Category Archives: Computing

Computing, networking, and the like. Non-Ham Radio related.

Ohio Section Journal – The Technical Coordinator – April 2018 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://arrl-ohio.org/news/2018/OSJ-Apr-18.pdf

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

In all the ragging (er, discussion?) on Windows 10 last month, Bill – K8RWH had some good points and questions about Linux that I decided to write a follow up this month. There is a lot to parse, especially different terminology. The most useful website for Linux information is called DistroWatch, short for Distribution Watch. Most of the information here will come from that site. Let’s get to it.

History

Linux came out of the Unix operating system implemented by Ken Thompson and Dennis Ritchie (both of AT&T Bell Laboratories) in 1969. “Linux began in 1991 with the commencement of a personal project by Finnish student Linus Torvalds to create a new free operating system kernel. Since then, the resulting Linux kernel has been marked by constant growth throughout its history. Since the initial release of its source code in 1991, it has grown from a small number of C (programming language) files under a license prohibiting commercial distribution to the 4.15 version in 2018 with more than 23.3 million lines of [code] … ” (Wikipedia).

Tux

I’d be remiss if I didn’t mention the official Linux mascot. “Torvalds announced in 1996 that there would be a mascot for Linux, a penguin. This was due to the fact when they were about to select the mascot, Torvalds mentioned he was bitten by a little penguin on a visit to the National Zoo & Aquarium in Canberra, Australia. Larry Ewing provided the original draft of today’s well known mascot based on this description. The name Tux was suggested by James Hughes as derivative of Torvalds’ UniX, along with being short for tuxedo, a type of suit with color similar to that of a penguin” (Wikipedia).

Crash course in Linux terminology

GNU/GPL – software licensing methodologies frequently used by Linux and Unix variants.

Open Source – anyone can see the building blocks of a project known as the source code. This is beneficial because anyone with skills can fix and improve upon an open source program.

Kernel – is the core to any operating system (not only Linux). It interacts with and controls the computer’s hardware (mouse, keyboard, monitor/graphics, hard drive, USB devices, network). It is the lowest level of the operating system.

Operating System – collection of kernel and software that make a computing device work. Most operating systems include drivers, text editor, file manager, and a method for installing & removing applications (known as a “Package Manager” in Linux).

Architecture – type of processor an operating system can run. 64-bit, 32-bit processors, Raspberry Pi and mobile devices are examples.

Live CD/Medium – the operating system can be run from a CD or USB drive without installing to a hard drive. This is useful in testing different operating systems or to aid in recovering an inaccessible system.

Dual-boot – in contrast to “live CD,” installation of one or more operating systems on the same computer. My experience: install Windows first, then Linux. The Linux boot-loader plays nice with Windows but not the other way around. Reinstalling Windows will also break the Linux boot-loader. It can be repaired but will stress your Google and command line-fu skills.

Distribution – similar to “Operating System” but often targeted for a specific purpose or category: servers, desktops, beginners, education, gaming, multimedia, security, utilities, telephony, etc.

Checksum or Hash – applies an algorithm to data. It is used to track errors introduced in transmitting data or storing data. Checksum programs are standard in Linux operating systems. A third-party program like HashTab or QuickHash GUI are needed to verify a checksum in Windows.

Desktop environment – how a user interacts with multiple applications at once. This is a matter of personal preference. Popular desktop environments are: Cinnamon, GNOME, KDE, MATE, and Xfce.

Popular Linux Distributions

DistroWatch has just short of 900 Linux distributions in their database. Over 300 are considered active (updated in the last 2 years). Only about a handful are useful to average users. For a complete guide see “A Guide to Choosing a Distribution.”

Linux Mint

Linux Mint – launched in 2006 to address many of the drawbacks associated with a more technical operating system such as Linux. Using the Ubuntu distribution as a base, many beginner enhancements were created for usability. I had read about security concerns with Mint and began to steer users away from it. However, DistroWatch published a “Myths and Misunderstandings” debunking many of those points. If you’re a noobie and want to dive into Linux as an alternative operating system, start with Mint.

Ubuntu – Launched a few years earlier in 2004, this project took off faster than any other distribution and was touted as the way to get average people to use Linux. Learning from the mistakes of other projects and taking a professional approach to its users made it a popular choice. Excellent web-based documentation and an easy to use bug reporting facility was created. Though frequent major changes and the Unity interface – more suited for mobile devices – have driven users away.

Elementary OS – This one is for Mac users. It emulates MacOS and puts a lot of focus into ascetics.

Debian – base for the above and 120 other Linux distributions. Debian is remarkably stable due to its high level of quality control. It has support for many software packages and processor types making it a great choice for older systems. Due to that level of processor support it lacks newer technologies.

In the 300 other active Linux distributions, specialized versions serve an intended purpose:

Windows Compatibility

Users who’ve switched to Linux or Linux users that need to run a Windows app might ask: can I run Windows applications on Linux? Yes, there are a couple ways to accomplish this.

Run a virtual machine program like VirtualBox. A virtual machine emulates hardware and the functionality of a physical computer. Similar to dual-booting it requires a full installation of the desired (guest) operating system. Emulation is resource intensive for the physical (host) operating system hardware. It doesn’t make much sense to have a multi-gigabyte Windows virtual install to run a small application.

WINE running Media Player Classic and SumatraPDF (Wikipedia)

This is where WINE comes into play. Wine stands for Wine Is Not an Emulator. It’s not a virtual machine but rather a compatibility layer to translate Windows system calls into Linux system calls. WINE takes a considerable amount of configuring but programs like PlayOnLinux and Winetricks make life much easier. Neither solution is perfect and won’t succeeded in cases of complex applications or ones requiring specialized hardware.

In terms of ham radio, Windows was the overwhelming platform of choice for Morse Code and digital mode applications because everyone was using it. Older Windows only applications (MMSSTV, DigiPan) are going to run well on that platform. The good news is programs like Fldigi and QSSTV are viable replacements on Linux and, in many cases, better than their dedicated Windows counterpart. In addition, the Ubuntu package manager has an entire category dedicated to Amateur Radio applications. If you’re someone whose fed up with the badness and frustrations of Windows 10, give Linux a try.

