AIS (Automatic Identification System) is the VHF protocol on ~162 MHz that ships use to broadcast position, speed, heading and identity, and it's long been a popular decoding target for RTL-SDR owners.
Feeder networks like MarineTraffic and AISHub have relied on volunteer receivers for years, but a newer project called MastChain applies the DePIN (Decentralized Physical Infrastructure Network) model, similar in spirit to Helium, to maritime tracking. Independent operators run their own stations, feed decoded AIS into a shared distributed network, and earn crypto MAST tokens in return, with rewards based on coverage, uptime, and data consistency.
We wanted to thank "depinguy" who has shared with us a write-up on Medium that walks through a build using a Raspberry Pi 3 or 4, an RTL-SDR Blog V4, and a marine-band antenna (optionally with a Uputronics filtered preamp). Installation is handled by a one-line script called MastControl, which deploys AIS-catcher (branded "MastRadar" here) and configures automatic uploads. You create an account at app.mastchain.io, generate a station token, paste it into the installer, then verify with sudo mastcontrol status. We also note that maritime industry publication Spash247 has also recently covered Dan's post.
We note that MastChain is the new name for WAKE, which we covered back in 2025.
As with anything crypto-related, we recommend experimenting only for the fun of it and not expecting to even recoup your hardware costs, as this has been the case with many hardware-based crypto projects before.
Over on GitHub, Martin (mgrone) recently released stream1090, a new open source C++ Mode-S demodulator that takes a fundamentally different approach to finding aircraft messages. Rather than searching for the traditional preamble pulse sequence as dump1090 and readsb do, stream1090 continuously maintains shift registers and identifies valid messages based on their CRC checksum. In busy airspace where preambles can be corrupted by overlapping signals, this approach theoretically cannot miss a message as long as the data itself is intact. Since the CRC is always being computed, it can also be used for single-bit error correction.
The software supports both RTL-SDR and Airspy dongles. It's lightweight enough to run on a Raspberry Pi Zero 2W. Stream1090 is a demodulator only, designed to pipe output into readsb or dump1090-fa via socat, slotting into your existing ADS-B stack as a drop-in replacement for the demodulation stage.
If you have an ADS-B station in a high-traffic area, let us know if Stream1090 increases your message rate! There is also a discussion about it on FlightAware, where many people have indicated that they are getting great results.
Joel (jLynx), known for his work on the HackRF Mayhem firmware, has released an open-source project called BrowSDR that turns a HackRF or RTL-SDR into a fully browser-based SDR receiver. The application connects to your SDR directly via WebUSB and uses a high-performance Rust/WebAssembly DSP pipeline running in Web Workers for smooth, real-time spectrum and waterfall display. It supports WFM, NFM, AM, SSB, CW, and raw IQ demodulation, along with RDS decoding and POCSAG pager decoding. A standout feature is the ability to open unlimited simultaneous VFOs, each with independent demodulation and DSP settings, with the developer having tested up to 62 running at once.
The real killer feature is remote access. Using WebRTC, you can share your locally connected SDR and access it from anywhere in the world through a browser with no server setup required. BrowSDR also includes built-in Whisper AI transcription that can live-transcribe audio from each VFO independently. The project currently supports HackRF, HackRF Pro, and the RTL-SDR Blog V4, with AirSpy and LimeSDR support coming soon. It also works on Android devices with a USB-C cable. BrowSDR is open source under the AGPL-3.0 license and a live demo is available at browsdr.jlynx.net.
Our Discovery Drive campaign is currently being crowd-funded on Crowd Supply. Please consider ordering a unit if you are interested in a high-quality, low-power, and portable antenna rotator. Below is an update from the campaign exploring a potential use-case for measuring antenna gain patterns:
In this update, we’ll examine an alternative use case: measuring antenna gain radiation patterns.
One interesting use of a capable Az/El rotator is to measure the radiation pattern of various antennas. This is normally done in an anechoic chamber, but if you have a large enough open space, it can be done cheaply with a rotator and signal source.
To test this as a proof of concept, we used Claude code to very quickly create a tool that could help us create an antenna pattern plot. The software tool simply rotates the antenna on the Discovery Drive one step at a time, measures the SNR using an RTL-SDR, and plots the reading on a graph. To be clear, this simple setup is not providing any sort of calibrated readings, but it will at least give you an idea of what the radiation pattern and performance of an antenna looks like.
In our test, we mounted a TV Yagi on the Discovery Drive and used our software to plot the radiation pattern at 433 MHz. As expected from a Yagi, we see higher gain at the front and lower gain at the rear.
