Tagged: rtl2832u

A Video Explaining LNA Noise Temperature Calculations

Over on YouTube Adam 9A4QV (creator of the LNA4ALL and other products) has uploaded a video that explains Friis formula for noise, using simple calculations and theory. These calculations explain why an LNA can significantly help reception on L-Band with an RTL-SDR. In his video he uses graphs and tables provided in this document released by the US Naval Academy. At the end of this post we attached images of the graph and table that he uses in the videos calculations for easy access.

The calculations show how the noise figure and gain of the first LNA in the system dominates the result. The final result of his video shows that using an LNA with a noise figure of 1 dB and 16 dB gain can give an improvement in SNR of about 7.8 dB over a standard RTL-SDR which has a noise figure of 6 dB. This is the improvement on L-band from simply placing the LNA by the dongle, and it does not take into account the extra improvement that could be had by placing it by the antenna, if a run of coax is used. The equations can also be adapted to other frequencies, and they show that as the frequency decreases, the effect of the noise figure of the LNA becomes less important.

ant_noiseratios

RTL-SDR Tutorial: Receiving and Decoding Data from the Outernet

NOTE: This tutorial is no longer valid as Outernet discontinued their L-Band service in late 2017. Please consult www.outernet.is for news on their latest delivery methods.

Outernet is a relatively new satellite service which aims to be a "library in the sky". Essentially their service is going to be constantly transmitting files and data like news and weather updates from geostationary satellites that cover almost the entire world. Geostationary means that the satellites are in a fixed position in the sky, and do not move over time. By simply pointing a small patch antenna at the sky (with LNA and RTL-SDR receiver), it is possible to download and decode this data from almost anywhere in the world. Their aim is to provide up to date information to users in locations with little to no internet (rural, third world and sea), or in countries with censored internet. It may also be of interest to disaster preppers who want an "off-grid" source of news and weather updates. It can kind of be thought as a kind of one-way download-only internet service.

Currently the L-band service is being tested, and while they are not yet sending actual Outernet files, they are already sending several daily test files like small videos, images and text documents as well as GRIB files for mariners. At a maximum you can expect to receive up to about 20 MB of data a day from their satellite. Previously they had C-band services but these required large satellite dishes. The C-band service is due to be discontinued at some point in the future.

In this guide we'll show you how to set up an Outernet L-band receiver with an RTL-SDR dongle. If you enjoy this guide then you might also enjoy our Inmarsat STD-C EGC Decoding Tutorial which has similar hardware requirements.

The Outernet demodulator running in Linux.
The Outernet demodulator running in Linux.

Continue reading

Tweet
Share
Reddit
Vote
Email

A Video Explaining LNA Noise Temperature Calculations

Over on YouTube Adam 9A4QV (creator of the LNA4ALL and other products) has uploaded a video that explains Friis formula for noise, using simple calculations and theory. These calculations explain why an LNA can significantly help reception on L-Band with an RTL-SDR. In his video he uses graphs and tables provided in this document released by the US Naval Academy. At the end of this post we attached images of the graph and table that he uses in the videos calculations for easy access.

The calculations show how the noise figure and gain of the first LNA in the system dominates the result. The final result of his video shows that using an LNA with a noise figure of 1 dB and 16 dB gain can give an improvement in SNR of about 7.8 dB over a standard RTL-SDR which has a noise figure of 6 dB. This is the improvement on L-band from simply placing the LNA by the dongle, and it does not take into account the extra improvement that could be had by placing it by the antenna, if a run of coax is used. The equations can also be adapted to other frequencies, and they show that as the frequency decreases, the effect of the noise figure of the LNA becomes less important.

ant_noiseratios

Tweet
Share
Reddit
Vote
Email

RTL-SDR Tutorial: Receiving and Decoding Data from the Outernet

NOTE: This tutorial is no longer valid as Outernet discontinued their L-Band service in late 2017. Please consult www.outernet.is for news on their latest delivery methods.

