SDRplay Release a Dual Tuner SDR called RSPduo

The RSPduo
The RSPduo

SDRplay have released a new product at this years Hamvention called the "RSPduo". The product uses the same technology as their previous RSP models, but this time includes a phase-coherent dual tuner architecture which allows you to tune to two completely separate 2 MHz bands of spectrum simultaneously. The RSPduo retails for US $279.95 + shipping. Their press release reads:

Today at the Dayton Hamvention, SDRplay is announcing the launch of a new Software Defined Radio product – the RSPduo.

The RSPduo is a radical new addition to the RSP line of SDR receivers from SDRplay. Architecturally, it is different from any previous RSP in that it features dual independent tuners, both piped through a single high-speed USB 2.0 interface.

The SDRplay RSPduo is a dual-tuner wideband full featured 14-bit SDR which covers the entire RF spectrum from 1kHz to 2GHz giving 10MHz of spectrum visibility. Initially using Windows based ‘SDRuno’ supplied by SDRplay, you can simultaneously monitor two completely separate 2MHz bands of spectrum anywhere between 1kHz and 2GHz.

Superficially the RSPduo looks identical to the highly popular RSP2pro and will be able to operate in a very similar way. However, it also allows a completely new and exciting set of usage scenarios such as:

1. Simultaneous monitoring of two widely spaced bands – e.g. 40m (HF) and 2m (VHF)
2. Mixing and matching applications simultaneously – e.g. ADS-B and ATC scanning
3. Phase and time coherent demodulation of two receivers

Scenario 3 is very difficult to achieve with two separate USB devices because of the uncertainty of USB latency. The RSPduo overcomes this limitation because all traffic goes through a single USB interface, thus enabling the possibility of the development of various types of diversity demodulation such as: spatial, frequency and polarisation which can bring huge benefits in terms of improved performance.

As well as adding a second independently controlled tuner, which in itself, offers a whole new set of exciting usage possibilities, the SDRduo features 14bit ADCs and a completely re-designed RF front end. These changes provide better RF selectivity and even more dynamic range, offering outstanding performance under extremely challenging reception conditions. The combination of performance and features makes the RSPduo our highest spec RSP yet and sets a new benchmark in the sub $300 SDR market.

Lots of great new videos are appearing on YouTube showing the Dual Tuner RSPduo in use. Just search for RSPduo in the YouTube Search bar.

So far several reviews have been released:

SWLing.com review: https://swling.com/blog/2018/05/a-review-of-the-sdrplay-rspduo-14-bit-dual-tuner-sdr/

Sevenfortyone video: https://youtu.be/8WNxtanfWIk

Tech Minds video 1: https://youtu.be/wxu0ZJUvATE

Tech Minds video 2 showing ATC and ADSB together: https://youtu.be/_842u1k8tQY

OG! Review: https://youtu.be/T-eXoNskDmA

While it appears that it will be a useful tool for multi-band monitoring, what we're looking forward to most are the phase coherent applications. Thanks to its phase coherence and predictable USB timing implementation, the unit should be very useful for passive radar and spatial filtering techniques, and we're hoping that SDRplay will be working on software for at least the latter. Multi-channel phase coherent applications are probably going to be one of the the next big developments in the SDR space so it's good to see low cost hardware with this potential coming out now.

We'll be reviewing the unit ourselves within the next month, so keep an eye out for that post!

RSPduo - introduction and software demonstration
RSPduo - introduction and software demonstration

Monitoring FT8, JT65, JT9 on Multiple Bands with Low Cost Single Board PCs

Thank you to Michael (dg0opk) who wrote in and wanted to share details of his full SDR monitoring system for weak signal HF modes. His setup consists of nine ARM mini PCs (such as Banana Pi's, Raspberry Pi's, and Odroid's), several SDRs including multiple RTL-SDR's, an Airspy Mini, FunCube Dongle and SDR-IQ, as well as some filters and a wideband amp. For software he uses Linrad or GQRX as the receiver, and WSJTx or JTDX as the decoding software, all running on Linux.

