sdr

314 Articles

Receive Analog Video Radio Signals From Scratch

May 31, 2020 by 6 Comments

If you’ve been on the RTL-SDR forums lately you may have seen that a lot of work has been going into the DragonOS software. This is a software-defined radio group that has seen a lot of effort put into a purpose-built Debian-based Linux distribution that can do a lot of SDR out of the box. The latest and most exciting project coming from them involves a method for using the software to receive and demodulate analog video.

[Aaron]’s video (linked below) demonstrates using a particular piece of software called SigDigger to analyze an incoming analog video stream from a drone using a HackRF. (Of course any incoming analog signal could be used, it doesn’t need to be a drone.) The software shows the various active frequency ranges, allows a user to narrow in on one and then start demodulating it. While it has to be dialed in just right to get anything that doesn’t look like snow, [Aaron] is able to get recognizable results in just a few minutes.

Getting something like this to work completely in software is an impressive feat, especially considering that all of the software used here is free. Granted, this wouldn’t be as easy for a digital signal like most TV stations broadcast, but there’s still a lot of fun to be had. In case you missed the release of DragonOS, we covered it a few weeks ago and it’s only gotten better since then, with this project just as one example.

Continue reading “Receive Analog Video Radio Signals From Scratch”

ATMega328 SSB SDR For Ham Radio

May 27, 2020 by 23 Comments

The humble ATmega328 microcontroller, usually packaged as an Arduino Uno, is the gateway drug for millions of people into the world of electronics and embedded programming. Some people just can’t pass up the challenge of seeing how far they can push the old workhorse, and it looks like [Guido PE1NNZ] is one of those. He has managed to implement a software-defined SSB ham radio transceiver for the HF bands on the ATMega328, and it looks like the project is going places.

The radio started life as a QRP Labs QCX, a $49 single-band CW (morse code) HF transceiver kit that is already one of the cheapest ways to get on the HF bands. [Guido] reduced the part count of the radio by about 50%, implementing much of the signal processing digitally on the ATmega328. On the transmitter side, the SSB signal is generated by making slight frequency changes to a Si5351 clock generator using 800kbit/s I2C, and controlling a very efficient class-E RF power amplifier with PWM for about 5W of output power. The increased efficiency means that there is no need for the bulky heat sink usually seen on SSB radios. The radio is continuously tunable from 80m to 10m (3.5 Mhz – 30 Mhz), but it does require plugging in a different low pass filters for each band. Continue reading “ATMega328 SSB SDR For Ham Radio”

TEMPEST Comes To GNU Radio

May 14, 2020 by 10 Comments

As we use our computers, to watch YouTube videos of trucks hitting bridges, to have a Zoom call with our mothers, or even for some of us to write Hackaday articles, we’re unknowingly sharing a lot of what we are doing with the world. The RF emissions from our monitors, keyboards, and other peripherals can be harvested and reconstructed to give a third party a view into your work, and potentially have access to all your darkest secrets.  It’s a technique with origins in Government agencies that would no doubt prefer to remain anonymous, but for a while now it has been available to all through the magic of software defined radio. Now it has reached the popular GNU Radio platform, with [Federico La Rocca]’s gr-tempest package.

He describes it as a re-implementation of [Martin Marinov]’s TempestSDR, which has a reputation as not being for the faint-hearted. The current version requires GNU Radio 3.7, but he promises a 3.8-compatible version in the works. A YouTube video that we’ve placed below the break has a range of examples running, though there seems to be little information on the type of antenna employed. Perhaps a log-periodic design would be most appropriate.

Continue reading “TEMPEST Comes To GNU Radio”

GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC

April 24, 2020 by 31 Comments

Another week, another exploit against an air-gapped computer. And this time, the attack is particularly clever and pernicious: turning a GPU into a radio transmitter.

The first part of [Mikhail Davidov] and [Baron Oldenburg]’s article is a review of some of the basics of exploring the RF emissions of computers using software-defined radio (SDR) dongles. Most readers can safely skip ahead a bit to section 9, which gets into the process they used to sniff for potentially compromising RF leaks from an air-gapped test computer. After finding a few weak signals in the gigahertz range and dismissing them as attack vectors due to their limited penetration potential, they settled in on the GPU card, a Radeon Pro WX3100, and specifically on the power management features of its ATI chipset.