Antenna Gain Results
Due to a lack of a suitable open area, this test was performed in a small backyard and, hence, the radiation pattern is a little lopsided due to multipath. In this test, we also used a simple omnidirectional antenna for the signal source, which exacerbated the multipath. A way to improve this test would be to use a directional antenna on the transmit side, too.
We will release this open-source tool for others to play with, but please be aware that it was only created for proof of concept. However, if there is interest, we can continue to refine it.
Below is a photo of the physical setup. A HackRF with Portapack and whip antenna are mounted on a tripod a few meters away, while the Discovery Drive carries a Yagi antenna. As the Discovery Drive rotates the Yagi through 0 to 360° in azimuth and -30 to 90° in elevation, it measures the received power at each step.
I actually started down this path as an "interest". There was a Ham radio Technical Interest Group I was planning on attending a meeting. I had already wanted to convert my Raspberry Pi into a fallback radio receiver for potential internet outages and listening to storm chasers on SKYWARN. Now I have the "v4" dongle, and a full end-to-end SDR solution. !Spoilers, I'm releasing a native smart phone client soon.
The RTL2832U chipset has powered affordable software-defined radio for over a decade. The reference driver, librtlsdr, was written in C around 2013 and follows the same architectural pattern it always has: a blocking callback loop, manual buffer management, and a programming model that predates modern async runtimes by years.
rtlsdr-next is a ground-up Rust rewrite. It exposes SDR data as a native Tokio Stream, ships a zero-allocation DSP pipeline, and has first-class support for the RTL-SDR Blog V4 — a newer hardware variant the upstream driver handles correctly but never cleanly abstracted. The result is faster, safer, and substantially easier to build applications on top of.
1.49 GiB/s IQ conversion on Pi 5 · ~45ms frequency switching (was ~270ms with 20 I2C toggles) · 0 allocations in the streaming hot path
Why rewrite it at all?
The C driver works. Millions of people run it daily via OpenWebRX, GQRX, SDR++, and friends. But its architecture creates friction at every layer: the callback-based stream makes backpressure impossible to reason about, the I2C bus is hammered with redundant open/close cycles, and the conversion routine uses a 256-entry lookup table whose cache pressure eats into throughput on modern out-of-order cores.
More practically: trying to integrate librtlsdr into a modern async Rust application means spawning a dedicated thread, wrapping callbacks in channels, and handling all the lifetime gymnastics manually. For every project that does this, someone reinvents the same boilerplate. There are plenty of Rust "wrappers" out there That exemplifies this.
The stream architecture
The primary interface is a standard async stream. A SampleStream wraps a background USB reader thread that feeds raw IQ bytes into a tokio::mpsc channel. The F32Stream layer sits on top and handles conversion, decimation, DC removal, and AGC — all in a single pipeline with no intermediate heap allocations.
let mut stream = driver.stream_f32(8) // ÷8 → 256 kSPS
.with_dc_removal(0.01)
.with_agc(1.0, 0.01, 0.01);
while let Some(Ok(iq)) = stream.next().await {
// interleaved f32 I/Q, ready to demodulate
}
The blocking USB read thread never touches the async runtime. Sample delivery to async consumers happens entirely through the channel, and the PooledBuffer type ensures the backing buffers are returned to the pool via Drop — no explicit lifecycle management needed at the call site.
SampleStream — Blocking USB thread → tokio::mpsc channel. Pre-allocated buffer pool. Flush-on-tune via broadcast::Sender.
F32Stream — Convert → decimate (FIR) → DC remove → AGC. Processes split I/Q in-place. No per-block allocation.
PooledBuffer — Returns buffer to pool on Drop. try_send with blocking fallback thread — the pool never silently starves.
BoardOrchestrator — V4Orchestrator / GenericOrchestrator produce a TuningPlan. Board logic never leaks into chip drivers.
The I2C repeater optimization
Every register write to the R828D tuner chip goes through an I2C bridge in the RTL2832U. The bridge must be explicitly opened and closed around each transaction. In a naive implementation — which is what the reference driver does — every call to set_frequency independently opens and closes the repeater for each register write.
A full frequency switch involves setting the PLL, MUX, filter coefficients, and various control registers. That adds up to roughly 20 open/close cycles, and each one costs ~13ms of USB round-trip time.
The fix: a single with_repeater(|| { ... }) closure that holds the bridge open for the entire mux + PLL sequence. One open, one close, all the work done in between.
