Tagged: hackrf

Spectrum Slit: A Wall Art Display That Visualizes Wi-Fi Activity via a HackRF

Over on YouTube, RootKid, who specializes in creating engineering-based art projects, has developed an interesting wall-mounted art display panel that visualizes Wi-Fi activity by using a HackRF as the monitoring software-defined radio. The display uses a Raspberry Pi, a HackRF, and a custom-made LED light bar. The HackRF receives a 5 GHz Wi-Fi channel, and the Pi translates this into activity on the LED display, creating a visual piece that lets those around know when Wi-Fi activity is high.

The idea is to show that "we live surrounded by ghosts of our own making", which refers to the invisible storm of electromagnetic signals that we created to serve us in our modern lives.

If you are interested in other projects that combine SDR and art, you might enjoy our posts on HolyPager, Hystérésia, Signs of Life, Ghosts in the Airglow, and Open Weather.

I built a light that can see radio waves

Mykola: A New Fast Multichannel Scanner Application for RTL-SDR, Airspy and HackRF

A new multichannel SDR scanner application called 'Mykola' has recently been released by a Ukrainian programmer with the same name as the application. A scanner application allows users to scan a much wider bandwidth than the SDR's instantaneous bandwidth, while automatically searching for active signals.

Mykola advertises extreme scanning speed abilities, adaptive noise floor, and simultaneous demodulation of 3 channels (20 in the paid pro version). It currently supports RTL-SDR, Airspy R2, and HackRF SDR devices. Some of the other features include automatic normalization of the noise floor, audio panning, and support for Windows and macOS.

The application is free, but a pro version will be available in the future, which enables additional features such as stored channel scanning, recording, voice activation, CTCSS/DCS decoder, SDR migration, channel editor, and a base channel set. The pro version is not yet available, and pricing has not been announced. 

Features of the Mykola Scanning Software
Features of the Mykola Scanning Software
Mykola Scanner Interface
Mykola Scanner Interface

HackRF Pro Updates: Sensitivity and Noise Figure Measurements + Free Stuff Program

Over on the Great Scott Gadgets blog, Mike Walters, one of the team behind the HackRF Pro has uploaded a post detailing the HackRF Pro's sensitivity and noise figure measurements.

If you are unaware, the HackRF One has long been a core staple in the SDR community. While it is not classed as a high-performance SDR for optimized reception, it is one of the most versatile hacker/experimenter SDR's on the market with a wide frequency range, wide bandwidth and RX and TX capability. The soon-to-be-released HackRF Pro is an upgrade from the original HackRF One.

The measurements by Mike show that the HackRF Pro has significantly lower noise figure across all frequencies compared to the HackRF One. A lower noise figure equates to improved receiver sensitivity. However, although improved, the noise figure is still high enough that you'll probably want to use a low-noise amplifier (LNA) for optimizing reception of weaker signals. 

HackRF Pro vs HackRF One Noise Figure Measurements
HackRF Pro vs HackRF One Noise Figure Measurements

Mike also confirms the noise figure improvements equate to improved real world performance by receiving ADS-B signals from aircraft, with the HackRF Pro showing increased range and doubling the number of messages received.

HackRF Pro (Blue) vs HackRF One (Red) ADS-B Range Comparison
HackRF Pro (Blue) vs HackRF One (Red) ADS-B Range Comparison

Also, in related news from a post a few days earlier, Maggie Way wrote about the Great Scott Gadgets free stuff program. This program allows people in the open source hardware community to submit a request for free hardware from Great Scott Gadgets if they have intentions to use the hardware to spread education, support community projects, or contribute to open source projects or research

Demonstrating a Rollback Attack on a Honda via HackRF Portapack and an Aftermarket Security Solution

Over on YouTube "Obsessive Vehicle Security" has uploaded a video demonstrating a rollback attack against a Honda vehicle using a HackRF Portapack and the "Remote" function on the Mayhem firmware. His recent blog post also succinctly explains the various types of keyless vehicle theft used by modern thieves, including Roll-Jam, Relay Amplification and Rollback attacks. Regarding rollback attacks he explains:

A Rollback Attack works by capturing remote signals and replaying them. In theory this should not be possible with a rolling code remote system, however, a large number of vehicles are vulnerable to it. Including my 2015 Honda Vezel!

For it to work on the Honda I need to capture 5 consecutive remote signals. It does not matter if the car has seen these or not, when I replay them it re-syncs and unlocks the car. I have tested this and can replay the sequence as many times as I like. It always works.

He also mentions in the video how an aftermarket security system can partially mitigate these attacks.

