February 24, 2021

Evaluating LoRaWAN Security with an RTL-SDR

Over on their blog Trend Micro have uploaded a post describing how they evaluated the security of LoRaWAN communications using an RTL-SDR. LoRaWAN is a wireless communications technology that allows for Internet of Things (IoT) connectivity at a much lower cost compared to cellular infrastructure. However, as described in their post LoRaWAN incorporates very little security, making connected devices an easy target for hackers.

The researchers at Trend Micro used an RTL-SDR together with the LoRaPWN software tool which is an improved version of the LoRa Craft Project. With LoRaPWN the researchers were able to intercept uplink and downlink packets. Then when combined with a brute force dictionary attack, they were then able to recover the encryption keys allowing them to decode the data. Finally they were also able to demonstrate a denial of service attack which results in a device being unable to send further data.

For more information the technical paper (pdf) describing their full setup and tests is available, as well as an older post describing possible LoRaWAN attacks. There is also a YouTube video from "The Things Conference" which we have embedded below. In the video researcher Sebastian Dudek presents some of his findings on LoRaWAN security.

An RTL-SDR Blog V3 Intercepting LoRaWAN packets.

LoRaPWNing: Practical radio attacks on LoRaWAN - Sebastian Dudek (Trend Micro)

Watch this video on YouTube

Share14

Reddit1

Vote

15 Shares

February 19, 2021

Scanner School Podcast + Webinar: This is Why You Need an SDR

Scanner School is an online site providing tutorials, podcasts and reviews all about the radio scanning hobby. They are currently planning a Webinar for February 23, 2021 titled "Why Every Scanner User Needs an SDR: The #1 Underrated Tool that should be in your setup". You can sign up to the webinar here. In addition to the upcoming webinar they have also already released episode 165 of their podcast titled "This is Why You Need an SDR". The topics covered in the podcast are listed below.

An SDR means that anything normally handled by the hardware of the radio is now handled by the computer, and the physical hardware serves as an interface.

The only limitation on the SDR hardware you buy is the frequency range and the amount of RF it can digest.

SDR receivers have come a long way since they were first hacked into existence.

SDRs used to be difficult to set up, but that’s no longer true.

You don’t need advanced computer skills to run SDR software.

SDR software can run on PC, Linux, Mac, Raspberry PI, and even Android.

An SDR is more flexible and less expensive than a traditional radio.

You can turn a $30 USB stick into something as powerful as an SDS200 in an afternoon.

All you need to get started is an SDR USB stick, a computer, and the free starter software SDR Sharp.

Once you get set up with FM broadcast stations, aviation, and other analog systems, Phil’s SDR course will go into how to set up digital reception.

If you download DSD+ Fast Lane or Unitrunker you can monitor trunking systems.

Vote

February 19, 2021

Analyzing Frozen Air Traffic in the Hudson Valley

Thank you to Steve Bossert (K2GOG) for submitting his article on analyzing traffic from his RTL-SDR based ADS-B receiver during the recent heavy snow storms at his location in the Hudson Valley. His graphs show a huge drop off in air traffic and ADS-B packets received during the storms.

Aside from these results, Steve's post goes on to explain how he gathers and stores these analytics and an example of using the Graphs1090 software for producing nice plots of the aircraft receive. One important tip that he mentions is to be careful when constantly logging ADS-B data to the SD card as the card can easily get corrupted over time since there are read/write cycle limits.

Air traffic graphs showing the effect of the latest snow storm on air traffic

Share33

Vote

33 Shares

February 19, 2021

Generating White Noise with an FL2K Dongle

The FL2K project allows us to turn a cheap USB 3.0 dongle into a fully transmit capable SDR (filters still required for high power work). We have posted about the FL2k project several times on this blog since early 2018.

Recently we thank reader Mikael for submitting a fork of the Osmo-FL2K driver code which he writes enables it to generate white noise with uniform amplitude distribution. This could be useful for projects that require a wideband noise source such as when attempting to measure filter and VSWR of antennas.

IK1XPV, author of the code notes that the current code is only tested on the Windows driver branch, via compilation on Visual Studio 2019 at the moment. The main contributed code can be found in \src\fl2k_noise.c.

FL2K Test Hardware — An FL2k Dongle connected to an RTL-SDR via VGA to BNC Breakout Cable and Attenuators

Vote

February 18, 2021

Getting Started with Developing Plugins for SDR# on .NET 5

Recently we posted about how SDR# was updated to the latest .NET 5 framework, and this brought with it a new plugin SDK for developers. If you're wanting to get started with plugin development, Petri-Veikko Alajärvi (OH1GIU) has uploaded a tutorial showing how to get started with the free Visual Studio 2019 Community IDE. His post shows how to create a new project, how to add references to the SDRSharp plugin files and how to set up and test a basic GUI via an RDS information display example.

