GNU Radio TEMPEST Implementation Now Available

TEMPEST refers to a technique that is used to eavesdrop on electronic equipment via their unintentional radio emissions (as well as via sounds and vibrations). All electronics emit some sort of unintentional RF signals, and by capturing and processing those signals some data can be recovered. For example the unintentional signals from a computer screen can be captured, and converted back into a live image of what the screen is displaying.

Until recently we have relied on an open source program by Martin Marinov called TempestSDR which has allowed RTL-SDR and other SDR owners perform interesting TEMPEST experiments with computer and TV monitors. We have a tutorial and demo on  TempestSDR available on a previous post of ours. However, TempestSDR has always been a little difficult to set up and use.

More recently a GNU Radio re-implementation of TempestSDR called gr-tempest has been released. Currently the implementation requires the older GNU Radio 3.7, but they note that a 3.8 compatible version is on the way.

The GNU Radio implementation is a good starting point for further experimentation, and we hope to see more developments in the future. They request that the GitHub repo be starred as it will help them get funding for future work on the project.

The creators have also released a video shown below that demonstrates the code with some recorded data. They have also released the recorded data, with links available on the GitHub. It's not clear which SDR they used, but we assume they used a wide bandwidth SDR as the recovered image is quite clear.

Examples using gr-tempest

GR-TEMPEST: GNU Radio TEMPEST Implementation
GR-TEMPEST: GNU Radio TEMPEST Implementation
Tweet
Share
Reddit
Vote
Email

Black Hat USA 2020 will be a Virtual Event

Black Hat is a yearly conference about information security related topics. Whilst not as common as in other RF focused conferences, there are often talks related to software defined radio and RF in general. For example, recently they have uploaded videos of talks from their 2018 event and one talk titled "Screaming Channels: When Electromagnetic Side Channels Meet Radio Transceivers" shows how a HackRF SDR can be used to help break the cryptography of bluetooth AES encryption via RF noise unintentionally emitted by components in the transmitter.

Due to the current global pandemic, the conference organizers have decided that the 2020 conference to be held in Las Vegas during August 1-6 will instead be held virtually. They write:

MAY 8, 2020
We have been continuously reviewing the best ways to serve the information security community over the past few months as the global health situation continues to develop. While we will not be meeting in person, we are moving forward with a plan to transform Black Hat USA into an all-virtual event in order to best serve our community.

We're inspired to adapt Black Hat USA in a virtual format that will be available to our entire global community. Our team is working hard to deliver the same level of high-quality Briefings, Trainings and Business Hall programs that Black Hat attendees have come to expect every year.

We believe in the power of gathering our community to share, inspire, and strengthen our industry and are committed to providing that opportunity in August. We look forward to sharing more information about Black Hat’s virtual event soon.

Steve Wylie, Black Hat General Manager

We note that the GNU Radio conference which will be held on September 14 will also be held virtually

Tweet
Share
Reddit
Vote
Email

Tech Minds: Upgrading to the latest Airspy R2/Mini Firmware

Over on YouTube Tech Minds has uploaded his latest video that shows how to easily update the firmware on Airspy R2 and Mini units. The Airspy R2 ($169) and Airspy Mini ($99) are two software defined radios that can be considered a step up from an RTL-SDR in terms of performance and price. Recently the Airspy developer updated the firmware, and we show the changelog below.

This release improves the overall phase noise, tuning accuracy, dynamic range and spur responses.

What changed:

  • More accurate R820T/2 tuning.
  • Fast R820T/2 register update by only sending the actual changes. Useful for fast scanning.
  • The R820T/2 reference clock is now fed directly from the 25 MHz TCXO. No noise contribution from PLL_A at all when using the internal TCXO.
  • The MCU and ADC reference clock is now using PLL_B of Si5351 in Integer mode with power of two dividers.
  • EXT_CLK now feeds PLL_A for the R820T/2 and PLL_B for the LPC4370 with optimal Integer Mode and power of two dividers.
  • Drive level reduced to 2mA per clock. This significantly reduces the spurs.

Tech Mind's YouTube video shows us how to check the current firmware installed, how to download the latest firmware, and finally how to actually flash the new firmware.

