sdr

310 Articles

Tapping Into A Ham Radio’s Potential With SDRPlay

December 10, 2017 by 18 Comments

Software-defined radios are great tools for the amateur radio operator, allowing visualization of large swaths of spectrum and letting hams quickly home in on faint signals with the click of a mouse. High-end ham radios often have this function built in, but by tapping into the RF stage of a transceiver with an SDR, even budget-conscious hams can enjoy high-end features.

With both a rugged and reliable Yaesu FT-450D and the versatile SDRPlay in his shack, UK ham [Dave (G7IYK)] looked for the best way to link the two devices. Using two separate antennas was possible but inelegant, and switching the RF path between the two devices seemed clumsy. So he settled on tapping into the RF stage of the transceiver with a high-impedance low-noise amplifier (LNA) and feeding the output to the SDRPlay. The simple LNA was built on a milled PCB. A little sleuthing with the Yaesu manual — ham radio gear almost always includes schematics — led him to the right tap point in the RF path, just before the bandpass filter network. This lets the SDRPlay see the signal before the IF stage. He also identified likely points to source power for the LNA only when the radio is not transmitting. With the LNA inside the radio and the SDRPlay outside, he now has a waterfall display and thanks to Omni-Rig remote control software, he can tune the Yaesu at the click of a mouse.

If you need to learn more about SDRPlay, [Al Williams]’ guide to GNU Radio and SDRPlay is a great place to start.

Continue reading “Tapping Into A Ham Radio’s Potential With SDRPlay”

Measuring HF Signal Speeds In A DIY Coaxial Collinear Antenna

December 6, 2017 by 4 Comments

Air Traffic Controllers use Automatic Dependent Surveillance-Broadcast (ADS-B) as an alternative to secondary radar to track aircraft. The ADS-B is transmitted by the aircraft and contains information such as GPS position, pressure, altitude, and callsign among other things at a 1090 MHz frequency, which can be decoded using any of a number of software tools.

[Mike Field] lives near an airport, and decided he wanted to peek into the tracking signals for fun. He turned to an RTL-based TV Dongle. Since the stock antenna was not cutting it, he decided to make one specifically for the 1090 MHz signal. His design is based on Coaxial Collinear Antenna for ADS-B Receiver by [Dusan Balara] which uses pieces of the coaxial cable cut to the right length. There are a number of calculations involved in determining the size of the cable, however, the hack in this design is the way he uses a USB based oscilloscope to measure the speed of RF waves inside the line in question.

We reached out to [Mike], and this is what he had to say. The idea is to use a cable of half the size of the wavelength which is calculated as

lambda = c/f

For the best reception, the sections of coax need to be half a wavelength long – but the wavelength of the signal inside the coax, which is shorter than the wavelength in free space. As this was a generic cable he had no idea of the dielectric that separates the core from the shield, so the ‘velocity factor’ could be anything depending on the exact composition.

To determine the speed of the signal in the cable, his approach omits the more expensive equipment. A length of coax acts as a stub – any energy that is sent into the cable reaches the far end of the transmission line and is then reflected back to the source. When the cable is 1/4th of the wavelength long, the reflected signal arrives back at the start of the signal 180 degrees out of phase – in a perfect world it would completely null out the input signal. Continue reading “Measuring HF Signal Speeds In A DIY Coaxial Collinear Antenna”

A TEMPEST In A Dongle

November 26, 2017 by 27 Comments

If a couple of generations of spy movies have taught us anything, it’s that secret agents get the best toys. And although it may not be as cool as a radar-equipped Aston Martin or a wire-flying rig for impossible vault heists, this DIY TEMPEST system lets you snoop on computers using secondary RF emissions.

If the term TEMPEST sounds familiar, it’s because we’ve covered it before. [Elliot Williams] gave an introduction to the many modalities that fall under the TEMPEST umbrella, the US National Security Agency’s catch-all codename for bridging air gaps by monitoring the unintended RF, light, or even audio emissions of computers. And more recently, [Brian Benchoff] discussed a TEMPEST hack that avoided the need for thousands of dollars of RF gear, reducing the rig down to an SDR dongle and a simple antenna. There’s even an app for that now: TempestSDR, a multiplatform Java app that lets you screen scrape a monitor based on its RF signature. Trouble is, getting the app running on Windows machines has been a challenge, but RTL-SDR.com reader [flatfishfly] solved some of the major problems and kindly shared the magic. The video below shows TempestSDR results; it’s clear that high-contrast images at easiest to snoop on, but it shows that a $20 dongle and some open-source software can bridge an air gap. Makes you wonder what’s possible with deeper pockets.

RF sniffing is only one of many ways to exfiltrate data from an air-gapped system. From power cords to security cameras, there seems to be no end to the ways to breach systems.

Continue reading “A TEMPEST In A Dongle”

Scratch That SDR!

October 29, 2017 by 16 Comments

When you think of a software defined radio, what language might you consider reaching for to create the software part of the equation? C? C++, maybe?

How about Scratch?

