Has always done a terrible job of selling itself. A $25 dtv receiver and a chickenwire antenna parabola and code your own satellite TV decoder, learn what radar guns emit, emulate a modem... maybe even shift to IR and do TV controls.. it's, latent in this stuff.
I'm reasonably good at computers, and I even have a small understanding of electronics and radio, but I bought a HackRF One about 6 years ago, and every time I try to use this stuff I get hopelessly lost. Most of the time I can't even get the software running, or figure out which software I need to get running, and when I do I'm hopelessly lost. The only thing I ever managed was to listen to an FM radio station with a program that simplified the interface down to a frequency slider.
I would love to do things like investigate how my water meter broadcasts its readings, but "latent" doesn't even begin to cover how inaccessible this stuff is. There are "tutorials", but they just say "Stick these parts together. There, now you have stuck these parts together!" (https://wiki.gnuradio.org/index.php/Simulation_example:_Narr...)
I know, open source, I should learn everything and then write better documentation.
Gnuradio was also new to me. However with two HackRFs I could do the entire thing. First replay attacks. Then trying to get the code by building up a set of processing blocks. Last synthesis of the complete signal.
Is it possible to use a laptop's built-in wifi antenna / wifi card as the hardware side of a gnu radio setup?
That seems like it would be a nice cheap one-two punch for getting started. AFAIR wifi uses the public (unregulated) bands so there should be lots of interesting stuff on those frequencies beyond wifi signals.
WiFi adapters don't really expose this type of interface. WiFi adapters interact with the host computer by sending and receiving packets, the 802.11 framing and radio de/modulation is performed internally by the adapter. In other words, the host computer sees IP packets, not radio data. Some adapters (or really most adapters) provide some ability for the host to send and receive raw 802.11 frames but it's an infrequently used feature and tends to have a lot of caveats and limitations... you'll see a lot of discussion of this if you read into security/exploitation use-cases for WiFi that involve monitoring or generating 802.11 management traffic.
This is somewhat related to the old difference between a "modem" and a "winmodem": proper telephone modems performed the de/modulation internally, winmodems did not and relied on the host processor to do so, resulting in generally lower performance but a much cheaper device. At modern network data rates it is not really feasible to do this and the general direction is towards offloading more and more of the work to the network adapter, outside of the host's control or view.
For gnuradio you need raw radio samples, often referred to as IQ data due to the nomenclature for amplitude and phase. Few devices that aren't specifically designed for software-defined radio use expose this data because it requires extra complexity in the device and tends to be rather high-bandwidth. The "RTL SDR" TV tuner dongles are so well known precisely because they contain an undocumented feature that allows a host to request raw IQ data, although at a poor sample rate and bandwidth since these devices were not really intended for it.
Due to it being a radio licenced by rule, the firmware in wifi devices is locked down tight. If it ware wide open FCC would revoke it's type acceptance.
The only project that so far has managed to even partially use wifi hardware as a more generic SDR is nexmon[1] and even that is rather involved.
Really cool project but not much heard since 2018.
For just experimenting with modems across a noisy path one could just use the built in microphone and speakers.
For future reference, this[0] is a good get-started guide to getting a signal from the microphone, outputting a signal to the speaker, and some basic signal display / waveform generation.
For my own use (on windows 10), I used the following device names for the microphone / speaker:
Microphone: "Microphone Array (Realtek High Definition Audio)"
Speaker: "Speaker/HP (Realtek High Definition Audio)"
Specific names on windows can be found in the Control Panel > System > Sound (as of the date of writing)
I would suggest not starting in the 2.4GHz band, the protocols used there (wifi, bluetooth) are very complicated to understand. Get a rtl-sdr and start with something simpler: FM broadcast (my blogpost: https://www.abclinuxu.cz/blog/jenda/2019/11/gnu-radio-first-..., there is even an example capture you can download and replay, so you can start without the physical radio), police radio (both analog and digital), radiosondes, weather satellites, ISM stuff - temperature sensors, garage and car remote controls, airplane multilateration (https://github.com/mutability/mlat-server )… You can do lot of stuff even with the $10 rtl-sdr, for example I have used it for multilaterating TV and radio transmitters (thesis: https://jenda.hrach.eu/dipl.pdf, unfortunately "layman's explanation" is available only as a lecture in Czech). I know people are even building radioastronomy stuff and passive radars (https://www.rtl-sdr.com/passive-radar-dual-coherent-channel-...) with rtl-sdr.
Once you have basic understanding of the topic, you can get better hardware: AirSpy (the same features as rtl-sdr, but MUCH better signal-to-noise ratio and bandwidth) or bladeRF (costly, but probably the best radio you can get now). For example I'm now building a weather radar based on bladeRF. The bladeRF has a FPGA with open-source HDL, so you can mess even with absolutely lowlevel and bleeding edge stuff.