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – March 2018 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://arrl-ohio.org/news/2018/OSJ-Mar-18.pdf

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

Windows 10: two years later. Last time I talked about Windows 10, Microsoft was giving the operating system away as a free upgrade. It represented a drastic shift in Microsoft’s business model. I’ll cover some of the decisions surrounding Windows 10 and my experiences with this new model of delivering and updating Windows. Beware, a lot of complaining lies ahead. You have been warned ūüôā

Microsoft is transforming Windows 10 to “software as a service” (often written as SaaS) over previous versions. The software is licensed to the user. Microsoft takes full responsibility for maintaining, updating, and adding new features. Though this means users have little chance to stop major updates from applying and no chance to stop additional applications from being installed or removed. They are applying the phone model of updating to Windows 10 across all platforms. Microsoft wants to handle all updates and wants apps to be downloaded from the Microsoft Store (like the Google Play Store or Apple App Store).

In principal, this seems like a good idea because users don’t have to do anything. They will always be updated with the latest and greatest operating system and apps. This model fits almost no users of Windows 10. Average users get frustrated with having to apply updates weekly. According to Paul Thurrott, journalist and blogger who follows Microsoft, he stated that ‘65% of Microsoft’s revenue comes from enterprise users who don’t want to update but every 5-10 years. Instead of adapting to that service model, they force users to conform to [Microsoft’s] business model.’

This shift includes realizing that most Windows users think: when I buy a new computer, I get Windows. These are not power-users like me.

For Windows to be available on every type of device (PC, tablet, mobile, Xbox, IoT, Hololens) Microsoft created this platform for developers called UWP. Universal Windows Platform apps are meant to be designed once, put in the Microsoft Store, and run on all device types. Ultimate goal was to replace all desktop apps with a UWP app. The Microsoft Store would take care of installing the latest version when updates were available. When tied to a Microsoft Account, apps would be installed on any devices signed in using that account. No one is using this platform. Microsoft created apps in UWP for Windows 10 but they’re proof-of-concept apps at best, toy apps at worst. The Photos app is unusable. If they wanted developers to be drawn to this platform, Microsoft should have created some really awesome looking and functioning apps to show off the abilities of UWP. Instead they created apps that no one wants to use largely because the platform is not mature.

Windows Media Center

Microsoft does come up with really good ideas. Then they get rid of them. In the XP days, who wasn’t using Windows Movie Maker? It made some really good-looking edited videos like home movies, class projects, or to promote a brand on a website. Gone. Windows Media Center was loved by many because it turned an ordinary PC into a media powerhouse with the ability to record TV programs, watch DVDs, play music, show photos, and stream movies from Netflix. Gone. Paint was on the chopping block for the Fall Creators update. It got so much push back from diehards they decided to keep it and added a 3D ribbon so that it can do 3D modeling. Eh.

I think Windows 7 is the best version of Windows despite the severe lack of hardware and driver support. For example, SSDs (solid-state-device, aka non-spinning hard drive) needed deep internal settings need to be adjusted in Windows 7 so it would not wear out the SSD faster than expected. Windows 10 knows what to do with an SSD out-of-the-box, even in a RAID configuration.

I love that Windows 10 is stable. Running it on fairly modern hardware, it just works. My main machine runs 10 and was installed from scratch at the end of May 2016. This is unheard of for me. Every couple of months I was restoring a backup of Windows 7, likely due to a failed driver update. In the two years since installation I went through a motherboard failure. When it died, I built a new system. I did a drive-to-drive copy of my Windows installation and data onto new hard drives. Previous versions of Windows never handled drastic hardware changes very well. It would get stuck in the startup process and reboot over and over again. Windows 10 detected my new hardware, installed some drivers, after maybe a reboot or two I was up and (still am) running on that initial install.

That’s where my love for Windows 10 ends.

I don’t like the two-control panel-like settings areas called “Control Panel” and “Settings.” It’s too scattered, if you can find the setting at all. I swear there are changes just to make changes. In one update an option is over here, the next update it is someplace else. This constant changing makes finding solutions online a real bear. Settings, and in particular privacy settings, are often defaulted when a major update is applied.

I hate the forced upgrades and reboots. Users complain, and Microsoft admits, they were forced into Windows upgrades when the user specified to delay the update. There were complaints of updates rebooting during ‘active hours’ and the solution was to modify the Windows Registry. The Registry stores low-level settings of the operating system and installed applications. Making an error editing the registry can cause irreversible damage. “Active hours” is another dumb idea. ‘Hey tell us when you think you’re going to be using your PC and we won’t apply updates.’ Except that didn’t happen. Windows 10 would reboot causing many hours of lost productivity. Have a task or job running overnight? It’s not more important than a Windows update! Granted many of these issues come and go but they are major annoyances. They leave users feeling like they don’t have control because a decision they made was not honored.

Microsoft is thinking like a developer. Developers will tell you “this is progress.” This happens a lot. It’s a real problem. Progress is not removing options for users. Their idea of progress may not align with the majority of users either. Paul Thurrott believes that Microsoft is intentionally making Windows 10 bad. “I actually think they’re doing this on purpose to sabotage this business from within … so they can move on to the thing they want to do which is cloud computing … It’s almost that bad.” (What The Tech, ep 363).

Classic Shell

I’m really getting tired of replacing bad implementations with functional addons. To my chagrin, Classic Shell is no longer in development which was my preferred Start Menu replacement. These reasons should sound familiar: “Windows 10 is being updated way too frequently (twice a year) and each new version changes something that breaks Classic Shell. And … Each new version of Windows moves further away from the classic Win32 programming model, which allowed room for a lot of tinkering. The new ways things are done make it very difficult to achieve the same customizations.” Luckily the source code was released making it easy for someone or a group to pick up where that project left off. Check alternativeTo other Start Menu replacement options.

