 Hey everybody, I'm Gary Kessler here and welcome to talk about putting an AIS receiver on a Raspberry Pi. Hope everybody can hear me okay. Sort of strange giving a presentation to a bunch of people from an office, but off we go. Let me put on my screen here. Hang on just a second. So right now you see me watching you watching me. So we're crossing the beam here. So let me get to the right page. That's not the right page. Let's go here. Now you all know that I watch Longmire. So I'm gonna talk about setting up an AIS receiver on a Raspberry Pi and I'm not gonna assume that anybody has a lot of background in any of this, but obviously through comments in Q&As you'll tell me where I went too deep or not deep enough. But in any case, there are a lot of different ways to build a receiver in any number of formats. I like the Raspberry Pi because it provides a mechanism where I can take a cheap machine and have it dedicated to task. To give you an idea of that, just tell you where it is we're going. I'm sitting here in my office right now, but over here, if I point this in the right direction, right of that, here's my TV screen showing my current AIS information I'm getting. Right there, I think if I'm pointing correctly and if I get this in focus, there's my Raspberry Pi. And now I'm about five miles from the water, so I'm not getting a lot of signal, but back up here over my shoulder, there's my antenna clipped to my bookcase and again connected to the Raspberry Pi, connected to my TV screen. In any case, what I'm going to do, I have a second Raspberry Pi here, so I'm going to start from there and just give you a little bit of background. So first of all, I will say I've got a page on my website. If you go to GaryKessler.net, I egolessly named the domain after myself. If you go to GaryKessler.net, you can get this web page. And if you want way more background on AIS, there's a couple of links that I give you up here. Actually, the Wikipedia page has a lot of good information, but of course you can go to the Coast Guard NAB Center and get their overview. International Association of Lighthouse Authorities has a really good overview as well. But in any case, sort of let me tell you where we started here. Now again, without making too many assumptions about what you all have played with or not played with, if you haven't seen before, this here's a Raspberry Pi. This one is a little bit old. This is, as you can see there, if I can focus this. Yeah, there we go. Okay, so this is the Model B. I think there are a couple beyond that now. But in any case, stock standard Raspberry Pi, a whole bunch of USB ports and ethernet port as well. Here's where there's an HDMI connection as well as power. This is the general purpose IO bus back up in here. And let me go back to being live and personal. Anyway, so that's your stock standard Raspberry Pi. Now, there are also a number of ways where you can connect an AIS receiver. You can get some, it'll plug right into the USB port. What I got was this device from Wegman, the Daisy AIS receiver. If you get a receiver, it is my recommendation, get a two-channel receiver. So AIS broadcasts on two channels, what they call channel A and channel B. I don't see much use if you're going to be doing research and you're trying to gather data. I don't see much purpose in getting a single-channel AIS receiver. It is true in my experience most of what I've seen. Gips that are broadcasting on channel B are also broadcasting on channel A. But again, there's probably no really good reason not to get both channels. In any case, this is, you know, like I said, this is the Daisy AIS receiver. And for those of you who'd like to look at Superdream, that's the back part. So let me go back around here. In any case, so the first part in getting this together also when you buy the piece parts is you're going to have to buy an antenna. You're probably going to want to buy an antenna. You'll need a marine antenna because that will pick up the appropriate VHF channels. Read carefully on the antenna connector. I found that they use a whole different nomenclature. You know, every industry has its own vernacular. Antenna people have theirs as well. You probably want to get what's shown here is the stock standard marine antenna connectors. And you're going to need an adapter to go onto the Daisy hat, which again is what I used. So there's the antenna connector on the Daisy hat. So what I have here is an adapter. This goes onto the Daisy hat side. This is a stock standard bayonet connector for here. Here is the antenna connector. This is the part that goes to the marine antenna. And then here is the bayonet, the female connector. Anyway, so eventually this piece is going to go onto the Daisy hat. This piece is going to go on to that connector. And this piece is going to actually connect to the antenna itself. Oops. Just learning how to use a computer. Anyway, the operating system for the Daisy hat is going to fit onto a micro SD card. And you know, you've all seen micro SD cards. I would get the biggest one that you can just because it provides you more of an opportunity if you need to store a whole bunch of data. Micro SD card probably won't fit in your computer. Luckily most micro SD cards these days come with an adapter. So they can plug into stuff. But you know basically this is like most of my piece parts. I'll put that there. So it'll be in the camera range. So installing Raspbian is something that I'm not going to, hang on just a second. I'm getting a message here that I think I need to take a look at. They're