Going back to your original question:
Most cards load firmware from a file when they are initializing (check "dmesg|grep firmware", on my machine, for example, it says it has loaded /lib/firmware/rtl_nic/rtl8153b-2.fw), you are free to modify it. However, all (or maybe almost all) wifi cards have the format of the blob completely undocumented so it would be very hard to make a modification that would allow you to transmit/receive arbitrary signals. Something similar has been achieved with GSM phones (see OsmocomBB), but it requires very complicated reverse-engineering.
Firmware is typically loaded directly onto the hardware, so you would have to have a way to flash your custom firmware to the wifi antenna/card.
In the US and other countries, it is to the best of my knowledge legal to modify firmware for hardware you own. The illegal part is broadcasting, most bandwidths are highly regulated. Listening on the other hand is mostly legal, or at the very least extremely likely to fly under the radar.
You will not be able to modify the firmware blob just by running linux.
Few years back there was danger of FCC de facto banning alternative router firmwares like openwrt to prevent tampering with the wifi cards firmware.
This was the "only manufacturer signed firmware allowed" thing that thankfully was avoided.
FCC's motivation in this is to prevent people from using too much power or certain frequencies.
And as most manufacturers want to be able to sell in USA, it would have likely affected all versions.
Kainda like how many wifi devices sold in Europe only go up to channel 11 on 2.4GHz, when the EU band goes up to channel 13.
But ch12 and ch13 are not legal in usa, so they are blocked.
It has been done because wifi/bluetooth chipsets are mostly software defined radios but the software is in proprietary pretty well locked down firmware environments. The hardware of the radios will also usually be specified for very specific bands and will have less general purpose uses.
Also note that it’s easy to break FCC regulations and generally be disruptive if you mess around with this stuff and don’t know what you’re doing, and the FCC happily hands out five digit fines.
Have you driven around town at noon? That’s when kids were getting out of school pre-pandemic. I just read this morning Kansas is so desperate for substitute teachers that they’ll take on teenagers without a single college credit. The public school system in many parts of the country is basically state funded daycare.
Sure. That's because GNU Radio is for making the applications/flowgraphs. It is not an application you "use". It is an application for making applications. Give a newbie even the friendly GUI gnuradio-companion and they're not going to be able to do much without some serious time learning or existing DSP background.
For a little more investment you can get hacked version with a TCXO and it is able to receive almost 0 to IIRC 28MHz. It is a 2.8MHz spectrum analyzer although energy readings are not a feature.
However cities are terribly noisy environments so loop antennas should work better for most people. Most amateur radio guides assume you are at least a homeowner but that is not realistic among people interested in a 20 eurodollar receiver.
In terms of hardware, there is a large spectrum, from inexpensive RTL-SDR (receive only, ~$25), PlutoSDR (transmit and receive, $229, which PySDR covers) all the way to $x000+ for USRP etc.
https://github.com/F5OEO/rpitx (repurposing bitbang/PWM GPIO; we had weird problems with data corruption when we were trying to use it as a radio modem, but maybe you will have more luck)
https://bellard.org/dvbt/ (repurposing standard VGA card, but it's probably not worth it since fl2k is way better)
(beware that low quality of the transmitter usually means it will cause interference with other stuff. However, all of these have such a low power that if you will not use an amplifier, it will be OK, the interference will be probably undetectable outside of the room where the transmitter is)
We are maintaining a long list with theory/math: https://brmlab.cz/event/dsp#zdroje , and engineering stuff: https://brmlab.cz/project/sdr/start#links . However, I agree it is rather difficult to get into the topic. I'm playing with SDRs for almost 10 years (increasingly "fulltime" lately), and we still need to employ a professional mathematician to help me with some advanced problems.
that $25 dtv receiver only goes up to 2ghz so you can't get satellite tv without building a downconverter which isn't trivial or as cheap. Radar guns are even higher in frequency. It can only receive so you can emulate only the demodulation part of a modem. IR sounds like fun though. You could listen to tire pressure monitors too.
an LNB (the thing that goes in the focus of a parabolic antena) is really cheap and easy to power
the probem would be that the cheap dtv (RTL-SDR) only gets up to 2.4MHz of spectrum bandwith, a typical DVB-S mux can be around 20MHz or the DVB-T terrestrial standard, 8MHz
The LNBs on ebay are pretty cheap but the intermediate frequency some of them use use is a bit too high. And as you say. You'd just be finding some slice of the signal without any hope of demodulation. I still think a microphone or rtl are a great way to play with gnuradio companion. Lime sdr is probably the next step up in price.
How can the DVB-T signal bandwidth be larger than what the 'dtv' receiver is capable of if that device was actually originally designed to receive exactly that class of signal?
The 2.8 MHz limitation comes from shipping raw RF samples off the device over USB 2. When operating as a DVB-T receiver the device decodes the signals before sending them over USB so it uses less bandwidth.
