 Hi there, so I'm John M, title of my talk is Hand for Hackers. Stamature Extra, it's the highest class of license in the United States. I've been operating since about 2000. Radio is just one of my hobbies, stuff where a security consultant intends to pay more. So if you want to play with wireless, say you want to do remote control, you want to have data links, or you want to just talk to people, or say you're building a robot and you want telemetry, what are your options really? So here's the U.S. frequency allocation from about zero to 300 gigahertz. So what do you have to play with? What's completely open for you to do? Nothing. All of it is restricted in one way or another. There's no electromagnetic spectrum is a shared resource. The government locks it down pretty tightly. Listening is unrestricted though. You can do whatever the hell you want except for analog cell phone frequencies which is increasingly less relevant. You can listen to whatever the hell you want. So if you're just experimenting, what can you use? There's a couple that are dedicated to unlicensed use. FCC Part 95 defines the personal radio services, which is CB and FRS. These are generally low power, short range. You're going to get about a couple of miles and they're voice only. There's also only a few channels for each service. So in crowded areas there's a lot of competition for using these frequencies. FCC Part 15 covers your unlicensed RF devices. This is everything from Wi-Fi to your garage door over cordless phones, remote control cars, all of that stuff is FCC Part 15. It's very limited power. Generally you can't have any kind of amplification or directional antenna. There's a number of frequencies available, but there's a lot of users and generally it's secondary use. So there's a primary user that can stomp all over you all they like and you're not going to be able to do much. So to make a long story short, unlicensed operations are restricted. You're not going to have much range. You're going to have a lot of competence. You have to take it. More importantly, if you're interfering with someone else, you have to shut down your transmitter. And this is no joke. The FCC has very strong powers with regards to interfering transmitters. You knock on your door and say, let me see your transmitter and you have to let them in now. No time to flush your transmitter down the toilet or anything like that. They can do that. That's their power. So unlicensed operations, if you're violating that and you're causing lots of problems for the people, so enter amateur radio. FCC Part 97 defines the amateur radio service. The upside, you get to use a lot more power and you have primary use on a number of bands, which means that you are the authorized user for that band. If someone else is causing you interference, they have to stop. The downsides are you have to be licensed and you have to follow operating procedures. So amateur radio created four hackers. Back when they created the FCC, they created people who were doing whatever they wanted on anywhere on the radio frequencies. And it was a big mess. They created the FCC lockdown spectrum, but they still wanted to have that free experimentation that was going on with radio. And so they created the amateur radio service. And the stated purpose is the continuation and extension of the amateur's proven ability to contribute to the advancement of radio art. So it was created to provide skilled individuals with a form for experimentation and technical advancement. Limitations. There are a couple of key ones. First and foremost, you have to identify yourself. There's no anonymity in amateur radio. And there's no secrecy and there's no encryption. The only time you can use encryption is when you're controlling a satellite station, like up in space. Otherwise, there's no secrecy, no encryption. You can't broadcast, especially not music. The only time you can send music is when you're rebroadcasting space station transmissions, and it's in the background. The biggest one in the area. So you can't, it's non-commercial. You can't make money off of it. You can't sell access to it. But you can develop technologies and sell those technologies to other people. That's perfectly fine. And one last thing, you really, they have this thing about profanity. It's kind of lame, but you can't swear. So there's three levels of license. You've got technician, which is the entry level, general and extra. If you just want to experiment, the technician license will give you full privileges on all the bands above 50 megahertz. So 50 megahertz up into the gigahertz ranges. You can use 1,500 watts of power if you need to, compared to, say, a couple of milliwatts for your Wi-Fi transmitter. And you can use unlimited bandwidth above 900 megahertz. The higher levels of licensing give you access to the high frequency bands, which is everything below 30 megahertz. These bands get, is what you traditionally associate with amateur radio. These are the people that are talking around the world. Using 5 watts of power. So these are really long propagation bands. But if you're just experimenting, you only need the technician, especially if you're just experimenting with things like high power Wi-Fi and things like that. The tests are pretty straightforward. They're multiple choice. The entire question pool is published and freely available. 