not, you're not seeing the Raspberry Pi. So do I understand you're not seeing my camera? Okay. Now, okay. Now they are. All right. Anyway, on the Raspberry Pi I chose to install Raspbian and then pull open CPN. And so the rest of what I'm going to talk about is basically about that. On my page I mentioned that there is a whole different direction you can go in if you want. If you go to the website AIS Hub, I've got a link for their RPI AIS, which is AIS Dispatcher for Raspberry Pi. And what Dispatcher will do it basically acts as an intermediary to accept AIS feeds and then pop them out where you want them to go. That site is a really excellent site and has a lot of really good information as well. But that's not the direction I'm going to go in right now. But I'm going to talk about is just again you stock standard pretty much vanilla with my Raspberry Pi using the Noob's operating system. And again the operating system is going to go on the microSD card. There are a lot of places out there that give instructions for how to do this. And the reason I put this page together actually is I don't really have a lot of information here. It's really unique to anything that I made up. But I found I had to go to about a dozen sites to get all the information together so that I could actually figure out how to do this. So I decided to build this page because for me it provided a roadmap that if I needed to get in six months I've got a place to go. In any case relatively easy to get Noob's onto the microSD card. And then basically after you have put the operating system, I'm going to get this off my card here. So I've got the operating system on my microSD card and it just goes into the... Oh, there it is. It just goes into the Raspberry Pi. And that is all of your local storage. That is your disk drive. That's your operating system and your bootable device. So of course the joy with the Raspberry Pi is you can have a whole slew of different operating systems and you change the personality of the Raspberry Pi by what SD card to put in. One of the reasons I like having a big SD card, like I said, is if I'm doing local storage of stuff I can keep it all on the SD card. Clearly with four USB ports I could also plug in all the external storage I want. So once you have gotten the software installed, you're going to plug the thing in. At this point you need to have some IO devices. So you do need to have a keyboard and a mouse and a monitor of some sort, at least for the initial phases. And so when you start the system up, you'll get some sort of boot screen and you'll tell it, you know, you want to install full Raspbian and just let it go. Now at this point you have an operating system. You now need to configure the Raspberry Pi. So I give you a little bit of instruction to do that, but what I'm going to do is try to show you a little bit more dynamically and live. So the application menu is usually up in the upper left. It's the Raspberry Pi icon. And if you go down to preferences and then Raspberry Pi configuration, here's where you get to configure the things about your system. So here's where you can put in your password, you can put the name of the computer and all this kind of little stuff. One of the most important parts is going to be on the interfaces. If you want remote access to the Raspberry Pi, and I recommend that you do, be sure to enable SSH and VNC. SSH is going to use TCP port 22. VNC I think uses port 5900. You probably want to have the serial port enabled either since you're going to put something onto that serial port. And then there's some other things you can configure here. One that I do recommend is to set your locale. If nothing else, be sure you're in the right time zone and then you might want to do some other things about what country you're in, what language and all those kind of things. But those are the two biggies. You do need to set the Wi-Fi country. And I must admit, I know you need to do it and I haven't explored deeply as to what happens if you configure a different country. But well, anyway, I'm going to cancel this because I didn't really want to accidentally change anything. So anyway, so this is all the stuff, like I said, you can configure on the Raspberry Pi. Now, it turns out, of course, you can use the GUI or you can use a command line. And here's some instructions on using the command line. I just do a sudo raspy-config and pop up actually the same screen. Now, you might want to put your Raspberry Pi onto a Wi-Fi network. And if you have a Wi-Fi network that it's broadcasting its SSID and doesn't have a password and you're not physically connected on the ethernet port, the Raspberry Pi should pick up that Wi-Fi network. However, if you want to connect anything else like a Wi-Fi network that doesn't broadcast SSID and or requires a password, then there's a file that you need to edit and put the information in about that network. This is one of the reasons I'm not going to show you the file that's sitting on my Raspberry Pi because everything is in plain text and I'm not, you know, don't know that I want to share my password right now. Anyway, so what you need to do is go to this file, the Etsy underscore sublookant.com file. Nano is a nice little GUI editor that comes on the Raspberry Pi. In any case, so what I've done here is I'm showing you how you could configure two different wireless networks. So in the first case, I've got a guest network. There's no password, but in this case, the SSID is not being broadcast. So the SSID for the guest network is guest. Anyway, so that's