sdr

297 Articles

Bringing Some Discipline To An SDR Transmitter

July 13, 2022 by 16 Comments

The proliferation of software-defined radio (SDR) technology has been a godsend for RF hobbyists. SDR-based receivers and transmitters have gotten so cheap that you’ve probably got a stick or two lying around your bench right now — we can see three from where we sit, in fact.

But cheap comes at a price, usually in the form of frequency stability, which can be prohibitive in some applications — especially amateur radio, where spectrum hygiene is of the utmost concern. So we were pleased to see [Tech Minds] tackle the SDR frequency stability problem by using a GPS-disciplined oscillator. The setup uses an ADALM-PLUTO SDR transceiver and a precision oscillator from Leo Bodnar Electronics. The oscillator can be programmed to output a rock-solid, GPS-disciplined signal over a wide range of frequencies. The Pluto has an external oscillator input that looks for 40 MHz, which is well within the range of the GPSDO.

Setup is as easy as plugging the oscillator’s output into the SDR’s external clock input using an SMA to UFL jumper, and tweaking the settings in the SDR and oscillator. Not all SDRs will have an external clock input, of course, so your mileage may vary. But if your gear is suitably equipped, this looks like a great way to get bang-on frequency — the video below shows just how much the undisciplined SDR can drift.

Like any good ham, [Tech Minds] is doing his bit to keep his signals clean and on target. His chief use case for this setup will be to work QO-100, amateur radio’s first geosynchronous satellite repeater. We’ve got to say that we hams living on the two-thirds of the globe not covered by this satellite are just dying to get a geosynchronous bird (or two) of our own to play with like this.

Continue reading “Bringing Some Discipline To An SDR Transmitter”

A Honda car behind a gate, with its turn signals shown blinking as it's being unlocked by a portable device implementing the hack in question. Text under the car says "Rolling Pwned".

Unlock Any (Honda) Car

July 8, 2022 by 76 Comments

Honda cars have been found to be severely  vulnerable to a newly published Rolling PWN attack, letting you remotely open the car doors or even start the engine. So far it’s only been proven on Hondas, but ten out of ten models that [kevin2600] tested were vulnerable, leading him to conclude that all Honda vehicles on the market can probably be opened in this way. We simply don’t know yet if it affects other vendors, but in principle it could. This vulnerability has been assigned the CVE-2021-46145.

[kevin2600] goes in depth on the implications of the attack but doesn’t publish many details. [Wesley Li], who discovered the same flaw independently, goes into more technical detail. The hack appears to replay a series of previously valid codes that resets the internal PRNG counter to an older state, allowing the attacker to reuse the known prior keys. Thus, it requires some eavesdropping on previous keyfob-car communication, but this should be easy to set up with a cheap SDR and an SBC of your choice.

If you have one of the models affected, that’s bad news, because Honda probably won’t respond anyway. The researcher contacted Honda customer support weeks ago, and hasn’t received a reply yet. Why customer support? Because Honda doesn’t have a security department to submit such an issue to. And even if they did, just a few months ago, Honda has said they will not be doing any kind of mitigation for “car unlock” vulnerabilities.

As it stands, all these Honda cars affected might just be out there for the taking. This is not the first time Honda is found botching a rolling code implementation – in fact, it’s the second time this year. Perhaps, this string of vulnerabilities is just karma for Honda striking down all those replacement part 3D models, but one thing is for sure – they had better create a proper department for handling security issues.

Shielding A Cheap RTL-SDR Stick

June 29, 2022 by 22 Comments

Even though not every Hackaday reader is likely to be a radio enthusiast, it’s a fair guess that many of you will have experimented with an RTL-SDR USB dongle by now. These super-cheap devices are intended for digital TV reception and contain an RTL2832 chip, which with the proper software, can be pushed into service as a general purpose software defined radio receiver. For around $10 USD they’re fantastic value and a lot of fun to play with, even if they’re not the best radio ever. How to improve the lackluster performance? One of the easiest and cheapest ways is simply to shield it from RF noise, which [Alan R] has done with something as mundane as a tubular fizzy orange tablet container.

This is probably one of the simpler hacks you’ll see on this site, as all it involves is making an appropriate hole in the end of the tube and shielding the whole with some aluminium foil sticky tape. But the benefits can be seen immediately in the form of reduced FM broadcast band interference, something that plagues the cheaper dongles.

Perhaps the value in this hack aside from how easy it is on a cheap dongle is that it serves to remind us some of the benefits of paying a little extra for a better quality device. If you’d like to know more about RTL-SDR improvements, it’s a topic we covered in detail back in 2019 when we looked at seven years of RTL-hackery.

