Back in May 2019 we posted about Steve Olney's HawkRAO amateur radio astronomy station which was the only station in the world to capture the 2019 Vela Pulsar "glitch" which he did so using his RTL-SDR as the radio. The astronomy focused podcast "Astrophiz" recently interviewed Steve in episode 95 where he talks about his amateur radio background, his home made radio telescope, his RTL-SDR and software processing setup, and the Vela glitch.
A pulsar is a rotating neutron star that emits a beam of electromagnetic radiation. If this beam points towards the earth, it can then be observed with a large dish or directional antenna and a radio, like the RTL-SDR. The Vela pulsar is the strongest one in our sky, making it one of the easiest for amateur radio astronomers to receive.
Pulsars are known to have very accurate rotational periods which can be measured by the radio pulse period. However, every now and then some pulsars can "glitch", resulting in the rotational period suddenly increasing. Glitches can't be predicted, but Vela is one of the most commonly observed glitching pulsars.
The HawkRAO amateur radio telescope run by Steve Olney is based in NSW, Australia and consists of a 2 x 2 array of 42-element cross Yagi antennas. The antennas feed into three LNAs and then an RTL-SDR radio receiver.
Astrophiz 95: Steve Olney: From Ham Radio to Radio Astronomy - "The 2019 Vela Glitch"
Feature Interview: This amazing interview features Steve Olney who has established the Hawkesbury Radio Astronomy Observatory in his backyard. Steve has constructed a Yagi antenna array, coupled it with a receiver and observed a pulsar 900 LY away and generated data that has enabled him to be the only person on the planet to observe Vela’s 2019 glitch in radio waves as it happened.
If you're interested in learning more about Vela, Astrophiz podcast episode 93 discusses more about the Vela glitch and why it's important from a scientific point of view.
Over on the SignalsEverywhere YouTube channel Corrosive from the SignalsEverywhere channel has uploaded a review of our RTL-SDR Blog L-Band Active Patch antenna. Our patch antenna can be used for applications such as Inmarsat, Iridium and GPS reception.
In the video Corrosive shows what the kit comes with, and first demonstrates the antenna working indoors. He also shows how signal SNR can be improved for indoor reception simply by adding a larger ground plane to the back of the antenna and clamping it on with the mounting screw. Later he shows what reception is like outdoors, and shows it being used to decode from STD-C Inmarsat and Iridium signals.
If you're interested in this antenna we also previously posted about TechMinds review video.
Talks from this years DEF CON 27 conference which was held back in August are now available on YouTube. DEFCON is a yearly conference that a focuses on information security topics and often includes talks about SDRs and other wireless radio topics too. In particular we wanted to highlight the the DEF CON 27 Wireless Village playlist which contains numerous talks related to wireless, radio and SDRs.
Most talks from the wireless village relate to WiFi, but one talk with some very useful information that we really enjoyed was "Antennas for Surveillance" by Alex Zakhorov.
We will cover the various kinds of antennas available to optimized your SDR radio for different types of spectrum monitoring. We will also explain why RF filters are necessary on most SDR's and when Low Noise Amplifiers help, and when Low Noise Amplifiers hurt reception.
DEF CON 27 Wireless Village - Alex Zakhorov - Antennas for Surveillance
Another interest talk was called "The Ford Hack Raptor Captor video" by Dale Wooden (Woody) where he shows how he used an RTL-SDR and HackRF to hack a Ford car key fob. If you're interested we wrote about the Hak5 videos on this hack in a previous post.
This talk will show flaws with development of security protocols in New Ford key fobs. This will exploit several areas. The ability for a denial of service to the keyfob WITHOUT jamming. How to trick the vehicle into resetting its rolling code count. How to lock, unlock, start, stop, and open the trunk of ford vehicles using a replay attacked after resetting rolling code count. How to find the master access code for Fords keypad to bypass security. This talk will also demonstrate how to reset your key fobs if they are attacked by a deauth attack. We will also demonstrate gnu-radio script to automate RF collection of Ford key fobs. As seen on HAK5 episodes 2523-2525
DEF CON 27 Wireless Village - Woody - The Ford Hack Raptor Captor video
Outside of the Wireless village there were also some interesting SDR topics including this talk titled "SDR Against Smart TVs URL Channel Injection Attacks" by Pedro Cabrera Camara. If you're interested we also wrote about Pedro's work in a previous post.
Software-defined-radio has revolutionized the state of the art in IoT security and especially one of the most widespread devices: Smart TV. This presentation will show in detail the HbbTV platform of Smart TV, to understand and demonstrate two attacks on these televisions using low cost SDR devices: TV channel and HbbTV server impersonation (channel and URL injection). This last attack will allow more sophisticated remote attacks: social engineering, keylogging, crypto-mining, and browser vulnerability assessment.
DEF CON 27 Conference - Pedro Cabrera Camara - SDR Against Smart TVs URL Channel Injection Attacks
Over on YouTube the Scanner and Sdr Radio channel has uploaded a video comparing four different brands of HF wideband loop antennas using an SDRplay RSPduo. The loops he tested include the cheap Chinese MLA-30 (~$40), the Cross Country Wireless (CCW) loop ($70), Bonito ML200 (~$442) and the Wellbrook 1530LN (~$305).