I would love to move my Windows 10 desktop to Linux. There are apps that don’t run well in a virtual machine or hardware apps that can’t run under a compatibility layer like Wine. Windows it is for now. I have moved my laptops over to Linux and have been loving it. Linux has its own issues but if one distribution doesn’t work, try another. I do have Windows virtual machines installed for software defined radio apps and Office mostly. My preferred Linux distro is Fedora because it had the least amount of problems running specialized apps in a VM. It’s not for the faint of heart either as it’s considered a ‘bleeding edge’ operating system. Problems often make to the stable update channel but seem to be fixed relatively quickly.

This is the dividing line. Are you willing to change or is this too much?

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – January 2018 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://arrl-ohio.org/news/2018/OSJ-Jan-18.pdf

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

So nothing really tech news related happened this month. Eh, not so much. The New Year brought two major flaws in nearly every modern microprocessor: Meltdown and Spectre.

In the past, major security issues were able to be corrected through software or firmware updates. This is because almost everything is now run by small amounts of software and can be easily updated. Design issues are harder to fix because the problem is fundamental to the design of a device.

Description from Meltdownattack.com:

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.

Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider’s infrastructure, it might be possible to steal data from other customers.

Meltdown affects nearly all Intel microprocessors manufactured since 1995. In modern computing, an operating system “kernel” handles all interactions between applications (web browser, word processing, spreadsheets) and hardware (CPU, memory, network, USB devices). By its nature, the kernel must know everything about system interactions.

CPUs have different operating modes. Two modes apply to Meltdown: unprotected (called kernel mode) and user mode. Kernel mode has access to everything while instructions executed in user mode should not have access to the same memory as the kernel.

Meltdown is the demonstration of an unauthorized user mode process accessing kernel mode memory. This means a user process can access information to which it doesn’t have permission. Think of systems that share data among many users like an online cloud service. Isolation techniques are one of the major selling points of the cloud. Multiple users can be using the same physical hardware and not impact or know anything about other users also using the same hardware. A malicious process could use meltdown to access the data of other people’s applications running on the same device.

Spectre affects nearly all microprocessor implementations of speculations and predictions. In an effort to make systems run faster, a huge amount of speculative processing is engineered into processors. Speculation is the processors answer to the question: what is most likely to happen with this instruction set? Being able to “guess” the right answer provides a massive performance boost and we all want fast systems. To explain one part of this vulnerability, consider two math equations are given to a microprocessor:

a + b = c
d + e = f

The processor will recognize calculation of the second equation does not depend on anything from the first equation. This means the processor will execute these equations simultaneously until it reaches a common dependency. That dependency would be something like:

a + b = c
(d + e) * c = g

The answer c is used as an input into the computation of the second equation. Running this set through the processor would be slower because they couldn’t be calculated simultaneously. An input into the second equation is dependent on the answer to the first.

Using the same equations, let’s assume for everyone in the Ohio section, the answer to c = 5. A programmer could write an instruction set following that calculation to say: if c = 5 then take fork #1, otherwise take fork #2. How do humans know which fork to take? Calculate the value of c. However, processors try to use “speculative execution” to perform the work of both forks before it knows the answer to c.

Let’s add super-secret data to fork #1: “the Ohio Section IS the best section.” We don’t want fork #2 to know anything about that data because it might be someone from another section trying to break-in. A processor would execute both fork instruction sets speculating on the outcome. This speculation could allow someone from another section to see our secret in fork #1 when they should only see something else in fork #2. Consider a malicious smartphone application taking advantage of this to access text messages, instant messages, mobile baking data, or critical documents.

The lengthy process of dealing with these issues has begun. The only way to truly “fix” these problems is to design new CPUs architectures and replace existing ones. Yeah, sure. Remember, these issues are fundamental to processor design. If these flaws are ever corrected, it will be over a period of time – not tomorrow, next week, or even next year. In the meantime, operating systems are implementing methods to prevent attacks.

In the rush to get these fixes out, as one might expect, more problems are being caused. Microsoft has reported issues with anti-virus applications not playing nice and claiming AMD’s documentation was incomplete. Ubuntu 16.04 users had issues forcing them to roll back the kernel. In addition to all this, processor performance is impacted. Testing done on operating system patches shows slowdowns of 2% – 30%.A forum post on Epic Games included the above graph showing CPU usage of 3 cloud servers. After their cloud provider patched one server at about 23:00, CPU utilization of that server increased nearly 2.5x over the other two. Though the CPU wasn’t maxed out, it was enough to cause service disruption. Gamers really don’t like it when their services don’t work.

For most users, stay current with system patches and updates. In particular, Microsoft is requiring anti-virus programs to set a registry key before Windows will apply system updates. As of this writing, if you do not run, have an out-of-date, or have a non-compliant anti-virus application, your system will NOT receive any future Windows updates including the patches for Meltdown and Spectre. Current versions of Windows can run the free Windows Security Essentials available for Windows 7 or Windows Defender is included in Windows 8, 8,1, and 10.

Bruce Schneier, a well-known cryptographer and security researcher states: “… more are coming, and they’ll be worse. 2018 will be the year of microprocessor vulnerabilities, and it’s going to be a wild ride.” Link to his blog post.

More information:

https://meltdownattack.com/ – research papers, technical information, FAQ, videos in action, and info from companies affected.

https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)

Thanks for reading and 73… de Jeff – K8JTK

Ohio Section Journal – The Technical Coordinator – October 2017 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://arrl-ohio.org/news/OSJ-October-17.pdf

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey gang,

October is National Cyber Security Awareness Month. I either made your eyes roll because security can be complicated or piqued your interest because of the TWO Equifax breaches. I can certainly get into the weeds with data and cybersecurity because it’s an interest of mine – as a user and programmer. Realizing that most readers won’t have a background in programming or system administration, I’ll set aside the technical details. I’ll briefly cover some cybersecurity issues and give tips anyone reading this article can use.

The whole concept of computing is built on trust. The list of things we trust is infinitely long: trust programmers of the operating system and program developers are following good practices. Trust the company stands behind their product, fixing problems and issues. Trust “Information Security Officers” of a company actually have a background in information security. Trust audits are taking place to uncover problems. Trust customer data is being stored in accordance with good security practices. Trust the website you’re browsing to is really CompanyWebsite.com. Trust “[insert name of company here] Free Wi-Fi” is really that company’s free Wi-Fi. Trust that devices in your home aren’t spying on you. You start to get the idea.

