Uncategorized

0 comments

  1. RAndrew Thomas

    The link to the paper is bad, domain redirects to browser add-on installer or worse. Link should be removed.

  2. noid

    I’ve dealt with the touchscreen inversion in the past. Pop into /boot/config.txt and add the line lcd_rotate=2 and comment out any other references to screen_rotate. That’ll set you up

  3. Roy

    How about an update on Kraken? I was an early buyer and I haven’t seen mine yet, and Crowd Supply says it was to have shipped 10 days ago.

    • admin

      Kraken should be shipping now, CrowdSupply has all the stock now. But the antennas are still a couple of weeks away. If you ordered both together and selected them to ship together it might delay things.

  4. Kevin Curtis

    Windows will not let me open the SDRSharp application. I get the following error:

    Windows protected your PC
    Microsoft Defender SmartScreen prevented an unrecognized app from starting. Running this app might put your PC at risk.

    App:
    SDRSharp.exe
    Publisher:
    AIRSPY.COM

    normally there is an option to run anyway but not with this one. What can I do to fix this.

  5. John

    Great software! May I mention, though, that the images at the bottom are double posted (two of them are posted twice). I will definitely use this software in my future passes.

  6. Jean-Philippe

    Hello,
    triyng to install on a raspberry under linux..

    “CMake Error at CMakeLists.txt:74 (message):
    LibUSB 1.0 required to compile rtl-sdr”
    I tried to install libusb1.0 or libusb1 or libusb ….

    no package ..

  7. wayne yardley

    I use NA5B-Website.org on my Windows 10 to get sdr radio, satellite amateur radio and lf,mf and n hf stations from around the world but would like to set up sdr on Android box to have my own at the house.

  8. wayne yardley

    I am new to SDR but have used several Android boxes if I am understanding this correctly all I need is to Connect the sdr dongle to the USB port go to Google play and download the app and hook up to an antenna at the sdr dongle and have an tv monitor hooked up to view and listen to SDR radio.

    • wayne yardley

      I use NA5B-Website.org on my Windows 10 to get sdr radio, satellite amateur radio and lf,mf and n hf stations from around the world but would like to set up sdr on Android box to have my own at the house.

  9. david

    Hi just installed this app, but have no idea how to use it.
    Just displays “There are no upcoming satellite passes to display”
    I’d like to identify a satellite that passes overhead at 5am every morning – how do I do that?

    Thanks for any help

  10. Metaspl0it

    I just contacted Honda about this issue and they have no plans to resolve this. I conatcted just about every news outlet i could. Hopehullt this will rattle enough of these people to actually get something done

    • DoctorStranger

      I have some friends at Honda. Sounds like it is not possible to correct the problem in software. Therefore, the only solution would be recalling entire modules and fobs and replacing them. The cost of this would be astronomical, and the NHSTA in the USA would not force a recall due to this not being a highway safety issue. Not sure if it would be handled any differently in other markets. Therefore, they have zero incentive to correct the issue and believe that the impact on sales will be minimal. The argument for vehicles older than 5-7 years is that they are already past their expected lifespan and there is no reason to address those vehicles. Very interesting.

  11. Greg

    Does anyone know of any current sources for this or even if someone has put a kit together? I know this post is about a year old but I just found it recently. Thanks in advance.

  12. janeksp6

    Jest na Allegro pl./eng, versja, dongla MSI2500 MSI 01 Lepsza ver. od SDR RTL2832 820Tver.3
    Software SDRPlay

  13. DoctorStranger

    Looks like this kevin guy is taking credit for someone else’s work. This exploit was documented long before he was talking about it, and the apparent original creator has pulled his code from github in protest. Looks like the originator of the exploit was “HackingIntoYourHeart” @ github, with code created more than a year ago. This kevin guy then took this work, made it public, and used it to get professional clout, which is pretty disgusting. Admin, I’d take this kevin guy out of the writeup completely, or at least mention that the exploit came from someone else. Those who take credit for others work deserve nothing more than a rope with a noose at the end.

    • admin

      This is a different exploit and as far as I’m aware Kevin is the one who discovered this new one.

      HackingIntoYourHeart’s one showed a simple replay attack that works with some specific Honda models that don’t use rolling code security.

      But Kevin’s one shows a more slightly more sophisticated method that works on all models including those with rolling code security.

