@@red13emerald, The problem with this is that the desired signal is below the noise floor, but there are other undesired signals being produced that aren’t. These need to be removed with a high pass filter.
Incredible as always. And simultaneously terrifying. Now we just wait for the headline “Gaming keyboards had firmware undetectably overwritten to broadcast key strokes hundreds of meters via LoRa, without physical access, from user-mode application”
@@GeekProdigyGuy thats the beauty of spread spectrum! just think about how many bluetooth devices are around you and it still works flawlessly. well maybe not if everyone was just spewing out subharmonics to get a few picowatts of actual signal 😅
You are a rare human, gifted, tenacious in your pursuit of knowledge, and incredibly generous. Thanks for sharing, the light shines brightly through you.
dude even attempting this is insane. that you managed to get it working is borderline lunacy. what you're doing is absolutely masterful and i cannot express how impressed i am
Bandpass filters make these kinda hacks easier, more effective, and more polite to those around you. Every radio hacker should have a pile of remade ones, a tunable one, and the know how to throw one together from scrap. It's a rare but useful superpower in the rf world.
holy shit that's nuts. When you started talking about using reflections to get your desired carrier frequency my brain started expanding. I'm so shocked that you didnt run into any issues with this by nature of your antenna being a wire that was bent. I figured that any little change would greatly effect the outcome of the reflections, but I guess so long as the actual length of the wire is not changing, the reflections should still be there relatively unchanged. Also the idea to just add wireless connectivity to existing devices that we can hack was just brilliant. Lastly throughout the video I was thinking how it would be a cool project to draw vector graphics in the waterfall view like some people do with the xy plot on a scope and the last few seconds I see the outro graphic. Brilliant
Now build 10 element beams for both ends. :) I've blanketed 1/3 of the USA with a 7 mW BPSK LowFER signal from my 30 foot tall antenna with 2 miles of hand-wound 22 gauge wire and a loading coil with 35 pounds of 8 gauge wire wound on a 3 foot diameter Styrofoam core, and I've been called crazy. But you have gone far beyond me. Well done, sir! I salute you! BTW, the most fun I've ever had was doing range tests. I drove 900 miles on I-80 across the USA watching my beacon message play on and on on the computer on the seat beside me. I smiled every inch of the way. Same sort of thing happened with my range tests with Hi-Fi audio sent via a dollar store laser, further and further, 6+ miles of smiling in the cold and dark with rain sprinkling down on me. I think we both know exactly how Marconi felt as his radios worked further, and further, and further.
@@scottdotjazzman is the load coil factored into that? It seems strange if it would be because you could just use a higher voltage higher impedance output and no load coil for the same output, right?
I rarely ever leave comments on TH-cam videos, in fact, this might be the first deliberate comment I've left in YEARS. But I had to because for more than half of the duration of this video I was sat at my desk with my jaw so widely open that it could have almost hit the desk. Thank you for this insanity, and for open sourcing your code - I learned a hell of a lot watching this video, and I'm sure I will learn even more from the repository. Unbelievable, outstanding work.
What cheap. modules? How much are they? I bought an llcc68 module from cdebyte but i think they were defective. I could write to their spi registers and read them back, but could never broadcast (no signal ever showed up on a sdr receiver). Cdebyte world never send me sample code. So i used code from generic modules but either the modules were defective, or the code needed proprietary magic.
@@TheRainHarvester They're called "Ra-01 modules" and they go for about 3-4€ from china. I haven't had any issues with them and the range seems pretty good.
The projects excites me the most are things that are cheap and massively adapted, your stuff always hits the mark. This is a great work that enables people, you are a good human we are lucky we have people like you.
In recent days the TH-cam algorithm has giving me more and more smaller channels that are doing amazing things. You're part of that group, looking forward to more content from you my dude! Also, as a software engineer, RF is absolute black magic to me..
Creative uses of aliasing in sampled systems, under-noisefloor communication and hacking ucs beyond their stated limits are the favourite topics of my supervisor from the university days. I will send him this video. Great work on this, must have been a bumpy ride. Congrats!
This video inspired me like very few videos do. Not only am I now way more interested in RF transmission and its theory, but now it all makes sense in a way it never has before. Thank you for gifting this beautiful project to the world!!!! You are amazing!
I'm really glad this inspired you. I just love the feeling of doing "impossible" things and seeing where they lead. Like over a long time I get an idea of what I think is possible and impossible. If I see a chink in the armor of impossibility, it drives me to see if I can open it up and find a whole new world of possible.
