In the latest update they have also added support for the RTL-SDR on OSX. An RTL-SDR dongle is able to connect to the SdrDx program via a special OSX based RTL-SDR server called CocoaRTLServer. At the moment it appears that rtl_tcp is not supported as it does not use the protocol required by SdrDx, so Windows and Linux computers cannot use this software.
Compared to other general purpose SDR receiving software SdrDx has some interesting features not seen in most SDR software that supports the RTL-SDR. The full feature list and list of currently supports SDRs can be found here.
Over on YouTube Adam Alicajic (9A4QV – creator of the LNA4ALL and upcoming MIX4ALL) has uploaded a video showing his reception of AERO-H signals from an Inmarsat satellite. A few days ago we posted about how the JAERO decoder had recently been updated to be able to decode these AERO-H signals. These signals contain various messages meant for airplanes, but also sometimes contain news messages.
In the video Adam uses a satellite dish antenna together with his MIX4ALL, an RTL-SDR dongle and the JAERO software. With decent reception he is able to easily decode the AERO-H messages.
Currently we at RTL-SDR.com are selling upgraded RTL-SDR dongles on our store. We’ve worked hard to reduce the most common issues that the cheapest generic dongles have, whilst trying to not significantly increase the retail price so that these devices stay ubiquitous. In each batch that we’ve produced so far we’ve tried to make some improvements over the last. Previously we’ve added a TCXO, SMA connector, and bias tee and now in the latest batch we’ve added a metal case and passive cooling.
The new units have been in stock at our Chinese warehouse for almost a month now, and they are now back in stock at Amazon USA as well (shipping soon). They are priced the same as before: $24.95 USD for the unit with antennas and $19.95 USD for the dongle only. If you order from the Chinese warehouse all units come with free registered air mail shipping (1-4 week delivery), and free shipping is available on Amazon for USA customers (<1 week delivery) if you are a Prime member or spend over $35.
Aluminium case. We’ve upgraded from a plastic case and now all units come with an aluminium case standard. The aluminium is 1mm thick and is treated with an anti-anodizing coating to improve conductivity. However, some natural anodization still occurs. The dimensions are similar to the plastic case at 69 mm x 27 mm x 13 mm.
The new RTL-SDR dongle design with aluminium case.
Ground tracks on the PCB. The PCB size has been increased slightly to accommodate side ground tracks. These ground tracks should make contact with the aluminium and provide ground conductivity to the case.
New RTL-SDR PCB with side ground tracks.
Passive cooling. As the case is now metal we can apply a thermal interface material between the PCB bottom and case wall. The interface material we’ve chosen is a 3mm thermal pad. This is a soft silicon pad with high thermal conductivity. This appears to provide adequate cooling to ensure the dongles run properly at above 1.5 GHz.
Thermal pad on the bottom of the PCB for improved heat dissipation.
The metal case and side ground tracks should reduce the amount of interference received by the dongle through sources other than the antenna. The passive cooling should also be enough to ensure that the dongles run properly at above 1.5 GHz, though we still would recommend running them in a cool shady place, rather than out in the direct sun if monitoring L-band signals. If you find that the conductivity between the PCB and case is not good enough, then you can try thickening the side ground tracks on the PCB with a layer of solder – we will be trying to increase the thickness by default in subsequent batches.
Soon we will also have the metal cases for sale by themselves for those who want to upgrade from a previous batch (EDIT: Now on sale!). Though please note that although the older SMA PCBs fit in this case, the previous batches PCB’s are a little smaller than what this case takes so it may fit a little loosely. The old PCB’s also don’t have the side ground tracks for improved conductivity, but even with no ground conductivity it is still possible for the case to work as a Faraday cage. These cases will be available on the store page in a few days at a very low cost and they will only be available only from the Chinese warehouse.
Once again we hope people will enjoy these changes, and feel free to let us know what you think and what you might like to see in the future.
The JAERO decoder for AERO signals on Inmarsat satellites has recently been updated to version 1.03. This new version supports the decoding of 10.5k Aero-H and Aero-H+ signals. The author of JAERO Jonti writes that on these channels he’s seeing significantly more traffic than on the narrowband signals and that he was suprised to see that other non-aircraft messages such news was broadcast on this 10.5k signal. Jonti writes about his experience in developing the 10.5k decoder and his experience with receiving the messages in this post.
Jonti discovered that news updates are also broadcast on 10.5k AERO.What the 10.5k signals look like compared to the 600 signals.
