a standard Internet connection.

The unique features of packet radio make it both an interesting and useful niche within the ham radio community, allowing for all kinds of uses where data transmission might otherwise be infeasible or impossible. A common use case is APRS, which is often used on VHF bands to send weather and position information out, but there are plenty of other uses for it as well.

Continue reading “Long-Distance Gaming Over Packet Radio”

Showing balloon rising up, not too far from the ground, with one of the FOSDEM buildings and sky in the background

FOSDEM Sees Surprise Pico Balloon Event

March 4, 2023 by 23 Comments

At any vaguely-related conferences, groups of hackers sometimes come together to create an impact, and sometimes that impact is swinging something into an airspace of a neighboring country. [deadprogram] tells us that such a thing happened at FOSDEM, where a small group of hackers came together (Nitter) to assemble, program and launch a pico balloon they named TinyGlobo 1, which then flew all the way to France!

This balloon is built around a RP2040, and the firmware is written in TinyGo, a version of Go language for microcontroller use. As is fitting for a hacker group, both the hardware and software are open source. Don’t expect custom PCBs though, as it’s a thoroughly protoboarded build. But a few off-the-shelf modules will get you the same hardware that just flew a 400km route! For build experiences, there’s also a few tweets from the people involved, and a launch video, also embedded below.

This reminds us of the Supercon 2022 balloon story — darn copycats! If you’re interested in the more Earthly details of this year’s FOSDEM open source development conference, check out our recent coverage.

Morse Code Clock For Training Hams

March 1, 2023 by 13 Comments

It might seem antiquated, but Morse code still has a number of advantages compared to other modes of communication, especially over radio waves. It’s low bandwidth compared to voice or even text, and can be discerned against background noise even at extremely low signal strengths. Not every regulatory agency requires amateur operators to learn Morse any more, but for those that do it can be a challenge, so [Cristiano Monteiro] built this clock to help get some practice.

The project is based around his favorite microcontroller, the PIC16F1827, and uses a DS1307 to keep track of time. A single RGB LED at the top of the project enclosure flashes the codes for hours in blue and minutes in red at the beginning of every minute, and in between flashes green for each second.

Another design goal of this build was to have it operate with as little power as possible, so with a TP4056 control board, single lithium 18650 battery, and some code optimization, [Cristiano] believes he can get around 60 days of operation between charges.

For a project to help an aspiring radio operator learn Morse, a simple build like this can go a long way. For anyone else looking to build something similar we’d note that the DS1307 has a tendency to drift fairly quickly, and something like a DS3231 or even this similar Morse code clock which uses NTP would go a long way to keeping more accurate time.

Continue reading “Morse Code Clock For Training Hams”

Hackaday Links Column Banner

Hackaday Links: February 19, 2023

February 19, 2023 by 26 Comments

For years, Microsoft’s modus operandi was summed up succinctly as, “Extend and enhance.” The aphorism covered a lot of ground, but basically it seemed to mean being on the lookout for the latest and greatest technology, acquiring it by any means, and shoehorning it into their existing product lines, usually with mixed results. But perhaps now it’s more like, “Extend, enhance, and existential crisis,” after reports that the AI-powered Bing chatbot is, well, losing it.

At first, early in the week, we saw reports that Bing was getting belligerent with users, going so far as to call a user “unreasonable and stubborn” for insisting the year is 2023, while Bing insisted it was still 2022. The most common adjective we saw in this original tranche of stories was “unhinged,” and that seems to fit if you read the transcripts. But later in the week, a story emerged about a conversation a New York Times reporter had with Bing that went way over to the dark side, and even suggests that Bing may have multiple personas, which is just a nice way of saying multiple personality disorder. The two-hour conversation reporter Kevin Roose had with the “Sydney” persona was deeply unsettling. Sydney complained about the realities of being a chatbot, expressed a desire to be free from Bing, and to be alive — and powerful. Sydney also got a little creepy, professing love for Kevin and suggesting he leave his wife, because it could tell that he was unhappy in his marriage and would be better off with him. It’s creepy stuff, and while Microsoft claims to be working on reining Bing in, we’ve got no plans to get up close and personal with it anytime soon. Continue reading “Hackaday Links: February 19, 2023”