I'm normally quite put off by the thought of spurious emissions, even if they are very low power. But this has completely turned my conception of them on its head! Though I would be lying if I said I didn't spend half the video trying to think how I would filter it. Bravo!
Very cool, am reminded of an exercise from a wonderful book Make AVR, where the chapter on timers had you code an AM transmitter, by toggling the pins quickly using the compare registers. Love seeing the hype things like Meshtastic, LoRa, HackRF and Flipper Zero are bringing to these types of protocols.
Hey man. I really appreciate your videos. I truly believe that your channel is underrated. I'd personally love to hear more often from you re your projects, discoveries, ...
Me too in an "in complete awe" sort of way, and also because the implications of it are that a large amount of digital hardware can potentially leak data via LoRa packets induced in software and radiated off existing structures in the product. 🤯
@@UKsystems They are designed to pass tests when used as designed, change the code and they are out of spec and Tempest like tricks apply. Same with most of the attacks against air gapped computers, you need to be able to run code on them to get them to behave in unanticipated ways.
This is absolutely crazy o.O I was thinking about something similar before, but it just stayed as an idea with no plan of how to actually make it And you somehow managed to do it!!! And with such a protocol too.. I wasn't even thinking of LoRa You earned a subscriber)
This is simultaneously crazy, ingenious, awe-inspiring, insane, impressive and scary. Considering the still rampant lack of security of large parts of the IoT Appliances market, this makes me shudder - *even* if parts aren’t connected (or connectable) to WiFi (or even worse, various WANs). Just wow.
New way to implement a backdoor have just dropped x) Having a device connected only to a battery, without a radio ic nor antenna, being able to send packets over the air is mindblowing. Congrats for this achievement !
If you have VGA in your laptop you can probably do this without any extra hardware just by showing an image and with some xrandr magic. You could have shared effect that sends Loar
This is the most insane project I have seen lately. By the end of the video I was nutting with the range you manage to achieve just by bit banging the air. You are truly an RF Chad.
Huge respect for making such limited hardware spit those radio signals. This is even one step beyond VUSB ! Seems crazy to receive data under the noise floor, but the spreading for measly 3000 bits/s over a big bandwidth 125 kHz is what makes it possible.
Only 5 minutes in and this energy is so inspirational. Thanks for getting me up and working on my projects (and for what I expect is going to be a great video)
Keep goooing. Just go go go. That's the reason I want to make these videos is to point as an omen what can be done by just keeping on pushing on a problem until it gives way. Even though most of my projects do end up being failures, if you just keep pushing, keep pushing, you will find success.
Have you checked the RPiTx project? The concept is similar, I have have already played with it to transmit Whisper signals in HF and my signal was spotted thousands of Km away, but of course based on ionospheric refraction. However you could use RPiTx concept to transmit Lora, i think they didn't do it yet.
Good video, it is a method used in radio frequency to obtain high frequencies from a stable time base of a lower frequency, the idea is to use overtone and filter the output so that it only delivers the corresponding harmonic. It is used a lot. Maybe if you add a bandpass filter and an amplifier you could have an interesting device. Regards from Argentina!
This is an amazing project, LoRa has ingruiged me for some time, but to see this kind of a deep dive into it was very cool. I only wish I had the technical skills to attempt things like this! Very impressive.
This reminds me of the PiFMplay, which is also magically awesome. It uses an raspberry pi to sent FM radio in to the ether. Just attach a wire to the board on 1/2 labda or something and you're good to go x-D
@@nobodynoone2500 it will require a SAW filter plus a class C amp to produce a decent RF output (in term of regulations), but i fear the side products of the class C will require one more SAW (not cheap) and still be too problematic, another way would be using the fundamental and a mixer, but the BOM cost will be too high. There is some cheap RF chips with registers access which could be torn to emulate LoRa TX properly (we did that at the time of sigfox in DBPSK), however a radio without RX isnt very useful. Small MCUs are capable of demodulating and decoding a 868/900MHz signal by using their fast ADC, a mixer and a 800KHz IF but again given the low price of an LLCC68 this would probably be a futile exercise (i did that for a mini sigfox basestation few years ago, using an STM32F4).
This was an amazing project and you are a brilliant engineer. You mentioned your dad was a “true EE” so I assume you are not one. I have a MSEE and worked in the RF industry. Let me tell you sir that you would outshine most all of the engineers I’ve ever worked with. I cannot recommend enough for you to get your EE degree - it would be a breeze for you. Our country needs brilliant engineers like you!!!
Thank you. And no, I did get a undergrad in computer engineering, but masters in CS, and have been working primarily as a software engineer for many years.
