sdr

312 Articles

Hackaday Links Column Banner

Hackaday Links: July 26, 2020

July 26, 2020 by 12 Comments

An Australian teen is in hot water after he allegedly exposed sensitive medical information concerning COVID-19 patients being treated in a local hospital. While the authorities in Western Australia were quick to paint the unidentified teen as a malicious, balaclava-wearing hacker spending his idle days cracking into secure systems, a narrative local media were all too willing to parrot, reading down past the breathless headlines reveals the truth: the teen set up an SDR to receive unencrypted POCSAG pager data from a hospital, and built a web page to display it all in real-time. We’ve covered the use of unsecured pager networks in the medical profession before; this is a well-known problem that should not exactly take any infosec pros by surprise. Apparently authorities just hoped that nobody would spend $20 on an SDR and an afternoon putting it all together rather than address the real problem, and when found out they shifted the blame onto the kid.

Speaking of RF hacking, even though the 2020 HOPE Conference is going virtual, they’ll still be holding the RF Hacking Village. It’s not clear from the schedule how exactly that will happen; perhaps like this year’s GNU Radio Conference CTF Challenge, they’ll be distributing audio files for participants to decode. If someone attends HOPE, which starts this weekend, we’d love to hear a report on how the RF Village — and the Lockpicking Village and all the other attractions — are organized. Here’s hoping it’s as cool as DEFCON Safe Mode’s cassette tape mystery.

It looks like the Raspberry Pi family is about to get a big performance boost, with Eben Upton’s announcement that the upcoming Pi Compute Module 4 will hopefully support NVMe storage. The non-volatile memory express spec will allow speedy access to storage and make the many hacks Pi users use to increase access speed unnecessary. While the Compute Modules are targeted at embedded system designers, Upton also hinted that NVMe support might make it into the mainstream Pi line with a future Pi 4A.

Campfires on the sun? It sounds strange, but that’s what solar scientists are calling the bright spots revealed on our star’s surface by the newly commissioned ESA/NASA Solar Orbiter satellite. The orbiter recently returned its first images of the sun, which are extreme closeups of the roiling surface. They didn’t expect the first images, which are normally used to calibrate instruments and make sure everything is working, to reveal something new, but the (relatively) tiny bright spots are thought to be smaller versions of the larger solar flares we observe from Earth. There are some fascinating images coming back from the orbiter, and they’re well worth checking out.

And finally, although it’s an old article and has nothing to do with hacking, we stumbled upon Tim Urban’s look at the mathematics of human relations and found it fascinating enough to share. The gist is that everyone on the planet is related, and most of us are a lot more inbred than we would like to think, thanks to the exponential growth of everyone’s tree of ancestors. For example, you have 128 great-great-great-great-great-grandparents, who were probably alive in the early 1800s. That pool doubles in size with every generation you go back, until we eventually — sometime in the 1600s — have a pool of ancestors that exceeds the population of the planet at the time. This means that somewhere along the way, someone in your family tree was hanging out with someone else from a very nearby branch of the same tree. That union, likely between first or second cousins, produced the line that led to you. This is called pedigree collapse and it results in the pool of ancestors being greatly trimmed thanks to sharing grandparents. So the next time someone tells you they’re descended from 16th-century royalty, you can just tell them, “Oh yeah? Me too!” Probably.

Stop Bad Laws Before They Start

July 25, 2020 by 88 Comments

With everything else going on this summer, you might be forgiven for not keeping abreast of new proposed regulatory frameworks, but if you’re interested in software-defined radio (SDR) or even reflashing your WiFi router, you should. Right now, there’s a proposal to essentially prevent you from flashing your own firmware/software to any product with a radio in it before the European Commission. This obviously matters to Europeans, but because manufacturers often build hardware to the strictest global requirements, it may impact everyone. What counts as radio equipment? Everything from WiFi routers to wearables, SDR dongles to shortwave radios.

The idea is to prevent rogue reconfigurable radios from talking over each other, and prevent consumers from bricking their routers and radios. Before SDR was the norm, and firmware was king, it was easy for regulators to test some hardware and make sure that it’s compliant, but now that anyone can re-flash firmware, how can they be sure that a radio is conformant? Prevent the user from running their own firmware, naturally. It’s pretty hard for Hackaday to get behind that approach.

The impact assessment sounds more like advertising copy for the proposed ruling than an honest assessment, but you should give it a read because it lets you know where the commission is coming from. Reassuring is that they mention open-source software development explicitly as a good to be preserved, but their “likely social impacts” include “increased security and safety” and they conclude that there are no negative environmental impacts. What do you do when the manufacturer no longer wants to support the device? I have plenty of gear that’s no longer supported by firmware updates that is both more secure and simply not in the landfill because of open-source firmware.

Similarly, “the increased capacity of the EU to autonomously secure its products is also likely to help the citizens to better protect their information-related rights” is from a bizarro world where you can trust Xiaomi’s home-automation firmware to not phone home, but can’t trust an open-source replacement.

Public comment is still open, and isn’t limited to European citizens. As mentioned above, it might affect you even if you’re not in the EU, so feel free to make your voice heard. You have until September, and you’ll be in some great company if you register your complaints. Indeed, reading through the public comments is quite heartening: Universities, researchers, and hackers alike have brought up reasons to steer clear of the proposed approach. We hope that the commission hears us.

This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!

Exposing Computer Monitor Side-Channel Vulnerabilities With TempestSDR

July 15, 2020 by 12 Comments

Having been endlessly regaled with tales of side-channel attacks and remote exploits, most of us by now realize that almost every piece of gear leaks data like a sieve. Everything from routers to TVs to the power supplies and cooling fans of computers can be made to give up their secrets. It’s scary stuff, but it also sounds like a heck of a lot of fun, and with an SDR and a little software, you too can get in on the side-channel action.

