Category: News

Canada Moves to Ban Flipper Zero and Possibly Software Defined Radios

Dominic LeBlanc, Canada's Minister of Public safety has recently declared that they plan to ban devices "used to steal vehicles by copying the wireless signals for remote keyless entry, such as the Flipper Zero". The text specifically calls out the Flipper Zero, however the wording appears to imply that any device that can copy a signal will be banned. This means the ban could extend to RX/TX SDRs like the HackRF and possibly even RX only SDRs like RTL-SDRs.

The Flipper Zero is an affordable handheld RF device for pentesters and hackers. It is not based on SDR technology, however it uses a CC1101 chip, a digitally controlled RX/TX radio that is capable of demodulating and modulating many common digital modulations such as OOK/ASK/FSK/GFSK/MSK at frequencies below 1 GHz. There are many CC1101 devices on the market, but the Flipper Zero has gained huge popularity on social media because of it's excellent software support, as well as its cute marketing tactic. In the past it was even featured on the popular Linus Tech Tips YouTube channel.

Flipper Zero has had a long line of setbacks including PayPal freezing 1.3M of its cash, and US customs temporarily seizing its shipments, then passing a $70,000 bill on to them for storage fees and Amazon banning the product on their marketplace.

In our opinion, we believe that the ban appears to be misguided. The Flipper Zero is a basic device that can only perform a simple replay attack, which is to record a signal, and replay it at a later time. These sorts of attacks do not work on vehicles built after the 90's which now use rolling codes or more sophisticated security measures. To defeat rolling code security, a more sophisticated attack called Rolljam can be used. A Rolljam device can be built for $30 out of an Arduino and two cheap transceiver modules.

However, according to arstechnica the biggest cause for concern in terms of car theft is a different sort of attack called "signal amplification relay".

The most prevalent form of electronics-assisted car theft these days, for instance, uses what are known as signal amplification relay devices against keyless ignition and entry systems. This form of hack works by holding one device near a key fob and a second device near the vehicle the fob works with. In the most typical scenario, the fob is located on a shelf near a locked front door, and the car is several dozen feet away in a driveway. By placing one device near the front door and another one next to the car, the hack beams the radio signals necessary to unlock and start the device.

This sort of attack is a lot less sophisticated in many ways as all you are doing is amplifying a signal, and no clever hardware like the Flipper Zero or a software defined radio is even required. The X video below demonstrates such a hack where a criminal holds up a loop antenna to a house. The loop antenna is connected to a signal amplifier which amplifies the keyfob signal, tricking the car into thinking the keyfob is nearby, and allowing the door to be unlocked by touching the handle, and then turned on with the push to start button.

Flipper zero note that they have not been consulted about the ban, and replied on X stating that they are not aware of the Flipper Zero being used for car theft.

Taylor Swift Threatens Legal Action Against Owner of X Account that Tracks her Private Jet via ADS-B

Jack Sweeney is a student who operates various social media and websites dedicated to tracking the private jets of celebrities and notable persons. In the past he's drawn the ire of Elon Musk who banned his @ElonJet account in 2022 which used to provide live updates on the location of Elon Musk's private jet. These days he operates the @ElonJetNextDay account which tracks Elon's jet with a 24 hour delay on X, but continues to track the jet live on other platforms.

Recently the legal team for global superstar Taylor Swift threatened legal action against Jack Sweeney for running the various social media accounts that track her private jet including @SwiftJetNextDay on X with a 24 hour delay, or live on alternative platforms like Mastodon. Swift's legal team claim Sweeney's live tracking accounts pose an “imminent threat to the safety and wellbeing” of Swift.

Jack notes that he makes use of legal live ADS-B flight data from public data aggregators like Airplanes.live and AirFramesIO. ADS-B data is most commonly provided from contributors with RTL-SDR dongles running on Raspberry Pi single board computers. 

Even without Sweeney's social media accounts anyone can legally look up this live public flight data data, or even receive it themselves directly from the aircraft if they are close enough. Although a point can be argued that the social media accounts run by Sweeney make it significantly easier for this information to be obtained and shared by anyone.

An example notification from @SwiftJetNextDay for Taylor Swift's private jet flight.

FOSDEM 2024 Videos now Available: Synthetic Aperture WiFi RADAR, GPU DSP Acceleration and more

FOSDEM (Free and Open Source Developer’s Meeting) is a yearly conference that took place in Brussels, Belgium on 3 - 4 February 2024. This conference featured a room on Software Defined Radio and Amateur Radio.