Outernet is a relatively new satellite service which aims to be a "library in the sky". Essentially their service is going to be constantly transmitting files and data like news and weather updates from geostationary satellites that cover almost the entire world. Geostationary means that the satellites are in a fixed position in the sky, and do not move over time. By simply pointing a small patch antenna at the sky (with LNA and RTL-SDR receiver), it is possible to download and decode this data from almost anywhere in the world. Their aim is to provide up to date information to users in locations with little to no internet (rural, third world and sea), or in countries with censored internet. It may also be of interest to disaster preppers who want an "off-grid" source of news and weather updates. It can kind of be thought as a kind of one-way download-only internet service.

Currently the L-band service is being tested, and while they are not yet sending actual Outernet files, they are already sending several daily test files like small videos, images and text documents as well as GRIB files for mariners. At a maximum you can expect to receive up to about 20 MB of data a day from their satellite. Previously they had C-band services but these required large satellite dishes. The C-band service is due to be discontinued at some point in the future.

In this guide we'll show you how to set up an Outernet L-band receiver with an RTL-SDR dongle. If you enjoy this guide then you might also enjoy our Inmarsat STD-C EGC Decoding Tutorial which has similar hardware requirements.

The Outernet demodulator running in Linux.
The Outernet demodulator running in Linux.

Continue reading

Tweet82
Share
Reddit
Vote
Email
82 Shares

Cloud-SDR: A Tool for Remotely Accessing SDR’s like the RTL-SDR and Airspy

Cloud-SDR is a new tool currently in beta testing which enables remote streaming access of SDR receivers, such as the RTL-SDR and Airspy. In a way it is similar to rtl_tcp in that it allows IQ samples to be streamed over the network, however Cloud-SDR appears to be a much more developed solution that can support more SDR’s and has many more features, as well as better performance. Cloud-SDR is not free, and during these beta stages of release the pricing does not appear to be public. However they have licences for personal/hobbyist use, which we assume will be reasonably priced. 

In this interesting post they describe various solutions for remote SDR access, and show why their Cloud-SDR solution is useful.

They describe their software in the following blurb:

Cloud-SDR can collect real-time IQ complex samples from an SDR hardware device connected on one machine, stream the samples to a second machine for demodulation or analysis, then send the resulting stream to third machine for storage.

In standalone mode, Cloud-SDR can execute signal processing tasks described with embedded JavaScript DSP engine.

Because network bandwidth is limited compared to SDR receiving bandwidth, the core concept of Cloud-SDR is to move the processing along the cloud to where it is required or possible : the DSP chain is divided in sub-tasks that are spread between computers interconnected through Internet.

For example a “signal scanner” application can be programmed with a script and stored on the SDR server for execution. Only found signals will threshold stream transmission through the TCP/IP network. Remote Client will only receive the IQ stream if a signal is detected by the DSP task. In “cloud mode”, the same script can be broadcasted to several SDR nodes located at different places, enabling parrallel signal search.

Server software SDRNode receives IQ streams from the different SDR hardwares, extracts the different bands, processes them and transmits the RF data using compression algorithms to limit TCP/IP network bandwidth.

Cloud-SDR-Big

Currently the hardware supported includes:

  • RTL SDR dongles
  • Perseus SDR
  • BladeRF x40 or x120
  • HackRF
  • AirSpy
  • SDRPlay (under work)
  • USRP UHD (Pro version only)
  • LimeSDR (Pro version only)

On their site they have some tutorials uploaded already. One tutorial shows how to remotely listen to airport radio with a remote Airspy, and one shows how to set up a dual-RTLSDR remote access system. This allows two RTL-SDR’s to be used together, with one streaming directly from the antenna, and the second streaming via an upconverter.

Sharing Two RTL-SDR's with CloudSDR.
Sharing Two RTL-SDR’s with CloudSDR.

