RF

195 Articles

GuardBunny Active RFID Protection Going Open Hardware

February 18, 2016 by 33 Comments

There are two sides to every coin. Instead of swiping or using a chip reader with your credit card, some companies offer wireless cards that you hold up to a reader for just an instant. How convenient for you and for anyone who might what to read that data for their own use. The same goes for RFID enabled passports, and the now ubiquitous keycards used for door access at businesses and hotels. I’m sure you can opt-out of one of these credit cards, but Gerald in human resources isn’t going to issue you a metal key — you’re stuck hauling around that RFID card.

It is unlikely that someone surreptitiously reading your card will unlock your secrets. The contactless credit cards and the keylock cards are actually calculating a response based on a stored key pair. But you absolutely could be tracked by the unique IDs in your cards. Are you being logged when passing by an open reader? And other devices, like public transit cards, may have more information stored on them that could be harvested. It’s not entirely paranoid to want to silence these signals when you’re not using them.

One solution is to all of this is to protect your wallet from would-be RFID pirates. At this point all I’m sure everyone is thinking of a tin-foil card case. Sure, that might work unless the malicious reader is very powerful. But there’s a much more interesting way to protect against this: active RFID scrambling with a project called GuardBunny. It’s a card that you place next to whatever you want to protect. It’s not really RFID — I’ll get that in a moment — but is activated the same way and spews erroneous bits back at any card reader. Kristin Paget has been working on GuardBunny for several years now. As of late she’s had less time for active development, but is doing a great thing by letting version 1 out into the world for others to hack on. In her talk at Shmoocon 2016 she walked through the design, demonstrated its functionality, and shared some suggestions for further improvement.

Continue reading “GuardBunny Active RFID Protection Going Open Hardware”

An Improvised Synthetic Aperture Radar

October 25, 2015 by 14 Comments

[Henrik] is at it again. Another thoroughly detailed radar project has shown up on his blog. This time [Henrik] is making some significant improvements to his previous homemade radar with the addition of Synthetic Aperture Radar (SAR) to his previous Frequency Modulated Continuous Wave (FMCW) system.

[Henrik’s] new design uses an NXP LPC4320 which uniquely combines an ARM Cortex-M4 MCU along with a Cortex-M0 co-processor. The HackRF also uses this micro as it has some specific features that can be taken advantage of here like the Serial GPIO (SGPIO) which can be tediously configured and high-speed USB all for ~$8 in single quantity. The mixed signal design is done in two boards, a 4 layer RF board and 2 layer digital board.

Like the gentleman he is, [Henrik] has included schematics, board files, and his modified source from the HackRF project in his github repo. There is simply too much information in his post to attempt to summarize here, if you need instant gratification check out the pictures after the break.

The write-up on his personal blog is impressive and worth look if you didn’t catch our coverage of his single board Linux computer, or his previous radar design.

Continue reading “An Improvised Synthetic Aperture Radar”

Hacklet 80 – Gigahertz Projects

October 16, 2015 by 7 Comments

Somewhere between the HF projects many of us have worked on, and the visible light spectrum lies the UHF, EHF, SHF, and THF. That’s Ultra, Extremely, Super, and Tremendously High Frequency for those who aren’t in the know. All of them involve frequencies in the gigahertz and terahertz range. While modern computers have made gigahertz a household term, actually working with signals in the gigahertz frequency range is still a daunting prospect. There have always been an elite group of hackers, makers, and engineers who tinker with projects using GHz frequencies. This week’s Hacklet is about some of the best GHz projects on Hackaday.io!

radar1We start with [Luke Weston] and Simple, low-cost FMCW radar. For years people like Hackaday’s own [Gregory L. Charvat] have been building simplified radar systems and documenting them for the rest of us. [Luke’s] goal is to make radar systems like this even more accessible for the average hacker. He’s put all the specialized parts on one board. Rather than large Mini Circuits modules, [Luke] went with Hittite microwave parts in chip scale packages. Modulation comes from a Microchip MCP4921 mixed signal DAC. The system works, and has demonstrated transmission and reception 5 GHz to 6 GHz bands. [Luke] has even demonstrated detection of objects at close range using a scope.

Continue reading “Hacklet 80 – Gigahertz Projects”

Arduino Masters Ham Radio Digital Mode

September 13, 2015 by 26 Comments

[jmilldrum] really gets a lot of use out of his Si5351A breakout board. He’s a ham [NT7S], and the Si5351A can generate multiple square waves ranging from 8 kHz to 160 MHz, so it only stands to reason that it is going to be a useful tool for any RF hacker. His most recent exploit is to use the I2C-controllable chip to implement a Fast Simple QSO (FSQ) beacon with an Arduino.