This scares me. I frequently consider how a state actor might exfiltrate data via compromised hardware/firmware. I had always reassured myself that they would never send it over the wire/air because of the risk that it would be detected with traditional network infrastructure monitoring. I also reassure myself that bit-banging something out over a funtenna to other compromised devices acting as relays would require so many compromised devices that they'd risk being discovered. But I hadn't considered LoRa... The infrastructure already exists, gateways are popping up everywhere, it operates far below the noise floor... Do you have any idea how easy it would be to exfiltrate private keys using malicious firmware or even silicon? A crypto co-processor? Hmm... maybe that thought deserves a PoC...
It does take some discipline to quiet the more spongy things in our lives, like social media scrolling and YT shorts, but if you reject the petty fluff, it makes it a lot easier for even limited focus to develop. Sadly, I don't know if I'll ever fully recover from what facebook and instagram had done to my brain.
@@ChrisPrefect Whew. That's more like it. I'm surprised there's such a discrepancy. I'm putting out such little power, and yet it still somehow goes pretty far. 10mW is a LOT more power than even my EIRP.
So glad you dropped new content plz.plz plz make more on RF world make a series breaking down everything including buidling setups or flashing processes coding etc.
I generally only make videos when I do projects and they turn out well. A do typically 5-10 BIG projects per year, some are success some are failures, but I only want to spend the time on the real gems to make a video for them.
INSANE! I will have to replicate it to believe... Amazing video, thank you very much! I learned tons in this video I will have to watch multiple time. Glad I found your channel!
This is freaking awesome. You can essentially create the baseband using a cheap micro + 900MHz SAW + gain block. BTW, it's "megacycles" not "megasamples".
Absolutely amazing stuff as always, here's hoping we eventually get that video on esp32-s2 overclocking. Knowing how cagey Espressif gets about that sort of thing it would be incredibly funny (and hopefully useful!!!) to have a chip running at more than twice the clock of their announced "High Performance" P4 (400MHZ)
OH my god he's back!!! What an amazing discovery, incredible how hardware is able to do things thought impossible if one has enough motivation. And what a great protocol LoRa is. ESPs have no business being as good as they are, what a great invention.
Whatever you need man, as long as you're happy! These things take time, the community will support you in any way. Besides, you're already more consistent than some movie studios and your content is always interesting. This or some other project really, could be a great exhibition at OpenSauce
Thank you. I didn't really know about Lora until now. Having watched this. It's clear that the only thing slowing down adoption is knowing it's benefits and it being proprietary. Optical Fibre transmission chirps over long distance transmission, and subsea regen reshapes chirped signals before they lose too much shape. I never thought chirping was beneficial before now. ID'ing a signal by the chirp I'm sure has been considered previously. Being able to pull the signal out at femto watts at a few km is going to create many many IoT applications where routing a wire or reinforced concrete radio blocking is an issue. This was very instructive. Thank you. Now all that's needed is a non proprietary version.
I'm glad you liked it. To note - one of the major benefits of LoRa is you can get silicon to easily send/receive packets. So, while proprietary, it means we get chips.
Amazing story. The engineering makes no sense to me, but explained in such a way that I could come with you on the journey. Really makes me wonder what the 3-letter-agencies are able to achieve with funtennas.
Absolutely. Though you would still need to tweak the code to select the new frequency. 868MHz actually would produce a cleaner and clearer signal than at 915.
16:50 That's because Nyquist ist always explained incorrectly, even in academic literature. The original theorem clearly says "bandlimited signal" meaning bandwidth and included different Nyquist-zones that can be used for sub-Nyquist sampling. The only condition is that the bandwidth of the generated or sampled signal is smaller than fs/2. And many people don't seem to understand this.
I mean clearly it is misexplained, but it's still so hard to explain it in a way that gets the point across and is still right. I feel like only after playing with it over a long time have I begun to grok it.
You’re crazy. I’m convinced that all RF engineers are wizards.
I was convinced long ago that Charles was a wizard.
Aleays have been
RF engineering is basically Black Magic (or so I've heard).
Yeah I did a lora project before starting my engineering degree... Sweet and tears man, but mostly a huge amount of datasheet and theory to read
Yet they remix ideas every 4 years for children wonderment.
Charles: so I made the GPIO pin go real fast. FCC: and I took that personally.
I dont think there is a better meme for this video
😂
I am unfamiliar with this meme
I think the FCC can't even complain if the signal is below the noise floor, could it?
@@red13emerald, The problem with this is that the desired signal is below the noise floor, but there are other undesired signals being produced that aren’t. These need to be removed with a high pass filter.
