At the beginning of last month we posted about an update to JAERO which allows us to now listen to AERO C-Channel voice audio. AERO is a satellite based communications service used by modern aircraft, and it's possible to easily receive the signals with an RTL-SDR, L-band patch antenna and LNA. The C-Channel conversations are typically about Medlink which is a support line for medical emergencies, but other conversations may be heard too.
While it is possible to listen to these conversations, due to legal reasons regarding patents it is necessary to compile the audio decoder manually from source, and this can be quite an involved multi-step process on Windows. Fortunately, YouTuber Corrosive, who has been making SDR related videos for some time now has put up a three part video series on the process.
The World Radio TV Handbook (WRTH) is a directory book (or CD) of world radio stations on LW, MW, SW and FM. In addition to the directory they also do reviews of radios/SDRs, and recently they reviewed the Airspy HF+ (pdf). The Airspy HF+ is high dynamic range HF/VHF receiver designed for DXing.
According to the review, WRTH give the Airspy HF+ the award of being the best value HF SDR for 2019. The review takes note of the HF+'s excellent dynamic range and then goes on to validate the manufacturers claimed specifications. Finally they write how they tested it during a contest at 7 MHz, and found no overloading or spurious responses apart from a minor noise floor increase when an extremely strong local CW station was encountered.
According to researchers at the International Association for Cryptologic Research it is possible to snoop on 3G to 5G mobile users using a fake base station created by an SDR. It has been well known for several years now that 2G mobile phone security has been broken, but 3G to 5G remained secure. However, the researchers have now determined that lack of randomness and the use of XOR operations used in the Authentication and Key Agreement (AKA) cryptographic algorithm's sequence numbering (SQN) allows them to beat the encryption.
In their research they used a USRP B210 SDR which costs about US$1300, but it's likely that cheaper TX/RX capable SDRs such as the US$299 LimeSDR could also be used. In their testing they used a laptop, but note that a cheap Raspberry Pi could replace it too.
"We show that partly learning SQN leads to a new class of privacy attacks," the researchers wrote, and although the attacker needs to start with a fake base station, the attack can continue "even when subscribers move away from the attack area."
Though the attack is limited to subscriber activity monitoring – number of calls, SMSs, location, and so on – rather than snooping on the contents of calls, the researchers believe it's worse than previous AKA issues like StingRay, because those are only effective only when the user is within reach of a fake base station.
The basic implementation is similar to the idea used by RPiTX - that is to modulate the square wave output of a TX pin to generate an arbitrary signal at a desired frequency. Of course this results in numerous harmonics which must be heavily filtered if ever actually transmitting with some power or high gain antenna.
In his hackaday.io project log, Ted shows that he's been able to transmit AM audio at 1 MHz, and has also been able to control an RC toy at 27 MHz. For the RC toy controller he's also created a simple BPF in order to reduce the harmonics. In addition to the FT232RL chip, he's also tried other serial chips like the CP2102N but found that the signal produced was not as clean.
The Reverse Beacon Network is a project that monitors the amateur radio bands by using volunteer stations to continuously and autonomously collect data on what/when stations are being received, and how good the signal is. The data is made public on the internet and this allows amateur radio operators to easily determine overall propagation conditions. It is currently working mostly with CW (morse code) stations, and mostly on HF, although it is expanding to VHF+ as explained below.
During October, John Ackermann (N8UR) did a talk at the "Microwave Update 2018" conference held in Dayton, Ohio. His talk was about setting up a VHF+ reverse beacon network monitoring station, using multiple RTL-SDR dongles for monitoring. The RTL-SDR dongles run on a Raspberry Pi which runs the rtl_hpsdr software. This allows multiple RTL-SDR dongles to emulate a multi-band HPSDR receiver over Ethernet. They can then be accessed on a PC by the CW Skimmer program which decodes the received CW signals, and then logs it online on the reverse beacon network's website.
Over on the AWS blog Jeff Barr has blogged about Amazon's new rentable ground station system called "AWS Ground Station". AWS, or Amazon Web Services is the server farm division of Amazon. They allow customers to rent out server capability on demand. In a similar sense, AWS Ground Station is aiming to allow customers to rent out satellite ground stations on demand.
Launching low cost micro/nano satellites has become very affordable in recent years and it's now common to see high schools, colleges, organizations and hobbyists designing, fabricating and launching their own satellites. Once launched, a ground station is required to receive the satellite's radio transmission as it passes over. Most low cost satellite owners will not have the budget to deploy ground stations all around the world for continuous monitoring of the satellite. This is where AWS Ground Station can take over, allowing a ground station on the other side of the world to be rented temporarily during a pass.
Currently the service is just starting, and only has 2 ground stations, but by 2019 they hope to have a total of 12. More information available on the official AWS Ground Station website.
Alternatively, there are other free open source services that could be utilized such as SATNOGS. SATNOGs relies on volunteer ground stations running antenna rotators that can be built with a 3D printer, some low cost motors and electronics, and an RTL-SDR. The antenna rotator carries a Yagi antenna and will automatically track, receive and upload satellite data to the internet for the public to access.
Electronics distributor element14 has uploaded a video to their 'element14 presents' YouTube channel showing presenter Matt building and setting up a portable Raspberry Pi & RTL-SDR based NOAA weather satellite receiver. More information is also available on their supplemental content page.
The build consists of a Raspberry Pi, RTL-SDR and QFH antenna as the basic components. However, it is made into a very nice portable unit by using a stripped down LCD monitor placed into a heavy duty waterproof brief case. The whole thing is powered via a PC power supply. After the build is completed, Matt leaves the case on the roof for a few days collecting images.
Emboldened by the success of his Raspberry PIrate radio, Matt indulges in some more radio hacking by building a specialized QFH antenna and a briefcase form-factor satellite receiver in an attempt to intercept "faxes" from OUTER SPAACEEE!!! Connect with Matt on the element14 community: http://bit.ly/2RiSXC5
Project TIROS is a self-contained, Raspberry Pi-based satellite signal reception system designed to automatically download images and data from NOAA's POES spacecraft as they pass overhead and display the data on an integrated LCD panel. In this video, Matt will walk through how to set up an RTL-SDR module with a Raspberry Pi for automated satellite downloads as well as how to design and build a quadrifilar helical antenna for polar-orbiting signal reception.
Normally if you want to use the RTL-SDR as an SDR on Linux you install the SDR drivers, and blacklist the Kernel's built in DVB-T drivers to prevent them from taking over the RTL-SDR. Once blacklisted, no RTL-SDR plugged into that system can be used for DVB-T watching unless the blacklist is removed. But if the blacklist is removed, SDR mode cannot be used. So it's impossible to use one RTL-SDR as an SDR, and one for DVB-T TV at the same time.
However now, Hayati A. has submitted news about his RTL-SDR driver patch which allows you to run SDR mode and DVB-T TV mode at the same time with two RTL-SDR dongles.
The idea behind allowing two dongles to operate in separate modes is that one dongle needs to have the PID code stored in its EEPROM changed to a code which was recently registered by Hayati. The dongle with this PID code won't be recognized as a DVB-T device by Linux, and so can only be used for SDR. An dongle with the stock EEPROM can then be plugged in and used for DVB-T.