With a GPU benchmarking program running, they switched the graphics card shader clock between its two lowest power settings, which produced a strong signal on the SDR waterfall at 428 MHz. They were able to receive this signal up to 50 feet (15 meters) away, perhaps to the annoyance of nearby hams as this is plunk in the middle of the 70-cm band. This is theoretically enough to exfiltrate data, but at a painfully low bitrate. So they improved the exploit by forcing the CPU driver to vary the shader clock frequency in one megahertz steps, allowing them to implement higher throughput encoding schemes. You can hear the change in signal caused by different graphics being displayed in the video below; one doesn’t need much imagination to see how malware could leverage this to exfiltrate pretty much anything on the computer.

It’s a fascinating hack, and hats off to [Davidov] and [Oldenburg] for revealing this weakness. We’ll have to throw this on the pile with all the other side-channel attacks [Samy Kamkar] covered in his 2019 Supercon talk.

Continue reading “GPU Turned Into Radio Transmitter To Defeat Air-Gapped PC”

An FPGA And A Few Components Can Make A Radio

April 18, 2020 by 18 Comments

There was a time when making a radio receiver involved significant work, much winding of coils, and tricky alignment of circuitry. The advent of Software Defined Radio (SDR) has moved a lot of this into the domain of software, but there is of course another field in which a radio can be created via code. [Alberto Garlassi] has created a radio receiver for the AM and HF bands with a Lattice MachXO2 FPGA and minimal external components.

He describes it as an SDR, which given that it’s created from Verilog, is a term that could be applied to it. But instead of using an SDR topology of ADC and digital signal processing, it implements a surprisingly traditional direct conversion receiver.

It has a quadrature AM demodulator which has a passing similarity to an SDR with I and Q phased signals, but that’s where the similarity ends. Frequency selection is via an oscillator controlled from a serial port, and there is even a PWM amplifier on board that can drive a speaker. The result can be seen in the video below, and as you can hear the direct conversion with quadrature demodulator approach makes for a very effective AM receiver.

If this is a little much but you still fancy a radio with minimal components, you should have a look at the Silicon Labs range of receiver chips.

Continue reading “An FPGA And A Few Components Can Make A Radio”

Pluto Might Not Be A Planet, But It Is An SDR Transceiver

April 14, 2020 by 17 Comments

Many of the SDR projects we see use a cheap USB dongle. They are great, but sometimes you want more and — especially — sometimes you want to transmit. The Analog Devices ADALM-Pluto SDR is easily available for $200 and sometimes as low as $100 and it both transmits and receives using an Analog AD9363 and a Zynq FPGA. Although you normally use the device to pipe IQ signals to a host computer, you can run SDR applications on the device itself. That requires you to dig into the Zynq tools, which is fun but a topic for another time. In this post, I’m going to show you how you can use GNU Radio to make a simple Morse code beacon in the 2m ham band.

I’ve had one on my bench for quite a while and I’ve played with it a bit. There are several ways to use it with GNU Radio and it seems to work very well. You have to hack it to get the frequency range down a bit. Sure, it might not be “to spec” once you broaden the frequency range, but it seems to work fine. Instead of working from 325 MHz to 3,800 MHz with a 20 MHz bandwidth, the hacked device transceives 70 MHz to 6,000 MHz with 56 MHz bandwidth. It is a simple hack you only have to do once. It tells the device that it has a slightly better chip onboard and our guess is the chips are the same but sorted by performance. So while the specs might be a little off, you probably won’t notice.

Continue reading “Pluto Might Not Be A Planet, But It Is An SDR Transceiver”

Homebrew Loop Antenna Brings The Shortwave World To You

April 12, 2020 by 36 Comments

Radio may be dead in terms of delivering entertainment, but it’s times like these when the original social network comes into its own. Being able to tune in stations from across the planet to get fresh perspectives on a global event can even be a life saver. You’ll need a good antenna to do that, which is where this homebrew loop antenna for the shortwave radio bands shines.

To be honest, pretty much any chunk of wire will do as an antenna for most shortwave receivers. But not everyone lives somewhere where it’s possible to string up a hundred meters of wire and get a good ground connection, which could make a passive loop antenna like this a good choice. Plus, loops tend to cancel the electrical noise that’s so part of life today, which can make it easier to pull in weak, distant stations.

[Thomas]’s design is based on a length of coaxial cable, which should be stiff enough to give the loop some stability, like a low-loss RG-8 or RG-213. The coax braid and dielectric are exposed at the midpoint of the cable to create a feed point, while the shield and center conductor at the other ends are cross-connected. A 1:1 transformer is wound on a toroid core to connect to the feedpoint; [Thomas] calls it a balun but we tend to think it’s more of an unun, since both the antenna and feedline are unbalanced. He reports good results from the loop across the shortwave band.

The shortwave and ham bands are a treasure trove of information and entertainment just waiting to be explored. Check them out — you might learn something, and you might even stumble across spies doing their thing.

[via RTL-SDR.com]