what that would look like. Then I've got another network called owner and owner in this case does have the password. The password is secret and it uses WPA. So this is what those kind of commands would look like to, you know, indicate that network. So let me just go back here for a second and I want to get back to my video actually. Just click the video. Just click the video off. Sorry about that. Sorry, we're all still learning the tools, particularly me. So I'm going to go back to Firefox here. So basically at this point, you've got your Raspberry Pi now can listen on SSH or VNC. You've got it connected to the wireless. So at this point, you could take out your, you know, well, keep plugging into your monitor if you want, but you don't need your keyboard anymore and you don't need your mouse because you can now I'll do that remotely if you want. I do have a couple notes about the screen resolution because I found that I had to play around a little bit with that. And you can go into the config.txt file which is in the boot directory and there are a number of different screen sizes you can try. What I found on this was I had to play around a little bit and experiment and eventually I found something that worked. So now that I got the Raspberry Pi gun, the next thing is installing the Daisy hat. Now again, I'm going to assume that many of you have played with this kind of stuff before, but there's probably some of you who haven't. So on the Raspberry Pi, I've got these two rows of pins back in here and on the Daisy hat, I've got the socket that goes into it. Let me get that a little bit further down. And all I can say is if you've never played around with, you know, putting sockets on the pins, just do it slowly, carefully, and make sure everything's lined up the first time. The other thing is you'll notice I actually have this in a case. You don't actually need to have it in a case, but I thought it was better, more better protected that way. So I mounted the Raspberry Pi onto the case. You see the standoffs. If you're going to do this, there's some standoffs for the for the Daisy hat as well. You know, this is the time to put those in. And then like I said, it's a matter of, you know, be sure that you've lined up the socket correctly this way. And actually it's not, but I can't I can't see it as well as the camera can. And be sure that you've lined it up correctly, you know, here as well. And once you have everything lined up, let me try to get this in here. This is this is the problem of doing anything live, isn't it? Just be sure that you squeeze evenly on both sides and slowly. And there you go. I mean, it's like that. And then of course, you screw it to the standoffs. And then you build the rest of the case. You can probably guess this is why I took a part one to put back together, but I'm not using that live because I'm not going to square everything back in together. Anyway, once you get the Daisy hat installed, that's really all you need to do. I get some instructions on how to load a program called GPIO that allows you to look at your GPIO pins. You can do that or not do that, depending upon if you want to track all those things. I put in the software, but it's absolutely not necessary to do. There's also a program called screen, which again, provides you some useful information about anything on your serial board on the Raspberry Pi, but it's not essential to the operation of anything related to AIS. So I'm going to sort of skip over that. And what I want to do is I want to bring you to open CPN. So I'm running open CPN on the Raspberry Pi. I'm also running it on my Mac. And so there's slightly different views here from what I'll show you on the Raspberry Pi. But the open CPN is open chart plotter. Open CPN runs on just about all software platforms except iOS. And basically, you know, like with any electronic chart display, you see all the targets out here. The targets are color coded actually by type of vessel. And with AIS, they're identifying their type of vessel. Right here, I've got one. I don't really know much about it. But it apparently is a ship from Norway. It's a class A vessel, which means we're going to be getting more information on its position reports. But you'll see here, you know, you've got its speed, its course heading, rate of turn. A vessel like this at this speed ought to be broadcasting, well, certainly no more than about 10 seconds before their transmission. I'm a little bit surprised that we're up to four minutes now. Possibly that's due to range. But in any case, I can look at any one of these other vessels of baby cakes. I can know that just because I see it in the harbor all the time. Right now, it's probably parked. It's a smaller vessel. It's a smaller vessel, by which I mean it's a yacht. It's a class B vessel, so it's not required to transmit AIS messages. But in any case, so open CPN, again, being open source and has a nice version for the Raspberry Pi, you can, you know, download the software at the open CPN.org site. They have more documentation than you can shake a stick at. But again, there's all sorts of information there about how to install open CPN. And again, I try to put everything sort of in one place that, you know, steps you through. Most importantly, is building yourself a PGP key file on the Raspberry Pi. And how to be sure that you get the key so that you can actually install open CPN when you have gone through the first process here. So once you've got the key, you know, hear the steps right here to install open CPN. And like most things, you're