RadioSport SDR: Portable Receiver Software for RTL-SDR

Thank you to Richard (9G5AR) for writing in and sharing with us a program he's developed called "RadioSport SDR". RadioSport SDR is a portable, no-install-required SDR program compatible with RTL-SDR devices. Richard writes that it is small and fast enough to be run off a USB stick.

The software supports demodulation of wideband FM, narrowband FM, AM, USB, and LSB modes. It also has a noise reduction feature.

The software can be downloaded from its GitHub release page here.

RadioSport SDR. Portable SDR Software for RTL-SDRs.
Tweet
Share
Reddit
Vote
Email

Saveitforparts: Receiving NOAA-15 One Last Time

Over on YouTube Gabe from the saveitforparts channel has uploaded a new video discussing the decommissioning of NOAA-15 and NOAA-19. We also previously posted about this topic a few days ago, if you are interested.

NOAA-15 was scheduled to shut down on August 12, 2025, but due to anomalies with NOAA-19, the decommissioning date of NOAA-15 has been extended by a few days until the week of August 18th. NOAA-19 has recently been experiencing transmitter failures, and it may be impossible to receive signals from it at the moment, despite its expected decommissioning date of August 19, 2025.

In the video, Gabe also rushes to try and receive signals from all transmitters on NOAA-15 one last time, setting up VHF, L-Band, and S-Band receivers. He experiences some issues with weak signals, interference, and recording failures, but ultimately succeeds in capturing all three signals during one of the final passes of NOAA-15.

US Government Shutting Down More Weather Satellites

Tweet
Share
Reddit
Vote
Email

Tech Minds: Testing out Discovery Dish for Inmarsat and Hydrogen Line Radio Astronomy

Over on YouTube Matt from the Tech Minds YouTube channel has recently uploaded a new video where he tests out our Discovery Dish antenna. Discovery Dish is designed to be a low-cost, portable solution for receiving L-band and S-band weather satellites, Inmarsat satellites, conducting amateur hydrogen line radio astronomy, and more.

In the video, Matt unboxes the Discovery Dish and provides an overview of the build process before demonstrating its use in decoding AERO and STD-C messages on Inmarsat. He then shows the dish and Inmarsat feed being used to receive Iridium satellites, and how they can be decoded using iridium-extractor with a HackRF or Airspy R2.

Finally, Matt swaps out the Inmarsat feed for the Hydrogen Line feed. Using SDR#, the IF AVG plugin, and Stellarium, he was able to obtain a clear hydrogen line peak.

This Discovery Dish Is The ONLY Satellite Dish You Will Need!

Tweet
Share
Reddit
Vote
Email

SETI ARISE: Comprehensive Educational Program in Radio Astronomy

A few months ago, the SETI (Search for Extraterrestrial Intelligence) Institute published their ARISE project at https://agiseti.com. This is a comprehensive curriculum for students all about radio astronomy topics. The topics include labs and lectures on searching for technosignatures, data science in radio astronomy, and radio astronomy fundamentals, as well as an introduction to electromagnetic waves.

While the program is meant for in-person instruction at community colleges, if you are interested in radio astronomy (perhaps with our Discovery Dish and H-line feed), the lecture notes and slides are still a great introduction to the broader topic for anyone.

Tweet
Share
Reddit
Vote
Email

Flipper Zero DarkWeb Firmware Bypasses Rolling Code Security

Over on YouTube Talking Sasquach has recently tested custom firmware for the Flipper Zero that can entirely break the rolling code security system used on most modern vehicles. Rolling code security works by using a synchronized algorithm between a transmitter and receiver to generate a new, unique code for each transmission, preventing replay attacks and unauthorized access.

In the past we've discussed an attack against rolling code security systems called RollJam, which works by jamming the original keyfob signal so the vehicle cannot receive it, and at the same time recording it for later use. However, this attack is difficult to perform in reality.

For this new attack to work, all that is needed is a single button-press capture from the keyfob, without any jamming. Just from that single capture, it is able to emulate all the keyfob's functions, including lock, unlock, and unlock trunk. A consequence of this is that the original keyfob gets out of sync, and will no longer function.