AIRSPY R2 & MINI Software Defined Radio Firmware Update Procedure

Tweet
Share
Reddit
Vote
Email

RTL-SDR Blog V3 Units and Antennas Back in Stock at Amazon (Local US Stock)

Just a note that our RTL-SDR Blog V3 units and antennas are now back in stock at Amazon.com with local US stock. There were a few manufacturing and shipping delays related to COVID-19 so they had been out of stock for a couple of months. Currently they are being fulfilled via our partners based in Chicago, and all orders will ship out within 2-business days via USPS First Class. We will look at replenishing the the Amazon Prime warehouses in a few weeks and at the moment we are only shipping to US customers from Amazon. US customers can also order directly from our store at www.rtl-sdr.com/store and this will result in the shipping fee being waived.

If you are based elsewhere in the world, please order directly from our store at www.rtl-sdr.com/store which ships non-US orders direct from our warehouse in China. Alternatively some countries might benefit from our Aliexpress store, which can now utilize the reliable Aliexpress Standard Shipping line.

Our RTL-SDR Blog V3 is an improved RTL-SDR dongle. It includes features like a TCXO, SMA port, software switchable bias tee, built in HF direct sampling mod, aluminum enclosure, improved ESD protection, improved cooling via thermal pad and many other design improvements. The kit comes with a multipurpose dipole antenna which is extremely versatile. It can be used as a standard vertical dipole for terrestrial signals, or can be mounted horizontally in a V-Dipole configuration for NOAA/Meteor LEO weather satellites. It's also easy to mount outdoors through a window for best reception with two mounting solutions included. 

Amazon Links

RTL-SDR Blog V3 Dongle + Multi Purpose Dipole Antenna Set

RTL-SDR Blog V3 Dongle Only

Multi Purpose Dipole Antenna Set Only

RTL-SDR Blog Store

We are also shipping any US orders made from our Worldwide store via our local stock. If you order directly from us you can save $1.99 on shipping.

RTL-SDR Blog Store

Features of the RTL-SDR Blog V3.
Features of the RTL-SDR Blog V3.
The RTL-SDR Blog V3 Set. Includes RTL-SDR V3 dongle, and multipurpose dipole antenna kit.
The RTL-SDR Blog V3 Set. Includes RTL-SDR V3 dongle, and multipurpose dipole antenna kit.
Tweet
Share
Reddit
Vote
Email

Running rtl_tcp over the TOR Network

Over on his DragonOS YouTube tutorial channel Aaron has uploaded a video showing how it is possible to run rtl_tcp over the TOR network. TOR is an "anonymity network" which routes your internet traffic through thousands of volunteer nodes in order to make tracing your internet activity more difficult.

Aaron's tutorial shows how to route rtl_tcp traffic through a TOR connection on his Linux distribution DragonOS (although it should work on any Linux distro), and connect to it with GQRX.

However, a major caveat is that the data streaming result is rather poor with there being lots of data drops, probably due to the slowness of the TOR network. Perhaps running a smaller sample rate, or using a more efficient server like Spyserver might work better.  

DragonOS LTS Remote access RTL-SDR over TOR network (Gqrx, rtl_tcp, OpenWRT)

Tweet12
Share
Reddit
Vote
Email
12 Shares

The 2020 GNU Radio Conference will be held Virtually – Talks Streamed for Free

The yearly GNU Radio Conference (GRCon) is a conference all about the development of GNU Radio and projects based on GNU Radio. GNU Radio is an open source digital signal processing (DSP) toolkit which is often used in cutting edge radio applications and research to implement decoders, demodulators and various other SDR algorithms.

This years 2020 GNU Conference is to be the 10th one ever held and was supposed to take place in Charlotte, NC. However due to the ongoing pandemic the organizers have now decided that it will be held entirely online this year. The starting date is September 14 and the talks and events will probably run for several days. All talks will be streamed for free, however, registering for US$50 will get you access to the live workshops and other events.

There is a great line up of keynote speakers, and if you have a talk that you'd like to submit, submissions are now open. For ideas on what GNU Radio talks are like, you can see full recordings from previous GNU Radio conferences on their YouTube channel playlists.