Security is a tradeoff between safety and convenience. Computing could be made very secure but those systems would be completely unusable due to the layers of security. There is no such thing as a “completely secure” system or device – it just means the mistakes, problems, and bugs haven’t been found yet. “Shellshock” is considered to be a very severe security bug. Disclosure came in September of 2014. This bug affected millions of servers connected to the internet. It was determined the bug, in some form, had existed in the UNIX (and Linux) command-line interface since 1989.
Humans program computers. Humans use computers. Humans make mistakes.

Hackers leverage these mistakes and use them to their advantage, often to gain unauthorized access. The word “hacker” has two meanings. “White-hat hackers” are the ones who experiment with and modify devices and software to make it work better. Hams are examples of these because we take commercial gear and make repeaters or use off-the-shelf routers for things like Mesh networking. “Black-hat hackers” are the bad guys and the ones we hear about on the news stealing credit card data from Target and personal data from Equifax. These are the ones I will be referring to.

Hollywood gives us the perception that hackers are in some 3rd-world country or in a dark basement, no lights, and only the glow of their computer screens. Hackers come from all parts of the world and sometimes are acting on a government’s behalf. In fact, legitimate companies exist solely to sell their black-hat hacking tools. They have buildings, employees, call centers, and help desks – as does any legitimate company.

What’s the motivation behind hacking?

Money. It’s hard not to tie everything back to money. The first reference to malicious hacking was “phreaking” (pronounced freaking. AKA: phone hacking) where one of the goals was to manipulate the public phone system and use it to make long-distance calls when it was very expensive to call around the world. More recent financial examples include everything from disrupting nation-states (economic), blackmail, and ransom payments for access to data. Ransomware encrypts all documents and pictures. It demands payment before it will (hopefully) decrypt your files allowing you to use those files again. Ransomware utilizes the same technology, strong encryption, which you use to securely transact with your bank online.

My social media, computer, or online account has no value [to me] / I only check email / I don’t store anything on my computer / why would anyone want access to my email or computer?

I hear these alot. Many of us don’t realize all the things a bad guy can do with computer access or an email account. Brian Krebs is a blogger who covers computing security and cybercrime on his website Krebs on Security. He is known for infiltrating underground cybercrime rings and writes about his experiences. His site is highly recommended reading for anyone with an interest in cybersecurity.

Brian posted two articles titled “The Value of a Hacked Email Account” and “The Scrap Value of a Hacked PC…” When signing up for any online service, an email address is almost always required. In 2013, according to Brian’s article, hackers who have access to email accounts can subsequently gain access to other services such as iTunes and sell that access for $8 each. FedEx, Continental, United accounts go for $6. Groupon, $5. Hosting and service accounts like GoDaddy, AT&T, Sprint, Verizon Wireless, and T-Mobile, $4 apiece. Facebook and Twitter accounts were $2.50/ea.

Aside from the monetary value, bad guys have access to family pictures, work documents, chat history, can change billing and deposit addresses on banking accounts, drain financials like 401K, bank or stock accounts, and target other individuals like family members. In 2012, a hacker went after Wired journalist Mat Honan locking him out of his digital life. The attacker used flaws in Amazon and Apple’s services, which helped them gain access to Mat’s Gmail and ultimately his Twitter account.

Access to a personal computer can be gained through a number of schemes including: fake ‘you have an out-of-date plugin/flash version’ on a webpage, receive an email about a past due invoice, notification of a problem with some shipment, or by innocently installing a program thought to be legitimate. A recent example of a compromised program was the widely popular PC maintenance program, CCleaner. Untold millions of people unknowingly downloaded a malicious version of the program from the vendor’s site.

A hacked PC can be used for: generating email spam, harvesting other accounts (see above), gain access to a work network, steal online game keys and characters, be part of a Denial of Service attack, infect other devices on the network (like DVRs), create fake eBay auctions, host child porn, capture images from web-cams or network cameras and use them for extortion purposes.

What can I do to protect myself?

Unfortunately in situations of compromise like Target and Equifax, there was nothing you could do – other than not use a credit card at Target or not apply for any kind of credit reported to Equifax. Unlikely for many. You can only react after-the-fact by closing accounts with fraudulent charges and place credit warnings or freezes on your credit.

The SANS Institute, which specializes in information security and cybersecurity training, offers a “monthly security awareness newsletter for everyone” called “Ouch!” Their October 2017 newsletter outlines five steps to help anyone overcome fears and securely use today’s technology. Check the newsletter for more information on these points.

  1. Social Engineering: is an old technique which creates a sense of urgency to tick people into giving up information they shouldn’t: someone needs money quickly, boss needs a password, the IRS is filing suit against you, Microsoft Tech Support calls you about a “virus” on your computer, etc. Never give a password, any personal information, or remote access to any solicitor.
  2. Passwords: Create unique, strong passwords for all online devices and online accounts. Use a password manager which will assist in creating strong passwords. LastPass utilizes a web interface and cloud storage, KeePass is an application and stores the database locally on your computer. Both are excellent solutions for a password manager.
    If you’re uncomfortable with a password manager, use pass-phrases which are passwords made up of multiple words. Passphrases can be written down, but store these in a secure location. Use two-step verification, often called two-factor authentication. Two-factor authentication (2FA) is a combination of something you know (your password) and something you have (a smartphone). A list of services offering 2FA with instructions can be found at: twofactorauth.org. Note: text messages are NOT a secure two-factor method because the cellphone network is not secure and attackers have been able to re-route text messages.
  3. Patches: Put all devices connected to the Internet behind a firewall (router) and keep all systems connected to the internet up-to-date. This includes home routers, computers, smartphones, tablets, streaming media devices, thermometers, Raspberry PIs, lights, automation systems, speakers, and video cameras. If devices are not being updated by the vendor, potentially dangerous mistakes are not being fixed. It’s time to consider better devices.
  4. Anti-virus: can protect you when you accidentally click on the thing you shouldn’t have and infected your system. It won’t protect against every form of infection. Windows Defender, available for all current Windows operating systems, is sufficient.
  5. Backups: I cannot stress this enough, backup, backup, backup! Many times I’m asked something similar to: ‘how can I recover my daughter’s wedding pictures from my computer’s crashed drive?’ Maybe you can, but often not. ‘I lost my phone, didn’t have cloud backup enabled, and had vacation pictures on there.’ Yea, they’re really gone. Backups serve as a way to recover from your own mistakes like accidentally deleted files and ransomware cyberattacks. A “3-2-1 backup strategy” includes 3 copies of your data, 2 on different media, 1 off-site. For most of us, this means: the original data is the 1st copy, an external hard drive (disconnected when not copying data) or network storage drive houses the 2nd copy, and a copy on a USB flash drive stored at work or backed up using a cloud backup solution – is the off-site 3rd copy.