      • Doctor Stranger

        I’m going to dig into this a little more and verify but it appears there is no rolling code and this new group may be calling it a rolling code to try and disguise the fact that they are doing the same thing as “HackingIntoYourHeart”. The original hacker also calls it a rolling code, but you are correct that the replay attack is just that – A replay – It appears that you can simply re-sync the car using the captured portion of the rolling code and replace with bytes modified for other functions. It looks extremely likely that this is what the new guys are doing as well; Even if they weren’t, it would be rather disgusting if they were aware of the originators work and decided not to mention him. I’ll let you know what I find out.

        • admin

          Kevin explains the difference on the rolling-pwn website, and does reference the previously found vulnerability. It’s a bit confusing because HackingIntoYourHeart seems to imply that no Honda vehicles have rolling codes, but from Kevin it seems like a large amount actually do have rolling code security. Maybe keyfob implementation differences in country specific models?

          I’m not sure what drama happened on the Unoriginal-Rice-Patty GitHub, but I don’t think it’s related to Kevins work. Guessing something to do with https://github.com/nonamecoder/CVE-2022-27254 vs https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty

          During the research, we noticed the other researchers have found similar vulnerabilities in Honda vehicles. Based on the description “The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack”. What they found is a FIXED CODE vulnerability, meaning where an attacker can records the transmission in advance and replays it later to cause the car door to lock or unlock.

          However, most modern vehicles includes Honda Automobiles implemented the proprietary rolling codes mechanism, which exactly prevents fixed code replay attack like CVE-2022-27254. The bug we discovered regard to the design flaw of rolling codes mechanism from Honda Motors. Which need to take very seriously.

          • DoctorStranger

            He clarified in a different post, they all use a form of rolling code security, but it is still vulnerable to replay attacks which makes it the worst rolling code algorithm I’ve ever heard of? The very point behind rolling code algorithms was to prevent this. I’m super interested now and going to start tearing into my Honda just out of curiosity.
            Anyway, this kevin guy is confirmed out of china, so that pretty much guarantees he stole the idea anyway. A damn shame, but that’s the way things are nowadays. I fully understand it’s a cultural issue and chinese culture encourages theft of ideas and property, but that doesn’t make it any less wrong in the rest of the world. I also realize this means that there is no way you could convince someone from this culture that they should give credit where credit is due. It is what it is, as they say.

            • admin

              Where is the other discussion?

              Unoriginal-Rice-Patty states “Honda does NOT ever institue a rolling code system and ONLY manufactures systems with static codes meaning there is NO layer of security.”. So whatever cars HackingIntoYourHeart was testing on clearly has only static codes, and no rolling code.

              I think Kevin deserves credit for his finding.

            • Robert

              Admin please remove these comments as DoctorStrange has clearly outed themselves as a racist and bigot.

              His comments attack the author and then later after he has to put his tail between his legs, double down on his baseless statements of playgerism.

              He should get a ban hammer.

              • JR User

                Agreed. “this kevin guy is confirmed out of china, so that pretty much guarantees he stole the idea anyway” – That’s a nasty generalisation Man!

                • DoctorStranger

                  Guys, I don’t have time to summarize my findings right now, but accusing me of being a “racist and a bigot” for saying what I said pretty much outs you as a paid chinese communist party troll. The comment about china is not racist nor “bigoted”, it is simple fact and anyone who has worked as an engineer over the past 2 decades is painfully aware of that fact. I work with engineers of all nationalities and we are all friends and all respect each other. I’m sorry that you haven’t gotten out into the real world yet and started creating things, but give it time and you will learn the same lesson about piracy from the country of china. On many projects, the amount of time spent on protecting a design and thwarting chinese piracy approaches the amount of time spent doing the base design itself. It has gotten quite ridiculous, and has gotten worse as time goes on, not better, because the chinese firms/companies/etc who do the copying have gotten better at cracking their way into every single uC. Now maybe you paid trolls should go back to commenting on youtube videos and stalking and harassing chinese expats who have fled to the USA.