75% is a passing grade. The technician exam is only 35 questions. So if you can answer 26 out of 35 multiple choice questions, you can get a technician license. And in fact, at noon today, upstairs in one of the sky boxes, we're giving it a testing session if you're interested. So I know what you're thinking. Isn't ham radio for losers? Isn't it full of old men who wear suspenders? They sit around talking about what they're going to buy when they go into the city? Well, yeah, these guys really do exist. But you don't have to be that guy. And as long as you're following the rules yourself, they'll leave you alone. And some of them are actually pretty smart and they know a lot that they can share with you. The other question is, isn't the technology outdated? Well, yeah, so let's compare these two devices. In this hand, I've got a standard handheld radio. In this hand, I've got a cell phone. Analog signaling FM modulation. I can talk on a single frequency at one time. I can listen to two frequencies. When I transmit, people hear me. When they want to talk to me, they're going to finish. Here I've got a cell phone. It's high-efficient, high-quality, efficient digital codecs, having spread spectrum. Multiplexing allows multiple people to use the same frequency at once. And that's not even talking about the software these devices run. I mean, this is a single-purpose device. I can't install Java on this. I can browse the web with this. And the cost is about the same. But there's a lot of cool stuff happening on Amateur Radio. Things I've done, I've talked across country using satellites about this size. Bouncing up to a satellite, talking to someone all the way on the east coast. I've used it for tracking high-altitude balloons that we've sent up to the edge of space. I've used $20 for the hardware to pick up signals from across the country as well. I've added emergency beaconing to my motorcycle so that if I crash, my wife knows where to find me. And there's a lot of cool new technologies being brought into Amateur Radio. Spread spectrum. A lot of you know what's used in your Wi-Fi cards. Instead of one fat, high-power signal, you break it up and you transmit on a bunch of different frequencies at once. It gives you less interference, more bandwidth, it's generally more reliable. It's kind of dead in Amateur Radio, though. There was a peak in the late 90s when the hardware started approving its use. Since then, interest has waned and the kits are pretty much out of production. Digital modes are picking up, though. So DSTAR is a new standard for digital communication of ATM. You can get up to 128 kilobits per second over long distances. It's just like 100 miles with repeaters, you're sending high-speed data point to point. It uses a proprietary codec, which is pretty sucky, but it gives you 4,800 bits per second digital voice. The proprietary codec is kind of a sticking point with DSTAR because only one manufacturer is willing to pay the $25 license fee for the codec. The plethora of Adlon services, you've got position reporting, image transferring, text messaging. So it's kind of an indication of where Amateur Radio is going, especially with the digital modes, but it's kind of a false start right now. What's really cool in my mind is software-defined radio. So instead of doing all your single processing and electronic circuitry, do it in software. It makes for a much more versatile radio. You can implement new modulation schemes just by patching your software, and you can implement really strong algorithms, too. And because the software does the heavy lifting, the hardware becomes much cheaper. So for an example, you've got the new radio. It's an open-source software-defined radio package. It uses the USRP universal software radio peripheral. And it's basically an FPGA, some really high-quality digital analog converters and analog digital converters, and a dotted board interface. You plug in the dotted boards for different frequencies, and you can get coverage from 0 to 2.4 GHz. It has support for many different modulations and encodings, and it's not $2,800 for your base USRP. A lot of people are using these, but they're only doing really simple things like using them to sniff GSM traffic. And there's so much more you can do with these. I mean, imagine what you could do fuzzing the low-level Wi-Fi RF interfaces, things like that. So it opens up... it's really cool technology. So you're thinking $700 plus an extra $150 for each RF module isn't that kind of expensive? Well, that radio there costs $13,000, and it doesn't have much more functionality. It gives a little more power, but that's about it. So there's another one called the HP SDR. It's a modular platform like the USRP. It's built much more focused on amateur radio. Price for a full 0 to 55 MHz transceiver should be in the $800 range. But even that's pretty expensive. It kind of moves it out of the range of casual experimentation. So the next is what's called in-phase quadrature demodulation, IQ demodulation. So why do you need a high-power FPGA when you've got a pretty strong processor on your computer? So you use a very cheap board to grab a chunk of RF spectrum and feed it into your sound card. The software then performs the