The MLA-30 was slightly modified with the cheap coax removed and a BNC connector added. Each of the antennas used a wire loop with diameter of approximately 1.6m, except for the Wellbrook which has a fixed size solid loop of 1m.
The tests compare each loop against the Wellbrook which is used as the reference antenna. In each test he checks each HF band with real signals on the RSPduo and compares SNR between the two antennas.
The results show that the two expensive antennas, the Bonito and Wellbrook, do generally perform the best with the lowest noise floors, but surprisingly the MLA-30 actually performs very well for it's price point, even outperforming the Wellbrook reference on SNR in some bands. We note that some of the improvement may be due to the larger 1.6m loop size used on the MLA-30, compared to the 1m loop on the Wellbrook.
Also we note that it can be hard to compare antennas in single tests, because the differences in antenna radiation patterns could be favorable for some signals, and less so for others, depending on the location.
Over on YouTube the TechMinds YouTube channel has uploaded a review of our RTL-SDR Blog L-Band patch antenna which we recently released. TechMinds tests the antenna on a STD-C Inmarsat channel with the Scytale-C decoder, and on various AERO ACARS transmissions with JAERO. Later in the video he also tests the patch antenna on Iridium reception using the Iridium Toolkit software. In all tests the patch is able to suitably receive the signal with either an RTL-SDR or Airspy SDR.
We also wanted to make a note about an additional tip regarding polarization that many people using the antenna seem to have missed. As Inmarsat signals are LHCP polarized, it is important to not only point the antenna towards the satellite, but also to rotate the antenna to match the polarization until maximum SNR is achieved. The rotation can make the difference between strong signals and nothing received at all.
RTL-SDR Active L-Band Patch Antenna For Inmarsat / Iridium / GPS
We've also recently seen a user 'Bert' who has needed to boost the signal strength as he was running the patch inside and at a location in northern Europe with poor reception of Inmarsat. To boost it he simply added a metal horn over the patch made from an old aluminum box, and also a back plate reflector. He notes that this improved his SNR on AERO 10500 from 8 - 9 dB, up to 12 - 14 dB. He also tested using the patch on a dish antenna, and found very good results too.
Over on YouTube Mike Ladd (KD2KOG) from the SDRplay technical support team has uploaded a YouTube video showing him running our recently released RTL-SDR Blog L-Band Active Patch antenna on an SDRplay RSP1a. In the video he receives and decodes AERO signals from his car with his RSP1a powering the active patch antenna via the built in bias tee.
If you didn't already hear, we recently released an active (amplified + filtered) high performance patch antenna designed for receiving L-Band satellites such as Inmarsat, Iridium and GPS. The patch is designed to be easily mountable outside on a window, surface, stick, tree branch etc as it comes with easy to use mounting solutions and extension coax, and is enclosed in a fully weather proof plastic cover. If you're interested the product is available over on our store for US$39.95 with free shipping.
You also might want to keep an eye on Mike's YouTube channel, as he notes that in the yet to be released part 2 video he will be giving away the antenna in a competition.
In the past we've posted twice about Hex and Flex who has been designing and selling various types of wideband PCB antennas. Previously we saw his wide band vivaldi antenna, and his wideband 400/800 MHz+ spiral antennas.
Now on the latest episode of SignalsEverywhere host Corrosive gives us a brief review of the Hex and Flex antennas, and goes on to demonstrate the spiral antenna in action. In his tests he was able to receive Inmarsat AERO, 433 MHz tire pressure monitors (TPMS), 300 MHz APRS signals, 300 MHz SATCOM, 800 MHz P25 and 1090 MHz ADS-B aircraft tracking signals with the spiral antenna and our RTL-SDR Blog Wideband LNA.
The video also comes with a 20% off promotion code for the Hex and Flex Tindie store. Simply enter the code "signalseverywhere" at checkout.
RTL-SDR Inmarsat, UHF Satcom, P25 and Portapack Hex and Flex Antenna Review
Marcus Leech from ccera.ca is a pioneer in using low cost software defined radios for observing the sky with amateur radio telescopes. In the past he's shown us how to receive things like the hydrogen line, detect meteors and observe solar transits using an RTL-SDR. He's also given a good overview and introduction to amateur radio astronomy in this slide show.
His recent project has managed to create a full Hydrogen sky map of the northern Canadian sky. In his project memo PDF document Marcus explains what a sky map shows:
A [sky map] shows the brightness distribution over the sky for a given set of observing wavelengths. In the case of the 21cm hydrogen line wavelength, maps show the distribution of hydrogen over the sky. For amateur observers, such maps generally show the distribution within our own galaxy, since extra-galactic hydrogen is considerably more faint, and significantly red/blue shifted relative to the rest frequency of 1420.40575 MHz, due to relative motion between the observer and the target extra-galactic hydrogen.
He was able to make this observation using his radio telescope made from a 1.8m dish antenna, a NooElec 1420 MHz SAWBird LNA + Filter, a 15dB line amplifier, another filter and two Airspy R2 software defined radios locked to an external GPSDO. The system runs his custom odroid_ra software on an Odroid XU4 single board computer, which provides spectral data to an x86 host PC over an Ethernet connection.
Over 5 months of observations have resulted in the Hydrogen sky map shown at the end of this post. Be sure to check out his project memo PDF file for more information on the project and how the image was produced. Marcus' blog post over on ccera.ca also notes that more data and different maps will be produced soon too.