@@red13emerald fair point
If there were a hall of fame for filthy, sleazy weapons-grade jank, you’d deserve a whole wing
I still yearn for more!
Incredible as always. And simultaneously terrifying.
Now we just wait for the headline “Gaming keyboards had firmware undetectably overwritten to broadcast key strokes hundreds of meters via LoRa, without physical access, from user-mode application”
It would only work at a very small volume, right? Otherwise there'd be a ton of noise from thousands of different keyboards.
@@GeekProdigyGuy thats the beauty of spread spectrum! just think about how many bluetooth devices are around you and it still works flawlessly.
well maybe not if everyone was just spewing out subharmonics to get a few picowatts of actual signal 😅
there's far scarier things goin on in the world, no need to freak out over this.
@@CNLohr The only correct response
There have been plenty of security research papers along this line
"That final output is 69.420 MHz"
Nice.
Nice.
Nice
Nice.
Nice.
Nice
Aggressive bandpass filtering could probably make this fcc passable. Amazing work
Yeah but that makes this become radio circuitry with a filter and amplifier, etcc
Aggressive badass work 😅
@@kreuner11 Not really, a bp filter can be some traces scratched off copper pcb. It''s dumb (and illegal) to not make or use one tbh.
Was thinking the same thing. This could be a real fun network filter design process
@@nobodynoone2500 I think he started with that proviso
You are a rare human, gifted, tenacious in your pursuit of knowledge, and incredibly generous. Thanks for sharing, the light shines brightly through you.
I'll buy that for a dollar!
I appreciate your kind words.
This Is The Most Insane "Doing Alot with a Little " Project ive eve seen
Does it beat space invaders on an ATtiny10? Maybe.
@@Scroganin my opinion yes lol
Oh man... I have never heard that turn of phrase but it speaks to my soul.
@@CNLohr I kinda made it up lol. But it’s so true. Amazing job! Can’t wait to see what you make next!
@@Aurorajunior7321 Sorry but that phrase predates you. It's been around for quite awhile.
dude even attempting this is insane. that you managed to get it working is borderline lunacy.
what you're doing is absolutely masterful and i cannot express how impressed i am
Don't let silly things like feasibility stand in your way. Just keep pushing.
Bandpass filters make these kinda hacks easier, more effective, and more polite to those around you. Every radio hacker should have a pile of remade ones, a tunable one, and the know how to throw one together from scrap. It's a rare but useful superpower in the rf world.
I agree! This was just to get things working with minimal hardware, not getting things working well.
holy shit that's nuts. When you started talking about using reflections to get your desired carrier frequency my brain started expanding. I'm so shocked that you didnt run into any issues with this by nature of your antenna being a wire that was bent. I figured that any little change would greatly effect the outcome of the reflections, but I guess so long as the actual length of the wire is not changing, the reflections should still be there relatively unchanged. Also the idea to just add wireless connectivity to existing devices that we can hack was just brilliant. Lastly throughout the video I was thinking how it would be a cool project to draw vector graphics in the waterfall view like some people do with the xy plot on a scope and the last few seconds I see the outro graphic. Brilliant
Expanding your brain is what I am here for. I love helping people grow and learn. The outro was something I thought of at the last second.
Now build 10 element beams for both ends. :)
I've blanketed 1/3 of the USA with a 7 mW BPSK LowFER signal from my 30 foot tall antenna with 2 miles of hand-wound 22 gauge wire and a loading coil with 35 pounds of 8 gauge wire wound on a 3 foot diameter Styrofoam core, and I've been called crazy. But you have gone far beyond me. Well done, sir! I salute you! BTW, the most fun I've ever had was doing range tests. I drove 900 miles on I-80 across the USA watching my beacon message play on and on on the computer on the seat beside me. I smiled every inch of the way. Same sort of thing happened with my range tests with Hi-Fi audio sent via a dollar store laser, further and further, 6+ miles of smiling in the cold and dark with rain sprinkling down on me. I think we both know exactly how Marconi felt as his radios worked further, and further, and further.
The days of Marconi would have been a wild time time to be alive. But yeah, WSPR and other protocols would be pretty cool to explore like this.
That laser thing sounds really interesting
You realize the FCC prohibits LowFER antennas longer than 49ft, right? (Including the feed line)
@@scottdotjazzman is the load coil factored into that? It seems strange if it would be because you could just use a higher voltage higher impedance output and no load coil for the same output, right?
@tripplefives1402 still though. Can't you also use a transformer to change the impedance?