There are also several examples of the Cloud-SDR in action over on the authors YouTube channel.

Tweet34
Share
Reddit
Vote
Email
34 Shares

Several Performance Upgrades Made to the Latest Versions of SDR#

Recently the popular SDR# (SDRSharp) software has had several improvements made to it (changelog). One of the most noticeable improvements is a decent reduction in the amount of CPU usage required by the software. We tested the new version on an i7 CPU and compared it against an older version using an Airspy. We saw 12% CPU usage on the older version and 7% on the newer version. With the RTL-SDR the older version showed 5% CPU usage which reduced to 3% on the newer version. Using an older i5 PC resulted in even larger improvements, going from about 35% CPU on the older version down to 25% or lower usage on the new version with the Airspy. The improvements are especially noticeable when decimation is used with the Airspy. These performance updates may help users on older PC’s and tablets run the software, or help users who run many programs at one time. The SDR# author is also testing out a 64 bit version of SDR#, which may be released in the future.

Recent versions over the past few months have also made improvements to the included noise blanker plugins and they have also added a default band plan plugin which shows the various frequency bands visually on the FFT spectrum.

Showing the very low CPU usage obtainable with the latest SDR# versions.
Showing the very low CPU usage obtainable with the latest SDR# versions.
Tweet12
Share
Reddit
Vote
Email
12 Shares

Talk: Decoding Data from Iridium Satellites

At this year’s hacker themed Eleventh Hope conference, Stefan “Sec” Zehl and Schneider gave a talk which discusses their latest work on decoding data from Iridium satellites using SDR’s. Iridium is a truly global satellite service which provides various services such as global paging, satellite phones, tracking and fleet management services, as well as services for emergency, aircraft, maritime and covert operations too. There are currently 72 operational satellites operating.

In their talk they discuss how Iridium security is moderate to relaxed, pointing out that Iridium claims that the majority of ‘security’ comes from the complexity of the system, rather than actual security implementations. They then go on to discuss how the Iridium system works, how to receive it with an RTL-SDR or HackRF/Rad1o, how the gr-iridium decoder implementation works, and how to use it to actually decode the data. Later in the presentation they show some interesting examples such as an intercepted Iridium satellite phone call to a C-37 aircraft.

Iridium Satellite Hacking - HOPE XI 2016

Tweet128
Share
Reddit
Vote1
Email
129 Shares

USBee: Leaking Data from Air-Gapped Computers and Receiving it with an RTL-SDR

This Monday researchers from Ben-Gurion University of Negev released an academic paper detailing their research in showing how attackers could cause your PC to wirelessly leak data. They write that usually covertly modified USB devices are required to leak data, as is the case with the NSA’s COTTONMOUTH device which is detailed in their ANT catalog. However, the innovation from these researchers is that their own implementation can be used to turn any unmodified USB device into a make shift transmitter.

The attack works by first infecting a computer with their malware software. The malware then utilizes the USB data bus to create electromagnetic emissions on a connected USB device. In these tests they use a USB flash drive and write a file to the device in such a way that the emissions produced are transmitting decodable data. They write that any binary data can be modulated and transmitted to a nearby receiver, such as an RTL-SDR dongle. Data rates can reach up to 80 bytes/s.  The data is modulated with binary frequency shift keying, and their receiver code is implemented in GNU Radio.

This story has also been featured on arstechnica and threatpost. The video below demonstrates the attack.

USBee: Jumping the air-gap with USB

Tweet10
Share
Reddit
Vote
Email
10 Shares

Three New Reviews of our V3 RTL-SDR using the HF Direct Sampling Mode

Recently this week three new reviews of our RTL-SDR V3 came out, all reviewing its operation on HF frequencies.

In the first review Mike (KD2KOG) reviews the dongle and provides a video of it in action in SDR# receiving AM and SSB signals. (Update: Sorry the video has been removed)

In the second review Gary (W4EEY) posts a review to swling.com and provides various screenshots of the dongle in action in HDSDR.