Michael also notes that his Bananapi FT8, JT65 and JT9 SDR monitor has been up and stably running continuously for half a year now. Bananapi's are lower cost alternatives to the well known Raspberry Pi single board computers, so it's good to note that a permanent weak signal monitoring system can be set up on a very low budget. Presumably even cheaper Orange Pi's would also work well.

With his setup he is able to continuously monitor FT8, JT65 and JT9 on multiple bands simultaneously without needing to tie up more expensive ham radios. His results can be seen on PSKReporter. A video of his RTL-SDR Raspberry Pi 3 decoding FT8, JT65 and JT9 can be found here.

Weak Signal Receiver Setup
dg0opk's weak signal receiver setup

SDR# TETRA Decoder Plugin Updated

The TETRA plugin for SDR# has been updated a few times since our last post on it back in March. The latest version can be downloaded directly here, and the original link comes from the Russian scanner forums.

In the new version the 'Net Info' button is now functioning and it is possible to see the current calls, groups, and meta information on the current cell and neighbour cell. It also appears that it has been updated to allow for multiple SDR# TETRA decoder instances to be opened simultaneously now for wider band monitoring.

SDR# TETRA Plugin Net Info Window
SDR# TETRA Plugin Net Info Window

Outernet’s Old Antenna Stock for Sale: L-Band Active and Filtered Ceramic Patch Antennas

In the past the Outernet project operated on L-band frequencies, and for the service they manufactured a number of active L-band active ceramic patch antennas for use with RTL-SDR dongles. Outernet has since moved on to faster Ku-band delivery, and hence their old L-band antennas can no longer be used for their service.  There are a few of these patch antennas left over in Outernet's stock and they are currently selling them on eBay for US $29 + shipping.

Although no longer useful for Outernet, these antennas are still very useful for receiving other L-band services such as STD-C SafetyNET and AERO. SafetyNET is a text broadcast intended for sailors at sea, but contains many interesting and potentially useful messages for others too. Often they transmit data like military sea live firing warnings, reports of marine pirate activity, search and rescue reports, scientific vessel reports as well as weather reports. AERO is the satellite version of ACARS, and is used by aircraft to communicate with text messages to and from ground stations. L-Band AERO signals only contain information from the ground station up to the aircraft. For air to ground you'll need a C-band receiver set up. AERO is the satellite communications protocol that was so heavily centered on during the MH370 flight disappearance investigation.

In the past we've reviewed the Outernet L-band ceramic patch and found it to work very well. Certainly STD-C and AERO signals are easy to receive with the antenna if you point it at the satellite. The antenna requires bias tee power and can easily be used in combination with the bias tee on our RTL-SDR V3 dongles. The onboard filter helps reduce problems from interfering signals, but restricts reception to 1525 - 1559 MHz, so Iridium signals cannot be received with this antenna.

The L-Band Active Ceramic Patch Antenna.
The L-Band Active and Filtered Ceramic Patch Antenna.

Hacker Warehouse Demonstrates Pager Decoding with an RTL-SDR

Over on YouTube the web show Hacker Warehouse have created a video explaining wireless pagers and how RTL-SDRs can be used to sniff them. In the video host Troy Brown starts by explaining what pagers are and how they work, and then he shows how to decode them with SDR# and PDW. We have a tutorial on this project available here too.

Later in the video he shows some examples of pager messages that he's received. He shows censored messages such as hospital patient data being transmitted in plain text, sports scores, a memo from a .gov address claiming allegations of abuse from a client, office gossip about a hookup, a message about a drunk man with a knife, a message from a Windows server with IP address and URL, a message from a computer database, and messages from banks.

In the past we've also seen an art installation in New York which used SDR to highlight the blatant breach of privacy that these pager messages can contain.