I rarely ever leave comments on TH-cam videos, in fact, this might be the first deliberate comment I've left in YEARS. But I had to because for more than half of the duration of this video I was sat at my desk with my jaw so widely open that it could have almost hit the desk. Thank you for this insanity, and for open sourcing your code - I learned a hell of a lot watching this video, and I'm sure I will learn even more from the repository. Unbelievable, outstanding work.
I'm really glad to have earned that comment then!
What an absolute madlad! And here I am just using cheap LoRa modules to send messages! I definitely got some inspiration from this.
What cheap. modules?
How much are they?
I bought an llcc68 module from cdebyte but i think they were defective. I could write to their spi registers and read them back, but could never broadcast (no signal ever showed up on a sdr receiver).
Cdebyte world never send me sample code. So i used code from generic modules but either the modules were defective, or the code needed proprietary magic.
@@TheRainHarvester They're called "Ra-01 modules" and they go for about 3-4€ from china. I haven't had any issues with them and the range seems pretty good.
Doing it with modules is way better for everyone involved, this was more of a to-see-if-I-can.
The projects excites me the most are things that are cheap and massively adapted, your stuff always hits the mark. This is a great work that enables people, you are a good human we are lucky we have people like you.
Those are definitely the things I find most compelling.
I learned more about LoRa from your video than many other ones. Great useful research. Cheers
Thanks! I really tried to express the insights I gathered.
In recent days the TH-cam algorithm has giving me more and more smaller channels that are doing amazing things. You're part of that group, looking forward to more content from you my dude! Also, as a software engineer, RF is absolute black magic to me..
I am also a software engineer. And I agree it feels like black magic at first, but then you get the hang of it.
About 3min in and loving the way you bent the pin to see where the antenna plugs in, it probably secures it a bit better aswell. Genius! 👍
I didn't expect anyone would notice that. I just did it so I could tell where it goes.
This is cool... basically you're bit-banging into the air!!! NICE!
That's a really good way to put it.
You saw the term "wave-banging" here first.
@@ceeam NICE!
@@ceeam gosh I wish that didn't sound as inappropriate.
Thanks!
Thanks for the support
Wow, this was amazing to watch. You did a fantastic job documenting all of this! Well done!
Thanks!
Creative uses of aliasing in sampled systems, under-noisefloor communication and hacking ucs beyond their stated limits are the favourite topics of my supervisor from the university days. I will send him this video. Great work on this, must have been a bumpy ride. Congrats!
BOY HOWDY WAS IT BUMPY, but it was steady process for all the weeks.
So maybe for diversity you could put an antenna on multiple pins & transmit sequentially on each one?
Phase coherent output pins
Probably, but would be trickier to figure out how to send the signal.
This video inspired me like very few videos do. Not only am I now way more interested in RF transmission and its theory, but now it all makes sense in a way it never has before. Thank you for gifting this beautiful project to the world!!!! You are amazing!
I'm really glad this inspired you. I just love the feeling of doing "impossible" things and seeing where they lead. Like over a long time I get an idea of what I think is possible and impossible. If I see a chink in the armor of impossibility, it drives me to see if I can open it up and find a whole new world of possible.
I'm normally quite put off by the thought of spurious emissions, even if they are very low power. But this has completely turned my conception of them on its head! Though I would be lying if I said I didn't spend half the video trying to think how I would filter it. Bravo!
If the thought of doing this without extra hardware wasn't so central to this video's thesis I would have totally added the filtering.
Literally just need a bandpass filter. There's no other way to do that reliably when you can't bit-bang about the Nyquist frequency.
underrated video, needs 100x the views. this is some awesome stuff!
You are doing your part! Liking subscribing, commenting and sharing makes that extra itty bitty bit of difference.
Amazing as always! You are inspiring so many engineers, thank you!
Thank you for your comment, too.
This is amazing. So glad the algorithm sent me this!
Glad to have you - hope I earned a sub.
The most amazing engeering video I've seen the past year. Awesome!
Thanks. My other videos are envious
So good to see you back!
Only twice a year or so.
Very cool, am reminded of an exercise from a wonderful book Make AVR, where the chapter on timers had you code an AM transmitter, by toggling the pins quickly using the compare registers.
Love seeing the hype things like Meshtastic, LoRa, HackRF and Flipper Zero are bringing to these types of protocols.
I wish this sort of RF radiation stuff was taught more, like in schools, etc.
Just one word: impressive!
Really well done work - from the crazy idea at the beginning till this video for documentation.
I'm fascinated! 🤯
Glad you liked it, I hope to keep making content like this (even if I am slow at doing it)
Unbelievable dude. Well done
Thanks
Hey man. I really appreciate your videos. I truly believe that your channel is underrated. I'd personally love to hear more often from you re your projects, discoveries, ...