A layered approach to security is considered best practice. As an example, creating strong passwords AND using two-factor authentication. The more layers the better, but more layers means less convenience. Brian Krebs also offers his “Tools for a Safer PC” which includes switching to OpenDNS in your home router. DNS is the service that turns human-readable URLs into IP address. OpenDNS blocks communication with known malware sites.

Hopefully this information has grabbed your attention and guided you to take steps to become safer online. Thanks for reading and 73… de Jeff – K8JTK

Imgs: Krebs on Security, Ars Technica.

Ohio Section Journal – The Technical Coordinator – April 2016 edition

One of the responsibilities of the Technical Coordinator in the Ohio Section is to submit something for the Section Journal. The Section Journal covers Amateur Radio related things happening in and around the ARRL Ohio Section. It is published by the Section Manager Scott – N8SY and articles are submitted by cabinet members.

Once my article is published in the Journal, I will also make it available on my site with a link to the published edition.

You can receive the Journal and other Ohio Section news by joining the mailing list Scott has setup. You do not need to be a member of the ARRL, Ohio Section, or even a ham to join the mailing list. Please sign up!

If you are an ARRL member and reside in the Ohio Section, update your mailing preferences to receive Ohio Section news in your inbox. Those residing outside the section will need to use the mailing list link above.
Updating your ARRL profile will deliver news from the section where you reside (if the leadership chooses to use this method).
Go to www.arrl.org and logon.
Click Edit your Profile.
You will be taken to the Edit Your Profile page. On the first tab Edit Info, verify your Email address is correct.
Click the Edit Email Subscriptions tab.
Check the News and information from your Division Director and Section Manager box.
Click Save.

Now without further ado…


Read the full edition at: http://n8sy2.blogspot.com/2016/04/april-edition-of-ohio-section-journal.html

THE TECHNICAL COORDINATOR
Jeff Kopcak – TC
k8jtk@arrl.net

DSCF5081 K8JTKHey Gang,

So — Windows 10. This topic was brought up during the after meeting at my local club. Many of you are undoubtedly seeing the upgrade nag-screens. You too might be wondering: what’s changed in Windows 10, might have heard some of the issues surrounding the new operating system, and why the big push to upgrade. This month I’ll cover the new operating system from the perspective of what has happened so far and not from a ham radio perspective. Also to preface this whole thing, Microsoft has never been very clear about their statements and often retracts or goes back on things they’ve said. In other words, any of this may change as we go along.

windows-update-impending-upgradeWhat is Windows 10?… why not Windows 9? There are many theories surrounding the choice in numbering. The named version of Windows hasn’t matched the real version number since Windows NT 4.0. Windows 10 is the successor to Windows 8.1, but not Windows as you know it. It represents a shift in the direction of Microsoft as a company. Microsoft indicated this is the “the last version of Windows.” While they‚Äôre not killing it off, Microsoft is moving to a model they call “Windows as a service.” This means Microsoft will deliver innovations and updates in an ongoing manner instead of separate releases (versions) of Windows. The ultimate goal is to have one version of Windows that will run on all platforms. Everything, including Raspberry Pi, phones, tables, HoloLens (wearable, so called “smart-glasses”), laptops, desktop PCs, Surface Hubs (interactive whiteboards), and Xbox entertainment systems. Having one version of an operating system means all of these systems will become integrated and share information easily.

windows-product-family

A large part of this shift includes the use of “the cloud.” The cloud is a fancy term for someone else’s equipment on the Internet. The most common example is ‘cloud storage.’ Services like DropBox, Google Drive, or OneDrive allow you to save your documents and pictures elsewhere. You upload files to these services and you can access those files or share them with others on the Internet. The cloud is heavily integrated into Windows 10. After installing Windows 10, it will prompt you to sign in using a Microsoft Account. This syncs your user profile with the Microsoft cloud. When you sign into another device using your Microsoft Account, your settings will be the same across those devices. You can use Windows 10 without a Microsoft account. The computer will operate in standalone mode similar to previous versions of Windows. Microsoft’s online storage service called OneDrive is integrated into the operating system as well. Other new features include your new personal assistant, Cortana. She will help find things on your computer and the web, set reminders, similar to Apple’s Siri or Google Now.

Universal apps: These first appeared in Windows 8 as “Metro Apps.” This concept is to have developers write one application and have it work the same way on any Windows platform. These apps are found and delivered via the Microsoft Store (similar to the Android Play Store or Apple’s App Store), and again – available on all platforms. Some games and applications that came preloaded in previous versions of Windows have been replaced with Universal Apps in 10.

Edge browser: Microsoft Internet Explorer has been replaced with Microsoft Edge. It’s been touted as a more secure browser. However, this has yet to play out because browser extensions are very limited.

upgrade-is-readyFree upgrade: Legal copies of Windows 7/8/8.1 are eligible for a free lifetime upgrade to Windows 10 until July 29, 2016. There are some stipulations to this free upgrade. “Lifetime” means the lifetime of the device eligible for the free upgrade. When that device fails, you cannot transfer the free upgrade to another device. What happens after July 29th? Microsoft hasn’t said. The free upgrade is expected to become a premium upgrade that you’ll have to purchase, even for a device that was previously eligible for the free upgrade. Versions prior to Windows 7 are not eligible for the free upgrade. To be honest, if you’re running a version of Windows prior to 7, you probably want to upgrade your hardware for 10.

Now reality.

