Frequency Manager Suite Plugin for SDR#

Recently the popular Frequency Manager + Scanner plugin set for SDR# has been upgraded and renamed to the “Frequency Manager Suite”. The plugin can be downloaded from their new website at www.freqmgrsuite.com. The plugin suite includes a frequency scanner and manager, a scanner metrics recorder, a scheduler, an activity logger and a frequency entry plugin.

Apart from plugins the suite also now includes a plugin manager program called “Pluginator” which can help you to install and delete plugins without needing to edit the Plugins.xml file directly. There is also a new database manager tool which can help you to import frequency databases from online or other sources.

We have posted the full feature release below:

The Frequency Manager Suite (FMS) adds 4 more plugins to the previous set of 3:

  • Scheduler – allows you to schedule listening activities by date and time.

  • Activity Logger – records scanner activity to a file for later use.

  • Scanner Decisions – now a first-class plugin and also available as the classic stand-alone window. And you can change the position of the plugin without restarting SDR#.

  • Frequency Details – displays details about a frequency from your database. And you can change the position of the plugin without restarting SDR#.

New standalone applications also come with FMS:

  • Data Tools – this significantly upgraded import/export application lets you import data from 6 popular internet databases as well as generically-formatted files, and permits you to export your FMS databases to standard file format.
  • The Pluginator – an application that lets you add, delete, and change the order of plugins without ever having to hand-edit the SDR# file Plugins.xml. Just fill in the blanks.

New features in Frequency Manager + Scanner:

  • The new Preferences dialog allows customization without hand-editing a configuration file.
  • FMS configurations are now kept in a file separate from those of SDR#, permitting easier upgrades to SDR#.
  • You can have multiple frequency databases, and can change to a different database without restarting SDR#.
  • When tuning manually you can optionally change the radio settings (mode, BW, etc.) according to what’s in the database for the tuned frequency.
  • Scan resolution – high-res or low-res to favor speed over accuracy or vice versa.
  • Adjacent Frequency Rejection now displays its bandwidth on the spectrum analyzer.
  • Plus many other improvements and bug fixes.

fms_1v2   fms_3   fms_2   

pluginator
Tweet
Share
Reddit
Vote
Email

Spoofing GPS Locations with low cost TX SDRs

At this years Defcon 2015 conference researcher Lin Huang from Qihoo 360 presented her work on spoofing GPS signals. Qihoo 360 is a Chinese security company producing antivirus software. Lin works at Qihoo as a security researcher where her main job is to prevent their antivirus software and users from becoming vulnerable to wireless attacks. Her research brought her to the realm of GPS spoofing, where she discovered how easy it was to use relatively low cost SDRs like a USRP B210/BladeRF/HackRF to emulate GPS signals which could allow a wireless attacker to manipulate the GPS on smartphones and cars.

Previous attempts at GPS spoofing have all used more expensive custom hardware. One attempt in 2013 allowed university researchers to send a 213-foot yacht off course, and it is suspected that hackers from the Iranian government have used GPS spoofing to divert and land an American stealth drone back in 2011.

In Lin’s presentation she shows how she was able to trick a smartphone into thinking it was in a different location. In addition she writes how this method could be used to trick the phone into changing it’s time, as many smartphones will periodically refresh the clock accuracy by using GPS satellites. She also shows how she was able to bypass a DJI drones forbidden area no fly zone policy. DJI drones come with a feature where the engines will not power up if the on board GPS detects that it is in a no drone fly zone. By spoofing the GPS she was able to get the drone to power up inside a no fly zone in Beijng.

Lin Huangs presentation can be downloaded from the defcon media server (pdf). An article on Lin and her research into GPS spoofing has also been run on Forbes.com.

Spoofed GPS logs on a smartphone
Spoofed GPS logs on a smartphone
Tweet70
Share
Reddit
Vote
Email
70 Shares

Detecting Pulsars (Rotating Neutron Stars) with an RTL-SDR

The RTL-SDR has been used for some time now as an amateur radio astronomy tool. Radio astronomers Peter W East and GM Gancio have recently uploaded a paper that details their experiments with detecting Pulsars with an RTL-SDR (doc file).