Thank you.. But it's hard to make time and space to make the videos over time.
This video terrifies me
Me too in an "in complete awe" sort of way, and also because the implications of it are that a large amount of digital hardware can potentially leak data via LoRa packets induced in software and radiated off existing structures in the product. 🤯
@@DanielSMatthewsmost commercial products can’t as they are designed around emc requirements
@@UKsystems They are designed to pass tests when used as designed, change the code and they are out of spec and Tempest like tricks apply. Same with most of the attacks against air gapped computers, you need to be able to run code on them to get them to behave in unanticipated ways.
@@DanielSMatthews"can" = does
@@DanielSMatthews there are also tests for adverse use cases and checking for anything that can be used as an antenna or at least for ukca aprooval
This is absolutely crazy o.O
I was thinking about something similar before, but it just stayed as an idea with no plan of how to actually make it
And you somehow managed to do it!!! And with such a protocol too.. I wasn't even thinking of LoRa
You earned a subscriber)
Thanks! You could totally use my stuff as a basis to get started with taking this even further!
This is simultaneously crazy, ingenious, awe-inspiring, insane, impressive and scary.
Considering the still rampant lack of security of large parts of the IoT Appliances market, this makes me shudder - *even* if parts aren’t connected (or connectable) to WiFi (or even worse, various WANs).
Just wow.
I somehow missed you watching these old videos. Good to see you here too even if it did take me a few months.
New way to implement a backdoor have just dropped x)
Having a device connected only to a battery, without a radio ic nor antenna, being able to send packets over the air is mindblowing. Congrats for this achievement !
Thanks! Yeah, it did feel pretty crazy when it worked.
If you have VGA in your laptop you can probably do this without any extra hardware just by showing an image and with some xrandr magic.
You could have shared effect that sends Loar
You're saying I could broadcast a chip tune of rickroll audio with a legitimate rickroll gif?
@@andrewferguson6901
with the gif working is a bit harder...
but search for "tempest for elise"
I think VGA would be able to do this all incredibly well. But it's been a long time since I messed with it.
This is the most insane project I have seen lately. By the end of the video I was nutting with the range you manage to achieve just by bit banging the air.
You are truly an RF Chad.
I'm glad you watched it all the way though. It's a balance giving away the punchline up front, verses making people wait til the end.
this is just too insane for my brain to comprehend. major props to you sir
I really try to make my videos so that if you watch them a couple times and do a couple google searches you should be able to pick everything up
Huge respect for making such limited hardware spit those radio signals. This is even one step beyond VUSB !
Seems crazy to receive data under the noise floor, but the spreading for measly 3000 bits/s over a big bandwidth 125 kHz is what makes it possible.
Indeed! And those bits are spread so broadly in time.
Dude, you are a wizard!!! Amazing video! Amazing research 👏🏻
Thank you!
God damn, you just made the CIA’s wet dream of data ex filtration
Trust me, they are already doing it.
@@microcolonel have you seen seytonics video about using a SATA cable to do that
@@Aurorajunior7321 no but that seems highly doable. IIRC SATA is unshielded and that would make it easier.
@@microcolonel I don’t trust anyone that has to say trust me
@@geekswithfeet9137trust me: you don't trust anyone who starts their argument with "trust me"
I am completely blown away by you knowledge and methods of engineering. Charles, you are a true wonder or out-of-the box engineering.
Tear down those barriers between disciplines. We weren't meant to live in little boxes.
This is incredible. Absolutely incredible.
But now you need to receive the packets!
I'll leave that as an exercise of the viewer.
@@CNLohr /me purchases Mikrotik receiver as seen in video 👨🍳💋🤌🤘😁
lmao @@CNLohr
Only 5 minutes in and this energy is so inspirational. Thanks for getting me up and working on my projects (and for what I expect is going to be a great video)
Keep goooing. Just go go go. That's the reason I want to make these videos is to point as an omen what can be done by just keeping on pushing on a problem until it gives way. Even though most of my projects do end up being failures, if you just keep pushing, keep pushing, you will find success.
Lohr-A !
How did this never come up!?
@@CNLohrI said it to you!
@@davidwillmore I just don't remember or maybe I Was too embarrassed?
Instant subscribe !
Saw the title and knew this was going to be good
We went through a ton of different titles before we finally settled on this one.
"things that only have a tiny chance of success" time to join the Qowat Milat 🤣 Well done, worked better than I would've expected.