Recently the videos of most the talks have been uploaded to their website. Some interesting talks include:

Covert Ground Based Synthetic Aperture RADAR using a WiFi emitter and SDR receiver

Link to Talk Page

Using a WiFi emitter as radiofrequency source illuminating a scene under investigation for slow movement (e.g. landslides), a Ground-Based Synthetic Aperture RADAR (GB-SAR) is assembled using commercial, off the shelf hardware. The dual-channel coherent Software Defined Radio (SDR) receiver records the non-cooperative emitter signal as well as the signal received by a surveillance antenna facing the scene. Spatial diversity for azimuth mapping using direction of arrival measurement is achieved by moving the transmitter and receiver setup on a rail along a meter-long path -- the longer the better the azimuth resolution -- with quarter wavelength steps. The fully embedded application runs on a Raspberry Pi 4 single board computer executing GNU Radio on a Buildroot-generated GNU/Linux operating system. All development files are available at https://github.com/jmfriedt/SDR-GB-SAR/

Synthetic Aperture RADAR with WiFi and USRP SDR

Using GPU for real-time SDR Signal processing

Link to Talk Page

GPU processors have become essential for image or AI processing. Can they bring anything to real-time signal processing for SDR applications? The answer is yes, of course, but not all classic algorithms (FIR, DDC, etc.) can be used "as is", sometimes a different approach must be taken. In this presentation, I will share the solutions that I implemented to achieve multi-channel DDC on NVIDIA Jetson GPU and will make a comparison with "classic CPU" approaches.

Using GPU's for Real Time Signal Processing

Maia SDR: an open-source FPGA-based project for AD936x+Zynq radios

Link to Talk Page

Maia SDR is an open-source project with the main goal of promoting FPGA development for SDR and increasing the collaboration between the open-source SDR and FPGA communities. Currently it provides a firmware image for the ADALM Pluto and other radios based on the AD936x and Zynq. This firmware can display a real-time waterfall at up to 61.44 Msps in a WebSDR-like interface using WebGL2 rendering, and record IQ data in SigMF format in the SDR DDR. The FPGA design is implemented in Amaranth, an Python-based HDL, and the software stack is implemented in Rust, targetting the embedded ARM CPU and WebAssembly.

The first firmware version was released in February 2023, and the project was presented in June in the Software Defined Radio Academy. In this talk we cover the progress since the summer, including the addition of support for devices such as the Pluto+ and AntSDR. We focus on the technical details of the project and the possibilities for re-using some of the components in other projects.

Maia SDR

DAPNET: Bringing pagers back to the 21st Century

Link to Talk Page

When talking about pagers, most of us will think about an object of the past, often seen in TV shows from the 90s, used by medical staff and businessmen. However, they're an interesting way to get simple data broadcast over amateur radio frequencies, with receivers that can be built for less than 20€. We'll explore this and understand how an extensive network can be deployed with simple equipment and using open source hardware and software.

DAPNET Talk

Tech Minds: A Review of the SDRplay RSP1B and SDRConnect Preview 2 Demonstration

A few days ago we posted about the recent release of the SDRplay RSP1B software defined radio, which is an upgrade over the previous RSP1A model. The changes include a new steel enclosure, significantly improved noise performance under 1 MHz and in the 50 - 60 MHz region, noticeable noise improvements in the 3.5 - 5.5 MHz and 250 - 320 MHz range, and improved signal handling at HF frequencies.

Over on the Tech Minds YouTube channel, Matt has released a video testing the new RSP1B. He notes that thanks to the improved noise performance under 1 MHz, reception of NDB's from airports is significantly better.

Matt also tests SDRConnect Preview 2 which is SDRplay's new multiplatform receiver software. It is currently in 'preview', so features are still being added, and there may be bugs. In the video Matt shows a few of the new features in SDRConnect Preview 2 including band selection buttons, IQ recorder, asymmetrical, notch filtering and the remote server feature which allows SDRplay devices to be used over a network or internet connection.

The NEW RSP1B SDR Receiver From SDRPlay

The Biggest RTL-SDR and Related Stories from 2023

This year there were several interesting stories and product releases that we posted about on the blog and this post will be a brief end of year review of some of our most popular posts. We also wanted to wish everyone a Merry Christmas and Happy Holidays to every celebrating at this time of the year!

In January we saw that the popular ADS-B Exchange (ADSBx) ADS-B aggregation platform was sold to a private equity firm called JETNET. This caused quite a bit of outrage as many involved with the development of the platform were blindsided by the owner's sudden decision to sell. ADS-B Exchange is a popular ADS-B aggregator that uses RTL-SDRs and is known for it's hard no censorship policy, allowing it to be used in projects like "Dictator Alert" and to uncover immoral use of aircraft in policing and military "kill chains". Many of the original team have since started a new service at https://airplanes.live.

ADSBExchange.com interface
ADSBExchange.com interface

Next in February at the height of the "Chinese Spy Balloon" scare we ran a story about how the US air force had shot down an amateur radio 'pico balloon' called K9YO-15  , on the assumption that it could have been another Chinese spy balloon. Pico balloons are party sized helium balloons with a solar powered amateur radio transmitter attached. The fun of the hobby is seeing how far and long around the world they can travel for. A typical pico balloon could circumnavigate the globe several times over several months, all whilst transmitting it's position.

