Category: Digital Signals

Telive osmo-tetra-sq5bpf: An Experimental TETRA Decoder that Enables Voice Decryption (If You Have the Key)

Thank you to Jacek / SQ5BPF for letting us know that he's recently released a modified version of the Telive TETRA decoder for Linux. The modification allows the user to listen to TEAx-encrypted voice signals if they have the decryption key. Typically, if a TETRA signal is encrypted, there is no way to listen to it, unless you have obtained the decryption key from the network operator, or extracted it from TETRA keyloader hardware.

But because the TEA1 encryption was broken due to a backdoor being discovered in 2023, he has also added support for using the 32-bit short key directly, which can be automatically recovered from TETRA traffic using his other software called teatime. TEA1 encryption is being phased out, but many deployments still use it.

The software is designed for advanced users to compile and run, so very little documentation is provided. However, there is a blog post here that explains the overall steps. Some additional information can be found on SQ5BPF's RadioReference post here.

TETRA Decoding (with telive on Linux)
TETRA Decoding (with telive on Linux)

ADSBee: ADS-B and UAT Reception and Decoding On an RP2040 Microcontroller

ADSBee is an open-source project that has implemented a 1090 MHz ADS-B decoder on a Raspberry Pi RP2040 microcontroller using a programmable I/O (PIO) pin. 

PIO pins cannot handle RF signals, so the ADSBee front end is a critical analog circuit that enables this to work. It consists of a 1090 MHz SAW filter to remove other signals, a low-noise amplifier, and, critically, a log-power detector, which essentially converts the pulse-position-modulated 1090 MHz ADS-B signal to baseband, which the PIO can handle.

However, this same trick does not work for 978 MHz UAT, as UAT signals are not pulse position modulation like ADS-B. Instead, for UAT support, the ADSBee design takes a more traditional approach, using a CC1312 sub-GHz transceiver chip connected to the RP2040.

Finally, an ESP32 S3 is added to the stack to enable networking via WiFi, allowing for received and decoded data to be used.

The project is entirely open source on their GitHub, apart from some of their commercial PCB designs. They also have a store, where they sell pre-made kits. A kit consisting of the ADSBee, 1090 MHz Antenna, and 978 MHz costs US$152in total. They are also selling an industrial model for $995, which includes PoE power.

ADS-Bee 1090 MHz and Sub-GHz Boards
ADS-Bee 1090 MHz and Sub-GHz Boards

Tech Minds: Testing Out A New Signals Intelligence Tool Called Intercept

Over on the Tech Minds YouTube channel, Matt has uploaded a video where he tests out 'Intercept', a new tool for RF signals intelligence with RTL-SDRs and other wireless devices. It is open source with code available on GitHub and can be installed on Linux and OSX devices.

Intercept is a tool that combines multiple external decoder tools into one easy-to-access web interface. It is capable of the following:

  • Pager Decoding - POCSAG/FLEX via rtl_fm + multimon-ng
  • 433MHz Sensors - Weather stations, TPMS, IoT devices via rtl_433
  • Aircraft Tracking - ADS-B via dump1090 with real-time map and radar
  • Listening Post - Frequency scanner with audio monitoring
  • Satellite Tracking - Pass prediction using TLE data
  • WiFi Scanning - Monitor mode reconnaissance via aircrack-ng
  • Bluetooth Scanning - Device discovery and tracker detection

We note that features like WiFi and Bluetooth scanning will require a separate WiFi and Bluetooth adapter to be connected. In terms of supported SDR hardware, Intercept supports RTL-SDRs, as well as any SDR supported by SoapySDR.

In the video Matt shows how to install Intercept, and shows it decoding data from the various supported signal types.

Intercept Radio Signals For Intelligence Gathering With An RTL SDR

Building a P25 Police Scanner with an RTL-SDR Blog V3 and ZimaBoard 2

Over on YouTube, creator "MostlyBuilds" builds a networked digital police scanner using an RTL-SDR Blog V3 dongle and a compact x86 single-board computer called the ZimaBoard 2. The system receives over-the-air police radio signals, decodes digital P25 voice traffic, and turns it into an audio stream that can be listened to from any device on the home network, such as a phone, tablet, or computer.

The video walks through the hardware setup, ZimaBoard 2 features, and software configuration using ZimaOS and Docker. The open-source OP25 decoder handles the digital radio decoding, while containerized services stream the audio using Icecast and MediaMTX. MostlyBuilds also explains how to find local police frequencies, avoid encrypted channels, and verify signals using a handheld radio.

To make the stream more usable, a custom Python script inserts silence during gaps in transmissions, creating a continuous audio feed. Finally, MostlyBuilds ends the video by showing a small ESP32-based client prototype that plays the stream through a speaker, plus a breakdown of the full audio pipeline.

DIY Digital Police Scanner With ZimaBoard 2

Building a DIY Off-Grid Weather Station with a Raspberry Pi and RTL-SDR Receiver

Thank you to Vinnie for writing in and sharing with us his home made Raspberry Pi based off-grid weather station, which uses an RTL-SDR to receive data.

