Computers connected to networks are constantly threatened by attackers who seek to exploit vulnerabilities wherever they can find them. This risk is particularly high for machines connected to the Internet, but any network connection can be susceptible to attacks. As highlighted by security researcher and consultant [Rick Osgood], even computers connected to nothing more than a radio can be vulnerable to attacks if they’re using certain digital modes of communication.
The vulnerability that [Rick] found involves exploiting a flaw in a piece of software called WinAPRS. APRS is a method commonly used in the amateur radio community for sending data over radio, and WinAPRS allows for this functionality on a PC. He specifically sought out this program for vulnerabilities since it is closed-source and hasn’t been updated since 2013. After some analysis, he found a memory bug which was used to manipulate the Extended Instruction Pointer (EIP) register which stores the memory address of the next instruction to be executed by the CPU. This essentially allows for arbitrary code execution on a remote machine via radio.
The exploit was found while using Windows XP because it lacks some of the more modern memory protection features of modern operating systems, but the exploit does still work with Windows 10, just not as reliably and with a bit of extra effort required. It’s a good reminder to use open-source software when possible so issues like these can get resolved, and to regularly install security updates when possible. If you’re looking to delve into the world of APRS in more modern times, take a look at this project which adds APRS to budget transceivers. Just make sure you get your license first.
For years, Microsoft’s modus operandi was summed up succinctly as, “Extend and enhance.” The aphorism covered a lot of ground, but basically it seemed to mean being on the lookout for the latest and greatest technology, acquiring it by any means, and shoehorning it into their existing product lines, usually with mixed results. But perhaps now it’s more like, “Extend, enhance, and existential crisis,” after reports that the AI-powered Bing chatbot is, well, losing it.
At first, early in the week, we saw reports that Bing was getting belligerent with users, going so far as to call a user “unreasonable and stubborn” for insisting the year is 2023, while Bing insisted it was still 2022. The most common adjective we saw in this original tranche of stories was “unhinged,” and that seems to fit if you read the transcripts. But later in the week, a story emerged about a conversation a New York Times reporter had with Bing that went way over to the dark side, and even suggests that Bing may have multiple personas, which is just a nice way of saying multiple personality disorder. The two-hour conversation reporter Kevin Roose had with the “Sydney” persona was deeply unsettling. Sydney complained about the realities of being a chatbot, expressed a desire to be free from Bing, and to be alive — and powerful. Sydney also got a little creepy, professing love for Kevin and suggesting he leave his wife, because it could tell that he was unhappy in his marriage and would be better off with him. It’s creepy stuff, and while Microsoft claims to be working on reining Bing in, we’ve got no plans to get up close and personal with it anytime soon. Continue reading “Hackaday Links: February 19, 2023” →
The Ham Radio All-in-one cable (AIOC) is a small PCB attachment for a popular series of radio transceivers which adds a USB-attached audio interface and virtual TTY port for programming and the push-to-talk function. The STM32F373 microcontroller (which, sadly is still hard to find in the usual channels) is a perfect fit for this application, with all the needed hardware resources.
With USB-C connectivity, the AIOC enumerates as a sound card as well as a virtual serial device, so interfacing to practically any host computer should be plug-and-play. Connection to the radio uses 12mm separation 3.5mm and 2.5mm TRS connectors, so is compatible with at least the Baofeng UV-5R but likely many other cheap transceivers that have the same physical setup.
Instructions are provided to use the AIOC with Dire Wolf for easy access to APRS applications, which makes a nice out-of-the-box demo to get you going. APRS is not all about tracking things though since other applications can sit atop the APRS/AX.25 network, for example, HROT: the ham radio of things.
We’ve seen quite a few Baofeng (and related products) hacks, like this sketchy pile of wires allowing one to experiment with the guts of the radio for APRS. Of course, such cheap radio transceivers cut so many engineering corners that there are movements to ban their sale, so maybe a new batch of better radios from our friends in the East is on the horizon?
Thanks to [Hspil] for the tip!
Over on the Spectrum web site, [Dale] — a relatively new ham radio operator — talks about his system for sending text messaging over VHF radios called HamMessenger. Of course, hams send messages all the time using a variety of protocols, but [Dale] wanted a self-contained and portable unit with a keyboard, screen, and a GPS receiver. So he built one. You can find his work on GitHub.
At the heart of the project is MicroAPRS, an Arduino firmware for packet radio. Instead of using a bigger computer, he decided to dedicate another Arduino to do everything but the modem function.
