Category: RTL-SDR

Using a TV Dipole Antenna for NOAA Satellite Reception

Over on YouTube icholakov has uploaded a video showing how effective a simple old TV bunny ears antenna can be at receiving NOAA satellite images. The old TV antenna is telescoping so it can be adjusted to be resonant for many frequencies, and for NOAA satellites about 20 inches makes it resonant. Using the antenna as a V-Dipole and placing it in a North to South direction optimizes the radiation pattern towards the sky, allowing for good reception of the NOAA satellite. Using it this way also helps to null out strong vertically polarized stations. More information on the V-Dipole can be found on our previous post where we posted about Adam 9A4QV’s idea to use the V-Dipole for satellite reception.

2017: TV Antenna vs. NOAA Satellite

Also related to this post is a sneak preview on our new product: We’ve also caught onto the idea that TV antenna dipoles are extremely versatile, and are in the final stages of releasing a simple telescopic dipole product similar to the TV antenna used in this video. It will be released as an antenna set that comes with some portable mounting solutions like a suction cup and bendy tripod, and 3M of RG174 coax so that the antenna can be used anywhere. Target price is $10 -15 USD incl. shipping from China. This will probably also replace the stock telescopic whip antenna currently used in our dongle sets since the telescopic dipole is simply much more versatile.

Skylark Image for Outernet’s Dreamcatcher RTL-SDR

About two weeks ago we posted our review of the Dreamcatcher, a new RTL-SDR and full ARM based computing platform built onto a single PCB. Back then the only OS available for it was a standard Armbian build, and no Outernet decoder was available. So we reviewed the Dreamcatcher with the Armbian OS and tested to see how well it worked as a general purpose RTL-SDR and computing platform.

Recently the Outernet team released a new build of ‘Skylark’ for their Dreamcatcher board. Skylark is their customized Outernet signal specific operating system that was available on the C.H.I.P. Skylark is essentially turnkey as it is much easier to setup and use. Just burn the image to an SDcard, insert the card, connect to the automatically generated Outernet WiFi hotspot on a PC or mobile device, and then browse to outernet.is to see the Skylark interface.

Unfortunately it is unclear how long some of the high bandwidth features such as the nice weather app may last. The Outernet Inmarsat L-band signal runs at a bandwidth of almost 20mB a day and appears to cost quite a bit of money to operate, so Outernet appear to be considering moving to a lower bandwidth signal in the near future. This will probably reduce content to data like text articles (news/APRS/Wikipedia/books) only. But even if it is text only it will still continue to be a very useful and interesting service.

Tweet23
Share38
Reddit
Vote
Email
61 Shares

Using a TV Dipole Antenna for NOAA Satellite Reception

Over on YouTube icholakov has uploaded a video showing how effective a simple old TV bunny ears antenna can be at receiving NOAA satellite images. The old TV antenna is telescoping so it can be adjusted to be resonant for many frequencies, and for NOAA satellites about 20 inches makes it resonant. Using the antenna as a V-Dipole and placing it in a North to South direction optimizes the radiation pattern towards the sky, allowing for good reception of the NOAA satellite. Using it this way also helps to null out strong vertically polarized stations. More information on the V-Dipole can be found on our previous post where we posted about Adam 9A4QV’s idea to use the V-Dipole for satellite reception.

2017: TV Antenna vs. NOAA Satellite

Also related to this post is a sneak preview on our new product: We’ve also caught onto the idea that TV antenna dipoles are extremely versatile, and are in the final stages of releasing a simple telescopic dipole product similar to the TV antenna used in this video. It will be released as an antenna set that comes with some portable mounting solutions like a suction cup and bendy tripod, and 3M of RG174 coax so that the antenna can be used anywhere. Target price is $10 -15 USD incl. shipping from China. This will probably also replace the stock telescopic whip antenna currently used in our dongle sets since the telescopic dipole is simply much more versatile.