Coming to us via software-defined radio buff [Tech Minds], the video below gives a quick tour of how to snoop in on what’s being displayed on a monitor for almost no effort or expense. The software that makes it possible is TempestSDR, which was designed specifically for the job. With nothing but an AirSpy Mini and a rubber duck antenna, [Tech Minds] was able to reconstruct a readable black and white image of his screen at a range of a few inches; a better antenna and some fiddling might improve that range to several meters. He also shares a trick for getting TempestSDR set up for all the popular SDRs, including SPRplay, HackRF, and RTL-SDR.

Learning what’s possible with side-channel attacks is the key to avoiding them, so hats off to [Tech Minds] for putting together this simple, easy-to-replicate demo. To learn even more, listen to what [Samy Kamkar] has to say about the subject, or check out where power supplies, cryptocurrency wallets, and mixed-signal microcontrollers are all vulnerable.

Continue reading “Exposing Computer Monitor Side-Channel Vulnerabilities With TempestSDR”

Software Defined Radio Academy Goes Virtual

July 8, 2020 by 4 Comments

They say every cloud has a silver lining. It’s hard to find a positive among all the bad news about the current global pandemic, but it has pushed more conferences and events to allow online participation either live or after the fact. A case in point: The Software Defined Radio Academy’s annual event is all on a YouTube channel so you can attend virtually.

Not all the videos are there yet, but the keynote along with some very technical talks about techniques ranging from FPGAs to spectrum monitoring and spectral correlation density — you can see that video, below. We presume you’ll eventually be able to watch all the presentations listed in the program.

Continue reading “Software Defined Radio Academy Goes Virtual”

Number Crunching GPS For The DIYer

July 2, 2020 by 10 Comments

Many of us have had cause to add GPS to a project, whether it’s because we need an accurate timebase or just want to know where the bloody thing is. Normally, this consists of plugging in a cheap module and making sure the antenna has a good view of the sky. [Mike] wanted to dig deeper, however, and figure out just what goes into decoding a GPS signal and calculating a location fix.

[Mike]’s investigation combined several avenues of investigation. In terms of decoding live radio signals, he selected a KiwiSDR software defined radio. Combined with a Digilent Nexys 2 FPGA, it was now possible to get live data off the air and into the PC quickly for decoding. In concert with this, [Mike] used a sample of raw GPS data captured in Nottingham, UK in order to test his code. After much experimentation, [Mike] was able to get the data decoded with 700 lines of C code. Decoding three minutes worth of data took all night, but further development allowed things to be sped up over 200 times. For the curious, the code is up on Github to convert raw ADC samples into actual location fixes.

Armed with the wealth of resources online and the right hardware, [Mike] was sucessfully able to achieve his goal, and figure out just precisely where his house is, to boot. As a bonus, the whole project was inspired by a similar project posted in these very pages back in 2013! If you’re working on your own satellite-based projects, be sure to drop us a line.

Receive Analog Video Radio Signals From Scratch

May 31, 2020 by 6 Comments

If you’ve been on the RTL-SDR forums lately you may have seen that a lot of work has been going into the DragonOS software. This is a software-defined radio group that has seen a lot of effort put into a purpose-built Debian-based Linux distribution that can do a lot of SDR out of the box. The latest and most exciting project coming from them involves a method for using the software to receive and demodulate analog video.

[Aaron]’s video (linked below) demonstrates using a particular piece of software called SigDigger to analyze an incoming analog video stream from a drone using a HackRF. (Of course any incoming analog signal could be used, it doesn’t need to be a drone.) The software shows the various active frequency ranges, allows a user to narrow in on one and then start demodulating it. While it has to be dialed in just right to get anything that doesn’t look like snow, [Aaron] is able to get recognizable results in just a few minutes.

Getting something like this to work completely in software is an impressive feat, especially considering that all of the software used here is free. Granted, this wouldn’t be as easy for a digital signal like most TV stations broadcast, but there’s still a lot of fun to be had. In case you missed the release of DragonOS, we covered it a few weeks ago and it’s only gotten better since then, with this project just as one example.

Continue reading “Receive Analog Video Radio Signals From Scratch”

ATMega328 SSB SDR For Ham Radio

May 27, 2020 by 23 Comments

The humble ATmega328 microcontroller, usually packaged as an Arduino Uno, is the gateway drug for millions of people into the world of electronics and embedded programming. Some people just can’t pass up the challenge of seeing how far they can push the old workhorse, and it looks like [Guido PE1NNZ] is one of those. He has managed to implement a software-defined SSB ham radio transceiver for the HF bands on the ATMega328, and it looks like the project is going places.

The radio started life as a QRP Labs QCX, a $49 single-band CW (morse code) HF transceiver kit that is already one of the cheapest ways to get on the HF bands. [Guido] reduced the part count of the radio by about 50%, implementing much of the signal processing digitally on the ATmega328. On the transmitter side, the SSB signal is generated by making slight frequency changes to a Si5351 clock generator using 800kbit/s I2C, and controlling a very efficient class-E RF power amplifier with PWM for about 5W of output power. The increased efficiency means that there is no need for the bulky heat sink usually seen on SSB radios. The radio is continuously tunable from 80m to 10m (3.5 Mhz – 30 Mhz), but it does require plugging in a different low pass filters for each band. Continue reading “ATMega328 SSB SDR For Ham Radio”