Rough trajectory overlay
Rough trajectory overlay

In April we saw the Flipper Zero go mainstream when it was reviewed on the Linus Tech Tips YouTube channel. The Flipper Zero is a small RF hacking device that gained high popularity on social media sites like TikTok. 

Linus Tech Tips Reviews the Flipper Zero
Linus Tech Tips Reviews the Flipper Zero

In June we saw a video from a YouTuber that appeared to show a Flipper Zero being used to wirelessly 'let the smoke out' and self-destruct an electricity meter which raised major infrastructure security concerns. However, this video appears to have since been removed, and there was speculation that the video was faked, or at least staged in some way.

In July we showed a video demonstration of how our KrakenSDR could be used to track down a low power FM transmitter station. In August we showed the KrakenSDR tracking down multiple GSM base station transmit towers simultaneously.

Later in August we also released the RTL-SDR Blog V4 dongle, a limited edition RTL-SDR that makes use of existing stockpiles of R828D tuner chips. It has improved HF performance thanks to an upconverter, and improved filtering on the VHF and UHF bands.

In September we saw crowd funding start for the RFNM, a device that promises to be a next generation software defined radio.

Finally in November we saw the release of the crowd funding campaign for our Discovery Dish project, a low cost and easy way to get into reception of L-band satellites, as well as Hydrogen Line radio astronomy.

Later in November we also saw a great technical overview of the Watch Duty wildfire monitoring project which uses multiple RTL-SDRs in their system.

The Discovery Dish
The Discovery Dish

RTL-SDR Blog V4 now in stock at Amazon USA

Just a quick note for those waiting to confirm that the RTL-SDR Blog V4 is now in stock at Amazon USA. We have linked both the dongle + antenna set, and dongle only listings below. For customers outside of the USA please check our international purchasing links at www.rtl-sdr.com/store.

With the demand being high, if you were waiting please order soon as the next shipment most likely won't be in until January. To learn more about the RTL-SDR Blog V4, please see our product release post.

The RTL-SDR Blog V4 Dongle
The RTL-SDR Blog V4 Dongle

Airspy and YouLoop 2024 Black Friday Sale 20% OFF

Airspy is holding their annual Black Friday sale, this year offering 20% off their range of products. The sale is active at all participating resellers, which includes our own store where we have the YouLoop on sale for US$31.96 including free shipping to most countries in the world, instead of the usual US$39.95. Please note that due to EU VAT collection laws, EU customers must purchase the discounted YouLoop from our eBay or Aliexpress stores. 

The YouLoop is a low cost passive loop antenna for HF and VHF. It is based on the Möbius loop design which results in a high degree of noise cancelling. However the main drawback is that it is a non-resonant design, which means that it works best when used with ultra sensitive receivers like the Airspy HF+ Discovery. 

Some good reviews include the YouTube videos done by Frugal Radio where he reviews HF reception and VLF & LF reception with an Airspy HF+, and later tests it with an RTL-SDR Blog V3 using direct sampling. Techminds also has an excellent review on his YouTube channel. We also have a product release overview on this post from March 2020.

During the sale the price of Airspy SDRs and their upconverters are:

  • Airspy R2: $160.00 $135.20
  • Airspy Mini: $99.00 $79.20
  • Airspy HF+ Discovery: $169.00 $135.20
  • Airspy SpyVerter: $49.00 $39.20

FOSDEM 2024 Call for Participation: Software Defined Radio & Amateur Radio Devroom

FOSDEM (Free and Open Source Developer’s Meeting) is a yearly conference that this year will take place in Brussels, Belgium on 3 - 4 February 2024. This conference will also feature a track on FOSS-powered radio, and there will be a combined Amateur Radio and SDR Devroom.

FOSDEM have issued a call for participation and have noted that slots are still open, so please submit any proposals for talks now if you are interested in presenting. The recommended topics include:

Topics discussed in the devroom include, but are not limited to:

  • SDR frameworks and the tools that make them useful
  • New SDR-based developments in ham radio modes
  • Cellular/telecom software
  • Amateur radio operator software tooling
  • Free / Open radio hardware
  • Wireless security research
  • Entertaining wireless hacks
  • SDR & ham radio in mass and higher education
  • Satellite, spacecraft and interplanetary communication

Software-Defined Radio is the technology of enabling radio signals to be processed and generated algorithmically, typically within general purpose processors, but also within FPGAs and GPUs; Free and Open Source (FOSS) Software Radio allows these algorithms to be inspectable and improvable. With the advent of ubiquitous IoT, sky-filling satellite megaconstellations and 5G/6G as standards designed with commercial Software Radios in mind, wireless is an exploding field of interest in the FOSS realm.

Ham Radio, also known as amateur radio, is more than just a hobby orbiting the usage of radio communication – it’s a passion that merges the realms of electronics, human interaction, and communication. At its core, ham radio is about establishing connections: with people, with technology, and with the world at large. It is a free and open community effort at heart!