The device was originally intended only as a dtv receiver and not a general purpose software defined radio. The hobbyist/ hacker community discovered the hidden debug mode that allows raw data acquisition and wrote drivers for it.
Any chance this is at least partially deliberate? If more people were to use GNU Radio, the manufacturers of said hardware would get sued until they were forced to lock down their hardware.
Technically, the ECPA is still on the books in the US, prohibiting devices that can receive the old 800 MHz AMPS cellular band.
The ECPA was always a complete legal atrocity, and I don't think it's been enforced for many years, and cell phones no longer use NBFM or anything else that an unauthorized receiver can decode, but...
This reminds me of a fun story. A few years ago at a cool lan + demoparty event called Instanssi they had a local FM radio station dedicated to the event. It was then revealed that hidden in that FM transmission was the private key to a litecoin wallet containing some coin. I set about to try and extract the hidden message, but didn't succeed before someone else armed with GNU radio had already decoded the SSTV image from the sideband broadcast. It was a fun challenge, and the person who won taught me a bit about GNU Radio. An amazing piece of software, and a fun memory!
Our satellite team in college used GNURadio to modulate and demodulate our radio signals, and to automate the entire pass (in conjunction with our mission operations team). I remember at that time (2016-2018), there was an absolute dearth of information on something as simple as demodulating GMSK, much less OQPSK. The given blocks for these modulation types never worked, so we had to build out custom blocks in C++ to have a chance at interacting with an actual spacecraft in flight (with all the goodies like active Doppler compensation etc)
I did my masters thesis with GNURadio 2013-2016 (a frequency-hopping implementation). I often thought my struggles were 100% my own incompetence, but eventually realized it was possibly 50% buggy GNURadio blocks. So much potential in SDRs but damn was this software an opaque mess to use.
There was a time where I could point to specific implementations in GNURadios source that were very buggy (lots of uninitialized memory assumed to be zeroed), but alas, it's been lost from my memory.
This is an excellent book on learning DSP for modern wireless communications and it should get you over the fundamentals [1].
There is an interesting project for open source LoRa physical layer implementation in GNU Radio. The authors had to reverse engineer the LoRa physical layer for the implementation because it is proprietary unlike the data link layer LoRaWAN part of it [2].
[1]Digital Signal Processing in Modern Communication Systems:
There's a similar SDR toolkit out there called RedHawk. Its open source but heavily funded by the NSA so you can imagine that it has specific SIGINT applications in mind. However, you can still connect it to an RTL-SDR and play around with the components in a similar manner.
I especially appreciate the "Simulink-like" block based visual coding style, I think it's a more intuitive alternative than textual coding in the context of systems and blocks etc.
also love the convenience of simply "adding a slider" whereas in matlab for example you have to build an "app" and add callback functions and do weird stuff to change the block parameters
I just wish GNU Radio did not brake compability between versions.
3.6 --> 3.7 --> 3.8 all ware breaking.
So no older example or block you find will work in the current version.
This is infuriating when trying to learn and following tutorials.
All my friends seem to have migrated to building their prototypes in C using something like liquid-dsp instead of gnuradio.
As that will compile and work next year.
It is frustrating. What I do is keep computers from a given time era in their natural state of software. So now I have a physical computer for running GR 3.6 stuff, one for 3.7 stuff, and soon I'll have one for 3.8 stuff. Trying to constantly upgrade and getting rid of old installs is counterproductive.
This applies in general to all software. It's really nice to have old OSes use applications that can't run on newer distros.
SDR and GNU radio has always sounded interesting to me ever since I heard it mentioned on the Security Now podcast years ago. Does anyone know of good resources on how to get started? This is something I’d love to tinker with one day. I also don’t know a great deal about RF communication in general.
I looked into this last year, and the process seems to be "get at least half an undergrad degree in signal processing and then read the code." GNU Radio is really powerful, but most of the tutorials out there are "rest of the fucking owl" style[0]. Which I then realized makes sense, given the complexity of the domain. So be aware it's a deep subject and you won't be decoding new satellites in a few clicks unless you're copying somebody else's homework.
If you want to learn DSP, GNU Radio is the way to go. It has audio sources and sinks, so you can try out things and hear / see (using the scope sink) the results in real time.
It was really interesting to play with negative frequencies and get a better handle on it than the math alone would have ever given me.
Have they fixed the incredible loss of features from the WX GUI yet, the QT widgets just didn't have anywhere near the same functionality last time I looked?
[Edit]The WX versions of FFT and Oscilloscopes were far, FAR better than their QT replacements.
This is a big deal when running on e.g. a MacBook that has no middle click--it is very worthwhile to use software that emulates a middle click when a modifier key is held down to gain back this functionality.
GNU Radio is targeted to a specific domain and the collection of existing nodes reflects that, similar tools exist for other domains, e.g. for CAD there is Sverchok which works with Blender: https://nortikin.github.io/sverchok/.
But the frontpage doesn't take you there.