Tweet23
Share38
Reddit
Vote
Email
61 Shares

Skylark Image for Outernet’s Dreamcatcher RTL-SDR

About two weeks ago we posted our review of the Dreamcatcher, a new RTL-SDR and full ARM based computing platform built onto a single PCB. Back then the only OS available for it was a standard Armbian build, and no Outernet decoder was available. So we reviewed the Dreamcatcher with the Armbian OS and tested to see how well it worked as a general purpose RTL-SDR and computing platform.

Recently the Outernet team released a new build of ‘Skylark’ for their Dreamcatcher board. Skylark is their customized Outernet signal specific operating system that was available on the C.H.I.P. Skylark is essentially turnkey as it is much easier to setup and use. Just burn the image to an SDcard, insert the card, connect to the automatically generated Outernet WiFi hotspot on a PC or mobile device, and then browse to outernet.is to see the Skylark interface.

Unfortunately it is unclear how long some of the high bandwidth features such as the nice weather app may last. The Outernet Inmarsat L-band signal runs at a bandwidth of almost 20mB a day and appears to cost quite a bit of money to operate, so Outernet appear to be considering moving to a lower bandwidth signal in the near future. This will probably reduce content to data like text articles (news/APRS/Wikipedia/books) only. But even if it is text only it will still continue to be a very useful and interesting service.

Tweet
Share
Reddit
Vote
Email

SatNOGs No-Rotator Setup

Thank you to Silvia P. for writing in and letting up know about the SatNOGs “No-Rotator” project, which looks a lot easier to build compared to their motorized rotator. SatNOGs is an idea and organisation that is trying to make it easier to set up a low cost networked RF ground stations for monitoring various satellites. The idea is to increase satellite ground station coverage all over the world and collect and share received satellite data over the internet so that anyone in the world can view and make use of up to date satellite data.

An original SatNOGs station is built as a motorized antenna rotator, with directional antennas that point and track satellites as they pass over the ground station location. The gears and most internal plastic parts are 3D printed, with the rest of the items like bearings, frames and motors being available on eBay. The problem is that building the rotator is quite a big project, and takes a lot of research, purchasing and building to get started.

Recently over on their Wiki a new type of non-rotator ground station has appeared. The no-rotator ground station still consists of the basic SatNOGs electronics including an RTL-SDR and Raspberry Pi. But instead of using high gain directional motorized antennas this ground station uses a much simpler turnstile antenna tuned to about 137 MHz. Unlike the rotator, the turnstile probably doesn’t have enough gain to pick up some of the weaker amateur satellites, but should be good enough for NOAA/Meteor weather satellites and ISS APRS etc.

We’ve also recently seen similar no-rotator builds discussed over on their forums and on Twitter.

SatNOGS turnstile no-rotator implementation
SatNOGS turnstile no-rotator implementation
Tweet15
Share94
Reddit
Vote
Email
109 Shares

YouTube Talk: Introduction to DSpectrum for Reverse Engineering Signals

Over on YouTube a talk from the author of DSpectrum has been uploaded from his talk during the 13th Cyberspectrum Melbourne meetup. In his talk he goes through the full process of reverse engineering a wireless alarm system in DSpectrumGUI. DSpectrum is a reverse engineering tool that aims to make it trivial to demodulate digital RF transmissions using data captured from SDRs like an RTL-SDR or HackRF.

In the video he shows how to create a project, import a capture and create an overlay on Inspectrum and bring the waveform back into DSpectrum. DSpectrum was then able to automatically detect that the encoding used was PWM and convert it into a bit string. Then by importing multiple captures from various buttons on the alarm he shows how easy it is to see the differences in the bit strings from within DSpectrum. From these differences he uses DSpectrum to help identify what the function of each byte of the bitstring is. Finally he shows how to perform a replay attack with RFcat or similar hardware using the data gathered.

This is a really good talk to watch if you’re interested in getting started with reverse engineering simple digital signals, like those from ISM band devices.

Cyberspectrum Melbourne #13: Introduction to DSpectrum for reverse engineering signals

Tweet7
Share5
Reddit
Vote
Email
12 Shares

A Datasheet for our RTL-SDR.com V3 Dongles

A few people have been asking for a RTL-SDR.com V3 data/info sheet, so we have written one up here (PDF). The datasheet explains the improvements made to the V3, and how to use some of the special features like the direct sampling mode and the bias tee.

