Tagged: rtl2832u

QCSuper: Capture 2G/3G/4G/5G Radio Frames with Qualcomm Phones

In the past, we've shown how it's possible to use RTL-SDRs or other SDR devices together with the Airprobe software to analyze data from 2G GSM mobile phones and towers. (Note that it's not possible to listen in on conversations or read SMS data unless you have the encryption code for the recipient phone. This is only capable of showing cell tower basestation telemetry for example).

While not directly related to SDR, readers might be interested to know that a new piece of software called QCSuper has been released which enables similar analysis capabilities for 2G/3G/4G/5G signals through the use of Qualcomm-based phones and modem hardware. To use it you will need a rooted Android phone. The software accesses a diagnostics mode available in Qualcomm devices and makes the data available for view on Wireshark.

[Also seen on Hackaday]

QCSuper Screenshot
QCSuper Screenshot

Antennas Explained: Finding the Best Antenna for HackRF, RTL-SDR and Other Receivers

Over on YouTube sn0ren has uploaded a well produced video to help beginners to the radio hobby understand antennas. The video explains how antennas work in theory, and how to choose the best antenna for your SDR and application through calculations and use of a Nano VNA.

There is an essential gadget that you will want to get, to get the best antenna performance. But first we need to cover a bit of antenna theory, before we can answer the question of what antenna that is the best one for your HackRF Portapack, or Flipper Zero SubGHZ module, or Meshtastic, Quansheng UV-K5, RTLSDR or other radio devices. This video is covering the bare minimum basics of antenna theory for beginners into the radio hobby.

The best antenna for HackRF Portapack (and Flipper Zero, Meshtastic, Quansheng, RTLSDR, etc.)

SDR# Version 1920 Released

A few days ago SDRSharp version 1920 was released. SDRSharp (SDR#) is a popular Windows program that is affiliated with Airspy SDR dongles, but is compatible with RTL-SDR and various other SDRs as well. The latest version gets rid of the relatively resource heavy Telerik UI library and replaces it with a much lighter weight library.

The author of SDR#, @lambdaprog, notes that v.1920 reduces memory usage by 85% and CPU utilization by 50%. The new version also improves scalability for high sample rates and number of spectrum slices and improves plugin compatibility. Several AOR brand SDRs are also now supported in v.1920.

On the note regarding improved plugin compatibility, we've noticed that in the v.1920 update the IF Average plugin has begun working again. The IF Average plugin is used for Hydrogen line radio astronomy experiments. In the past we had to use older versions of SDR# to make it work. We have updated our Hydrogen line tutorial to reflect this.

Gypsum: A Software-Defined GPS Receiver written in Python + A Writeup on How it Was Made

Thank you to RTL-SDR.COM reader Lee. who found a recently released program called "gypsum" which enables an RTL-SDR or HackRF to be used as a GPS Receiver when combined with a GPS antenna. Phillip Tennen, the author of Gypsum notes that Gypsum can obtain a fix within 60 seconds from a cold start and that it has no dependencies apart from numpy. We want to note that it appears that Gpysum has no live decoding ability yet, as it works from pre-recorded GNU Radio IQ files.

In the past, we've shown in a tutorial how GPS can be received and decoded with GNSS-SDRLIB and RTKLIB on Windows. The new Gypsum software should work on Linux and MacOS too.

What's more, Phillip has written an incredible 4-part writeup on how Gypsum was implemented from scratch. In the write-up, Phillip introduces GPS and explains how it can even work with such weak signals that appear below the thermal noise floor. He then goes on to explain how the detected signal is decoded and turned into positional information, and how challenging it was to propagate the accurate timing information that calculating a solution requires. The write-up is presented with clear visualizations to help readers intuitively gain an understanding of the advanced concepts involved.