// Before: ~20 repeater toggles ≈ 270ms
self.set_mux(hz)?; // 10 writes, each with open/close
self.set_pll(hz)?; // 10 writes, each with open/close
// After: 1 repeater toggle ≈ 45ms
self.with_repeater(|| {
self.set_mux_raw(hz)?;
self.set_pll_raw(hz)?;
Ok(())
})?;
The distinction between write_reg_mask (opens and closes the repeater itself) and write_reg_mask_raw (no repeater toggle, must be inside a bracket) is enforced by convention throughout the codebase. Any raw variant called outside a bracket is a bug that surfaces immediately as a timeout rather than silently returning stale data.
Converter throughput
librtlsdr converts raw IQ bytes to float via a static 256-entry lookup table. It is a reasonable approach from an era when float math was expensive and cache was plentiful. On the Cortex-A76 inside the Pi 5, the situation is inverted: the NEON FPU is underutilized and random-access table reads create cache pressure that limits throughput.
The arithmetic equivalent — (x as f32 - 127.5) / 127.5 — is computed in two instructions per sample and is trivially auto-vectorized by LLVM. The compiler emits NEON FMLA instructions without any manual intrinsics.
Operation
librtlsdr (C)
rtlsdr-next (Rust)
Standard conversion (256KB)
172.32 µs · 1.42 GiB/s
164.35 µs · 1.49 GiB/s
V4 inverted conversion
256.07 µs · 976 MiB/s
170.81 µs · 1.43 GiB/s
FIR decimation ÷8
N/A
615 µs · 426 MSa/s
The V4 inversion case is a particularly notable optimization. librtlsdr implements it as a two-pass operation: first a full LUT conversion, then a second pass to negate every Q sample. The Rust implementation folds both into a single pass, processing I and Q pairs together and avoiding a complete re-read of the output buffer.
RTL-SDR Blog V4 specifics
The V4 is a substantial hardware revision. It ships with an R828D tuner (not R820T), adds an HF upconverter and a GPIO-switched triplexer, and has several initialization quirks that librtlsdr discovered through usbmon traces and EEPROM string detection.
The board logic is isolated entirely in V4Orchestrator. Given a target frequency, it returns a TuningPlan — the actual tuner frequency, whether spectral inversion is needed, which triplexer path to select, and whether the frequency falls inside a notch band. The R828D chip driver never touches a GPIO.
Notable quirks baked into the driver: the R828D responds at I2C address 0x74 rather than the R820T's 0x34; frequencies below 28.8 MHz are upconverted by adding the crystal frequency, and the resulting spectrum is inverted (Q = –Q). Every demodulator register write must be followed by a dummy read of page 0x0a register 0x01 — the hardware requires this as a flush sync, and omitting it causes subsequent control transfers to stall with a pipe error.
Built-in DSP pipeline
The dsp module ships a complete demodulation stack. The decimator uses a windowed-sinc FIR with NEON acceleration on aarch64, with a scalar fallback that LLVM auto-vectorizes on x86_64. The FM demodulator is a quadrature discriminator with configurable de-emphasis. AM uses a two-stage DC-subtraction envelope detector. SSB uses the phasing method with a 65-tap Hilbert transformer windowed with Blackman-Harris for high sideband rejection.
All demodulators maintain state across block boundaries — the history overlap buffer in the decimator ensures the FIR convolution is correct at every chunk edge, which is essential for continuous streaming.
Standalone servers
Two installable binaries ship alongside the library. rtl_tcp implements the standard RTL-TCP protocol and is compatible with OpenWebRX+, GQRX, and SDR++. websdr is a self-contained WebSocket SDR server with a full spectrum and waterfall UI embedded as a compiled-in HTML file — no separate web server needed. Both support TLS. The WebSDR binary accepts --cert and --key flags for wss:// connections, which are required by iOS App Transport Security when using a public domain.
OpenWebRX+ — confirmed working
GQRX — confirmed working
SDR++ — confirmed working
Corona SDR (iOS) — confirmed working
Getting started
cargo install rtlsdr-next
# Smoke test — run this first
RUST_LOG=info cargo run --release --example hw_probe
# Start an rtl_tcp server
rtl_tcp --address 0.0.0.0 --port 1234
# Start the WebSDR UI
websdr --address 0.0.0.0 --port 8080
On Linux, set up a udev rule for persistent USB access without sudo. On Windows, Zadig is required to swap the DVB-T driver to WinUSB — build works without it, but the USB runtime requires it at runtime.
Source on GitHub at github.com/mattdelashaw/rtlsdr-next. Licensed Apache 2.0. Benchmarks measured on Raspberry Pi 5 (aarch64) and AMD Ryzen 7600X (x86_64) with cargo build --release, no target-cpu=native.