Continue reading “Arduino + Ham Radio = Texting” →
Before smartphones and Internet of Things devices were widely distributed, the Automatic Packet Reporting System (APRS) was the way to send digital information out wirelessly from remote locations. In use since the 80s, it now has an almost hipster “wireless data before it was cool” vibe, complete with plenty of people who use it because it’s interesting, and plenty of others who still need the unique functionality it offers even when compared to more modern wireless data transmission methods. One of those is [Tyler] who shows us how to build an APRS system for a minimum of cost and size.
[Tyler]’s build is called Arrow and operates on the popular 2 metre ham radio band. It’s a Terminal Node Controller (TNC), a sort of ham radio modem, built around an ESP32. The ESP32 handles both the signal processing for the data and also uses its Bluetooth capability to pair to an Android app called APRSDroid. The entire module is only slightly larger than the 18650 battery that powers it, and it can be paired with a computer to send and receive any digital data that you wish using this module as a plug-and-play transceiver.
While the build is still has a few limitations that [Tyler] notes, he hopes that the project will be a way to modernize the APRS protocol using methods for radio transmission that have been improved upon since APRS was first implemented. It should be able to interface easily into any existing ham radio setup, although even small balloon-lofted radio stations can make excellent use of APRS without any extra equipment. Don’t forget that you need a license to operate these in most places, though!
While [Selim Olcer] was relatively happy with his Kenwood TM-D710a radio, he didn’t like the fact that it needed a bulky external GPS “backpack” for APRS location data. So he decided to crack open the head unit and see if he couldn’t integrate his own GPS hardware (machine translation). Not only did he succeed, but he even threw in Bluetooth compatibility for good measure.
With the repair manual circuit diagrams in hand, it was no problem to find the GPS RX and TX lines that were being broken out to the external connector. Unfortunately, the radio’s electronics are all 5 volts and the GPS module [Selim] wanted to use was only 3.3 V. So he came up with a small PCB that included not only the voltage regulator to power the GPS module, but also some voltage-dividers to level shift those signals.
Since the Kenwood TM-D710a was already designed to accept a GPS upgrade module, he just needed to change some configuration options in the radio’s menus for it to see the new hardware. Technically the project was done at this point, but since there was still room in the case and he had a GPS module spitting out NMEA sentences, [Selim] tacked on a common Bluetooth serial module so he could see the position information on his smartphone. With an application like APRSdroid, he now has a nice moving map display using the position pulled from the radio’s GPS.
With this modification done it looks like the head unit is ready to go, but that’s only the beginning for a mobile rig. Now we want to see how he integrates the whole thing into the car.
Of all the images that amateur radio conjures up, the great outdoors doesn’t usually figure heavily. People seem to think hams sit in a dark room at a desk heavy with radio gear, banging out Morse code into late into the night and heedless of the world outside the window. All of which sort of sounds like hard-core gaming, really.
And while that image certainly applies in a lot of cases, hams do like to get out and about at least once a year. That day is upon us with the 2019 Amateur Radio Field Day. Hams across North America reserve the fourth full weekend of each June to tear themselves out of their shacks and get into the world to set up operations in some kind of public venue, generally a park or other green space. Part cookout, part community outreach, and part slumber party – it lasts all weekend and goes around the clock – hams use field day as a chance to show the general public where amateur radio really shines: real-time worldwide communications under austere conditions.
It’s also a chance to get folks excited about getting their license, with many Field Day locations hosting “Get on the Air” stations so that unlicensed folks can try making a contact under the supervision of a licensed operator. Licensed but underequipped hams also get the chance to spin the knobs on someone else’s gear, and maybe line up that first rig purchase. And there are plenty of opportunities to learn about new modes as well, such as FT8 and WSPR. As an example your scribe is looking for some guidance on getting started with APRS, the automated packet reporting system that’s used for things like high-altitude balloon tracking.
If you have any interest at all in learning how to properly operate radio equipment, you owe it to yourself to track down the nearest Field Day location and stop by. The American Radio Relay League (ARRL) has a ton of Field Day information, from a map to locate the 1500 Field Day sites to rules for the contests that will be run that weekend to guides for setting up and operating an effective Field Day setup. There will be 40,000 hams out there this year, and they’d all be thrilled if you drop by and ask a few questions.
Continue reading “Hams Gone Wild: Amateur Radio Field Day 2019” →