waiting for a lot longer than you're actually typing in instructions. But once you get open CPN on your computer, you now have other things you need to play with. So I'm going to go back to open CPN here. And you're now going to need to configure open CPN. Now, one of the things I want to show you, because I found this to be and continue to find it to be one of the, if anything an open CPN is difficult, this is the most difficult step. And that is getting charts. So you have to be familiar with charts and how they're organized, at least in in the United States. So when you want to add a new chart, and you can get charts as you may know, from the National Oceanographic and Atmospheric Administration from NOAA, you can download every chart in the United States in a variety of formats. You can download them as a PDF so that as a person, you can read them, or you can download them in a number of electronic formats, ENC, being the most common. And so basically, what you need to do if you want to add a chart is, well, you can go to chart group here, if you want, you can add new groups of charts. The easiest way is to go to chart downloader. And in this case, you can see that I have four catalogs on my computer right now. I've got the catalog for California, Florida, Connecticut, and although it's not all shown here, for Coast Guard District One. The reason I downloaded all of District One's catalog was because I wanted charts from Vermont, but they don't actually have charts for Vermont. The Vermont charts are in the District One catalog. So that's one of the other things you sort of sometimes need to fight through. But so if you want to add a chart, you just go to add. And then you get to choose, from where do I want my charts? I usually want USA and NOAA charts. So I open up that. And then I can decide, okay, do I want the RNC or the ENC charts? The RNC or the rastrographic, they're not used very much anymore, or I can get ENC charts. And now I can download all the ENCs. I can look them up by district. I can look them up by state, look it up by region, what have you. So if I want to look it up by state, for example, well, obviously here's my states. So let's say I wanted to get charts from Illinois. I could go to Illinois, click okay. And it now has just added the chart. But what it wants me to do is now update. So the next thing I need to do is update. So it gets all of those. And now you'll notice down here, it has a list. Now those of you that are familiar with charts know that the charts are numbered. The numbers are only good in OpenCPN as a mechanism to help you find the name of the chart. Because you'll notice in the catalog down here, everything's by name. So like I said, you just need to know the name of the chart. If I wanted to download, let's say the Chicago Lakefront chart, I merely click on it. I download selected charts. And now those charts are available to me in OpenCPN. So I'm gonna say, okay, so it's all here. And there's actually, there really is a reason I'm showing you this. Alright, so if I back out of here, all the way, I'm going to take a look at the United States. And what you're going to see, well, maybe I'll go in a little closer, what you're going to see here is a bunch of green boxes. These are all of the places where I have downloaded charts. So remember, I have the California catalog? Well, all I have from California is some charts up in the San Francisco Bay Area. Here's Lake Shean Plain, my Vermont charts. I have some charts from the new London area in Connecticut. The chart we just downloaded in Illinois. Here are some of the Florida charts that I have. This is mostly the Pensacola area. And the rest of what I have is here where I am in Daytona. So I have access to every chart in North America. But of course, I haven't downloaded all of them because, you know, I'm not looking at all of them. And right now, for the feed that I have, I really only care about this area here. Because for me, again, in Daytona, this is the intracostal waterway in my neck of the woods. So it's going to take a couple seconds while all of this reloads. But anyway, so hopefully you sort of get the idea here. Anyway, that is the process that I'll describe here, out downloading charts. Now, the next thing you need to do is figure out, okay, I'm going to display AIS data. Where am I getting it from? So once again, I'm going to go back to here. And I'm going to go to the connections. And so there's a variety of ways in which I can get data. I have myself set up three connections. One of them is that I get data from an antenna that I have at the university where I teach at every Rital Aeronautical University. So I've got a device there called SSIA-AIS.ERAU.EDU. And I connected that device over the internet on port 4000. That's where I get a feed. It's at this point, public, I mean, any of you could point there as well, if you're interested in what's going on in Daytona. I'm going to move this out of the way here a little bit. All of these boats that I'm seeing here, that's coming from that feed from Rital. Now, on this particular computer, I'm not set up on the serial interface because I don't have an antenna on this computer. But if I switch back over to my, I'll go back to my Raspberry Pi, you'll notice the interface is slightly different. If I go here and I look at connections, you can see that I've got a bunch of connections. But the two that are active, one is coming in again from SSIA-AIS.ERAU.EDU. And the other I'm set to the serial port. So my Raspberry Pi can also be pulled in and stuck from the