RTL-SDR Retrogram: ASCII Art Spectrum Analyzer

Over on GitHub, Rakesh Peter (r4d10n) has uploaded a new terminal/ssh based console application called "retrogram~rtlsdr". This program uses an RTL-SDR and terminal window to display a spectrum analyzer drawn in ASCII art. Because it is terminal based, it is even possible to view the spectrum of a remote device over an SSH connection. The program is based on software designed for Ettus USRP SDRs, and has been adapted for RTL-SDR.

For other SDRs r4d10n has also worked on a "retrogram~soapysdr" version which should work with any SoapySDR compatible SDR, and "retrogram~plutosdr" for PlutoSDR SDRs.

Running RTL-SDR Android Apps on an Android TV Box

Thank you to Giuseppe (IT9YBG) who just wanted to write in and note that Android TV boxes are an excellent computing platform for RTL-SDR dongles. They allow you to monitor frequencies or listen to DAB music directly from a TV, and at the same time there is no need to worry about battery consumption.

Giuseppe notes that using an Android TV box for SDR is as simple as installing the Martin Marinov Android RTL-SDR drivers from the Google Play store, and then downloading the SDR apps that interest you. No extra USB OTG cable is required, just plug the dongle into the back of the device. In his post he shows screenshots from apps like SDRTouch, welle.io DAB+, RTL-SDR AIS and SDRoid all running smoothly on his Android TV box.

With a system like this is it probably also a good idea to connect a wireless keyboard/mouse combination into a USB port as well.

RTL-SDR V3 running on an Android TV Box
RTL-SDR V3 running on an Android TV Box

Using a 25 Meter Radio Dish and an RTL-SDR as a SatNOGS Ground Station

SatNOGS is an open source project that aims to make it easy for volunteers to build and run RTL-SDR or other SDR based RF ground stations that automatically monitor satellites, and upload that data to the internet for public access. The antennas used in a typical home based SatNOGS station are small enough for a single person to handle, however recently the SatNOGS team have been working on setting up a monitoring station at the Dwingeloo Radio Observatory in the Netherlands.

Dwingeloo has a large 25 meter satellite dish antenna, and they connect it to an RTL-SDR on a laptop running the SatNOGS software. In the video they show it tracking the PRISM amateur radio satellite, and note that the use of this large dish will only be used in special circumstances. They write:

This week the Dwingelooradio Observatory tested their 25 meter dish as a SatNOGS station! Although not set up as a permanent SatNOGS station it is great to see this historic observatory linked to the network. Dwingeloo radio observatory was built between 1954 and 1956 near the village of Dwingeloo in the Netherlands. Since 2009 this single 25 meter dish has been a national heritage site.

Dwingeloo Radio Observatory as a SatNOGS 📡 station

Dwingleloo Satellite Antenna in the Netherlands
Dwingleloo Satellite Antenna in the Netherlands [Source: Wikipedia]

Video Tutorial and Overview of RPiTX Version 2

Over on YouTube channel Tech Minds has uploaded a video that shows how to install and use RPiTX version 2. RPiTX is software for the Raspberry Pi which can turn it into a 5 kHz to 1500 MHz transmitter which can transmit any arbitrary signal. RPiTX requires no additional hardware, but a filter is required for transmitting with any power or gain. Back in November RPiTX was updated to version 2 which brought with it a new GUI, and improved spectral purity.

In his video Tech Minds goes over the installation of RPiTX, and then goes on to demonstrate it in action with an RTL-SDR and SDRUno used as the receiver. He shows the several TX modes available such as the tone/chirp generator, spectrum painter FM with RDS, SSB and FreeDV.

Raspberry Pi Transmitter with RPITX Version 2

World Radio TV Handbook (WRTH) Reviews the SDRplay RSPDuo

A couple of days ago we ran a post noting that the Airspy HF+ WRTH review was now available for public viewing. Now thanks to Jon Hudson of SDRplay for letting us know that the SDRplay RSPDuo review from WRTH has also been released for public viewing (pdf). The SDRplay RSP Duo is a 14-bit dual tuner software defined radio that is capable of tuning between 1 kHz - 2 GHz, with two separate 2 MHz bandwidths tuned to anywhere within that frequency range.

