Your First GNU Radio Receiver With SDRPlay

November 12, 2015 by Al Williams 25 Comments

Although GRC (the GNU Radio Companion) uses the word radio, it is really a graphical tool for building DSP applications. In the last post, I showed you how you could experiment with it just by using a sound card (or even less). However, who can resist the lure of building an actual radio by dragging blocks around on a computer screen?

For this post and the accompanying video, I used an SDRPlay. This little black box has an antenna jack on one end and a USB port on the other. You can ask it to give you data about a certain area of the RF spectrum and it will send complex (IQ) data out in a form that GRC (or other DSP tools) can process.

The SDRPlay is a great deal (about $150) but if you don’t want to invest in one there are other options. Some are about the same price (like the HackRF or AirSpy) and have different features. However, you can also use cheap TV dongles, with some limitations. The repurposed dongles are not as sensitive and won’t work at lower frequencies without some external help. On the other hand, they are dirt cheap, so you can overlook a few little wrinkles. You just can’t expect the performance you’ll get out of a more expensive SDR box. Some people add amplifiers and converters to overcome these problems, but at some point it would be more cost effective to just spring for a more expensive converter.

Continue reading “Your First GNU Radio Receiver With SDRPlay” →

RPiTX Turns Rasberry Pi Into Versatile Radio Transmitter

November 4, 2015 by Bryan Cockfield 64 Comments

Since the discovery that some USB TV tuner dongles could be used to monitor radio waves across a huge amount of spectrum, the software-defined radio world has exploded with interest. The one limiting factor, though, has been that the dongles can only receive signals; they can’t transmit them. [Evariste Okcestbon, F5OEO] (if that is his real name! Ok c’est bon = Ok this is good) has written some software that will get you transmitting using SDR with only a Raspberry Pi and a wire.

There have been projects in the past that use a Pi to broadcast radio (PiFM), but this new software (RPiTX) takes it a couple steps further. Using just an appropriately-sized wire connected to one of the GPIO pins, the Raspberry Pi is capable of broadcasting using FM, AM, SSB, SSTV, or FSQ signals. This greatly increases the potential of this simple computer-turned-transmitter and anyone should be able to get a lot of use out of it. In the video demo below the break, [Evariste] records a wireless doorbell signal and then re-transmits it using just the Rasbperry Pi.

The RPiTX code is available on GitHub if you want to try it out. And it should go without saying that you will most likely need an amateur radio license of some sort to use most of these features, depending on your locale. If you don’t have a ham radio license yet, you don’t need one to listen if you want to get started in the world of SDR. But a ham license isn’t hard to get and at this point it shouldn’t take much convincing for you to get transmitting.

Continue reading “RPiTX Turns Rasberry Pi Into Versatile Radio Transmitter” →

How To Control Siri Through Headphone Wires

October 19, 2015 by Brian Benchoff 7 Comments

Last week saw the revelation that you can control Siri and Google Now from a distance, using high power transmitters and software defined radios. Is this a risk? No, it’s security theatre, the fine art of performing an impractical technical achievement while disclosing these technical vulnerabilities to the media to pad a CV. Like most security vulnerabilities it is very, very cool and enough details have surfaced that this build can be replicated.

The original research paper, published by researchers [Chaouki Kasmi] and [Jose Lopes Esteves] attacks the latest and greatest thing to come to smartphones, voice commands. iPhones and Androids and Windows Phones come with Siri and Google Now and Cortana, and all of these voice services can place phone calls, post something to social media, or launch an application. The trick to this hack is sending audio to the microphone without being heard.

The ubiquitous Apple earbuds have a single wire for a microphone input, and this is the attack vector used by the researchers. With a 50 Watt VHF power amplifier (available for under $100, if you know where to look), a software defined radio with Tx capability ($300), and a highly directional antenna (free clothes hangers with your dry cleaning), a specially crafted radio message can be transmitted to the headphone wire, picked up through the audio in of the phone, and understood by Siri, Cortana, or Google Now.

There is of course a difference between a security vulnerability and a practical and safe security vulnerability. Yes, for under $400 and the right know-how, anyone could perform this technological feat on any cell phone. This feat comes at the cost of discovery; because of the way the earbud cable is arranged, the most efficient frequency varies between 80 and 108 MHz. This means a successful attack would sweep through the band at various frequencies; not exactly precision work. The power required for this attack is also intense – about 25-30 V/m, about the limit for human safety. But in the world of security theatre, someone with a backpack, carrying around a long Yagi antenna, pointing it at people, and having FM radios cut out is expected.

Of course, the countermeasures to this attack are simple: don’t use Siri or Google Now. Leaving Siri enabled on a lock screen is a security risk, and most Androids disable Google Now on the lock screen by default. Of course, any decent set of headphones would have shielding in the cable, making inducing a current in the microphone wire even harder. The researchers are at the limits of what is acceptable for human safety with the stock Apple earbuds. Anything more would be seriously, seriously dumb.