“What, Scratch as in the visual programming language aimed at young people?”, we hear you cry incredulously. It’s not exactly the answer you’d expect for an SDR, but thanks to [Andrew Back]’s work there is now ScratchRadio, a set of Scratch extensions for software defined radio. Why on earth do this? The aim is to lower the barrier to entry for software defined radio as far as possible, and to place it in a learning environment such as Scratch seems an ideal way to achieve that.

Of course, Scratch itself isn’t powerful enough for the heaviest of heavy lifting, so in reality this is a Scratch wrapper for a LuaRadio backend. It was created with the LimeSDR Mini in mind, but given that LuaRadio is not specific to that hardware we’d expect it to work with other SDRs such as the ever-popular RTL chipset TV sticks. It gives an owner of a Raspberry Pi 3 the ability to experiment with SDR coding without the need for a huge level of experience, and that to our mind can only be a good thing.

If you fancy trying ScratchRadio, you can find the code in its GitHub repository, and take it from there. Meanwhile we covered LuaRadio last year, so if Scratch is a little basic for you and GNU Radio too advanced, give it a try.

Radio icon: [Sakurambo], (CC BY-SA 3.0).

Scratch cat logo: MIT Media Lab.

Emergency Cell Tower On A Budget

September 30, 2017 by 22 Comments

Cell phone towers are something we miss when we’re out of range, but imagine how we’d miss them if they had been destroyed by disastrous weather. In such emergencies it is more important than ever to call loved ones, and tell them we’re safe. [Matthew May] and [Brendan Harlow] aimed to make their own secure and open-source cellular network antenna for those occasions. It currently supports calling between connected phones, text messaging, and if the base station has a hard-wired internet connection, users can get online.

This was a senior project for a security class, and it seems that the bulk of their work was in following the best practices set by the Center for Internet Security. They adopted a model intended for the Debian 8 operating system which wasn’t a perfect fit. According to Motherboard their work scored an A+, and we agree with the professors on this one.

Last year, the same SDR board, the bladeRF, was featured in a GSM tower hack with a more sinister edge, and of course Hackaday is rife with SDR projects.

Thank you [Alfredo Garza] for the tip.

Cheap, Full-Duplex Software Defined Radio With The LimeSDR

September 22, 2017 by 43 Comments

A few years ago, we saw the rise of software-defined radios with the HackRF One and the extraordinarily popular RTL-SDR USB TV tuner dongle. It’s been a few years, and technology is on a never-ending upwards crawl to smaller, cheaper, and more powerful widgets. Now, some of that innovation is making it to the world of software-defined radio. The LimeSDR Mini is out, and it’s the cheapest and most capable software defined radio yet. It’s available through a Crowd Supply campaign, with units shipping around the beginning of next year.

The specs for the LimeSDR mini are quite good, even when compared to kilobuck units from Ettus Research. The frequency range for the LimeSDR Mini is 10 MHz – 3.5 GHz, bandwidth is 30.72 MHz, with a 12-bit sample depth and 30.72 MSPS sample rate. The interface is USB 3.0 (the connector is male, and soldered to the board, but USB extension cables exist), and the LimeSDR is full duplex. That last bit is huge — the RTL-SDR can’t transmit at all, and even the HackRF is only half duplex. This enormous capability is thanks to the field programmable RF transceiver found in all of the LimeSDR boards. We first saw these a year or so ago, and now these boards are heading into the hands of hackers. Someone’s even building a femtocell out of a Lime board.

The major selling point for the LimeSDR is, of course, the price. The ‘early bird’ rewards for the Crowd Supply campaign disappeared quickly at $99, but there are still plenty available at $139. This is very inexpensive and very fun — on the Crowd Supply page, you can see a demo of a LimeSDR mini set up as an LTE base station, streaming video between two mobile phones. These are the golden days of hobbyist SDR.

A Ham Radio Go-Box Packed With Functionality

September 9, 2017 by 16 Comments

“When all else fails, there’s ham radio.” With Hurricane Harvey just wrapping up, and Irma queued up to clobber Florida this weekend, hams are gearing up to pitch in with disaster communications for areas that won’t have any communications infrastructure left. And the perfect thing for the ham on the go is this ham shack in a box.

Go-boxes, as they are known, have been a staple of amateur radio field operations for as long as there have been hams. The go-box that [Fuzz (KC3JGB)] came up with is absolutely packed with goodies that would make it a perfect EmComm platform. The video tour below is all we have to go on, but we can see a tri-band transceiver, an RTL-SDR dongle and a Raspberry Pi with a TFT screen for tracking satellites. The Pi and SDR might also be part of a NOAA satellite receiver like the one [Fuzz] describes in a separate video; such a setup would be very valuable in natural disaster responses. Everything is powered by a 12-volt battery which can be charged from a small solar panel.

[Fuzz] is ready for action, and while we genuinely hope he and other hams won’t be needed in Florida, it doesn’t seem likely at this point. You can read more about the public service face of ham radio, or about an even more capable go-box.

Continue reading “A Ham Radio Go-Box Packed With Functionality”