I danced a little when TH-cam recommended your new video. Dammn!!! You're crazy good. Now i gotta go back to hardware ❤
Software or hardware, it doesn't matter which as long as you keep going.
Have you checked the RPiTx project? The concept is similar, I have have already played with it to transmit Whisper signals in HF and my signal was spotted thousands of Km away, but of course based on ionospheric refraction. However you could use RPiTx concept to transmit Lora, i think they didn't do it yet.
There's so many of these all around, and I haven't checked it out. I just don't do much dev with rpi.
Good video, it is a method used in radio frequency to obtain high frequencies from a stable time base of a lower frequency, the idea is to use overtone and filter the output so that it only delivers the corresponding harmonic. It is used a lot. Maybe if you add a bandpass filter and an amplifier you could have an interesting device. Regards from Argentina!
A bandpass or maybe a class c would certainly help
this is the purest definition of knowing how to break all the rules
You can't break rules when there aren't any.
This is an amazing project, LoRa has ingruiged me for some time, but to see this kind of a deep dive into it was very cool. I only wish I had the technical skills to attempt things like this! Very impressive.
I hope this filled in a lot of the spooky unknowns with LoRa.
This reminds me of the PiFMplay, which is also magically awesome. It uses an raspberry pi to sent FM radio in to the ether. Just attach a wire to the board on 1/2 labda or something and you're good to go x-D
There's so many GPIO projects, I just enjoyed bringing another one to light.
This is the hack of the decade, awesome video. Thanks for sharing!
Thanks!
Great, now devices that I previously thought were completely disconnected from the Internet can leak my data
Active defense will always be more effective than passive defense. Guess you need to invest in a jammer equivalent.
I just checked out your IDF-Sandbox repo and it’s the best thing ever thanks mate
Thanks. I'm glad someone else is getting some use for it.
Interesting how much of this I already knew from playing with audio. Rf and audio has a lot of overlap.
It's all wave theory. You will be suprised to see that other energy like light can be approached in a very similar way.
Indeed. There's so many parts of the way our universe work that are all so interconnected.
I'd just subscribed from all your past videos that you mentioned here. So many interesting videos!
OMG! You were the guy who broadcasted NTSC with ESP!!
Indeed... I have a lot of videos on NTSC
man LoRa is an insane protocol
IKR!
Awesome work. Your dedication to pursuing the unlikely is an inspiration.
Inspiration is the goal - get people to realize what they can do if they apply themselves
I'm guessing it wont pass FCC limits 😂 incredible work.
Later in the video he actually makes it have very little extra noise outside of the desire frequency which is interesting
make a lil bandpass. a bit of loss is worth the better signal imho.
@@nobodynoone2500 it will require a SAW filter plus a class C amp to produce a decent RF output (in term of regulations), but i fear the side products of the class C will require one more SAW (not cheap) and still be too problematic, another way would be using the fundamental and a mixer, but the BOM cost will be too high. There is some cheap RF chips with registers access which could be torn to emulate LoRa TX properly (we did that at the time of sigfox in DBPSK), however a radio without RX isnt very useful.
Small MCUs are capable of demodulating and decoding a 868/900MHz signal by using their fast ADC, a mixer and a 800KHz IF but again given the low price of an LLCC68 this would probably be a futile exercise (i did that for a mini sigfox basestation few years ago, using an STM32F4).
It's such a small amount of power it just might. But a SAW+Class C would be hoppin!
This was an amazing project and you are a brilliant engineer. You mentioned your dad was a “true EE” so I assume you are not one. I have a MSEE and worked in the RF industry. Let me tell you sir that you would outshine most all of the engineers I’ve ever worked with. I cannot recommend enough for you to get your EE degree - it would be a breeze for you. Our country needs brilliant engineers like you!!!
Thank you. And no, I did get a undergrad in computer engineering, but masters in CS, and have been working primarily as a software engineer for many years.
This bro about to learn why the FCC is a 3-letter agency
Lora has already been approved for communication on... go stroke an old boomer HAM operator off...
But most of use 4 letter words to describe them
This is one of the coolest things I've ever seen! Lora is one hell of a protocol, and you are one hell of a hardware hacker!
thank you
This scares me. I frequently consider how a state actor might exfiltrate data via compromised hardware/firmware. I had always reassured myself that they would never send it over the wire/air because of the risk that it would be detected with traditional network infrastructure monitoring. I also reassure myself that bit-banging something out over a funtenna to other compromised devices acting as relays would require so many compromised devices that they'd risk being discovered. But I hadn't considered LoRa... The infrastructure already exists, gateways are popping up everywhere, it operates far below the noise floor... Do you have any idea how easy it would be to exfiltrate private keys using malicious firmware or even silicon? A crypto co-processor? Hmm... maybe that thought deserves a PoC...