                  • Robert

                    Definition of a Bigot: “a person who is obstinately or unreasonably attached to a belief, opinion, or faction, especially one who is prejudiced against or antagonistic toward a person or people on the basis of their membership of a particular group.” -Oxford English Dictionary. Literally what you are saying. You feel that because he’s Chinese he stole the work! Let’s break this down for you with the definition of Bigot:
                    – “a person” :: I will make the assumption that you are, in-fact, a person.
                    – “who is obstinately” :: You’ve stated multiple time that you are correct without regard for other’s opinions.
                    – “or unreasonably” :: We can Ignore this as you’ve qualified for “obstinately”.
                    – “attached to a belief” :: you are attached as per your statement, “it is simple fact and anyone who has worked as an engineer over the past 2 decades …” to this belief despite its broad and general nature.
                    – “option, or faction” :: you must understand this is not fact but an opinion. Red is red but liking the color red is an opinion. Kevin being Chinese is a fact, not thinking he can do his own work because he’s Chinese is an opinion.
                    – “especially one who is prejudiced against” :: You are clearly prejudiced since you’ve been an engineer over the past 2 decades.
                    – “or antagonistic” :: This thread is antagonistic…
                    – “towards a person” :: Kevin is also a person.
                    – “or people” :: Chinese are people
                    – “on the basis of their membership of a particular group” :: In this case Kevin’s membership in the Chinese group.

                    I hope this helps you understand where the term Bigot applies in your situation. Event if I was a paid comrade of the Great Chinese Communist party, this doesn’t negate that you are in-fact a MASSIVE BIGOT.

                    • DoctorStranger

                      Robert,
                      It’s really sad that you go right to identity politics like this. The kevin guy is not part of the “chinese group”, he is in china. Even in the USA, we are seeing news articles on a weekly to monthly basis about theft of intellectual property by chinese nationals residing in our country. The problem is well known. It is a cultural issue that will take a very long time to correct as chinese culture encourages this behavior, it does not discourage it. There is nothing “bigoted” about pointing this out; It is a simple fact, and I say it without malice or hate – If I had a chinese friend in the USA who thought this way, I would take the approach of a caring friend and help him see why it is wrong, and that alone is proof that I am not a “bigot”. Most of us engineers who have to deal with the chinese problem have no malice towards chinese people (even the ones in china!) even after decades of dealing with this – we simply sigh and hope that in time, their culture changes for the better. They are people just like us. Try to imagine what it is like to grow up in a culture that encourages this type of behavior! You would see nothing wrong with it. That does not excuse your behavior if you steal someone’s idea, but it definitely should afford you some patience from people who know better. The only way to address the problem is to be frank and to the point, and address the problem “head on”. You and your “you’re a bigot!” thought process does nothing to help the problem – In fact, your way of approaching this only makes it worse, and that is disrespectful towards chinese people in general. You should never be afraid to point out problems and faults of others in a pragmatic way, in a way that serves to make them aware of the problem and what they are doing wrong. It sounds like you may be a subscriber to this new “woke” culture, and I think you need to take a step back, become introspective, and look at how ridiculous you sound when you jump to these wild accusations. I would posit that the only bigot in this entire conversation, including all the other commenters, is you.

                    • Zelda64

                      This bigot comment is so funny, especially the “obstinately or unreasonably attached to a belief, opinion, or faction” part – This means that all these people still wearing masks are bigots, since they obstinately and unreasonably believe that masks can prevent the transmission of covid? LOL

  14. chad

    Rather than have people go get each part of the SDR# program why not just host a final Zip file with everything ready? Then just list what went into creating the Zip file (versions, links etc) so people are aware how the zip file was built.

  15. Agent Garbo

    I have a Honda and I am not overly concerned about this.
    All they could do is open the door or start the car (but not drive off with it) and a brick will do pretty much the same thing and works on all brands.
    I just can’t see roving bands of ‘youts’ carrying transmitter capable SDRs.

    However, If I had a Kia or Hyundai, which can be started and driven away with a USB-A cable, I would be much more concerned.

    • Cya

      What if you have full trunk of stuff and stop by for quick shop or restroom and come back to see all your stuff is gone (laptop, camera, personal/work stuff)??

      • Doctor Stranger

        If you are in many of the large (i.e. “blue”) city in the USA, you have a near 100% chance of getting your car broken into if it looks like a rental, or you look like a businessman. I am absolutely sick to death of it. If you want to see what I am talking about, go to SF bay area, look like you work in the area, and park your car in the middle of a restaurant or plaza parking lot and give it an hour or so. The security guards you see in the parking lot are a decoration, don’t expect them to affect the outcome. Leave an empty backpack on the floor of the car and it will be gone in minutes sometimes. In these cases, the only thing I know of that works really well is having one of these hardened storage cases in your trunk. Looks sort of like those tool boxes that guys put on the back of pickups, uses a stout lock, bolted to the unibody. However, if the car is a Kia (as mentioned above), or other easily stolen vehicle, then securing something inside the car is a moot point.