Mid-Priced Hardware Gets Serious About Software Defined Radio

September 25, 2015 by Al Williams 50 Comments

Regular Hackaday readers are used to seeing the hacks that use a cheap USB TV dongle as a software defined radio (SDR). There’s plenty of software that will work with them including the excellent GNU Radio software. However, the hardware is pretty bare-bones. Without modifications, the USB dongle won’t get lower frequencies.

There’s been plenty of other SDR radios available but they’ve had a much heftier price tag. But we recently noticed the SDRPlay RSP, and they now have US distribution. The manufacturer says it will receive signals with 12-bits of resolution over the range of 100 kHz to 2 GHz with an 8MHz bandwidth. The USB cable supplies power and a connection to the PC. The best part? An open API that supports Windows, Linux, Mac, Android, and will even work on a Raspberry Pi (and has GNU Radio support, too).

Continue reading “Mid-Priced Hardware Gets Serious About Software Defined Radio” →

CCCamp 2015 Rad1o Badge

July 12, 2015 by Anool Mahidharia 9 Comments

Conference badges are getting more complex each year. DEFCON, LayerONE, Shmoocon, The Next Hope, Open Hardware Summit, The EMF, SAINTCON, SXSW Create, The Last Hope, TROOPERS11, ZaCon V and of course the CCC, have all featured amazing badges over the years. This years CCCamp 2015 rad1o badge is taking things several notches higher. The event will run from 13th through 17th August, 2015.

The rad1o Badge contains a full-featured SDR (software defined radio) transceiver, operating in a frequency range of about 50 MHz – 4000 MHz, and is software compatible to the HackRF One open source SDR platform. The badge uses a Wimax transceiver which sends I/Q (in-phase/quardrature-phase) samples in the range of 2.3 to 2.7 GHz to an ARM Cortex M4 CPU. The CPU can process the data standalone for various applications such as FM radio, spectrogram display, RF controlled power outlets, etc., or pass the samples to a computer using USB 2.0 where further signal processing can take part, e.g. using GnuRadio. The frequency range can be extended by inserting a mixer in the RF path. Its got an on-board antenna tuned for 2.5GHz, or an SMA connector can be soldered to attach an external antenna. There’s a Nokia 6100 130×130 pixel LCD and a joystick, which also featured in the earlier CCCamp 2011 badge known as the r0ket.

A 3.5mm TRRS audio connector allows hooking up a headphone and speaker easily. The LiPo battery can be charged via one of the USB ports, while the other USB port can be used for software updates and data I/O to SDR Software like GnuRadio. Check out the project details from their Github repository and more from the detailed wiki which has information on software and hardware. There’s also a Twitter account if you’d like to follow the projects progress.

This years Open Hardware Summit also promises an awesome hackable badge. We’ll probably feature it before the OHS2015 conference in September.

Thanks to [Andz] for tipping us off about this awesome Badge.

Using The Red Pitaya As An SDR

March 2, 2015 by Brian Benchoff 27 Comments

The Red Pitaya is a credit-card sized board that runs Linux, has Ethernet, and a good bit of RAM. This sounds a lot like a Raspberry Pi and BeagleBone Black, but the similarities end there. The Red Pitaya also has two RF inputs, two RF outputs, and a load of digital IOs, all connected to an Xilinx SoC that includes an FPGA. [Pavel] realized the Pitaya had all the components of a software-defined radio, and built an implementation to prove it.

The input for the SDR taps directly into one of the high impedance inputs with a simple loop antenna made out of telephone cable. The actual software-defined part of this radio borrows heavily from an Xilinx application note, while everything is controlled by either SDR# or HDSDR.

[Pavel] included a pre-built SD card image with all his software, so cloning this project is simply a matter of copying an SD card and building an antenna. The full source is also available, interesting if you would like to muck about with FPGAs and SDRs.

Using MATLAB And SDR To Reverse Engineer 433MHz Messages

February 16, 2015 by Anool Mahidharia 27 Comments

Hackers everywhere are having a lot of fun with SDR – as is obvious from the amount of related posts here on Hackaday. And why not, the hardware is cheap and easily available. There are all kinds of software tools you can use to dig in and explore, such as SDR# , Audacity, HDSDR and so on. [illias] has been following SDR projects for a while, which piqued his interest enough for him to start playing with it. He didn’t have any real project in mind so he focused on studying the methodology and the tools available for analyzing 433MHz RF transmission. He describes the process of using MATLAB to recover the transmissions being received by the SDR

He started off by studying the existing tools available to uncover the details of the protocol. The test rig uses an Arduino UNO with the rc-switch library to transmit via a common and inexpensive 433MHz module. SDR# is used to record the transmissions and Audacity allows [illias] to visualize the resulting .wav files. But the really interesting part is where he documents the signal analysis using MATLAB.

He used the RTL-SDR package in conjunction with the Communications System Toolbox to perform spectrum analysis, noise filtering and envelope extraction. MATLAB may not be the easiest to work with, nor the cheapest, but its powerful features and the fact that it can easily read data coming from the SDR makes it an interesting tool. For the full skinny on what this SDR thing is all about, check out Why you should care about Software Defined Radio.