Financial Times Story about Ukraine Radio Monitoring with WebSDRs

The Financial Times has recently run a video story on how hobbyist WebSDR setups are being use to record Russian radio communications during the war on Ukraine.

In these modern times, we would expect the Russian military to be making full use of encrypted radio communications on the battlefield. But early on in the invasion it came to be clear that much of the Russian forces are much less advanced than first thought, and are using cheap civilian unencrypted radios that anyone nearby can listen to with an RTL-SDR or via a web connected SDR.

The FT story focuses on how open source contributors from all over the world are helping to monitor internet connected WebSDRs that are close enough to receive Russian radio communications. And how volunteers are helping translate, confirm authenticity, and collect information about possible war crimes. 

If you are interested, previously we posted about a similar video story from the New York Times, and have covered various bits of radio related news from the war in two previous posts [1][2].

Ukraine's battle of the airwaves | FT

Running GR-GSM and IMSI Catcher on a Raspberry Pi 4 with Dragon OS

DragonOS is a ready to use Ubuntu Linux image that comes preinstalled with multiple SDR software packages. The creator Aaron also runs a YouTube channel showing how to use the various packages installed. 

In his latest video Aaron tests his Pi64 image with GR-GSM and IMSI Catcher running with the GNU Radio 3.10 platform on a Raspberry Pi 4. He tests operation with an RTL-SDR and LimeSDR.

GR-GSM is a GNU Radio based program capable of receiving and analyzing mobile GSM data. We note that it cannot decode actual messages without additional information about the encryption key, but it can be interesting to investigate the metadata. GSM is mostly outdated these days, but still used in some areas by some older phones and devices. IMSI Catcher is a script that will record all detected GSM 'IMSI' numbers received by the mobile tower which can be used to uniquely identify devices.

Short video setting up and testing GR-GSM on DragonOS Pi64 w/ GNU Radio 3.10 and the RTL-SDR. The current DragonOS Pi64 build has GNU Radio 3.8 and all the necessary tools to accomplish what's shown in this video. If you'd like to test the build shown in this video, it's temporarily available here until I finish and put it on Source Forge.

A LimeSDR and DragonOS Focal's Osmo-NITB-Scripts was used to create the GSM900 lab environment. The RTL-SDR was able to see and decode the GSM900 network and although only briefly shown in the video, the IMSI Catcher script works.

Here's the fork used for this video and for testing. There's also a pull request on the main GR-GSM repo for this code to be added.

DragonOS Pi64 Testing GR-GSM + IMSI Catcher w/ GNU Radio 3.10 (RTLSDR, Pi4, LimeSDR, OSMO-NITB)

Lightweight Windows Software uSDR Updated to Version 1.5.0

Since 2021 we've posted about Viol Tailor's "uSDR" (microSDR) software a couple of times. uSDR is a lightweight general purpose multimode program for Windows that supports the RTL-SDR, Airspy, BladeRF, HackRF and LimeSDR radios. The software can be downloaded from SourceForce.

Viol notes that recently the project has been updated to V1.5.0 which brings the following new features and changes.

  • lock device frequency on zoom option
  • keep waterfall history – the very great option, do not lose any rare signals
  •  advanced passband IQ recorder
  • passband IQ TCP server for remote processing, C/C++ client source examples included
  • advanced audio player, auto selectable sample rate, separate left/right channels
  • CTCSS decoder
  • markers import option convenient for merge markers 
  • Ctrl+Shift+Drag Up/Down – change spectrum magnitude offset
  • Ctrl+Shift+Mouse Wheel – change spectrum magnitude range (vertical zoom)
  • Ctrl+Mouse Hover – highlight nearest marker
  • Ctrl+Double Click– tune to highlighted nearest marker
  • band plan visualization, simple text format
  • frontend interface improvements
  • GUI improvements
  • spectrum and waterfall popup menus improvements
  • a lot of bug fixes
uSDR aka microSDR. A lightweight SDR receiver program from Windows.

Skies-ADSB: A Browser Based 3D Aircraft Tracker with RTL-SDR ADS-B Receiver

Thank you to Don for submitting news about the release of his new software titled "Skies-ADSB". Skies-ADSB is a browser based app that provides a 3D view of the air traffic around your area. The software can be served on a local networked Raspberry Pi, with ADS-B data being provided by an RTL-SDR connected to the Pi.

skies-adsb is a virtual plane spotting progressive web app (PWA) / virtual aquarium (with aircraft instead of fish) / interactive real-time simulation.