demodulation and decoding, and your bandwidth is pretty much limited by your sound card. And the frequency is limited practically by what clock source you can generate in a clean way. 50 MHz is pretty much the practical limit for low-cost hardware. Soft rock radios, I have one, but it didn't bring with me. Really low-cost kits, $10 for a single-band receiver, $30 for a single-band transceiver. For $50 you can get a frequency agile transceiver kit that'll do from 0 to 30 MHz. And you have a variety of software packages to process the signals. So you go from this, where you tune across the band, you find a signal, you listen to it, you kind of filter out the noise in your head, you copy the Morse down to paper, because on the higher frequencies people use that because it's a very spectrally efficient method of communication. So you go from that to this. You start the software, you see the Morse code scroll across the screen, and you scroll through the spectrum and read the text. So this is a really bitching piece of software. And because we're in a building, I can't give you a live demonstration, but I've got this nice recording that someone made of a nice pile-up demonstrates what this software can do. So this is about 30 or 40 different stations transmitting Morse, and you just click and you say, oh, okay, well, that person's sending this. You can see what they're sending down here. And it's kind of turning amateur radio into IRC. I mean, this is really cool because it brings it down to the level of people who are much more what you can do with the technology than how many people you can talk to in one day. So, and this is all freely available software. This particular package is commercial, but it's not that expensive. But it's something you can do with $12 with a hardware. So software-defined radio is pretty cool. So this is my call to arms. The kind of tone of my talk is that there's a lot of potential for cool radio, but the fact of the matter is that the average age of the amateur radio operator goes up by a year, almost exactly every year, which means that these people are getting older and there aren't new people doing anything with it. And once these people die off, the spectrum's going to go away. So we're jumping at the bit left and right to buy this spectrum and use it for commercial uses. But it's our last hope for radio experimentation. They're not making good use of it anyways, but we can do cool things with it. So let's keep it open for experimentation and do cool things with it. We can make it better. We can bring existing technologies that we all know and love into the amateur radio space. We can use the spectrum more efficiently. We can do higher data rates. So what's next? Get your license. It's really easy. If you don't do it today, do it in any major town, and most of the minor ones, there's a test session every month. So get your license. Start experimenting. Build some kits. Play with software. Repurpose existing hardware. So what's next? Get your license. It's really easy. If you don't do it today, do it in any major town, and most of the minor ones, there's a test session every month. So get your license. If you don't know, amateur radio has a primary use on the 2.4 gigahertz band, which means if you have your license and you follow all the other operating procedures, you can use 1,500 watts of power on your Wi-Fi connection. I mean, how would you like that? I mean, so bring amateur radio back into the realm of hackers and experimenters. That's what I want people to do. That's what I want you to do coming out of here. Any questions? Yeah. Pardon? Which one's that? Yeah. Yeah, yeah. That's also a commercial one. The one I'm curious about is the Speaks codec, which is an open implementation. And that'd be really cool to see someone implement in a low-cost hardware environment. Yeah. How much does the test cost? The test is $14. The test is upstairs in room 3. Yes. Yeah. People are writing extensions for it, but no one's going as far as hacking the firmware. The codec is sold as a chip. It's an ASIC, so there's not much hacking you can do with that. But you can hack the protocol, certainly. Yeah. It is not open source, unfortunately. A lot of open source software to do the IQ demodulation, and so it's not that big of a step to do an open source implementation of CW Scammer. Yeah, in the back. Yeah. Yeah, Amateur Radio has been doing digital modes, packaged digital modes for a long time, and there are drivers and things like that in the Linux kernel for doing AX25 and things like that, definitely. Yes. Yeah. Most of them are very much software-defined radios, and you can apply your own firmware. Same thing with Bluetooth. All of those consumer digital communications devices tend to be software radio. Yes. Pardon? So, what's that? So, the A double RL, Amateur Radio Relay League, is a facto, it's kind of like the radio equivalent of the EFF. They are the lobbying organization within the United States for amateur radio. They also do a lot of administering of the licensing sections, and they have taken over a lot of the responsibility for administering amateur radio from the FCC, because the FCC has decided that they have been... It is a good idea, and... We'll talk to you later. I'll give you my call sign. All right, any other questions?