Big upgrade push: Windows users have seen the icon in the system tray nagging them to upgrade. Why the big push? Microsoft is trying to avoid another Windows XP. At the time Windows XP was declared “end-of-life,” it accounted for about 10% of all computers on the Internet. Two years later, about 7% are still using XP. That’s a lot of users running a dead operating system. On top of that, Windows 7 will be 7 years old in July and only supported for 4 more years (until January 2020).

While Windows XP maybe working great, there are reasons to get off of it. Google has been leading a push for a more secure Internet. Windows XP cannot handle many modern security methods in use today. All browsers in XP (except Firefox) will display ‘your connection is not private’ when connecting to a website that has more modern security then XP can understand. Since Windows XP is not a supported operating system, it won’t be updated to handle modern security methods. While the website will still work, your connection will be less secure. A work around for this security issue is to use Firefox. Though no known vulnerabilities exist in XP, best practice dictates users should remove unsupported operating systems from the Internet if it doesn’t need to be on the Internet. Another reason to upgrade is new hardware and software will not have support for old operating systems.

upgrade-is-waitingThe upgrade push for Windows 10 has been nothing short of a disaster. Last year, users eligible for the upgrade began seeing a Windows icon in the system tray saying ‘you‚Äôre PC is ready for your free upgrade.’ This deplorable tactic is commonly used by malware and spyware authors to trick you into installing software you don’t want or need. As an Information Technology professional with an interest in cyber security, this is the type of message I tell users NOT to acknowledge. Kind of ironic. Initially this tray icon came in the form of a Windows “Recommended” update. Then Microsoft upgraded it to a “Critical” Windows Update -yet another deplorable tactic. Despite this maneuver, Windows 10 is NOT a critical update. The upgrade popups are very confusing as the clickable options are: “upgrade now,” “upgrade later,” “OK,” or “Get Started.” Oh, it gets worse. Users are reporting they vigilantly closed the prompts to upgrade (clicked the red “X”) but their system was still upgraded automatically against their wishes. They went to bed with Windows 7 and got up the next morning to Windows 10. Surprise.

Once the upgrade happens, you do have 30 days to revert back to your previous version of Windows. The problem here is users have found the roll back frequently fails. Imagine that. ‘Don’t worry, you can go back… if you want. Opps, the roll back just failed! Guess you‚Äôre stuck.’ Thanks.

Start Menu: Microsoft tried to remove the Start menu in Windows 8 and replaced it with a full screen tile menu. This was an attempt start a unified experience between PCs and mobile devices. The change worked fine on small screen devices but was a terrible experience on PCs. It was met with much outcry. The Start menu has returned in Windows 10 with something that kind of resembles the Start menu from Windows 7. It’s more of a combined Start menu — “Live Tile” experience. Live Tiles display updates like weather, news, and photos, while others are just a static application icon.

windows-10

Adding to the confusion, there now two places where system settings reside: “Settings” and “Control Panel.” Settings typically run between devices like time zone, personalization, notifications, and user accounts. The Control Panel is mostly desktop specific settings.

Tracking: Microsoft Windows 10 tracks much of what you do and where you go. Their claim is they provided a free upgrade so you can give some information back to Microsoft on your usage. Two problems with this: even if you pay for the Windows 10 upgrade, this information is still shared with Microsoft. The other, this tracking is now rolled into Windows 7 and 8. Privacy advocates feel this is a violation of user’s privacy. The argument on the other side is most use Google or Apple’s services and they know just as much about you. This Ars Technica article explains tracking is a growing trend in technology: http://arstechnica.com/information-technology/2015/08/windows-10s-privacy-policy-is-the-new-normal/

Upgrade tips: create a full system backup using a backup service or create an image of your current installation on an external hard drive before attempting to upgrade. This is a backup incase the rollback fails. Check the vendor’s website of your hardware and critical software applications. Look for driver support or knowledge base articles about Windows 10 before upgrading. Knowing whether your devices and software are supported will help minimize regret because your favorite app or device no longer works.

Certainly some of these concerns have caused me to look at alternative operating systems. I have found in my deployments (I have yet to upgrade all of my desktops) with a little work, I can get 10 to act a lot like (my favorite) Windows 7. Turning off or uninstalling cruft helps a lot: turning off notifications, disabling camera & microphone usage, disable Cortana, remove many Universal Applications, and turn off background apps. I use Classic Shell to return a normal looking Start menu and Anti-Beacon to disable tracking. Links to those applications and ones to disable the upgrade nag-screens are below. Seriously, if you find any of these apps useful, consider donating to the author because we need to support those doing the right thing and allowing choice.

Thanks for reading and 73‚Ķ de Jeff ‚Äď K8JTK

Image sources: thurrott.com, zdnet.com, and blogs.windows.com.

As always, use these at your own risk.
Disable Windows 10 upgrade and notifications in Windows 7 & 8/8.1:
Never 10: https://www.grc.com/never10.htm
GWX Control Panel (advanced users): http://ultimateoutsider.com/downloads/

Start menu replacement for Windows 8 & 10:
Classic Shell: http://www.classicshell.net/
Start 10 (trial): http://www.stardock.com/products/start10/

Disable Windows tracking:
https://github.com/10se1ucgo/DisableWinTracking
https://www.safer-networking.org/spybot-anti-beacon/ (from the makers of SpyBot Search and Destroy, works on all versions of Windows).
A more manual approach is presented: http://arstechnica.com/information-technology/2015/08/windows-10-doesnt-offer-much-privacy-by-default-heres-how-to-fix-it/

Bridge a Remote Site Network with OpenVPN Access Server

Having access to your devices over the Internet is a requirement for any admin deploying a project. Instead of running to a remote site to administer devices (making changes, applying updates and patches), it’s easier to connect remotely and make changes. Remote access poses many issues and concerns.

Security

First and foremost is security. You always, always, ALWAYS want devices connected to the Internet behind a router with a built-in firewall (NAT router). A firewall filters traffic between two networks (your ISP and home for example) and will block attempts to connect to your internal (private) network.