Finally over on YouTube user Johnny shows the dongle running in CubicSDR and listening to various SSB signals. (Video Removed)

 

Tweet
Share
Reddit
Vote
Email

Using an RTL-SDR to Listen to Superhet Radio’s Unintentional Emissions

Recently two students (Léo Poughon and his friend Thomas Daniel) wrote in to let us know about their work with SDR’s for their school project. Their project was to try and repeat the work of “Operation RAFTER” which was a technique use by MI5 in the 60’s to find hidden soviet spy radio equipment. Essentially, all superhet radios (almost any consumer radio is of the superhet design) will emit unintentional emissions from its local oscillator. By tuning to these unintentional emissions, and then emitting your own signal, it is then possible to know what frequency a radio is listening to.

They write the following:

As a french student (sorry for my bad english) in Higher School Preparatory Classes, I (and a friend) had to work with a rtl-sdr dongle for a school project. We tried to do, with the help of amateur radio near Toulouse (F6GUS, his club F5KUG) the same thing as the “RAFTER Operation” (https://en.wikipedia.org/wiki/Operation_RAFTER ) did during the 60′ : hearing at unintentional electromagnetic emissions coming from a widely-used consumer superhet receiver.

So because of its structure, a superheterodyne receiver (i.e. listening at FM broadcast) spreads some unintentional radiations due to the local oscillator upstream the mixer. Anybody with a suitable receiver (for example any rtl-sdr based dongle) can receive these emissions. Because of standards, in most FM radio the local oscillator (that is what the user actually tune) is tuned at the frequency he wants to listen plus 10.7 MHz. So if somebody in the close neighborhood is listening at a broadcast at 100 MHz, you will be able to “receive” its local oscillator at 110.7 MHz. (Please note it may be illegal in some countries to listen at these bands)

What is interesting is to know if a signal you receive at these frequency is actually coming from a radio receiver. During the RAFTER Operation, MI5 broadcast on the band they thought to be heard by soviet spies, and then listened for “the change in the superhet tone” to identify them.

We was able to receive with RTL-SDR the Local Oscillator of a superhet receiver we own.

rafter_1

We can see that the frequency isn’t stable on most of the time (the receiver was tuned to “France Info”, a french public station), but becomes stable sometime (when there is a “blank” between two news) : the frequency of the local oscillator “follows” what the superhet receiver demodulates.

Among other factors, a variation of the supply voltage of the local oscillator can make its frequency slightly shift. So we established experimentally a link between the supply voltage of our radio receiver and what is broadcast via the speaker (because when a speaker is using electrical current, the supply voltage slightly varies).

rafter_2

On the top, the HP voltage, and behind there is the supply voltage. Then, we saw that voltage variations could make the frequency to vary

capture du 2016-04-05

Here we supply the receiver (with a low frequency generator) making the supply voltage slightly varying and plot the frequency of local oscillator with a Python script we made.

Then, listening at the radio receiver local oscillator with GQRX and our RTL-SDR dongle, demodulating it with “narrow FM” demodulation and adapted parameters, we could hear with the PC (and obviously with poorer quality) what the radio receiver was listening at.

With the stock antenna we could hear at our radio only a dozen meters away, but with a homemade very low quality discone antenna we could receive it on another building, 60 meters away of our antenna. The ability to listen more or less the local oscillator broadcast depends also of the shielding of the radio receiver, its price (because a cheap radio will have a bad power supply and so its local oscillator frequency can “follow” what the speaker is telling, allowing us to “listen” at the local oscillator spike) and how you supply it (with the power grid or with batteries).

To conclude, we could (more or less depending on the previously cited parameters) know what a radio receiver in the neighbourhood was listening to using a RTL-SDR.

Tweet8
Share
Reddit18
Vote
Email
26 Shares