If you like Jonti’s apps, then please remember to donate a small amount to him so that he can continue to work on them more. His PayPal donate button can be at the bottom of his main page.
Fortunately Tristan’s current thermostat is wireless, so he decided to use his RTL-SDR to sniff the data it sends to try and find the on and off signals. By using SDR# he was able to discover the radio traffic stream in the ISM band at 433 MHz. After simply recording the signal audio, he passed the audio file into Audacity to analyze the messages. He discovered that the ON and OFF signals were on-off key (OOK) modulated, and he was able to discover the binary control string and pulse timings.
With this information at hand, Tristan was then able to use a cheap 433 MHz radio transmitter together with his Arduino to replicate the ON/OFF boiler control signals. In the future Tristan plans to add a temperature sensor and web interface to monitor everything.
PiTX works by modulating the GPIO pins on the Pi in such a way that it is able to produce FM modulation. The major problem with using this method of producing radio is that it creates large amounts of harmonics and interference outside of the intended transmit frequency. Interference like this is illegal and could potentially disrupt life critical radio systems such as emergency services, cellphones and air traffic control.
In order to cleanly transmit with PiTX an output RF filter should be used. Recently, the team over at TAPR.org have released a 20M WSPR TX filter shield. WSPR is pronounced “Whisper” and is short for “Weak Signal Propagation Reporter Network“. It is a type of amateur radio signal that can be broadcast and received around the world by using very low transmit power. Radio amateurs use it to see how far their signal can travel when using very low power (QRP) and to investigate signal propagation conditions.
Oliver’s GNU Radio program is now capable of combining four RTL-SDR dongles and is now also capable of piping the output via a FIFO to GQRX. With four RTL-SDR dongles you can get a total bandwidth of 8.4 MHz. He also writes that it is even possible to listen to analog signals that are in overlapping areas.
Four RTL-SDRs producing a total of 8.4 MHz of bandwidth in GQRX.
Some more SDR and RF related talks from Defcon 23. See our previous posts [1][2] for other talks that we posted previously.
Colby Moore – Spread Spectrum Satcom Hacking
Recently there have been several highly publicized talks about satellite hacking. However, most only touch on the theoretical rather than demonstrate actual vulnerabilities and real world attack scenarios. This talk will demystify some of the technologies behind satellite communications and do what no one has done before – take the audience step-by-step from reverse engineering to exploitation of the GlobalStar simplex satcom protocol and demonstrate a full blown signals intelligence collection and spoofing capability. I will also demonstrate how an attacker might simulate critical conditions in satellite connected SCADA systems.
In recent years, Globalstar has gained popularity with the introduction of its consumer focused SPOT asset-tracking solutions. During the session, I’ll deconstruct the transmitters used in these (and commercial) solutions and reveal design and implementation flaws that result in the ability to intercept, spoof, falsify, and intelligently jam communications. Due to design tradeoffs these vulnerabilities are realistically unpatchable and put millions of devices, critical infrastructure, emergency services, and high value assets at risk.
DEF CON 23 - Colby Moore - Spread Spectrum Satcom Hacking
DaKahuna and satanklawz – Introduction to SDR and the Wireless Village
In many circumstances, we all have to wear different hats when pursuing hobbies, jobs and research. This session will discuss the exploration and use of software defined radio from two perspectives; that of a security researcher and Ham Radio operator. We will cover common uses and abuses of hardware to make them work like transceivers that the Ham crowed is use too, as well as extending the same hardware for other research applications. Additionally we will highlight some of the application of this knowledge for use at The Wireless Village! Come and join this interactive session; audience participation is encouraged.
DEF CON 23 - DaKahuna and satanklawz - Introduction to SDR and the Wireless Village
Lin Huang and Qing Yang – Low cost GPS simulator: GPS spoofing by SDR
It is known that GPS L1 signal is unencrypted so that someone can produce or replay the fake GPS signal to make GPS receivers get wrong positioning results. There are many companies provide commercial GPS emulators, which can be used for the GPS spoofing, but the commercial emulators are quite expensive, or at least not free. Now we found by integrating some open source projects related to GPS we can produce GPS signal through SDR tools, e.g. USRP / bladeRF. This makes the attack cost very low. It may influence all the civilian use GPS chipset. In this presentation, the basic GPS system principle, signal structure, mathematical models of pseudo-range and Doppler effect will be introduced. The useful open source projects on Internet will be shared with attendees.
DEF CON 23 - Lin Huang and Qing Yang - Low cost GPS simulator: GPS spoofing by SDR