Device manufacturers take security for granted. Little testing and auditing takes place because the analysis is expensive for throw-away devices. This is noted in many stories including Bug Exposes IP Cameras, Baby Monitors where simply clicking “OK” on the login dialog allowed access to the Internet connected video camera. It is trivial to find these devices on the Internet because of Shodan. Shodan is dubbed the “Internet of Things Search Engine.” If you’re not familiar, think of it as the Google for devices connected directly to the internet. These could be: web servers, printers, cameras, industrial machines, bitcoin mining… Putting devices behind a firewall minimizes the risk because anything trying to peer into the network would be blocked by the firewall.

This holds true for networks you don’t control (granted access on someone else’s network). Put your stuff behind a router/firewall so they can’t see your devices and you can’t be exploited by devices on the other network.

Port Forwarding is a popular technique to only allow traffic on a specific port to a device you specify in your firewall (router). This provides little security as it still allows a potentially vulnerable service to accept incoming connections from the Internet.

Choose a good router

Couple of tips for a good router:

  • You get what you pay for. Don’t opt for cheap.
  • Opt for ones that support third-party firmware like DD-WRT and Tomato or setup a dedicated computer running pfsense or Untangle. These have proven to be more secure than stock firmware in addition to offering a more complete feature set.
  • Stick with popular models as found on Amazon, Newegg, or other tech store. They’re more likely to be reliable, well updated models.
  • Look for ones that accept USB cellular modem dongles for installations that have no accessible network connection like a remote site.

Virtual Private Network

The preferred way to connect to a remote network is to use a VPN. A VPN connects to a private network securely over the Internet. It allows the user to exchange data, use services, and connect to devices as if they were directly connected to that network. An open-source project that implements VPN technologies security is OpenVPN. OpenVPN is an application that allows for secure point-to-point communication. There are many implementations of OpenVPN including using it in many third-party router firmware (mentioned above). OpenVPN Access Server is one of the many implementations and the one used for this project.

This project was inspired by Hak5 1921 ‚Äď Access Internal Networks with Reverse VPN Connections. As an Amateur Radio operator into the newer computer and digital technologies, more devices are located at remote sites.

This setup consists of:

  1. A remote network behind a firewall where devices exist you want to access. This will be a Linux server on the remote network that will act as the gateway and persistently connected to the bridge. This could be a full desktop computer purposed for something else or Raspberry Pi. Also on the same network will be a Windows machine.
  2. An unsecure/unknown network, AKA the Internet.
  3. A private server that will act as the bridge between the remote network and a device you choose.
  4. A device in a separate location that will connect to the cloud server and will be able to access the remote network. I will use a Windows machine to act as a ‘home’ computer.

This setup works in nearly all cases because the only device receiving incoming connections is the bridge server in the cloud. Firewalls block incoming connections by default. Very few block connections originating inside the network out to the Internet (egress). If a device along the way filters by content, connection attempts will be blocked. Many corporate networks are doing this kind of filtering. Otherwise the traffic looks the same as secure web traffic on port 443. No port forwarding is used.

Hosting

I recommend using an infrastructure hosting provider for the bridge server. This can cost anywhere from $5-$15 per month. The device can be anywhere on the public Internet. It must accept multiple connections on different ports but only by a couple users at a time are needed. Minimal configuration is more than sufficient. Bandwidth, latency, and up-time of all points in this setup effect reliability. My personal recommendations for infrastructure hosting providers are: Rackspace and DigitalOcean.

IP addressing

All remote networks and the home user networks cannot overlap in address space. That is they need to be differently numbered. For example, typically home networks have addressing as 192.168.1.x. The remote site(s) can’t have the same numbering (192.168.1.x). It must be different. I suggest making the remote site different enough to not cause conflict with any home users’ networks. Remote sites as 192.168.25.x, 192.168.26.x, and 192.168.27.x would work fine when the home users’ networks is addressed 192.168.0.x, 192.168.1.x, 192.168.2.x, and so on (except 25-27). Similarly addressed networks create routing conflicts and the packets will not reach the correct network.

Downsides

Cost.

In addition to hosting, a downside to using OpenVPN Access Server is licensing. While OpenVPN is Open-Source Software and OpenVPN Access Server is free, the license allows for only two concurrent tunnel connections at any one time. This means the remote site counts as one connection and the home device the second. If a second person (third device) needed access to the remote network, they would get a message saying ‘Access Server has reached its concurrent connections limit.’ The first person would need to disconnect first before the second could connect otherwise current connections will begin to be booted. Additionally, connecting two or more remote sites and a home user is not possible without purchasing licenses or running an additional bridge server. Additional licenses can be purchased for “$9.60 License Fee Per Client Connection Per Year. Support & Updates included. 10 Client minimum purchase.” $96 per year.

An alternative to OpenVPN Access Server is to setup your own (roll your own) OpenVPN server which is free. I hope to do an OVPN server setup at some point in the future.

Assumptions

This guide is step-by-step in nature, meant for beginners, with brief explanations of the steps. It will help to have an understanding of Linux commands and scripting. Capitalization is important in Linux! Understanding of basic networking concepts including determining network prefixes and CIDR notation is also required.

Program versions

I used a Windows 7 64 bit PC for configuration (and Home PC). Applications and versions used in this writeup:

  • OpenVPN Access Server 2.0.24
  • Putty 0.67
  • Ubuntu 14.04 x64 (bridge and remote servers)
  • Filezilla 3.16.0

P25 Trunked Tracking and Decoding with RTL-SDR, Unitrunker, and DSDPlus

The project that got me really into experimenting with the RTL-SDR dongles is using them to decode P25 digital trunked public service radio systems.  I have been a casual scanner listener for years and like to listen to emergency calls nearby.  In college it was great to listen in on a party weekend hearing fights, disturbances, or why my street suddenly filled with cars at 3 AM.

Narrowbanding

That was when most agencies were analog. ¬†To get more use out of the radio spectrum, the FCC decreed¬†a narrowbanding mandate requiring a “maximum of 12.5 kHz bandwidth across the private land mobile bands between 150-174 and 421-512 MHz.” ¬†This means going digital for much of that radio spectrum because traditional FM transmissions are 15 KHz. ¬†Ironically they will “go digital” but move to 700/800 MHz.