A pulsar is a rotating neutron star that emits a beam of electromagnetic radiation. If this beam points towards the earth, it can then be observed with a large dish antenna and a radio, like the RTL-SDR. The abstract of the paper reads: 

This project sought to determine the minimum useful antenna aperture for amateur radio astronomers to successfully detect pulsars around the Hydrogen line frequency of 1420MHz. The technique relied on the collaboration with GM Gancio, who provided RTL SDR data of the Vela pulsar (B0833-45, J0835-4510) and others, collected with a 30m radio telescope. This data was processed to determine the achievable signal-to-noise ratio from which, the minimum useful dish size necessary for some effective amateur work, could be calculated. Two software packages were developed to do synchronous integration, a third to provide a power detection function and a fourth for spectrum analysis to recover pulsar rotation rate.

With their system the authors were able to detect and measure the rotation period of the Vela pulsar. Also, from their data they were able to estimate that the minimum dish aperture required to observe the Vela pulsar would be 6m, noting that the Vela pulsar is probably the strongest pulsar ever detected. They also write that by utilizing 5 RTL-SDRs to gather 10 MHz of bandwidth together with some processing that the minimum required dish aperture could be reduced to 3.5m.

The Vela pulsar pulse power integrated over a 50 second 100MB file, combining some 560 pulsar pulses
The Vela pulsar pulse power integrated over a 50 second 100MB file, combining some 560 pulsar pulses.

In addition to these Pulsar experiments, Peter has also uploaded new papers about improving his Hydrogen Line RTL-SDR Telescope (pdf), and has updated his paper on improving the frequency stability of RTL-SDR’s with air cooling (doc file). Peter found that the frequency stability of the RTL-SDR (with standard oscillator) could be significantly improved by adding heat sinks and aircooling them. The graph from his paper below summarizes his results.

Results from air cooling the RTL-SDR.
Results from air cooling the RTL-SDR.
The air cooled and heatsinked RTL-SDRs
The air cooled and heat sinked RTL-SDRs

All of Peters papers can be found on his website at y1pwe.co.uk/RAProgs/index.html. He has many RTL-SDR radio astronomy related resources there, so check it out if you are interested.

Tweet1
Share
Reddit47
Vote1
Email
49 Shares

CubicSDR v0.1.4 Beta Released

CubicSDR is a new and upcoming multi platform open source SDR software package that is compatible with the RTL-SDR. It is similar to programs like SDR#, HDSDR and SDR-Radio. Recently the programmers have released version 0.0.4-beta which adds several new features which we have listed below:

  • Audio Spectrum visuals, drag the A/V visuals area to toggle between audio Scope and Spectrum
  • Waterfall speed can now be controlled between 1 and 1024 lines per second
  • Waterfall now continues to render while minimized or in background
  • Waterfall/Spectrum can now be zoomed to 30khz window with improved resolution
  • Spectrum averaging speed can now be controlled between 1% and 99%
  • I/Q mode for piping decimated I/Q to other applications at audio sample rate
  • Spectrum peak and floor decibels now displayed (can toggle off/on with ‘B’)
  • Can now mute demodulator with ‘M’ button or pressing ‘M” while hovering
  • Save and recall device Offset, I/Q swap, Direct sampling, Waterfall/Spectrum speed, Window state
  • Performance and UI responsiveness improvements
  • Can now use direct input for demod bandwidth
  • Direct input < 3000 now assumes Mhz
  • Additional device input sample rates
  • Improved waterfall keyboard controls via arrow keys
  • Can now specify alternate configuration name via -c (name) or -config (name) at command line
  • Automatically reduce unused buffer memory over time
  • Several crash fixes

CubicSDR is compatible with Windows, Linux and MacOS. It can be downloaded from www.cubicsdr.com.

CubicSDR v0.1.4 Demonstration

Tweet13
Share
Reddit
Vote
Email
13 Shares

GNU Radio Conference 2015: Presentations

The GNU Radio conference (GRCon15) is a yearly conference discussing all matters related to GNU Radio, an open source graphical block based DSP programming application that is compatible with most SDR’s, including the RTL-SDR. The conference started on August 24 and is due to close this Friday August 28, however many of the presentation slides are now available for viewing on their website.