Being somewhat disappointed with a cheap all-in-one weather station's data, lack of local storage and customisation possibilities, Vinnie decided he could do better and build his own custom solution instead. While working on an existing Raspberry Pi based ADS-B station that he had already deployed, he realised that the hardware was largely underutilised and would make an ideal platform for additional RF decoding tasks.

By adding a second RTL-SDR dongle and using the popular rtl_433 software, Vinnie was able to receive and decode data from an Ecowitt WS90 all-in-one outdoor weather sensor. Unlike many consumer weather stations, the WS90 operates as a simple one-way RF transmitter with no cloud dependency, making it ideal for local SDR-based decoding and long-term data ownership.

All weather data is received locally over RF, decoded into JSON, processed on the Raspberry Pi, and stored locally without relying on third-party cloud services. Rainfall totals, daily highs and lows, and historical trends are calculated entirely in software, giving full transparency and flexibility over how the data is handled. A simple web dashboard then displays current conditions and recent history on the local network.

The entire system runs in Docker containers alongside the ADS-B feeder, keeping services isolated and easy to maintain. Optional one-way data sharing to weather aggregation services can be enabled if desired, but the station functions fully offline by default.

In his post, Vinnie has written an in-depth overview of the hardware choices, RF decoding, data pipeline, and software architecture behind the project, including why certain sensors were chosen and how rainfall is calculated from raw impulse data. The code is all opensource and available on his GitHub.

Vinnie's Outdoor ADS-B + Weather Station, and the Ecowitt 90 Weather station.

 

DSDPlus Public Release Updated & Fast Lane Changes

The team behind DSDPlus has recently uploaded a new public release version 2.547. The last public release was version 1.101, released several years ago. Up until now, only DSD+ Fastlane customers have had access to the new version.

The new version adds new programs like FMP, which can be used to receive the FM signal from an RTL-SDR, Airspy or SDRplay SDR and transfer it to DSD+ over TCP. Previously, a program like SDR#, or SDR++ would have to be used along with audio piping software like VB Cable. 

Also introduced are numerous enhancements, including a single-receiver trunk-tracking mode that eliminates the need for dual SDR setups, a site loader GUI for rapid tuning and system selection, significantly expanded digital protocol support such as full P25 Phase II TDMA voice following, encryption algorithm and key ID detection, and GPS/AVL location and mapping capabilities. Hardware integration has also improved with features like bias-tee control for RTL-SDR Blog dongles, serial-targeted device selection, and smoother TCP-linked operation between DSD+ and FMP components.

The full list of changes can be found in the "Notes.txt" file in the DSDPlus zip file. The Radio Reference Wiki also has a summarized changelog.

The team also notes that they are now closing new signups to the DSD Fastlane program. FastLane was a program that allowed users to pay a small fee to receive the latest updates. They note that the program will remain active for users who have already signed up.

DSD Plus V2 Public Release with FMP24
DSD Plus V2 Public Release with FMP24

halow_scanner: An RTL-SDR Based 802.11aH HaLow Channel Scanner

Over on GitHub we've recently noticed the release of halow_scanner, a Python script that uses an RTL-SDR to scan the 802.11ah (WiFi HaLow) channels in the sub-GHz spectrum to determined which channels have the least noise/interference.

Unlike standard WiFi, which operates outside of the RTL-SDRs range at 2.4 GHz+, 802.11ah operates in the sub-GHz ISM bands, which RTL-SDRs can easily receive.

Use of these lower frequencies gives 802.11ah HaLow excellent signal penetration, making it useful for long-range, low-power IoT devices. With 802.11ah HaLow links, several kilometers can be achieved.

The software's features include:

  • 🔍 Scans all 802.11ah HaLow channels in the US 902-928 MHz band
  • 📊 Supports multiple channel bandwidths: 1, 2, 4, and 8 MHz
  • 📡 Uses RTL-SDR for spectrum analysis
  • 🎯 Identifies the cleanest channel with lowest noise floor
  • 📈 Provides detailed power spectrum measurements
  • ⚡ Fast scanning with averaging for accuracy
Comparison Between regular WiFi and 802.11ah HaLow. Source: https://www.gateworks.com/802-11ah-halow-long-range-low-power-wireless-for-iot/
Comparison Between regular WiFi and 802.11ah HaLow. Source: https://www.gateworks.com/802-11ah-halow-long-range-low-power-wireless-for-iot
 

Receiving DAB and FM Signals with an RTL-SDR and Engima2 on OpenPLi 9.0

Thank you to "Radioto bg" from DXing.org for writing in and sharing with us his latest YouTube video showing how to receive DAB and FM signals with an RTL-SDR and the Enigma2 application running on OpenPLi. OpenPLi is an open-source Linux distribution for TV set-top boxes and Engima2 is a TV reception application used within the distribution.

RADIOTO shows how an RTL-SDR can be added to the system, allowing it to also receive DAB+ and FM radio.  In a previous post RADIOTO also showed how the RTL-SDR could be used as a DVB-T receive in Enigma2 and OpenPLi.

Turn Your Enigma2 Receiver into a DAB+ & FM Radio with RTL-SDR v.3! 🔥 Full Tutorial with OpenPli 9.0