The review provides an overview of the RSPduo noting it's various features and discussing the SDRuno software. They also note that diversity reception would be an excellent application for a dual tuner SDR, but SDRuno does not support this feature as of yet. In their tests they also mention how they found very few overloading problems.

Jon would also like to note that the pricing in the review is incorrect. The RSPduo is US$279.95, and right now there is a seasonal $50 discount for US customers at HRO.

SDRplay RSPDuo
SDRplay RSPDuo

Videos on Compiling JAERO and libAEROAMBE for AERO C-Channel Voice Audio Reception

At the beginning of last month we posted about an update to JAERO which allows us to now listen to AERO C-Channel voice audio. AERO is a satellite based communications service used by modern aircraft, and it's possible to easily receive the signals with an RTL-SDR, L-band patch antenna and LNA. The C-Channel conversations are typically about Medlink which is a support line for medical emergencies, but other conversations may be heard too.

While it is possible to listen to these conversations, due to legal reasons regarding patents it is necessary to compile the audio decoder manually from source, and this can be quite an involved multi-step process on Windows. Fortunately, YouTuber Corrosive, who has been making SDR related videos for some time now has put up a three part video series on the process.

For those who prefer text based tutorials, he's also uploaded three blog posts that document the procedure. The first covers setting up the development environment, the second covers compiling the dependencies and JAERO itself, and finally the third covers the compilation of libaeroambe.

Compiling JAERO Satcom ACARS Decoder for Inmarsat Part 2 - JAERO and Dependancies

World Radio TV Handbook (WRTH) Reviews the Airspy HF+

The World Radio TV Handbook (WRTH) is a directory book (or CD) of world radio stations on LW, MW, SW and FM. In addition to the directory they also do reviews of radios/SDRs, and recently they reviewed the Airspy HF+ (pdf). The Airspy HF+ is high dynamic range HF/VHF receiver designed for DXing.

According to the review, WRTH give the Airspy HF+ the award of being the best value HF SDR for 2019. The review takes note of the HF+'s excellent dynamic range and then goes on to validate the manufacturers claimed specifications. Finally they write how they tested it during a contest at 7 MHz, and found no overloading or spurious responses apart from a minor noise floor increase when an extremely strong local CW station was encountered.

World Radio TV Handbook Review of the Airspy HF+
World Radio TV Handbook Review of the Airspy HF+

USRP SDRs used to Break 3G to 5G Mobile Phone Security

According to researchers at the International Association for Cryptologic Research it is possible to snoop on 3G to 5G mobile users using a fake base station created by an SDR. It has been well known for several years now that 2G mobile phone security has been broken, but 3G to 5G remained secure. However, the researchers have now determined that lack of randomness and the use of XOR operations used in the Authentication and Key Agreement (AKA) cryptographic algorithm's sequence numbering (SQN) allows them to beat the encryption.

In their research they used a USRP B210 SDR which costs about US$1300, but it's likely that cheaper TX/RX capable SDRs such as the US$299 LimeSDR could also be used. In their testing they used a laptop, but note that a cheap Raspberry Pi could replace it too.

Theregister.co.uk writes:

"We show that partly learning SQN leads to a new class of privacy attacks," the researchers wrote, and although the attacker needs to start with a fake base station, the attack can continue "even when subscribers move away from the attack area."

Though the attack is limited to subscriber activity monitoring – number of calls, SMSs, location, and so on – rather than snooping on the contents of calls, the researchers believe it's worse than previous AKA issues like StingRay, because those are only effective only when the user is within reach of a fake base station.

The full paper is available here in pdf form.

Tools used including a laptop, USRP B210 and a sim card reader.
Tools used including a laptop, USRP B210 and a sim card reader.