Aircraft are tracked via unfiltered ADS-B transponder data in real-time and rendered in 3D.

The ADS-B data source is meant to be a RTL-SDR receiver connected to a Raspberry Pi running on your home network.

Flight status data is provided by the FlightAware AeroAPI v2.

The aircraft photos are provided by

Tesla Charging Ports Opened with HackRF Replay Attack

The charging port on Tesla electric vehicles is protected via a cover that can be opened by charging stations via a wireless signal transmitted at 315 MHz. It turns out that the command to open the port is totally without any security. This means it's possible to record or recreate the signal, and play it back anywhere using a transmit capable SDR device like a HackRF.

Twitter user @IfNotPike has done just that, managing to open the Tesla charging port using a handheld HackRF with Portapack setup. If you cannot record the signal, a repo hosting a valid signal file is available on GitHub from jimilinuxguy. Interestingly jimilinuxguy notes "The range for this is INSANE. I was able to perform this from VERY far away." and the same signal can be used to "open any and all Tesla vehicle charging ports in range"

Fortunately for Tesla owners, the level of damage a malicious party could cause through the charging port is limited, since the charging port is not active until a correct charging cable is connected. It also seems that the charging port on most models will automatically close after some time if no charger is connected.

Tesla Charging Port Opened with HackRF and Portapack | Credit: @IfNotPike

An RTL-SDR Panadapter for the TECSUN PL660 Shortwave Radio

Thank you to Joseph IT9YBG for submitting his article describing how he has made an RTL-SDR based panadapter for his TECSUN PL660 portable shortwave radio. The post is a series of pictures that show how Joseph was able to open the PL660 and connect a coax cable to the IF output, and mount the connector on the plastic cover for easy access. He then connects that IF output to the RTL-SDR via a 10pF capacitor.

The result is that Joseph is able to receive the IF output of the PL660 at 451 kHz in SDRUno with his RTL-SDR Blog V3 running in Q-Branch direct sampling mode. He notes that although the IF bandwidth from the PL660 is small, it is possible to decode digital signals by passing the audio demodulated by SDRUno into decoding software. 

RTL-SDR Blog V3 Panadapter for the Tecsun PL660

Frugal Radio: Testing the YouLoop on VHF & UHF

On this weeks episode over on the Frugal Radio YouTube channel, Rob investigates if the YouLoop antenna works well at VHF and UHF frequencies. The YouLoop is a popular portable passive loop receiving antenna that can be used with sensitive radios like the Airspy HF+ Discovery. It is mostly used for HF reception, but advertised to work up to the VHF band as well.

In his video Rob describes how the YouLoop can receive on VHF frequencies by acting as a folded dipole. To test this capability he connects an indoor YouLoop to an RTL-SDR Blog V3 unit, and confirms that he is able to strongly receive VHF airband ATIS, airband communications and various VHF digital and analogue voice signals.

Rob then goes on to check if the YouLoop works in the UHF bands, which it is not advertised as being capable of receiving. However, Rob does find that the YouLoop worked well on relatively strong UHF signals up to around 800 MHz.

Does the Airspy Youloop work on VHF? What about UHF and 700/800 MHz?

Receiving Analog TV from Turkmenistan Unintentionally Bouncing off a Russian Military Satellite

Over on Twitter @dereksgc has been monitoring the 'Meridian' communications satellites, which are Russian owned and used for civilian and military purposes. The satellites are simple unsecure repeaters, meaning that actually anyone with the hardware can transmit to them, and have their signal automatically rebroadcast over a wide area. This has been taken advantage of recently by anti-Russian invasion war activists who have been trolling the satellite with SSTV images of the Ukrainian flag, as well as audio.  

Apart from intentional abuse, a side effect of being an open repeater is that sometimes the satellite can pick up powerful terrestrial signals unintentionally, such as analogue broadcast TV from Turkmenistan. Over on his blog, @dereksgc has written up an excellent post documenting the background behind this finding, his entire setup involving the hardware he's using and how he's aligning with the satellite, and what software he is using to decode the TV signal. In his hardware setup he notes that he uses a HackRF, but that a RTL-SDR would suffice.