Gypsum GPS Satellite Tracking Dashboard GUI
Gypsum GPS Satellite Tracking Dashboard GUI

New Tool to Convert Between SDR# and SDR++ Frequency List Formats

Thank you to 'thewsoftware' over on our forums who has shared with us his SDR# <-> SDR++ frequency list converter (sdrfc) software. SDR# and SDR++ are two popular SDR programs often used with the RTL-SDR, but each uses a different format for storing custom frequency lists.

The new sdrfc tool allows users to easily convert frequency lists between SDR# and SDR++ formats, so you don't need to manually type out a frequency list for both programs.

The sdrfc is a Windows command line tool and instructions for using it can be found on the GitHub Readme. A release zip file is available on the GitHub Releases page.

SDR# <-> SDR++ Frequency Converter Readme

Testing a WiFi Grid Antenna for L-Band Satellites

Over on YouTube dereksgc has uploaded a video where he tests out a 2.4 GHz WiFi Grid antenna for L-band weather satellite reception. WiFi grid antennas are typically repurposed in the SDR community for L-Band weather satellite reception because they are cheap and mostly work out of the box. They can also be used for hydrogen line radio astronomy. TV dish antennas are an alternative but with them, a custom feed needs to be built. 

In his video, dereksgc tests the WiFi dish on receiving various polar-orbiting L-band satellites including Metop, and Meteor M2. With the polar orbiting satellites the dish needs to point at the satellite as it passes over the sky and so dereksgc recommends using a mount if hand tracking them.

Later in the video he tests some geostationary satellites but finds that the dish is not tuned well enough to receive Elektro-LN3 properly without modifications. He was however able to receive a noisy image from FengYun-2H successfully.

We note that we also currently have our Discovery Dish product available for pre-order, which is similar to the WiFi grid dish, but smaller and lighter weight with a built-in optimized active feed.

I finally got a WiFi grid antenna for satellites

EM Eye: Eavesdropping on Security Camera via Unintentional RF Emissions

Researchers from the University of Michigan and Zhejiang University have recently published their findings on how it's possible to eavesdrop and wirelessly recover images from security cameras via RF unintentionally leaking from the camera electronics.

EM side-channel attacks aka receiving and decoding data from the unintentional RF transmissions from electronics are nothing new.  In the past, we've posted how some laptops unintentionally broadcast audio from the microphone via RF, how a tool called TempestSDR can be used to spy on monitors/TV's via RF leakage, how encryption keys can be stolen from PCs via unintentional RF, and even how Disney is looking to use RF leakage for RF fingerprinting.

In their research, the team discovered that security cameras leak enough sensitive RF that an image can be recovered from the leakage over a distance. In their tests, they used a USRP B210 SDR as the receiver and tested twelve cameras including four smartphones, six smart home cameras, and two dash cams. They found that eight of the twelve leaked strongly enough for the reception of images through windows, doors, and walls. Cameras like the Xiaomi Dafang and Wyze Cam Pan 2 performed the worst, allowing for images to be recovered from distances of 500cm and 350cm respectively.

The team has not only released a paper on the topic but has also released the full code as open-source software on GitHub. The software is based on a modified version of TempestSDR, so it may also work for other supported SDRs, like the HackRF and RTL-SDR.

EM Eye: How Attackers Can Eavesdrop on Camera Videos

Saveitforparts: Receiving and Decoding L-Band Weather Satellites

Over on his YouTube channel 'saveitforparts' has uploaded a new video showing how he has been successful at receiving and decoding L-band weather satellites using his setup made from scavenged parts. He uses a custom-built helical feed on a scavenged dish, and an automatic pan-tilt rotator built from an old security camera mount. With this setup combined with an RTL-SDR and LNA and filter he is able to receive polar orbiting L-band weather satellites. 

In the video, he shows how his system works and what his software setup looks like. He uses SDR++ to record the pass initially, then SatDump to decode the data into images. We note that SatDump can be used to decode the images live, and can also record the raw radio files too, so SDR++ is not required.

How To Receive And Decode L-Band Weather Satellites