To keep them away from humid air Scott uses "PrintDry" plastic vacuum canisters. Unfortunately he found that the vacuum sealing system wasn't perfect, and that some canisters would lose their vacuum after a few days. In order to ensure that the canisters were properly sealed he decided to add some active monitoring with pressure and humidity sensors and a wireless transmitter.
His monitoring system consists of a cheap 315 MHz ISM band transmitter, ATTINY85 microcontroller and pressure + humidity sensor. To receive and monitor the data he uses an RTL-SDR that runs the rtl_433 software, which is a program that is capable of decoding many different types of wireless ISM band sensors.
DIY Wireless Temp/Humid/Pressure sensors for measuring vacuum sealed 3d printed filament containers
Canadian based researchers from the "Open Privacy Research Society" recently rang the alarm on Vancouver based hospitals who have been broadcasting patient data in the clear over wireless pagers for several years. These days almost all radio enthusiasts know that with a cheap RTL-SDR, or any other radio, it is possible to receive pager signals, and decode them using a program called PDW. Pager signals are completely unencrypted, so anyone can read the messages being sent, and they often contain sensitive pager data.
Open Privacy staff disclosed their findings in 2018, but after no action was taken for over a year they took their findings to a journalist.
Encryption is available for pagers, but upgrading the network and pagers to support it can be costly. Pagers are also becoming less common in the age of mobile phones, but they are still commonly used in hospitals in some countries due to their higher reliability and range.
In the past we've seen several similar stories, such as this previous post where patient data was being exposed over the pager network in Kansas City, USA. There was also an art installation in New York called Holypager, that continuously printed out all pager messages that were received with a HackRF for gallery patrons to read.
HolyPager Art Installation. HackRF One, Antenna and Raspberry Pi seen under the shelf.
Over on YouTube user JellyImages has uploaded a video demonstrating his Windows based ARESrcvr software. ARES is a railway control communications protocol used by some trains in the USA. His code connects to an RTL-SDR dongle, and demodulates the ARES protocol, providing decoded packets to ATSCMon via UDP on localhost.
ATSCMon allows you to view train telemetry data, and see on a rail map where that control indication came from. It appears that ATSCMon actually already supports ARES decoding via audio piping, but the decoder by JellyImages is a cleaner solution that doesn't require audio piping. In the past we've posted about one other YouTube user whose uploaded videos on using ATSCMon to monitor trains [Post 1][Post 2].
JellyImages also notes that his software only supports the ARES protocol which is used mostly around former Burlington Northern (BN) territory in the USA.
Back in August 2019 the Chaos Communication Camp was held in Germany. This is a 5 day conference that covers a variety of hacker topics, sometimes including SDR. At the conference Osmocom developer Harald Welte (aka @LaF0rge) presented a talk titled "The Limits of General Purpose SDR devices". The talk explains how general purpose TX capable SDRs like HackRFs and LimeSDRs have their limitations when it comes to implementing advanced communications systems like cellular base stations.
Why an SDR board like a USRP or LimeSDR is not a cellular base station
It's tempting to buy a SDR device like a LimeSDR or USRP family member in the expectation of operating any wireless communications system out there from pure software. In reality, however, the SDR board is really only one building block. Know the limitations and constraints of your SDR board and what you need around it to build a proper transceiver.
For many years, there's an expectation that general purpose SDR devices like the Ettus USRP families, HackRF, bladeRF, LimeSDR, etc. can implement virtually any wireless system.
While that is true in principle, it is equally important to understand the limitations and constraints.
People with deep understanding of SDR and/or wireless communications systems will likely know all of those. However, SDRs are increasingly used by software developers and IT security experts. They often acquire an SDR board without understanding that this SDR board is only one building block, but by far not enough to e.g. operate a cellular base station. After investing a lot of time, some discover that they're unable to get it to work at all, or at the very least unable to get it to work reliably. This can easily lead to frustration on both the user side, as well as on the side of the authors of software used with those SDRs.
The talk will particularly focus on using General Purpose SDRs in the context of cellular technologies from GSM to LTE. It will cover aspects such as band filters, channel filters, clock stability, harmonics as well as Rx and Tx power level calibration.
The talk contains the essence of a decade of witnessing struggling SDR users (not only) with running Osmocom software with them. Let's share that with the next generation of SDR users, to prevent them falling into the same traps.
Over on YouTube Black Hills Information Security (aka Paul Clark) has uploaded a one hour long presentation that shows how to use a software defined radio to reverse engineer digital signals using GNU Radio.
One of the most common uses of Software Defined Radio in the InfoSec world is to take apart a radio signal and extract its underlying digital data. The resulting information is often used to build a transmitter that can compromise the original system. In this webcast, you'll walk through a live demo that illustrates the basic steps in the RF reverse engineering process, including:
- tuning - demodulation - decoding - determining bit function - building your own transmitter - and much, much more!
The NanoVNA is an open source VNA project by @edy555 and ttrftech that has recently become extremely affordable at less than US$50 for a fully assembled unit thanks to Chinese manufacturing (or a little more if you order it via Amazon).