antenna. So my office is about, oh, I would say five or six miles from the river and from the ocean. And since you saw my antenna, it's only about seven feet high. I'm not picking up a lot of feeds. So most of it's coming in from the antenna at the university, which is, like I said, up about 75 feet up. I will tell you one funny story. Because when I was first experimenting with this, I had all this stuff at home. And home is 10 miles from the ocean. So I'm fooling around with it one day. And right here, this window here is the NMEA debug window, because I checked the box. So you see I'm getting traffic and you can see where it's all coming from. So I'm sitting at home and I'm not getting any data, but I'm not expecting to. And all of a sudden, I get a hit. I have an AIS message come in on my serial port. And I go crazy because I'm very excited. So I take the message and I parse it. And I look at the latitude and longitude, and I position exactly where the thing is. And it turns out I live about one mile east of I 95. And the latitude and longitude showed a boat going at approximately, you know, on a heading of approximately 210 degrees at 65 knots. And I said, they're in a boat anywhere doing 65 knots around here. Well, the latitude and longitude put this boat in the southbound lane of I 95. So clearly this boat sitting on somebody's trailer, they didn't turn off their AIS. And this guy zoomed down the road, and I got one of its transmissions. I was very excited. Anyway, I'm gonna go back here. So this is how you set up your connections. So you can set up a serial connection, as I show here. If you set up a serial connection, it's going to automatically be an MEA 0183 protocol. You're going to want to set the data rate to be 38, 400, because that's probably what the data rate is going to be over the year. Or you can set up network connections. And for the network connections, it's going to need an IP address or a host name, and you'll need the port on which to read. So it's getting all of this obviously over the network. And again, you've just seen already, but this is what the what the debug window looks like. And let's see, so this is this was stuff coming in on the serial port. This was stuff coming in on a network port. I'm not 100% sure why I decided to hide that IP address. But I did. Now it also turns out that if you want to get one of these feeds live, if you go through OpenCPN, one of your problems is there's no way to take the information from the debug window and get it in any usable form. One thing you can do, though, is go around to a terminal window and go around to a terminal window here. I'll make a new one. And I just do, you know, an NC to SSIA-AIS.erow.edu, port 4000. Hopefully I'll start getting some data. There we go. So I can get the feed this way. And this is something I'm actually going to talk about in a later talk when I when I talk about AIS and GPS spoofing. But one form of spoofing is a replay attack. So a replay attack, well, just like the name sounds, I mean, you replay old data. This is a way of collecting data. So I've actually written a program that'll do this for you, but you can also do it for yourself. There's a reason you don't want to collect data in this format and then replay it. And the reason is you don't have a timestamp, you don't have relative timing. But more on that later. In any case, let me go back to this. So like I said, there are a variety of ways where you can get the raw feed if you just want to see a raw feed. Now, one of the other things you can do, of course, is you can set up OpenCPN to display stuff that you are sending it from your computer. So you can either set up OpenCPN to read from somebody else's TCP socket, or you can set up Open CPN and write to OpenCPN. So in this case, let's see, when I set up my network connection up here, you'll notice I was receiving input on this port. I can set up another port that I can then output on this port. So what I now need is if I have a program that will write to port 7777 on this computer, as I've configured it here, this provides another mechanism where I can show stuff. So again, I'll be talking about that later on as well. So in this case, what I did was I set something up where my serial port is an input port, network port 7777 is an output port. And this is what the debug window looks like, because it shows that I'm reading on the serial port and writing to port 7777. Again, there's a variety of ways of using OpenCPN for some really, really clever stuff. Anyway, so I mentioned this program that will read for you. So I have a program called Time Stamped Data. It's on my website. It's software that's available and we'll be making that available here. But if you run Time Stamped Data, here's the help file. Excuse me. Again, if you specify an IP address and a port number, and whether you want to use TCP or UDP defaults to TCP, you can now download data for some period of time. The program defaults to five minutes, but you could set it as far up to a week if you want. And what this will do is this will download the data and it will include a timestamp. So what it does is as it shows here, it creates a program or creates an output file that looks like this. It's basically a pipe symbol, delimited file. So here you can see I've got the year, day, date, hour, minute, second, and then the UNIX Epic Time format of that. Now, the reason I'm using the pipe symbol is because if I let people choose their own delimiter, somebody will end up choosing a delimiter like a comma. Comma is not a unique character, an AIS