The Flipper Zero is an affordable handheld RF device for pentesters and hackers. It is not based on SDR technology, however it uses a CC1101 chip, a digitally controlled RX/TX radio that is capable of demodulating and modulating many common digital modulations such as OOK/ASK/FSK/GFSK/MSK at frequencies below 1 GHz.
What sets it apart from most of the other CC1101 devices is the high level of software support built into it, the enthusiastic community and of course the branding.
Back in August 2020 we initially posted about the Flipper Zero starting its crowdfunding campaign on Kickstarter. Since then, despite major business problems like PayPal freezing 1.3M of its cash, and US customs temporarily seizing its shipments, then passing a $70,000 bill on to them for storage fees, Flipper has gained huge popularity through social media video sites like TikTok, where people show off its capabilities, often in ways that could be considered mischievous.
Recently over on YouTube, Linus from the most popular technology YouTube channel Linus Tech Tips reviewed the Flipper Zero. In the video Linus discusses the legally and morality of the Flipper Zero, and discusses some use cases around RFID and NFC.
Over on YouTube CiferTech has uploaded a video showing how to create a low cost 315 MHz jammer using an Arduino and a cheap 315 MHz transmitter circuit. The 315 MHz band is used in some countries by short range wireless devices such as garage door openers, tire pressure sensors, hone security systems and car keyfobs. Some wireless home security systems have been shown to be vulnerable to jamming, as jamming can stop an alarm activation signal being received by the base unit.
We want to note that building a jammer in most countries is completely illegal and the use of a jammer can result in severe penalties such as jail time.
On a related note, we also wanted to point out this recent tweet by Naomi Wu (@realsexycyborg), a popular Technology YouTuber who is based in China. Her tweet pointed out that some local market scammers in China use rigged weighing scales which can force the scale to display an artificially high value by using a wireless handheld remote. To combat this handheld jammers are sold so that shoppers can prevent the scammer's remote control from communicating with the scale. Although jamming is still most likely illegal in China, this could be considered an ethical use of a jammer.
.@c0un7z3r0 for it first- there are companies that rig popular brands of scales so they can be adjusted with a small remote control. The store sells jammers to use against the remote used by those rigged scales. pic.twitter.com/juHeLLobnD
A few days ago we posted about the upcoming crowdfunding campaign of the MicroPhase AntSDR E200, an SDR that is very similar to the PlutoSDR, but with a much larger FPGA and more stable TCXO. One interesting feature is that it can run PlutoSDR or USRP firmware, allowing it to work with software that supports either hardware.
Over on YouTube Matt from the TechMinds YouTube channel has received an early unit and uploaded a video review.
In the video Matt explains the features and specifications of the ANTSDR E200, shows how to set it up with either the PlutoSDR or USRP firmware, and then demonstrates it working in SDR Console and SDR Angel as an emulated PlutoSDR. He goes on to show how to install and run the USRP UHD firmware, where the ANTSDR emulates an USRP b205mini.
MicroPhase ANTSDR E200 UHD USRP & PLUTO SDR SUPPORT
The AntSDR E200 is a software defined radio from Microphase which will come in two flavors. The first is the 'AD9363" version with 2x2 RX/TX and a 325 - 3.8 GHz tuning range, 20 MHz bandwidth and 12-bit ADC. The second is their higher end 'AD9361' version with 2x2 RX/TX, 70 MHz - 6 GHz tuning range, 56 MHz bandwidth and 12-bit ADC.
The AntSDR E200 is is based on the AD9363 / AD9361 RF SDR chips which are used in many existing mid-range software defined radios like the PlutoSDR, bladeRF and Ettus USRP's.
The design itself is very similar to the PlutoSDR and Errus B205mini, and in fact the developer has ported firmware from PlutoSDR and the Ettus UHD that allows the device to work just like those devices. It is not yet known if the AD9363 frequency range extension hack available on the PlutoSDR, and the bandwidth overclock hack on the bladeRF will be possible with the AntSDR E200 as well.
Pricing is yet to be displayed on CrowdSupply, however the the AD9363 version appears to already be available for purchase on Aliexpress for US$364.25. Update: Microphase have explained that the units on Aliexpress are not officially authorized units and the Aliexpress price is much higher than what they will charge during the crowdfunding phase.
The AntSDR E200
ANTSDR-E200 demo video
Also, over on YouTube DragonOS creator Aaron has already been testing his AntSDR with srsRAN, which is an open-source program that can create 4G and 5G basestations with compatible SDRs like the USRP. Using the modified UHD firmware, Aaron was able to get up and running with the AntSDR E200 very quickly.