As a casual listener, I wasn’t exactly thrilled with spending at least $500 for a scanner capable of digital (P25 mostly) and trunked system tracking¬†(also Radio Reference wiki).

$40 RTL-SDR trunked scanner

Lurking around the Radio Reference forums, I saw references to being able to use the RTL-SDR dongles for trunked digital decoding.  I had to try it.  I had played around with these dongles and read about the many projects people were doing with them.  In actuality this project cost me $65.

About the project

You will need at least two RTL-SDR dongles ($20/each) and a copy of Virtual Audio Cable ($26).  I already had a premium Radio Reference account.  You can do the project with one dongle but you loose many features in Unitrunker like talkgroup priority.  Theoretically, the single dongle listens to the system control channel and then tunes to voice calls, then back to the control channel.  You will miss calls because that notification comes across the control channel while the dongle was tuned to a voice transmission.  I will cover a two dongle setup and do not plan to cover a single dongle setup.

This project is still very complicated but it is MUCH easier than it used to be. ¬†This manly thanks to Rick, the developer of Unitrunker who implemented support for the¬†RTL-SDR chipset in his program. ¬†Previously, there needed to be a plug-in for both Unitrunker and SDRSharp, there were all kinds of “moving parts.” ¬†In one respect, being able to see the signal waveform on a spectrum analyzer made it much easier to fine tune the PPM correction on-the-fly as opposed to guessing on a modulation scope. ¬†This setup is much cleaner and the Unitrunker developer has implemented advanced features like drift correction. ¬†It will take some time and patience to understand, research, and know the types of systems and system specifics.

There are some advantages like cost and being software based. ¬†Changing modulation types is often as easy as changing programs. ¬†As an example, DSDPlus will decode MotoTrbo as opposed to no standalone scanner being able to do so currently. ¬†However, portability of this setup is limited as you have to have many pieces of equipment with you. ¬†You’ll need an Internet connection to find sites to program and a PC to tweak settings.

Two very specific and key things to note about trunked radio systems in general:

  • You cannot tell the tower your’re listening to which talkgroup you want to monitor. ¬†Doing so would require the ability to transmit and IS ILLEGAL because you are not authorized to do so. ¬†If the talkgroup is not transmitted by the tower, you’re out of luck. ¬†You can’t be in Dayton and tell the system you want to listen to a talkgroup originating from Cleveland.
  • Nothing here (and no program I know of) will defeat encryption, even if you own the keys. ¬†Decoding encrypted transmissions is not implemented in any of these programs. ¬†On the flip side, be aware that using this tutorial and feeding the audio to Radio Reference and Broadcastify may not make agencies happy. ¬†You could get a take-down notice or even worse, it is trivial to turn on encryption at the system level and you just blocked reception for all scanner listeners.

Thanks to those whose tutorials I first used getting this setup working: $20 trunking police scanner and RTL-SDR Tutorial: Following Trunked Radio With Unitrunker.

Program versions

I used a Windows 7 64 bit PC. Applications and versions used in this writeup:

  • SDRSharp: 1.0.0.1330
  • Virtual Audio Cable: 4.14
  • DSDPlus: 1.51
  • UniTrunker: 1.0.30.10

Parts list

Listed below are all the parts needed to get this project working.

  • Computer with some processing and memory horse power. ¬†It is recommended to have a computer with a recent Intel Core i5 processor and 8GB of RAM, or better.
  • Receive antenna that covers 700 & 800 MHz where P25 trunked usually resides. For an external antenna, splitters¬†and coax runs maybe needed. ¬†The stock RTL-SDR dongle antennas worked fine for me.
  • Two¬†RTL-SDR Dongles. ¬†To decode more than one voice transmission, increase the number of dongles needed.
  • Virtual Audio Cable. ¬†Not free but trial version available.
  • Radio Reference account. ¬†Premium account. ¬†If you don’t want to fork over the money, become an audio feed provider.
  • Recommend a USB hub. ¬†Couple years ago I picked up a¬†Rosewill RHUB-300 USB 2.0 Hub 7-Port HUB. ¬†I recommend this hub because when the dongle is plugged in, the antenna connector is pointed up. ¬†This makes it easier to connect an adapter and a Pryme RD-98. ¬†If available, connect the hub to an Intel USB chipset¬†on your motherboard. ¬†I’ve had far less issues using Intel based hardware.

ADS-B Decoding with RTL-SDR, ADSBSharp, and Virtual Radar Server

Update: ADSBSharp (ADSB#) is no longer available and has been deprecated.  Copies can be found by doing some searching.  It is not available from the authors site as described in this post for the RTL-SDR. A program like RTL1090 or Dump1090 (or any of its forks) can be substituted.  The author is focusing on AirSpy devices and ADSBSpy is available from the same site as SDR#.


An interesting project I came across using the RTL-SDR dongle is to decode ADS-B¬†data. ¬†ADS-B stands for¬†Automatic dependent surveillance ‚Äď broadcast allowing aircraft to be tracked by ground stations and provide situational awareness to nearby aircraft. ¬†It is part of the FAA’s NextGen project and mandated by agencies across the globe. ¬†ADS-B uses a frequency of 1090 MHz.

Thanks goes out to Robert Nickels РW9RAN and his article in the January 2014 edition of QST which covers this project and how to make a Collinear Array for 1090.  HAK5 also did a couple episodes showing how to make an antenna and configure Virtual Radar Server.

adsb-hub-diagram
Block diagram of the ADS-B Hub setup. From: QST, January 2014.

Program versions

I used a Windows 7 64 bit PC. ¬†Applications and versions used in this writeup…

SDRSharp: 1.0.0.1330
ADSBSharp: 1.0.11.1
Zadig: 2.1.0.658
Virtual Radar Server: 2.0.2
SBS Resources: 6.7

Parts list

Listed below are all the parts needed to get this project working.

Antenna with receive coverage of 1090 MHz.
RTL-SDR dongle.

I had a ham radio antenna that I used. ¬†It is the MP Antenna 08-ANT-0860¬†Ultra Mobile Antenna if you’re interested. ¬†To build an antenna, see the QST article above. ¬†The one that comes with the dongle will work but at short range.