message. And there are a lot of symbols that you might see. So pipe by new would be at least unique. If you don't like pipe, you can go into your tech file and do a global search for a place for a different delimiter, but just be careful that you don't duplicate something. The other thing is by having here the relative timestamp, the message I just brought in, if I turn around and replay this, I can replay it and I get the same relative timing. So this really was not designed for a replay attack. It was designed so that I could gather data and then replay it in real time and actually see what was happening because I have another program called Play AIS where I can replay this file. I can actually speed it up and slow it down as well. Anyway, so I've already talked a little bit about sending data to open CPN. If you don't have a timestamp, everything just overwrites itself. And so if you've got like 10 AIS messages from the same vessel and you replay the file, what you'll see is the last message because the first nine got overwritten by the by all the following ones. Another tool you should know about for this is there's a really, really cool NMEA simulator and it generates NMEA sentences and or AIS sentences and it is really, really a cool program. For good or for bad, it only runs on Chrome. Can't explain that. This is the only application I actually run Chrome on. But as you can see here from the dashboard and the other ways in which you can set this up, you can pretty much simulate whatever you'd like. You can put yourself in a particular position. You can get your vessel headed in a certain direction. You can give yourself a rate of turn. You can do all sorts of cool things and then what you can do is you can hook yourself up to a server and you can actually output the information that the simulator is creating. So you could create information such as this. I set up my simulator. I have it right to open CPN and then I can have it play on open CPN. It's really, really a cool tool. So last but not least, how do you interpret this data? For those of you who like to get into code, Eric Raymond has an AIS protocol decoding page. You can see it's purple. I go there a lot. Well, I mean, I may as well go there. He has here, like I said, a lot of information about the NMA0183 format. Not only the format, but what all the messages are, what the contents are, to a certain degree how to encode the contents. AIS does not show information in any sort of clear way that a human can understand. So for example, we've already seen a couple of these. This message right here where I'm sort of moving my mouse, the AIVDM, comma one, comma one, comma, comma A, comma, you know, all that jazz. There's a special encapsulation method that AIS messages use. Eric's page talks a little bit about that, how you can get everything into a six-bit byte and armor to ASCII and all that kind of stuff. But what you can do is you can take these AIS messages that you get and you can go to a place such as the site I've gone to here is Maratek Solutions, plop in the AIS message and it will interpret it for you. There are a whole bunch of other AIS parsers online and I've given you some links on my page here and I've written a bunch of tools for this because for some of the research that I wanted to do I was trying to create some unique AIS messages and so I had to create a parser so I actually have an entire suite of tools and I'll talk a little bit more with the AIS spoofing stuff but if you go to my software page you can download all of these but if I take that same message or I guess it's not the same message as was above but some AIS message and if all of my stuff is command line and it's all written in pearl don't get me started on why and in any case it'll interpret the sentence for you. This is in fact an AIS mobile device. It's a VDM meaning it's a VHF Datalink message which is a nice way of saying this is the message coming from another boat as opposed to my message going out. Here's all the contents of a type one message which this is. It's a class A big boat position report. Here's the the device identifier. Every device has a unique nine digits. This gives you all the other information including our longitude and a URL so that you can click if you want to map and there are a number of places where you can get data. I've already mentioned the site that is at my university. You can also go to places like AIS hub and they also by testing a whole bunch of information. There are some other places online if you can find them that are give you some more localized information. If you find more places you'd like to share with me I would be delighted to have you there with me. The format that we most commonly see over the air like I keep saying NMEA is the National Maritime Electronics Association and the 0183 standard which is about circa 1986. That's all the most commonly used standard that we see. In about 1999 they came out with NMEA 2000. As we speak we're getting prepared to release the one net standard. It is very very difficult to find out how to do any of the coding on 2000 or one net because it's all highly proprietary and everybody who has a copy signs a nondisclosure agreement. But there is a project called the CAN boat project. The CAN bus is used with NMEA 2000. IP version 6 is used as the transmission for one net. NMEA 0183 basically everything runs over a serial bus. So a lot of the stuff that I'm showing you here with open cpn we're pulling in from over the air. It turns out if you can get onto the serial bus you can get information