Over on YouTube The Thought Emporium channel has been working on creating a "WiFi Camera" over the past few weeks. The idea is to essentially create a small radio telescope that can "see" WiFi signals, by generating a heatmap of WiFi signal strength. This is done with a directional helical 2.4 GHz antenna and motorized rotator that incrementally steps the antenna through various angles. After each movement step a HackRF and Python script is used to measure WiFi signal strength for a brief moment, and then the rotator moves onto the next angle. The helical antenna and rotator that they created are made out of PVC pipe plastic and wood, and are designed to be built by anyone with basic workshop tools like a bandsaw.
The final results show that they've been able to successfully generate heatmaps that can be overlaid on top of a photo. The areas that show higher signal strength correlate with areas on the photo where WiFi routers are placed, so the results appear to be accurate. In the future they hope to expand this idea and create a skyward pointing radio telescope for generating images of the galactic hydrogen line, and of satellites.
The videos are split into three parts. The first two videos show the build process of the antennas and rotator, whilst the third video shows the final results.
DIY Radio Telescope Version 2: Wifi vision - Part 1
DIY Radio Telescope V2: Wifi Vision - Part 2
Building a Camera That Can See Wifi | Radio Telescope V2 - Part 3 SUCCESS!
A linear transponder is essentially a repeater that works on a range of frequencies instead of a fixed frequency. For example, a normal repeater may receive at 145 MHz, and repeat the signal at 435 MHz. However, a linear transponder would receive a wider bandwidth, and add a set frequency offset to the received signal. For example a signal received by a linear transponder that receives from 145 - 145.5 MHz, may receive a signal at 145.2 MHz and it would translate that up to 435.2 MHz. Another signal received at 145.4 MHz would translate up to 435.4 MHz. Hence the received frequency linearly translates to the transmitted frequency.
Over on YouTube Tech Minds has uploaded a new video where he shows how he can use his HackRF SDR with the SDRAngel software to easily transmit voice to a local ham radio repeater. If you are unfamiliar with ham radio, a ham repeater is simply a radio station that receives voice or other signals on a certain ham radio frequency, and re-transmits the signal with stronger power on another frequency. This allows communications to be receivable over a much larger distance.
SDRAngel is a very nice piece of SDR software that has controls for TX capable SDR's like the HackRF. In the video Tech Minds shows the HackRF being used as a transmitter, with it transmitting to a repeater at 145.137 MHz. An RTL-SDR is then used to listen to the repeater output at 145.737 MHz. With this set up he is able to contact a friend via the repeater easily.
It doesn't appear that Tech Minds is using any sort of external amplifier, so this shows that the HackRF is powerful enough to hit local repeaters just by itself.
Transmitting With A HackRF One Via My Local Ham Radio Repeater
Over on the Wireless LAN Professional Podcast Keith and Blake Krone discuss the HackRF, PortaPack and the Havoc firmware in episode 138. The HackRF is a US$299 transmit capable SDR which has been very popular in the past as it was one of the first affordable TX capable SDRs to hit the market. The PortaPack is a US$220 add on which allows you to go portable with the HackRF. And finally Havoc is a third party firmware for the HackRF+PortaPack which enables multiple RX and TX capable features.
The PortaPack is a US$220 add-on for the HackRF software defined radio (HackRF + PortaPack + Accessory Amazon bundle) which allows you to go portable with the HackRF and a battery pack. It features a small touchscreen LCD and an iPod like control wheel that is used to control custom HackRF firmware which includes an audio receiver, several built in digital decoders and transmitters too. With the PortaPack no PC is required to receive or transmit with the HackRF.
Of course as you are fixed to custom firmware, it's not possible to run any software that has already been developed for Windows or Linux systems in the past. The official firmware created by the PortaPack developer Jared Boone has several decoders and transmitters built into it, but the third party 'Havoc' firmware by 'furrtek' is really what you'll want to use with it since it contains many more decoders and transmit options.
As of the time of this post the currently available decoders and transmit options can be seen in the screenshots below. The ones in green are almost fully implemented, the ones in yellow are working with some features missing, and the ones in grey are planned to be implemented in the future. Note that for the transmitter options, there are some there that could really land you in trouble with the law so be very careful to exercise caution and only transmit what you are legally allowed to.