In the past we also posted about Flipper Zero based rollback attacks.

Rollback Attack on Honda - HackRF One Bypasses Rolling Code Security

Two YouTube Reviews of the new PortaRF – A New HackRF Portapack Combo

Recently, OpenSourceSDRLab, a Chinese store and lab that sells existing SDR products, and some unique products of their own design, has started taking pre-orders for their new "PortaRF" product

The PortaRF melds the HackRF and Portapack into a single PCB. They advertise it as an evolution of the PortaPack H4M, which is their popular clone of the original PortaPack, upgraded from the original. The PortaPack H4M has become one the most recommended HackRF PortaPack options on the market, even surpassing the original HackRF PortaPack, due to its high quality, excellent features, and significantly lower cost compared to the original.

The PortaRF features several improvements, including a larger 4" IPS screen compared to the 3.2" non-IPS screen on the H4M, increased flash storage from 1MB to 2MB, a higher internal battery capacity of 3000 mAh, and the addition of a new joystick control. Interestingly, OpenSourceSDRLab has also indicated that the production version may come with an AI module, which will allow the PortaRF to respond to voice commands.

The PortaRF is expected to ship around November 20, and it costs US$220, shipped from China. In comparison, the PortaPack H4M sells for US$165, shipped from China.

Recently, two reviews of the PortaRF were uploaded to YouTube. The first is by TechMinds, which provides an overview of the features and opens it up, showing the internals.

PortaRF - A NEW HackRF PortaPack Combo In One Single Board

The second review is from sn0ren who also reviews the features, and shows the internals. Sn0ren also makes some notes about his likes and dislikes with the new design.

HackRF Portapack Evolved? This is PortaRF

SignalsEverywhere Android Project Updates: Satellite Tracker, HackTV NTSC Transmitter, OBS To HackTV, PacketShare and More

Recently, Sarah Rose Giddings (aka SignalsEverywhere) has been actively developing several radio and SDR based projects for Android, and she would like to provide an update on them.

First, as mentioned in a previous post, Sarah has been developing APRS.chat, an online mailbox system for APRS messages sent over RF. She has also been making progress on various other projects, including various useful Android apps, which she has updated interested people on in her latest livestream.

Hangout Chat | Linux | HackRF NTSC Transmission | Android APPS and More!

Some of the links to the Android software she's working on have been provided below:

Works with Benshi Protocol Radios (VR-N76 UV-PRO etc)

Stuff Created After The Livestream

Help beta test Play Store Releases (Benshi Dash, Benshi Commander, APRS Chat): https://docs.google.com/forms/d/e/1FAIpQLSfNTrCBofQYam6f6CrZ8XxTxZw2vlOiaD6ehGs5NBOAbKkHWw/viewform?usp=header

Screenshots from Sarah's HackTV NTSC Transmitter
Screenshots from Sarah's HackTV NTSC Transmitter

TEMPEST-LoRa: Emitting LoRa Packets from VGA or HDMI Cables

University researchers from China have recently shown in a research paper that it is possible to maliciously cause a VGA or HDMI cable to emit LoRa compatible packets by simply displaying a full-screen image or video. This has potential security implications as a malicious program could be used to leak sensitive information over the air, completely bypassing any internet or air-gap security systems.

In the past, we have demonstrated that TEMPEST techniques can be used to spy on monitors and security cameras by analyzing the unintentional signals they emit. This research takes the idea a step further by determining what particular images need to be displayed to create a LoRa packet with data. 

In the paper, the researchers mention using either off-the-shelf LoRa devices or low-cost SDRs such as the HackRF to receive the packets. The advantage of the SDR method is that it allows for customization of the frequency and the use of LoRa-like packets, which can achieve even longer ranges and higher data rates. The team show that they were able to achieve a receive range of up to 132 meters and up to 180 kbps of data rate.

TEMPEST-LoRa Test Setup
TEMPEST-LoRa Test Setup
(Demo video) TEMPEST-LoRa: Cross-Technology Covert Communication

Michael Ossmann Gives A First Look at the HackRF Pro in YouTube Video

Recently, Great Scott Gadgets announced the upcoming September release of their HackRF Pro, an upgrade to their popular HackRF software-defined radio. 

On YouTube, Michael Ossmann, the founder of Great Scott Gadgets, has just uploaded a video explaining the improvements that the HackRF Pro will bring. Apart from the change from microUSB to USB-C, Michael demonstrates how the HackRF Pro has achieved improved performance by eliminating the DC spike and reducing the number of strong signal mirror images.

First Look at HackRF Pro