Ohan Smit had recently been playing with the NanoVNA and came across a software package from Rune B. Broberg (5Q5R) called NanoVNASaver. NanoVNASaver is an open source program that can be used to read and plot data from the NanoVNA. It has some nice features like the ability to display multiple charts, increase the resolution up to 10k points, measure cable length via TDR calculations, save Touchstone files and more.
Testing our RTL-SDR.COM BCFM Bandstop filter with a NanoVNA and the NanoVNASaver Software.
Later in the same post Ohan also includes an update about his experiments with some new experimental NanoVNA firmware that extends the maximum frequency range from the previous maximum of 900 MHz up to 1500 MHz. Results show that while it can work up to 1500 MHz, accuracy rapidly degrades above 900 MHz.
Recently Chinese manufacturers have begun producing a low cost wide band (100 kHz - 30 MHz) magnetic loop HF antenna known as the MLA-30. The loop can be found on eBay for under US$45 with free shipping. In the past wide band HF loop antennas have not been cheap, normally costing $300+ dollars from manufacturers like Wellbrook.
RF signals are electromagnetic waves that consist of an electric and magnetic component. A magnetic loop antenna mostly receives the magnetic portion of the wave. This is useful as most unwanted interference from modern electronic devices is generated in the electric component only. So, a magnetic loop antenna may be preferable in city and suburban environments over other antennas like wires and miniwhips. Magnetic loops are also directional, and can be rotated to avoid interference.
One of the biggest costs to a magnetic loop antenna is the shipping, because a large hula hoop sized piece of metal needs to be sent. The MLA-30 cuts costs on shipping by providing a folded up thin loop wire and no physical support for the loop. You are expected to provide your own support, or simply hang the loop wire on something. If you like you can also replace the included loop wire with a larger loop.
The MLA-30 comes with 10m of RG174 coax, is bias tee powered, and comes as a set with a bias tee injector that is powered over 5V USB. We tested our own unit with the RTL-SDR Blog V3, Airspy and SDRplay bias tee's and found that they all worked well instead of the included bias tee. So if you have one of those SDRs using the loop is as simple and neat as plugging it in and turning on the bias tee.
In terms of build quality, the unit is sturdy and the PCB is fully potted and protected against rain/weather. It is yet to be seen how the external screw terminals holding on the loop will age over a longer period of time however.
So how does the very cheap MLA-30 compare to higher end magnetic loop antennas? Below are some reviews by various hams and SWLs. The general consensus is that it works well for the price, but as you'd expect, falters on handling very strong signals and produces a higher noise floor compared to the more expensive loops, especially in the higher HF bands. But overall we'd say that it's probably still better than using a miniwhip, especially in suburban/city environments, and is probably the best compact HF antenna that you can get on a budget.
What's included in the MLA-30 set. Photo from David Day's Review.
MLA-30 Magnetic Loop Antenna Review and Comparison by David Day (N1DAY)
In this review David compares the MLA-30 against a 30-ft ground loop and a Wellbrook ALA1530-LF. His results show that while the loop is capable of receiving the same signals that the two comparison loops can, the SNR is much lower. He also notes that the much thinner loop wire used on the MLA-30 seems to result in a much deeper null, and that IMD was a problem for him.
Inside the MLA-30 Active Loop Antenna by Matt (M0LMK)
This post is a complete teardown of the antenna. As the PCB is fully potted Matt had to boil down the epoxy in order to get to the actual PCB. He notes that the PCB is a simple single amplifier design with the exposed pot working as a gain control.
Cheap Chinese Magnetic Loop Antenna (MegaLoop aka MAGALoop) MLA-30 by John
First hour battle of the antennas W6LVP loop VS MLA 30 loop test by OfficialSWLchannel
This is a YouTube video where OfficialSWLchannel compares his MLA-30 against a W6LVP loop. He notes that his initial testing shows that the MLA-30 performs as well as the W6LVP loop.
First hour battle of the antennas W6LVP loop VS MLA 30 loop test
MLA-30 Loop vs 80M EFHW by Matthew Payne
In this YouTube video Matthew compares his MLA-30 against a 80M end fed halfwave antenna with an SDRplay RSP1a.
MLA-30 Magnetic Loop Modifications by Scanner and Sdr Radio
In this video the Scanner and Sdr Radio YouTube channel uses an RSPduo to compare the MLA-30 against a Wellbrook loop. His results show that the MLA-30 definitely has a higher noise floor compared to the Wellbrook, but still receives signals decently although chasing weak signals it's not good enough. He also shows how to improve the MLA-30 by replacing the cheap coax that it comes with, noting that the modification reduced his noise.
[mrgriscomredux] over on [Reddit] was interested in re-creating the nostalgia that was scrambled analog television from the 90s. To do this he captured an NTSC analog video signal using an RSP1 SDR and demodulated that into composite video using GNU Radio to process everything.
The methods that were originally used to scramble analog television are not well documented, however [mrgriscomredux] has done a fine job re-creating it himself in his own way.
He then uses a Python script to modify the “Gated Sync Suppression” within GNU Radio and then transmits that back on to the air using a low cost FL2K VGA adapter we’ve featured on the blog in the past.
These FL2K VGA adapters can be abused as crude software-defined transmitters and we’ve seen people do everything from video transmission to GPS spoofing with them. [Check out the FL2K article here]