GNU Radio Conference (GRCon) is the annual conference for the GNU Radio project & community, and has established itself as one of the premier industry events for Software Radio. It is a week-long conference that includes high-quality technical content and valuable networking opportunities. GRCon is a venue that highlights design, implementation, and theory that has been practically applied in a useful way. GRCon attendees come from a large variety of backgrounds, including industry, academia, government, and hobbyists.

GRCon20 will be held starting September 14, 2020 online as a virtual event. The organizing team is hard at work to create a fun and interactive experience.

Our keynote speakers include: Becky Schoenfeld W1BXY, managing editor of QST magazine, Oona Räisänen [ windytan ] hacker of signals and computer programmer, and Jim St. Leger, Director Open Source, Intel.

With an annual program that has broad appeal, GRCon attracts people new to Software Radio just looking to learn more, experts that want to keep their finger on the pulse & direction of the industry, and seasoned developers ready to show off their latest work.

Call for Participation is now open!

Registration

Registration is available now!

Register Here

Refund Policy

Tweet
Share
Reddit
Vote
Email

GNU Radio Code for Android Now Released

Back in November 2019 we posted how Bastian Bloessl (@bastibl) had teased us with his ability to get GNU Radio running on an Android phone. Now he has officially released his code to the public on GitHub. This is quite a remarkable development as you can now carry a full DSP processing suite in your pocket. In addition to the code, he's put up a short blog post explaining a bit about the port. He notes some highlights of the release:

  • Supports the most recent version of GNU Radio (v3.8).
  • Supports 32-bit and 64-bit ARM architectures (i.e., armeabi-v7a and arm64-v8a).
  • Supports popular hardware frontends (RTL-SDR, HackRF, and Ettus B2XX). Others can be added if there is interest.
  • Supports interfacing Android hardware (mic, speaker, accelerometer, …) through gr-grand.
  • Does not require to root the device.
  • All signal processing happens in C++ domain.
  • Provides various means to interact with a flowgraph from Java-domain (e.g., Control Port, PMTs, ZeroMQ, TCP/UDP).
  • Comes with a custom GNU Radio double-mapped circular buffer implementation, using Android shared memory.
  • Benefits from SIMD extensions through VOLK and comes with a profiling app for Android.
  • Benefits from OpenCL through gr-clenabled.
  • Includes an Android app to benchmark GNU Radio runtime, VOLK, and OpenCL.
  • Includes example applications for WLAN and FM.

He's even included demonstration code that turns a USRP B200 SDR connected to an Android phone into a WLAN transceiver which can run in real time on faster devices.

Installing it may not be easy for most, but Bastian has included full build instructions on the GitHub page, and makes use of a Docker file which should simplify the installation a bit.

GNU Radio running on an Android phone, usinga USRP B200 SDR as a WLAN transceiver.
GNU Radio running on an Android phone, usinga USRP B200 SDR as a WLAN transceiver.
GNU Radio 3.8 on un-rooted Android receiving FM w/ HackRF (take 2)

Tweet1
Share
Reddit18
Vote
Email
19 Shares

TechMinds: Taking a look at the ADALM Pluto

Over on his YouTube channel Tech Minds has uploaded a video where he overviews and demonstrates the ADALM PLUTO (aka PlutoSDR).  The PlutoSDR is a low cost RX/TX full duplex capable SDR with up to 56 MHz of bandwidth and 70 MHz to 6 GHz frequency range. It is typically priced anywhere between US$99 - US$149 depending on sales.

In the video Tech Minds explains the specs and features of the PlutoSDR, analyzes the included antennas, shows how to connect to the PlutoSDR via USB/Ethernet/WiFi and finally demonstrates the unit running on SDR-Console V3 receiving and transmitting signals.

He also notes how he modified his unit and installed a more stable TCXO. This is required as he intends to use the unit for QO-100 SSB satellite operation which requires a very stable signal. In addition to the TCXO mod he also performed a mod to improve the grounding on the unit which reportedly prevents the unit from locking up when using long long network cables and a USB to Ethernet adapter.

ADALM PLUTO Full Duplex Software Defined Radio

 

Tweet
Share
Reddit
Vote
Email