Creating a new SDR# Plugin with the .NET5 Plugin SDK

Vote

February 18, 2021

Building an 11.2 GHz Radio Telescope with an Airspy and 1.2m TV Satellite Dish

In the past we've posted several times about how 1.42 GHz Hydrogen Line amateur radio telescopes used with RTL-SDRs or other SDRs for Hydrogen line observations of the galaxy. Recently Hackaday ran a post highlighting a project from "PhysicsOpenLab" describing an 11.2 GHz radio telescope that uses an Airspy SDR as the receiver.

Celestial bodies emit radio waves all across the radio spectrum and typically observations can be made anywhere between 20 MHz to 20 GHz. Choosing an optimal frequency it is a tradeoff between antenna size, directivity and avoiding man made noise. For these reasons, observations at 10-12 GHz are most suitable for amateur radio telescopes.

The posts by PhysicsOpenLab are split into two. The first post highlights the hardware used which includes a 1.2m prime focus dish, and 11.2 GHz TV LNB, a wideband amplifier, a SAW filter, a bias tee, and the Airspy SDR. The LNB converts the 11.2 GHz signal down to 1.4 GHz which can be received by the Airspy. Once at 1.4 GHz it's possible then to use existing commercial filters and amplifiers designed for Hydrogen line observations.

The second post explains the GNU Radio based software implementation and the mathematical equations required to understand the gathered data. Finally in this post they also graph some results gathered during a solar and lunar transit.

Finally they note that even a 1.2m dish is quite small for a radio telescopic, but it may be possible to detect the emissions from the Milky Way and other celestial radio sources such as nebulae like Cassiopeia A, Taurus A and Cygnus A a radio galaxy.

A 11.2 GHz 1.2m Amateur Radio Telescope with GNU Radio and Airspy

Tweet2

Share73

Vote

75 Shares

February 16, 2021

WSJTX Introduces Q65: Best Weak Signal Performance QSO Mode

WSJTX is a popular program for various digital amateur radio protocols such as FT8 and WSPR which are designed for making contacts with very weak and low power signals on HF. With some of these protocols contacts can be made all over the world in poor conditions with very low transmit power. If you're interested we have a tutorial on how you can use the direct sampling mode on a RTL-SDR Blog V3 dongle to set up a super low cost monitor for FT8, WSPR etc on a Raspberry Pi.

Recently WSJTX have introduced a new mode called "Q65" which claims to have the best weak signal performance amongst all modes implemented in WSJTX. As explained in the Q65 quickstart guide (pdf) they note:

Q65 is particularly effective for tropospheric scatter, rain scatter, ionospheric scatter, and EME on VHF and higher bands, as well as other types of fast-fading signals.

Q65 uses 65-tone frequency-shift keying and builds on the demonstrated weak-signal strengths of QRA64, a mode introduced to WSJT-X in 2016.

If anyone has tested reception of this mode with an RTL-SDR please let us know in the comments. It will be interesting to see what sort of distances can be achieved.

Share32

Vote

32 Shares

February 16, 2021

Playing Fair with SDRplay: Discussion on Fake SDRplay Clones

SDRplay have recently released a blog post warning potential customers to be wary of the proliferation of fake and imitation SDRplay devices on various online marketplaces. SDRplay warn that these clones may not function with the latest SDRplay software such as SDRUno, and that no technical support for the clones is provided.

Over on his blog K4FMH has also uploaded a blog post titled "Ah Geez. Play Fair with SDRPlay. And If Some Don’t, Here’s What Can Be Done….". His post also discusses the clones and includes notes on how SDRplay fans can help take down clone listings on eBay by reporting them.

Of note is that ICQ Podcast Episode 344 released on Feb 14 also discusses this issue starting at 30:50 in the episode. They note that ethically these clones are problematic as they are ripping off a small company who have sunk a lot of costs into R&D and software development.

SDRplay is a UK based company that designs and manufactures low cost software defined radios which start from $109 + shipping. In the past we've posted a few times about SDRplay clones like the MSI.SDR, and about more elaborate clones of the RSP1A as well as Airspy and RTL-SDR V3 clones. As Mirics, the company manufacturing the main silicon chips used in SDRplay products is owned by most of the same people behind SDRplay it is unclear as to how their chips made it onto the Chinese markets. However, as these Mirics chips were originally used in mass market TV tuners, it is thought that they were probably desoldered from a batch of old USB TV tuners.

Share16

Vote

16 Shares