According to the Talking Sasquatch, the attack works by simply reverse engineering the rolling code sequence, either through sequence leaks or prior brute forcing of the sequence from a large list of known codes. However, another article mentions that the firmware is based on the "RollBack" attack, which works by playing back captured rolling codes in a specific order to initiate a 'rollback' of the synchronization system.

Regardless of the method, videos demonstrating the attack show that only a single capture is needed to emulate a keyfob completely.

Affected vehicles include Chrysler, Dodge, Fiat, Ford, Hyundai, Jeep, Kia, Mitsubishi and Subaru. As of yet, there appears to be no easy fix for this, other than mass vehicle recalls.

Tweet
Share
Reddit
Vote
Email

Tech Minds: Testing the ATS Decoder Mega SDR Radio

Over on YouTube Matt from the Tech Minds channel has uploaded a new video showing his testing of the "ATS Decoder Mega" which is a handheld software-defined radio (SDR) with a built-in LCD screen and tuning knob.

In the video, Matt shows the UI of the SDR, as well as some features like its built-in digital mode decoders like FT8, SSTV, RTTY, CW. Unfortunately, Matt notes that the performance of all digital modes tested was subpar, possibly due to a lack of CPU processing power. Matt goes on to show that reception of SSB and AM signals works fine.

ATS Decoder Mega SDR Radio - Apparently it can decode digital modes!

Tweet
Share
Reddit
Vote
Email

A Video Introduction to Broadband Surveillance with RTL_POWER

Over on YouTube "Mount Lethe Hellfire" has recently uploaded a video showing a deep dive into the rtl_power tool. rtl_power enables users to generate wide-spectrum displays by rapidly sweeping the RTL-SDR’s center frequency across the desired frequency range.

In this video I do a deep-dive into the command line tool, rtl_power, which is a purpose built headless RF broadband spectrum scanner. I dive into the command line, its use cases as it pertains to SIGINT (COMINT, ELINT), and finally do a live demo. Additionally, I provide some other ways to access your DragonOS running on Raspberry Pi with VSCode as well as troubleshooting issues with USB claims on Linux.

Broadband SIGINT Surveillance with RTL-SDR & rtl_power

In a second video, Mount Lethe Hellfire continues this topic and goes on to show how rtl_power can be combined with visualization and scripting for powerful RF spectrum analysis.

In this video I walk you through how to use a Python script (running on DragonOS, or otherwise) that will process rtl_power SSV outputs, normalize the data points, and assist you in visualization as well as local analysis using Structure Query Language (SQL) with DuckDB. The SQL analysis is to pull out the Top 10 frequencies sorted by dBm, nothing too crazy but enough to inform you on further ELINT and COMINT collection, processing, exploitation, and analysis efforts.

Analyze & Visualize RF Spectrum with rtl_power and Python scripting | ft. RTL-SDR

Tweet
Share
Reddit
Vote
Email

TEMPEST-LoRa: Emitting LoRa Packets from VGA or HDMI Cables

University researchers from China have recently shown in a research paper that it is possible to maliciously cause a VGA or HDMI cable to emit LoRa compatible packets by simply displaying a full-screen image or video. This has potential security implications as a malicious program could be used to leak sensitive information over the air, completely bypassing any internet or air-gap security systems.

In the past, we have demonstrated that TEMPEST techniques can be used to spy on monitors and security cameras by analyzing the unintentional signals they emit. This research takes the idea a step further by determining what particular images need to be displayed to create a LoRa packet with data. 

In the paper, the researchers mention using either off-the-shelf LoRa devices or low-cost SDRs such as the HackRF to receive the packets. The advantage of the SDR method is that it allows for customization of the frequency and the use of LoRa-like packets, which can achieve even longer ranges and higher data rates. The team show that they were able to achieve a receive range of up to 132 meters and up to 180 kbps of data rate.

TEMPEST-LoRa Test Setup
TEMPEST-LoRa Test Setup
(Demo video) TEMPEST-LoRa: Cross-Technology Covert Communication

Tweet
Share
Reddit
Vote
Email