Decoding Pager Data with RTLSDR - Tradecraft
Decoding Pager Data with RTLSDR - Tradecraft

Warning: Stolen SDRplay RSP-1A’s on eBay will not Function Properly

SDRplay have recently released a PSA noting that a consignment of RSP-1A's was stolen from their manufacturing partner. This is important as SDRplay have decided to blacklist the serial numbers from this stolen consignment, and so the stolen units will not work at all, or may only work with a small number of programs. You may then be stuck trying to obtain a refund from the thief, although we believe that SDRplay would most likely help get you a legit device if you purchased a stolen one unknowingly. They write:

It has come to our attention that a consignment of RSPs that was recently stolen from our manufacturing partner have appeared for sale on eBay.

If you have any of the following devices and have purchased them from a non-approved reseller of SDRplay products, please contact [email protected] and also contact the seller requesting a refund as the devices appear to have come from a stolen consignment of goods.

Please be aware that we have now black-listed the above serial numbers [see the original forum post for black list serials] and these devices will not work at all or will only work with a very restricted range of software. Anyone with any of these devices will not receive any form of support or technical assistance from SDRplay.

We are aware that the following eBay sellers have been selling devices from the stolen consignment:

https://www.ebay.co.uk/usr/greenfields1001 (formerly listed as mansnothot01)
https://www.ebay.co.uk/usr/connie68purple

Whilst we recognise that the above resellers may well have purchased the devices in good faith and in complete innocence, they have thus far failed to cooperate with us by explaining where they obtained the devices from. We will therefore be forwarding on their details to the Police so that they can investigate further.

We strongly recommend that people only purchase new devices from an authorised SDRplay distributor or reseller. A full list of authorised sellers is available from our website at:

https://www.sdrplay.com/distis.php

Thank you

Admin – SDRplay Ltd

It is a good time to also remind that there are many scam sellers on eBay. There are often fake listings for RTL-SDR dongles too, with scammers selling our RTL-SDR V3 for $10. These are simply fake listings and not stolen products. Those sellers rely on baiting people into purchasing at the lower price, and then they simply take the money and run. Normally PayPal or eBay will eventually refund you, but the dispute process could take several months. The real eBay account for our RTL-SDR products is "rtl-sdr-blog". 

Update: SDRplay released a second statement just now mentioning why the blacklist was undertaken.

Further to our previous post on this matter, what people will not yet be aware of is that we also had a consignment of the new product that is due to be announced tomorrow stolen. We have had three separate consignments stolen and devices from all three have turned up on the same ebay account and so this suggests that a single person is responsible for all three thefts.

The decision to blacklist devices was taken to target the as of yet unsold devices to render them worthless and to make it pointless for the thieves to attempt to sell them. Of the consignment of RSP1As and RSP2pros, we have reason to believe that the majority remain unsold and so we took this action to render them worthless and deter the thieves from attempting to sell them.

By making this public in the way we did, we are giving the following messages:

1. We have end to end traceability of our products from the point of manufacture to the point that they reach our seller. If any are stolen, we will know and we will know the serial numbers of the devices taken.

2. Via the serial numbers we can render these devices worthless and so there is no point in attempting to sell them. The unwitting purchaser will become aware that they have received a stolen device and will want their money back.

3. Because we can make these devices worthless, there is no point in stealing any more of our products.

We made public the serial numbers of the RSP1As and RSP2Pros public and very clearly asked anyone who may have purchased one of these devices (believing them to be genuine) to contact us. Those that do and assist us in tracking down the thieves will be treated VERY sympathetically.

We will NOT penalise innocent people so that assumption that this is our intent is frankly WRONG!!

Our objective here is to gather as much information as possible so that it can be forwarded to the relevant law enforcement agencies to assist them in tracking down the culprits.

Some of the comments that we have seen on this subject by ill-informed people are massively wide of the mark. We have a responsibility to gather as much information as possible and forward it to the relevant authorities. We have also suffered a considerable financial loss, not just in terms of the cost of the goods, but also in terms of the lost sale opportunities. Some of the comments that we have seen regarding insurance cover are equally ill informed. For insurance claims to be taken seriously, you have an obligation to report the thefts and take all possible steps to assist in the recovery of the stolen goods that that is precisely what we are doing.