Keep and eye out for the smart phone app release here: Spectral Bands
Over on his blog, cynicalGSD has written a detailed post about how he extended his home ADS-B flight tracking setup to also decode ACARS. His existing system runs an RTL-SDR dongle on a Raspberry Pi feeding a database and Flask web app. Adding ACARS required a second RTL-SDR and a separate VHF dipole antenna tuned for 129–131 MHz.
ACARS (Aircraft Communications Addressing and Reporting System) is a text-based datalink that has been in use since 1978, carrying short messages between aircraft and ground stations. It includes messages such as OOOI events (Out of gate, Off ground, On ground, Into gate), pilot weather reports, maintenance fault codes, and gate and fuel data. The key feature of their implementation is cross-referencing ACARS messages with existing ADS-B records via aircraft registration and ICAO hex address, enriching flight records with precise departure and arrival timestamps from the airline's own reporting system.
The full write-up covers the database schema, Python integration using acarsdec, gain tuning tips, and the Flask web interface. cynicalGSD mentions that the code is available for anyone interested, but we didn't see a link, so please comment on his post if you are interested.
Technical Summary of cynicalGSD's ACARS + ADS-B implementation.
Thank you to Cameron from BlackAtlas LLC for submitting their project GridDown, which is an open source Android tablet-based situational awareness system designed to operate without an internet connection. At its core, it appears to be a tablet with custom software, and then you can add sensors such as an RTL-SDR for ADS-B+Remote ID, a SARSAT receiver, and a Meshtastic ESP32-S3+SX1262 device. A demonstration of the UI can be found at https://griddown.blackatlas.tech.
Cameron writes:
[GridDown is] an offline-first situational awareness platform built for emergency preparedness, field response, and tactical operations in infrastructure-degraded environments — designed to work when cell towers are down, internet is unavailable, and operators are fully off-grid.
The platform is a Progressive Web App (~120,000 lines of vanilla JavaScript, no frameworks) that runs on Samsung Galaxy tablets, laptops/PCs, and works completely offline after initial setup. It's built by BlackAtlas LLC and is available for trial at https://griddown.blackatlas.tech.
The system has many facets to it, including:
Encrypted voice and text messaging via an ESP32-S3 with SX1262 LoRa transceiver
Passive RF sensing with the ESP32-S3 and SX1262.
Three passive drone detection methods: WiFi fingerprinting, FAA Remote ID reception, and 900 MHz control/telemetry link detection
Automatic gunshot detection via a ES7210 quad-channel I2S microphone on the ESP32-S3.
Automatic RF jamming detection
SARSAT beacon receiver
SSTV Encode/Decode
Meshtastic integration
APRS via Bluetooth TNC
ADS-B reception
RadioCode gamma spectrometer integration
Offline maps
ADS-B detection is handled by a Raspberry Pi 5 running an RTL-SDR Blog V4 dongle. Cameron writes:
The Pi connects to the tablet's built-in WiFi hotspot (no internet required — the hotspot functions as a local network only), and a Node.js bridge reads aircraft data from readsb and subscribes to the Remote ID receiver's MQTT output, then serves a unified WebSocket and REST API to the tablet. GridDown renders aircraft and drone tracks as heading-rotated silhouette icons on its offline map with altitude labels, age-based alpha fade, and emergency squawk alerting (7500/7600/7700). A 10,000 mAh USB-C PD battery provides approximately 5 hours of field runtime for the Pi.
The full setup script, hub bridge, and hotspot connection scripts ship with the project.
The software is dual-licensed, with it being open source GPL v3 (note that the GitHub link appears to be broken - we have asked for clarification) for non-commercial use, or a commercial licence for hardware bundles and business deployments.
Alternatively, BlackAtlas LLC is selling ready-to-use kits, with the core tablet coming in at $799. Other bundles include the Tablet + SARSAT receiver for $1,299, the Tablet + Meshtastic bundle for $1,299, and the Tablet + ADS-B/Remote ID bundle for $1,999.
The software presents as a web-based UI that allows users to manage satellite passes, view SDR waterfall data, decode basic signals such as GMSK telemetry, view telemetry packets, synchronize TLEs, manage multiple SDR devices, browse downloaded weather imagery, monitor DSP performance, and interface with antenna rotators.
Unlike tools such as SatDump, which focus primarily on signal processing and decoding, Ground Station acts as a higher-level orchestration platform. It automates the full workflow, handling pass prediction, SDR control, recording, and decoding, and integrates with SatDump for more complex protocols like weather satellite image decoding.
While SatDump does include some tracking and automation features, Ground Station takes this further with support for multiple SDRs, coordination across multiple stations, and a centralized management interface. It also includes an interesting AI-based speech-to-text feature for transcribing amateur satellite voice communications.