Most of the same information is available on the product release page, and the online V3 users guide as well.

Tweet2
Share32
Reddit
Vote
Email
34 Shares

Listening to and Tracking NXDN/IDAS Trunking Systems with two RTL-SDRs

Over on YouTube user radiosification has uploaded a video tutorial that shows how to decode, follow and listen to NXDN/IDAS trunking radio signals. NXDN/IDAS is a narrowband digital voice protocol commonly used with handheld radio terminals.

In the tutorial radiosification explains how to set up DSDPlus and its frequencies text file to automatically listen to and track conversations using the control channel. SDR# is initially used to find the NXDN control and voice channels, which are then entered into the text file. Using this method only DSDPlus and its corresponding receiver FMP is used. Trunking software like Unitrunker is not needed.

Radiosification also notes that the method he presents can also be used for other digital trunking systems such as P25 as well.

How to track NXDN trunking with RTL SDR & DSDPlus

Tweet
Share10
Reddit
Vote
Email
10 Shares

Using an RTL-SDR and TEMPEST to attack AES

All electronic devices emit some sort of unintentional RF signals which can be received by an eavesdropping radio. These unintentional signals are sometimes referred to as TEMPEST, after the NSA and NATO specification which aims to ensure that electronic devices containing sensitive information cannot be spied upon through unintentional radio emissions, sounds or vibrations. TEMPEST can also refers to the opposite, which is spying on unsecured electronic devices by these means.

Recently the team at Fox-IT, a cybersecurity specialist company has released a paper showing how an RTL-SDR can be used as a TEMPEST attack device to help recover AES-256 encryption keys (pdf) from a distance by utilizing unintentional RF emissions. AES is an encryption standard commonly used in computing with protocols like HTTPS (e.g. with online banking) and for securing WiFi networks.

In their experiments they set up an AES implementation on an FPGA, and used a simple wire loop antenna and RTL-SDR to measure and record the RF emissions. By then doing some analysis on the recorded signal they are able to fairly easily extract the AES encryption key, thus defeating the encryption.

Further testing in an anechoic chamber showed that with a discone antenna they were able to recover the keys from up to a meter away. A directional antenna could probably reach even further distances.

In the past we’ve seen a similar attack using a Funcube dongle, which is an SDR similar to the RTL-SDR. In that attack they were able to remotely recover encryption keys from a laptop running GnuPC. Also, somewhat related is Disney’s EM Sense which uses an RTL-SDR to identify electronic devices by their RF emissions.

[Also seen on Hackaday]

Fictional scenario involving a hacker recording RFI from a remote PC.
Fictional scenario involving a hacker recording RFI from a remote PC.
Tweet27
Share400
Reddit
Vote
Email
427 Shares

Android App Aerial TV Banned from Google Play – Now Available on Amazon

Aerial TV is an Android app that allows you to watch DVB-T TV with an RTL-SDR on a mobile device. We posted about Aerial TV back in April and it was available on the Google Play store back then. Unfortunately Aerial TV has recently been banned from the Google Play store as apparently the app can be used to display copyrighted material from TV. The author writes the following on a Facebook post:

Google Play has suspended Aerial TV due to “[Aerial TV] claims to provide copyrighted contents from TV channels”. According to Google apps that display live TV are of “questionable nature”. I am trying to clarify what they mean. I would like to apologize to all affected users. If you have any concerns, feel free to get in touch with Google directly.

This is quite odd and probably a mistake. But if you are looking for Aerial TV it is now available on the Amazon app store with a current 35% discount. If you bought the app on the Google Play store then to get new updates you will need to uninstall it, contact the developer for a refund, and then purchase it again on the Amazon store. More info about that is available on the Facebook page. Updates about it’s availability will always be provided on the official website at aerialtv.eu.

Tweet16
Share38
Reddit
Vote
Email
54 Shares