Finally, we have NEVER said that we will "brick" the devices. That is an incorrect assumption that has been made. Blacklisting and 'bricking' are two quite different things.

Building A Low Cost GOES Weather Satellite Receiver with an RTL-SDR

Over on Twitter and his github.io page, Pieter Noordhuis (@pnoordhuis) has shared details about his low cost RTL-SDR based GOES satellite receiving setup. GOES 15/16/17 are geosynchronous weather satellites that beam back high resolution weather images and data. In particular they send beautiful high resolution 'full disk' images which show one side of the entire earth. As the satellites are in geosynchronous orbit, they are quite a bit further away from the earth. So compared to the more easily receivable low earth orbit satellites such as the NOAA APT and Meteor M2 LRPT satellites, a dish antenna, good LNA and possibly a filter is required to receive them. However fortunately, as they are in a geosynchronous orbit, the satellite is in the same position in the sky all the time, so no tracking hardware is required.

In the past we've seen people receive these images with higher end SDRs like the Airspy and SDRplay. However, Pieter has shown that it is possible to receive these images on a budget. He uses an RTL-SDR, a 1.9 GHz grid dish antenna from L-Com, a Raspberry Pi 2, the NooElec 'SAWBird' LNA, and an additional SPF5189Z based LNA. The SAWBird is a yet to be released product from NooElec. It is similar to their 1.5 GHz Inmarsat LNA, but with a different SAW filter designed for 1.7 GHz GOES satellites. The total cost of all required parts should be less than US $200 (excluding any shipping costs).

Pieter also notes that he uses the stock 1.9 GHz feed on the L-com antenna, and that it appears to work fine for the 1.7 GHz GOES satellite frequency. With this dish he is able to receive all three GOES satellites at his location with the lowest being at 25 degrees elevation. If the elevation is lower at your location he mentions that a larger dish may be required. It may be possible to extend the 1.9 GHz L-Band dish for better reception with panels from a second cheaper 2.4 GHz grid dish, and this is what @scott23192 did in his setup.

For software Pieter uses the open source goestools software that Pieter himself developed. The software is capable of running on the Raspberry Pi 2 and demodulating and decoding the signal, and then fully assembling the decoded signal into files and images.

Pieters GOES RTL-SDR Receiving Setup
Pieters Low Cost GOES RTL-SDR Receiving Setup

Detecting GPS Jammers In Augmented Reality

The NT1065 is an all-in-one 4-channel global navigation satellite system (GNSS) receiver chip. It is highly versatile and can receive and decode multiple navigation satellites such as GPS, GLONASS, Galileo, BeiDou, IRNSS and QZSS. Being able to receive so many satellites, it is capable of centimeter level positioning.

The team at Amungo Navigation have taken this chip and have created a product called the NUT4NT+ which is essentially a development board for the NT1065, and all the software for signal processing with it is provided as open source software. In the near future they are planning to begin fundraising for the product over on the crowd funding site CrowdSupply.

One very interesting application that they have been developing with a device similar to the NUT5NT+ is a GPS Jammer/Spoofer detector system which they call the Amungo XNZR. This is a combined 4-channel GNSS receiver and 4-antenna GNSS antenna system built into a small package that fits onto the back of an Android tablet. When connected to the software it uses augmented reality (AR) to show you exactly where GPS jammers are in the vicinity by using coherent signal processing. If you're not familiar with AR, this is the technique of overlaying digital data/images on top of a live real world camera view.

Detecting a Kremlin GPS Spoofer in Augmented Reality
Detecting a Kremlin GPS Spoofer in Augmented Reality

In the video below they take their XNZR detector to Varvarka Street in Moscow Russia and determine the location of a GPS spoofer in the vicinity. 

More information about their product can be found on their homepage, and on various interesting forum posts by someone from the company that detail some of their experiments. Note that the forum posts are in Russian, but Google Translate can be used to translate the text.

XNZR is searching for Moscow GPS Spoofing Anomaly
XNZR is searching for Moscow GPS Spoofing Anomaly