right off the boat. And there are a variety of ways I'm not going to get into that here but there's a variety of ways of injecting messages directly on the boat either through the CAN bus if you're NMEA 2000 and or through the serial on NMEA 0183. So I'm going to go back here for just a second. Everybody can see now. I mean this is basically what I have on the device. And so I certainly would like to leave this open to questions if I have said anything for which I have questions. Scroll and back up here to see if I can find the AIS text up here is closed. So anyway does anybody have questions that you want to ask or anything like that? Detecting silence. I'm going to hang around here for a few minutes. I've got another talk in about 18 minutes and but I'm going to stay connected till then so if anyone has anything feel free to ask away. Oh okay how close do you have to be to receive signals is one of the questions I just got. So I didn't really go into the AIS protocol but the AIS protocol is basically designed for ships to talk to each other within about a 10 to 20 nautical mile range. So obviously you're going to get messages further away if your antenna is higher up. My antenna at my building at work is 75 feet high and I have gotten messages from as much as 80 or 90 miles with a normal ship antenna that might only be let's say at most probably 10 to 15 meters high. They're probably getting you know in the 15 to 20 mile range. Okay let's see I just got a message asking about the trend micro library. So I actually haven't um oops let's see I have to get back to my video now. Never change a working thing. So at my website I talk about the AIS Black Toolkit and I'll talk a little bit more about that later on. So a team of people from Trend Micro led by a fellow named Marco Balduzzi has been talking about AIS issues for a long time. In any case the AIS Black Toolkit is a Python-based toolkit where they also wanted to be able to generate any AIS messages that they wanted. And so I've used their toolkit a little bit. I've not used the part of their toolkit where they actually push out messages using software defined libraries or software defined radio. Their messages were basically a demonstration of capability that they could do it but they used a lot of defaults to put them like in Italy and stuff like that. So when I built my tools they were a little bit inspired by you know what they did. But I tried to build it so that I used defaults per the standards so that I could create legal messages. But a lot of you may be familiar with the program hping3 allows you to build any TCP IP message you want no matter how bogus. So I was inspired to call my stuff AIS ping for the reason. I mean I could build legal AIS messages. I can also build entirely bogus AIS messages because AIS won't stop me from doing that and that's one of the protocol vulnerabilities. And again I'll talk more about that later on but in any case I had success using the AIS Black Toolkit but I haven't used the Black Toolkit probably in a year, a year and a half. I am pleased to say that one of my programs found its way into the Black Toolkit the menu program but the rest of it's on my site. Is the CAN project the only NMA2000 project? I'm going to have to go look at that one hang on just a second. I'm going to run over to Slack here. Let's see is the CAN project the only NMA2000 project you know of? It is it's the only well by the standard that's what it runs over. So the problem with NMA2000 like I said is it's proprietary you need to buy the standard. I have a copy of the standard with permission and when they sent it to me for research purposes it's actually watermarked with my name in it. They really are trying to discourage people from you know spreading the thing around and everybody has to sign a non-disclosure saying that they won't release it and it's been around for 20 years and nobody's released it yet so they must be reasonably successful. A message they're waiting for one more message. Let me try the AIS text there's maybe a message there. Okay, Raid out's making a comment here about DEF CON 2016 open source project release for the J1939 truck dock. Okay good to know. Be adapted by people willing to help port it. Well where I come from reverse engineering is a noble cause. When I was a young person first in computers I probably shouldn't age myself too much. Nothing for first of all nobody never heard of open source and the two words is a phrase didn't exist. Everything was proprietary. The only way to learn anything was to break the computer and once you realize that you broke it I mean I was of a mind once I broke it I only had to break it once because computer security in the 1970s was when you broke something and you went to the network people and said hey if you do x, y, and z your network will break their answer was well don't do that. We would say oh okay we won't we'll go do something else. But that's how you learn stuff. Well I'll tell you what I have that it is 250 where I am so it must be 1150 back on the coast. If there's like I said I'm gonna hang around for another 10 minutes and so for my next talk but I'll I'm prepared to close it now. You know these are the questions thanks for being here. If you have any questions if you get to my website or any of the lists that are here there's tons of ways to get a hold of me feel free to do that. I love talking about this stuff happy to help out in any way I can and in about 10 minutes I'll start talking a little about GPS spoofing and AIS spoofing and all that kind of stuff.