Tagged: rtl2832

RadarBox Optimized ADS-B Antenna + RTL-SDR Bundle 15% Off Sale

Over in our store we're currently selling a RadarBox branded bundle that includes an ADS-B optimized antenna with 10 meters of coax, and an ADS-B optimized RTL-SDR dongle. RadarBox24 is an ADS-B aggregation flight tracking service similar to other services like FlightRadar24 and FlightAware. The set is RadarBox branded, but it can be used with any tracking service, or just for your own ADS-B station.

The bundle is now on sale with 15% off! This brings the price of this bundle down to $42.45 plus shipping. The sale will last until 19 September and only while stocks last.

To purchase please visit our store and scroll down to find the RadarBox bundle Add to Cart button.

The antenna has 7 dBi gain, 50 (+-5) Ohm impedance, and is made from fiberglass and aluminum. It is fully waterproof and outdoor rated with 10 meters of coax cable and includes mounting clamps. The RadarBox RTL-SDR is specifically optimized for 1090 MHz ADS-B reception with it's built in filter and low noise amplifier.

The bundle ships out once per week and tracking is provided 1-2 days after shipping.

RadarBox Bundle: Includes 1x Outdoor ADS-B Antenna, 1x ADS-B Optimized RTL-SDR
RadarBox Bundle: Includes 1x Outdoor ADS-B Antenna AND 1x ADS-B Optimized RTL-SDR

Using a HackRF SDR to Sniff RF Emissions from a Cryptocurrency Hardware Wallet and Obtain the PIN

At last years Chaos Communication Congress (35C3) Conference, leveldown security presented their findings on multiple security vulnerabilities present in cryptocurrency hardware wallets.  Cryptocurrency is a type of digital asset that relies on computers solving cryptographic equations to keep the network trusted and secure. Popular cryptocurrencies include Bitcoin, Ethereum and Ripple. To access your cryptocurrency funds on a computer, a software application called a wallet is used.

However, if a computer holding a wallet is compromised, it is possible that the wallet could be opened by a hacker and funds transferred out. To improve security, hardware wallets are available. These are USB keys that require you to enter a PIN on the key before the funds can be accessed. If the USB key is not inserted and activated by the PIN, the wallet cannot be opened.

All electronic devices including hardware cryptocurrency wallets unintentionally emit RF signals. One possible attack against a hardware wallet is to analyze these RF emissions and see if any information can be obtained from them.  The team at leveldown found that the Ledger Blue cryptocurrency wallet in particular has a flaw where each PIN number button press emits a strong RF pulse. By using a HackRF and machine learning to analyze the unintentional RF output of each button press, the team was able to retrieve the PIN number with only RF sniffing from more than 2 meters away.

To do this they created a GNU Radio flowchart that records data from the HackRF whenever an RF pulse is detected. A small Arduino powered servo then presses the buttons on the wallet hundreds of times, allowing hundreds of RF examples to be collected. Those RF samples are then used to train a neural network created in Tensorflow (a popular machine learning package). The result is a network that performs with 96% accuracy.

If you're interested in exploring other unintentional RF emissions from electronics, check out our previous post on using the TempestSDR software to spy on monitors/TVs with unintentionally emitted RF, and the various other posts on our blog on this topic.

Andreas Spiess Explains Software Defined Radio in YouTube Video

Over on YouTube Andreas Spiess has uploaded a video titled "How does Software Defined Radio (SDR) work under the Hood?". The video is an entertaining introduction to how software defined radio works and begins from the beginning by explaining how basic analogue radios work with components such as modulators, demodulators, frequency generators, mixers and filters. After the basics he goes on to explain the digitization of radio signals that occurs in SDRs, and gives an introduction ADCs and how IQ sampling works.

Later in the video Andreas shows various applications for SDRs, discusses various SDRs on the market like RTL-SDR, HackRF, SDRplay, LimeSDR and PlutoSDR and introduces GNU Radio Companion and other SDR programs from our big list of software post.

How does Software Defined Radio (SDR) work under the Hood?

Hacking Iridium Satellites With Iridium Toolkit

Over on YouTube TechMinds has uploaded a video showing how to use the Iridium Toolkit software to receive data and audio from Iridium satellites with an Airspy. Iridium is a global satellite service that provides various services such as global paging, satellite phones, tracking and fleet management services, as well as services for emergency, aircraft, maritime and covert operations too. It consists of multiple low earth orbit satellites where there is at least one visible in the sky at any point in time, at most locations on the Earth.

The frequencies used by the older generation Iridium satellites are in the L-band, and the data is completely unencrypted. That allows anyone with an RTL-SDR or other SDR radio to decode the data with the open source Iridium Toolkit. If you're interested in how Iridium Toolkit was developed, see this previous post about Stefan "Sec" Zehl and Schneider's 2016 talk.

In the video Tech Minds shows decoding of various data, including an audio call and the satellite tracks and heat map of Iridium satellites.

Hacking Iridium Satellites With Iridium Toolkit

KerberosSDR Batch 2 Ships Soon! Pricing will Rise on Monday

KerberosSDR Batch 2 will begin shipping very soon! Thank you to all who have supported this project so far. If you didn't already know KerberosSDR is our experimental 4x Coherent RTL-SDR product made in partnership with Othernet. With it, coherent applications like radio direction finding (RDF), passive radar and beam forming are possible.