The project is described as a "hackable, open source, ESP32 amateur radio board with walkie-talkie functionality and data communication". We note that this is not a software defined radio, rather it's a highly customizable software controlled radio.
The advertising claims that you can communicate between SOCORAD32 devices by voice and text for up to 5km at 2W of power. No commercial or amateur radio license is required to use this radio since it operates in the 400 - 470 MHz license free bands that are available in many countries. Although we note that these bands in many countries may have power restrictions well below 2W, which would restrict range.
In recent updates they note that they have been refining the PCB and now added a battery holder and moved the push to talk button to a new position.
During crowd funding the device is selling for US$80 + $8 US shipping / $18 worldwide shipping.
SOCORAD32 can communicate between devices by voice or text for up to 5km, via license free bands.
Earlier in the month we posted about how rtl_433 has been ported to ESP32 devices that are combined with CC1101 or SC127X transceiver chips, such as the low cost LILYGO LoRa 32 boards available on Aliexpress.
Over on YouTube Matt from the Tech Minds channel has uploaded a video showing how to set up rtl_433 on an ESP32 device, and how to set it up with a home automation service like Home Assistant, Node Red or OpenHAB via an MQTT broker.
Researchers have discovered a way to transmit information wirelessly without power, simply by opening an closing a switch that connects a resistor to an antenna. This effect does not violate any physics - it works because the random thermal noise signature of the transmitter changes when the resistor is connected or disconnected.
The researchers used an RTL-SDR with high gain horn antenna and low noise amplifiers to measure changes in the thermal noise signature of the transmitter.
They also compare their idea to backscatter devices, which are another form of passive RF communications that make use of ambient radio signals such as from TV transmitters. They note that their thermal noise approach has a lower data rate and range compared to backscatter, but their next goal is to try and improve this.
Back in August of 2021 we posted about the release of a Russian made portable software defined radio receiver called the "Arinst Dreamkit V1D". The Arinst SDR consists of a portable LCD screen and enclosure, with 16-bit ADC, 5 MHz of bandwidth and 1 - 3100 MHz tuning range. It was released for sale in September 2021 and was priced at only $230 + shipping.
It did have some drawbacks involving a lack of preselector filtering, and there being no digital decoding capabilities implemented in the software.
Fenu-radio is a popular tester of various software defined radios and has recently posted a review of the Arinst Dreamkit V2D. Initially he notes how in 2021 he first received his V1D model from Kazakhstan, and noted some problems with the lack of preselection, but other than that it worked well. His unit also had a display defect, however the manufacturer replaced the entire unit with the newer V2D model.
Fenu-radio notes that a battery is no longer included due to restrictions involving the transport of batteries through airmail, so he had to order a separate battery from Aliexpress. He importantly notes that the polarity of the battery is reversed from what the radio expects, so this has to be manually adjusted by changing the pins on the battery. If this is not done the battery or radio itself could be destroyed.
Other than that, Fenu-radio is impressed with the outer design of the V2D. He goes on to note how the V2D makes use of the R820T2 tuner, the same tuner used in standard RTL-SDR dongles. An up and downconverter is used to expand the range.
Fenu-radio then goes on to show the features of the radio, shows how it is operated, and provides a few audio examples of some stations received. He concludes positively:
The Arinst V2D is almost a "dream kit". It offers amazingly good reception on long, medium and shortwave without immediately clipping. And that on domestic active antennas. If you work with the manual gain control, you largely avoid intermodulation products and noise. The variety of functions is enormous and of high quality. At that point, you realize how hard Arinst has put in. The V2D can also convince above shortwave. What it particularly lacks here is a search function (scanner).
The case is sturdy and of good quality. But unfortunately there is criticism here. The housing shells were painted in places that shouldn't be painted! The painted flanks of the housing significantly worsen the shielding effect, which becomes noticeable with strong interference in reception if the V2D is operated with a telescopic antenna. The interference is particularly strong in the VHF range. Not only that. During the development of the V2D, far too little attention was paid to decoupling the display to prevent interference radiation in the reception branch. The approx. 4 hours Battery life was unfortunately never reached. After almost 3 hours of operation it was over.
Otherwise, the V2D is great fun. Especially with a remote antenna.
Arinst showed itself to be a very committed manufacturer when it came to correcting errors in the software and implementing suggestions.
At the time of this post the Arinst website and their sales platforms on Aliexpress and eBay does not appear to feature the 'Dreamkit V2D' product and we have no further info on the release date or pricing.