FSQ is a relatively new digital mode that uses a form of low rate FSK to send text and images in a way that is robust under difficult RF propagation. There are 32 different tones used for symbols so common characters only require a single tone. No character takes more than two tones.

Continue reading “Arduino Masters Ham Radio Digital Mode”

Hams Talk Digital

September 6, 2015 by 45 Comments

Morse code qualifies as a digital mode, although organic brains are somewhat better at copying it than electronic ones. Ham radio operators that did “phone” (ham-talk for voice) started out with AM modulation. Sometime after World War II, there was widespread adoption of single side band or SSB. SSB takes up less bandwidth and is more reliable than AM modulation. On the digital side, hams turned to different and more sophisticated digital transmission types with computers pushing bandwidth down and reliability up. However, a recent trend has been to encode voice over ham radio–sort of VoIP with radio instead of Ethernet–using an open source program called freedv.

[AA6E] made a very informative video where he carries on a QSO (a conversation) with a distant station using freedv. What makes it interesting, is towards the end when the two stations switch to regular SSB. The difference is dramatic and really points out how even with less bandwidth (roughly 3 kHz for SSB vs 1.25 kHz), the digital mode is superior. The freedv software (available for Windows or Linux) compresses audio to 700-1600 bits per second and spreads it over 16 QPSK signals.

Continue reading “Hams Talk Digital”

Saving An Alarm System Remote And $100

August 2, 2015 by 21 Comments

[Simon] has been using his home alarm system for over six years now. The system originally came with a small RF remote control, but after years of use and abuse it was finally falling apart. After searching for replacement parts online, he found that his alarm system is the “old” model and remotes are no longer available for purchase. The new system had similar RF remotes, but supposedly they were not compatible. He decided to dig in and fix his remote himself.

He cracked open the remote’s case and found an 8-pin chip labeled HCS300. This chip handles all of the remote’s functions, including reading the buttons, flashing the LED, and providing encoded output to the 433MHz transmitter. The HCS300 also uses KeeLoq technology to protect the data transmission with a rolling code. [Simon] did some research online and found the thew new alarm system’s remotes also use the same KeeLoq technology. On a hunch, he went ahead and ordered two of the newer model remotes.

He tried pairing them up with his receiver but of course it couldn’t be that simple. After opening up the new remote he found that it also used the HCS300 chip. That was a good sign. The manufacturer states that each remote is programmed with a secret 64-bit manufacturer’s code. This acts as the encryption key, so [Simon] would have to somehow crack the key on his original chip and re-program the new chip with the old key. Or he could take the simpler path and swap chips.

A hot air gun made short work of the de-soldering and soon enough the chips were in place. Unfortunately, the chips have different pinouts, so [Simon] had to cut a few traces and fix them with jumper wire. With the case back together and the buttons in place, he gave it a test. It worked. Who needs to upgrade their entire alarm system when you can just hack the remote?

Beach Sign

LED Sign Brightens Up The Beach After Dark

June 6, 2015 by 3 Comments

[Warrior_Rocker’s] family bought a fancy new sign for their beach house. The sign has the word “BEACH” spelled vertically. It originally came with blue LEDs to light up each letter. The problem was that the LEDs had a narrow beam that would blind people on the other side of the room. Also, there was no way to change the color of the LEDs, which would increase the fun factor. That’s why [Warrior] decided to upgrade the sign with multi-colored LEDs.

After removing the cardboard backing of the sign, [Warrior] removed the original LEDs by gently tapping on a stick with a hammer. He decided to use WS2811 LED pixels to replace the original LEDs. These pixel modules support multiple colors and are individually addressable. This would allow for a wide variety of colors and animations. The pixels came covered in a weatherproof resin material. [Warrior] baked the resin with a heat gun until it became brittle. He was then able to remove it entirely using some pliers and a utility knife. Finally, the pixels were held in place with some hot glue.

Rather then build a remote control from scratch, [Warrior] found a compatible RF remote under ten dollars. The LED controller was removed from its housing and soldered to the string of LEDs. It was then hot glued to a piece of cardboard and placed into the sign’s original battery compartment. Check out the video below for a demonstration. Continue reading “LED Sign Brightens Up The Beach After Dark”