This year there are many interesting talks, including a speech by Balint about radio direction finding, RF sniffing and digital FPV on drones. There are also several tutorial presentations that show how to install GNU Radio, how DSP sampling works, an intro to analog RF concepts and how to build a software radio from scratch.

gnuradio

Tweet
Share
Reddit
Vote
Email

Showing how the R820T stops receiving at 1.4 GHz+ with increasing temperature

Over on YouTube RTL-SDR experimenter Adam 9A4QV has uploaded a video showing how the R820T dongle can fail to receive properly at frequencies above about 1.4 GHz as the temperature in the dongle rises. This is a known problem that may cause issues when trying to receive satellite signals like Inmarsat at 1.541450 GHz. In our own tests, the R820T2 chip appears to be much less prone to this behaviour when compared with the R820T, but still fails if the ambient temperature gets too hot, for example if left in direct sunlight. We’ve had several R820T2 RTL-SDR’s running at 1.5 GHz+ for over 48 hours when left in the shade, but not one R820T ran for more than a few minutes at those frequencies. Of course the E4000 tuner is the best RTL-SDR tuner for these GHz level frequencies, but that tuner is now rare and expensive.

Over on Reddit, some people have been discussing this issue, and have proposed that the likely cause is related to the PLL failing to lock properly at higher temperatures. A fix may be to apply a blob of solder to the vias underneath the R820T chip, and then attach a heatsink. The problem also does not occur on the Airspy, a higher performance SDR that also uses the R820T2 chip in its design. This may be due to better drivers for the Airspy, or better heat dissipation in the Airspy’s hardware design.

R820T stop receiving @ higher frequencies

Tweet
Share
Reddit
Vote
Email

Seeing through walls with WiFi signals and USRP software defined radios

Researchers at the University College of London have found a way to use WiFi signals to see through walls, using a USRP software defined radio and software written in LabView. The researchers have shown that they are able to utilize local WiFi signals to detect and monitor moving objects such as people behind a wall in a similar fashion to how radar systems work. The advantage over traditional radar is that their system is completely passive, requiring no transmitter, other than the already ubiquitous WiFi signal.

In a demonstration the researchers showed how they were able to not only detect the presence of a person behind a wall, but also detect small hand gestures that were made.

Detecting body gestures from WiFi signals in LabView.
Detecting body gestures from WiFi signals in LabView.

It appears the researchers are patenting their work and are looking to market their technology towards military and security surveillance operators as well as towards other applications such as traffic monitoring and the monitoring of children and the elderly.

We aren’t sure what type of radio accuracy is required for a system such as this, but it may be possible that SDR’s that cost less than the USRP may also work, assuming the software technology can ever be replicated/licensed.

wifi_hostage
A proposed application of the technology: Allowing police to see through walls in a hostage situation.
Tweet
Share
Reddit
Vote
Email

Painting on the RF Spectrum with a HackRF

Last week several people from the Chaos Communication Camp conference and others on the #hackrf IRC channel were playing around with the idea of painting pictures on the RF spectrum with the HackRF – a low cost transmit capable software defined radio. This idea works simply by modulating a signal so that it produces a desired image pattern on a frequency domain waterfall display.

To make this easier to do, GitHub user polygon has authored a Python program called Spectrum Painter which easily converts an image into an IQ file which can be transmitted with a HackRF. In addition as described in the Reddit thread linked above, a Windows program called Coagula can also be used to convert images into .wav files, which can then be transmitted on any capable radio. The RF painted images can then be received on another SDR radio like the RTL-SDR.

As always remember to only transmit at a frequency you are licensed on, or at low power in a RF controlled environment.

Below is an example image and video showing images being painted on the RF waterfall.

Spectrum painter transmitted output image
Spectrum painter transmitted output image

hackrf transmitting images in the frequency domain

Tweet13
Share
Reddit
Vote
Email
13 Shares