We just wanted to note that this Monday the reduced preorder pricing of US$130 + shipping will end, and the price will rise to the retail price of $149.95 + shipping. So if you have been thinking about ordering a unit, now would be a good time. Ordering is currently possible through Indiegogo. On Monday we will change to our own store. EDIT: Now available to purchase on the Othernet Store.

For shipping, US orders will be sent domestically from Othernet's office in Chicago. They are still waiting on the US shipment to arrive, but it is expected to arrive by the end of next week. Once shipped locally you will receive a shipment notification.

For international orders, the packages are being labelled now, and should be going out early next week, or sooner.

KerberosSDR Inside and Outside the Enclosure
KerberosSDR Inside and Outside the Enclosure

Future Updates to KerberosSDR

With the profits raised from KerberosSDR sales we are looking to continue funding development on the open source server software and visualization software being created (as well as applying updates ourselves). In future updates we will be looking at features such as:

  • Streamlining the sample and phase sync calibration process.
  • Experimenting with software notch filters for calibration (may reduce the need to disconnect the antennas during calibration).
  • Reworking the buffering code for improved sample ingestion performance and increased averaging.
  • Direction finding and passive radar algorithm improvements.
  • Creating a networked web application for combining data from two or more physically distributed KerberosSDRs over the internet for immediate TX localization.
  • Updates and bug fixes for the Android mobile direction finding app for use in vehicles.
  • Improving passive radar to be able to use all four RX ports for surveillance so that larger areas can be covered.
  • Plotting passive radar pings on a map.
  • Beginning experimentation with beam forming.
  • In the farther future we hope to eventually have even more clever software that can do things like locate multiple signals in the bandwidth at once, automatically plot them on a map, and track them via their unique RF fingerprint, or other identifiers.
  • Future hardware updates may see more streamlined calibration and smaller sizes.
KerberosSDR Android App for Direction Finding
KerberosSDR Android App for Direction Finding

RTL-SDR Blog V3 X-Rayed

Over on Reddit user u/isysopi201 has put up a fun post showing what an RTL-SDR Blog V3 looks like under an X-Ray machine. With the full resolution images, it is possible to see the PCB traces in internal planes, the windings on the electrolytic capacitor, inductors, USB choke and direct sampling matching transformer, as well as the bond wires on the RTL2832U and R820T2 silicon chips that connect the pins to the silicon.

The clearest image appears to be this contrast enhanced image. A short video of the V3 rotating in X-ray vision has also been uploaded to YouTube.

X-Ray Zoom In on the RTL2832U Silicon Chip.
X-Ray Zoom In on the RTL2832U Silicon Chip.

Cleanly Embedding an RTL-SDR in an FT-991A With No Extra Cables

GPIO Pins Used on the RTL-SDR Blog V3
GPIO Pins Used on the RTL-SDR Blog V3

Thank you to Rodrigo Freire (PY2RAF) for submitting his project that has cleanly turned a standard Yaesu FT-991A ham radio into an RTL-SDR based software defined radio panadapter with no external wires, hubs or dongles.

Rodrigo's system consists of an IF tap amplifier+filter board that is connected to an internally mounted RTL-SDR. The RTL-SDR is internally connected to the FT-991A's USB hub which had to be upgraded from a 2-port hub to a 4-port hub as the 2-ports were already in use by the CAT and Audio features. This required the stock USB hub IC to be replaced with a hot air rework station.

Everything is mounted inside the radio chassis itself, and the end result is a neat solution with no external wires, hubs or dongles that has essentially turned the FT-991A into an SDR. Plugging in the single stock USB cable from the FT-991A results in the standard CAT and Audio interfaces showing up, as well as the RTL-SDR.

What's also interesting is that Rodrigo makes use of the GPIO pins on our RTL-SDR Blog V3 to enable the RX_EN, BPF and BYPASS switches on the IF tap board. This allows for a cleaner solution as no external switches need to be installed.

The entire project is open source with schematics and the BOM provided over on the GitHub, and excellent documentation is available on the project's Wiki.

FT991A Converted into an SDR.
FT991A Converted into an SDR.

Turning FT-991A to a REAL SDR: Embedding a SDR Panadapter INSIDE the radio, no extra wires!

SignalsEverywhere: Harold’s Mobile SDR Vehicle Load Out for Amateur Radio

This week on the SignalsEverywhere YouTube channel Harold shows us the mobile SDR and ham radio setup that he's installed on his car. On the roof of his car he's installed several antennas for various amateur radio bands including the 1.25m, 2m, 70cm, 33cm bands, a modified GPS puck antenna for Inmarsat and Iridium reception, and an antenna and GPS pick dedicated for APRS.

Inside the vehicle is a Windows tablet attached to the dashboard which is used for APRS, remotely controlling a scanner radio stored in the trunk and for running SDRSharp. There is also an Android unit installed in the center console which has an RTL-SDR connected. The Android unit runs RF Analyzer, and an ADS-B decoder. As well as SDRs, Harold also runs several standard ham radios within the vehicle.

Amateur Radio Mobile SDR Load Out | SDR Plus 33cm 70cm 2m 1.25m and more!