Homebrew Radio Telescope Bags Pulsar

May 25, 2022 by 11 Comments

When one mulls the possibility of detecting pulsars, to the degree that one does, thoughts turn to large dish antennas and rack upon rack of sensitive receivers, filters, and digital signal processors. But there’s more than one way to catch the regular radio bursts from these celestial beacons, and if you know what you’re doing, a small satellite dish and an RTL-SDR dongle will suffice.

Granted, [Job Geheniau] has had a lot of experience exploring the radio universe. His website has a long list of observations and accomplishments achieved using his “JRT”, or “Job’s Radio Telescope.” The instrument looks like a homebrewer’s dream, with a 1.9-m satellite TV dish and precision azimuth-elevation rotator. Behind the feedhorn are a pair of low-noise amplifiers and bandpass filters to massage the 1,420 MHz signal that’s commonly used for radio astronomy, plus a Nooelec Smart SDR dongle and an Airspy Mini. Everything is run via remote control, as the interference is much lower with the antenna situated at his family’s farm, 50 km distant from his home in The Hague.

As for the pulsar, bloodlessly named PSR B0329+54, it’s a 5-million-year-old neutron star located in the constellation of Camelopardalis, about 3,500 light-years away. It’s a well-characterized pulsar and pulses at a regular 0.71452 seconds, but it’s generally observed with much, much larger antennas. [Job]’s write-up of the observation contains a lot of detail on the methods and software he used, and while the data is far from clear to the casual observer, it sure seems like he bagged it.

We’ve seen quite a few DIY radio astronomy projects before, both large and small, but this one really impresses with what it accomplished.

[via RTL-SDR.com]

VR Spectrum Analyzer

May 21, 2022 by 5 Comments

At one point or another, we’ve probably all wished we had a VR headset that would allow us to fly around our designs. While not quite the same, thing, [manahiyo831] has something that might even be better: a VR spectrum analyzer. You can get an idea of what it looks like in the video below, although that is actually from an earlier version.

The video shows a remote PC using an RTL dongle to pick up signals. The newer version runs on the Quest 2 headset, so you can simply attach the dongle to the headset. Sure, you’d look like a space cadet with this on, but — honestly — if you are willing to be seen in the headset, it isn’t that much more hardware.

What we’d really like to see, though, is a directional antenna so you could see the signals in the direction you were looking. Now that would be something. As it is, this is undeniably cool, but we aren’t sure what its real utility is.

What other VR test gear would you like to see? A Tron-like logic analyzer? A function generator that lets you draw waveforms in the air? A headset oscilloscope? Or maybe just a giant workbench in VR?

A spectrum analyzer is a natural project for an SDR. Or things that have SDRs in them.

Continue reading “VR Spectrum Analyzer”

Hacking Toy RC Cars With The HackRF One

April 30, 2022 by 3 Comments

The origin story for many who’d call themselves a member of the hacker community usually starts with taking things apart as a child just to see how they worked. For [Radoslav], that trend doesn’t seem to have slowed down, and he’s continued taking toys apart. Although since it’s his daughters little radio controlled car, he stuck to a non-destructive teardown. The result? He’s able to control the car with his laptop through a HackRF One SDR transceiver as shown in the video below the break.

[Radoslav] is no stranger to reverse engineering embedded devices, IoT gadgets, and probably more. So he started with what information was publicly available about the radio control interface in use. Many electronic devices sold in the US must be certified by the FCC (Federal Communications Commission) and prominently display their ID number, and this toy was no exception. The FCC database gave [Radoslav] enough information to know that the communication protocol is modulated with GFSK, a type of Frequency Shift Keying.

He fired up his favorite radio signal analysis tool and and got to work on the protocol itself. Along the way he found that communication between the car and controller is bidirectional but also very easy to get around. The result is that he can drive the car around with his laptop- definitely a cool hack, but for this one, the journey was surely the goal, not the destination.

If hacking on RC cars really gets your wheels turning, you might like this little RC car that can drive on the ceiling. Or if you’re feeling a bit hungry, check out how you can use the HackRF to nab a table at your local restaurant.

Continue reading “Hacking Toy RC Cars With The HackRF One”

Just In Case You Want To Charge Your Neighbor’s Tesla

April 8, 2022 by 67 Comments

Tesla vehicles have a charging port that is under a cover that only opens on command from a charging station. Well, maybe not only. [IfNotPike] reports that he was able to replay the 315MHz signal using a software defined radio and pop the port open on any Tesla he happened to be near.

Apparently, opening the charging port isn’t the end of the world since there isn’t much you can do with the charging port other than charging the car. At least, that we know of. If history shows anything, it is that anything you can get to will be exploited eventually.

Continue reading “Just In Case You Want To Charge Your Neighbor’s Tesla”