Although the PortaPack was released several years ago we never did a review on it as the firmware was not developed very far beyond listening to audio and implementing a few transmitters. But over time the Havok firmware, as well as the official firmware has been developed further, opening up many new interesting applications for the PortaPack.
Testing the PortaPack with the Havoc Firmware
Capture and Replay
One of the best things about the PortaPack is that it makes capture and replay of wireless signals like those from ISM band remote controls extremely easy. To create a capture we just need to enter the "Capture" menu, set the frequency of the remote key, press the red 'R' Record button and then press the key on the remote. Then stop the recording to save it to the SD Card.
Now you can go into the Replay menu, select the file that you just recorded and hit play. The exact same signal will be transmitted over the air, effectively replacing your remote key.
We tested this using a simple remote alarm system and it worked flawlessly first time. The video below shows how easy the whole process is.
The article in the LA times also discusses how a group of researchers at Aerospace Corp. are testing GPS alternatives and/or augmentations, that improve resilience against spoofing. The system being developed is called 'Sextant', and it's basic idea is to use other sources of information to help in determining a location.
Other sources of information include signals sources like radio, TV and cell tower signals. It also includes taking data from other localization signals like LORAN (a long range HF based hyperbolic navigation system), and GPS augmentation satellites such as the Japanese QZSS which is a system used to improve GPS operation in areas with dense tall buildings, such as in many of Japans cities. More advanced Sextant algorithms will possibly also incorporate accelerometer/inertial data, and even a visual sensor that uses scenery to determine location.
Most likely a key component of Sextant will be the use of a software defined radio and from the photos in the article the team appear to be testing Sextant with a simple HackRF SDR. While we're unsure of the commercial/military nature of the software, and although probably unlikely, hopefully in the future we'll see some open source software released which will allow anyone to test Sextants localization features with a HackRF or similar SDR.
The Noise Figure (NF) is an important metric for low noise amplifiers and SDRs. It's a measure of how much components in the signal chain degrade the SNR of a signal, so a low noise figure metric indicates a more sensitive receiver. The Noise Figure of a radio system is almost entirely determined by the very first amplifier in the signal chain (the one closest to the antenna), which is why it can be very beneficial to have a low NF LNA placed right at the antenna
It’s a GNU Octave script called nf_from_stdio.m that accepts a sample stream from stdio. It assumes the signal contains a sine wave test tone from a calibrated signal generator, and noise from the receiver under test. By sampling the test tone it can establish the gain of the receiver, and by sampling the noise spectrum an estimate of the noise power.
As expected, Rowetel found that the overall noise figure was significantly reduced with the LNA in place, with the Airspy's measuring a noise figure of 1.7/2.2 dB, and the HackRF measuring at 3.4 dB. Without the LNA in place, the Airspy's had a noise figure of 7/7.9 dB, whilst the HackRF measured at 11.1 dB.
Some very interesting sources of noise figure degradation were discovered during Rowetel's tests. For example the Airspy measured a NF 1 dB worse when used on a different USB port, and using a USB extension cable with ferrites helped too. He also found that lose connectors could make the NF a few dB's worse, and even the position of the SDR and other equipment on his desk had an effect.
Over on his YouTube channel user Andy Clarke has uploaded a video where he demonstrates his HackRF being used as a wideband spectrum analyzer with the HackRF Spectrum Analyzer software. About a year ago the HackRF team released a new firmware update which enabled the HackRF to be able to sweep through the frequency spectrum at a rate of up to 8 GHz per second. This allowed the HackRF to be used as a wideband spectrum analyzer which is able to display an arbitrarily large swath of spectrum. Shortly after the firmware update spectrum analyzer program by 'pavsa' was released on GitHub.
In the video Andy demonstrates the HackRF being used to view the WiFi band and show a 2.4 GHz WiFi connection between a drone and it's controller. He also shows it working with a handheld radio and the uplink of his mobile phone. Andy hopes to use the HackRF to avoid losing his drones due to interference.