I think this is already being used...
This tech has been used by state actors for about 40 years. Do with that what you will.
There's so many other scarier things in the world. Don't worry about this stuff.
you are a god. I whish I had an attention span as "short" as yours!! :D thanks for the effort you put in.
It does take some discipline to quiet the more spongy things in our lives, like social media scrolling and YT shorts, but if you reject the petty fluff, it makes it a lot easier for even limited focus to develop. Sadly, I don't know if I'll ever fully recover from what facebook and instagram had done to my brain.
69.420 mhz! Sounds nice...😊
Your results are truly amazing. Bravo!
Thanks!
Next step: make a receiver
Oof. Too soon.
Wow! Absolutely fantastic video! And so unexpectedly large transmission distance! Thanks a lot for your work!
Thank you for your comment.
GPIO pin: "So anyway, I started blasting..."
Make a meme!
LoRa is amazing. We did a range test with TBS Crossfire LoRa TX and RX and managed 23 km with 10mW on a drone.
10kW on a drone what?
@@CNLohr damn, *mW 😅
@@CNLohr 100km test th-cam.com/video/ULVwMSL5xac/w-d-xo.htmlsi=wzknpe34vWhc4tGc
@@ChrisPrefect Whew. That's more like it. I'm surprised there's such a discrepancy. I'm putting out such little power, and yet it still somehow goes pretty far. 10mW is a LOT more power than even my EIRP.
69.420mhz lmfao
So glad you dropped new content plz.plz plz make more on RF world make a series breaking down everything including buidling setups or flashing processes coding etc.
I generally only make videos when I do projects and they turn out well. A do typically 5-10 BIG projects per year, some are success some are failures, but I only want to spend the time on the real gems to make a video for them.
@@CNLohr thank you for your time and energy spent. I will continue to learn from you salute.
Data exfiltration by gpio sounds scary now.
It's not exacxtly unheard of in the hacking world. There was a rather famous use about 25-30 years ago.
It is pretty common nowdays, with several different air-gap techniques
@@CNLohr Now a 1000 meters away. Balloon heights!
This is such a cool project and video. Thanks for sharing such awesome and insightful content!!!
Thank you for the comment!
Love seeing Nyquist in the wild
Or not seeing Nyquist in the wild. 🪄🪄🪄
You CMAC code is chef's kiss! Thanks man!
Thanks, yeah, I couldn't find any when I started so I was like "no one else will have to suffer the same fate as me."
This is absolutely scary for IoT, imagine someone hacking into your freaking toaster and making a funtenna open your garage door
Ok, you'd have to be a fucking FSB agent to have that happen to you, there are much more psychical and easier ways
But I want my garage door to open 8 minutes after my toast pops up...
INSANE! I will have to replicate it to believe...
Amazing video, thank you very much!
I learned tons in this video I will have to watch multiple time. Glad I found your channel!
If you encounter any issues with reproducing it, probably best to ask questions on the Discord. The github isn't the easiest to get support in.
I'm not sure what is more impressive, the end result or your persistence to get there. In any case, the two made it a great inspiring video!
I appreciate the comment. And yeah, persistence is generally the hard part but it's also the good part.
This is freaking awesome. You can essentially create the baseband using a cheap micro + 900MHz SAW + gain block.
BTW, it's "megacycles" not "megasamples".
SAW? Gain block?
Absolutely amazing stuff as always, here's hoping we eventually get that video on esp32-s2 overclocking. Knowing how cagey Espressif gets about that sort of thing it would be incredibly funny (and hopefully useful!!!) to have a chip running at more than twice the clock of their announced "High Performance" P4 (400MHZ)
It may or may not happen. I have to get more LN2. I wasn't able to get a lot of the tests and shots I wanted.
OH my god he's back!!! What an amazing discovery, incredible how hardware is able to do things thought impossible if one has enough motivation. And what a great protocol LoRa is. ESPs have no business being as good as they are, what a great invention.
I'm glad to be back, but I'm only here long enough to scurry away again. I think releasing only about 2 videos a year is going to stay my new norm.
Whatever you need man, as long as you're happy! These things take time, the community will support you in any way.
Besides, you're already more consistent than some movie studios and your content is always interesting.
This or some other project really, could be a great exhibition at OpenSauce
This is absurd. In a good way. You are inasane. I am properly impressed. Great work !
Thanks!
Thank you. I didn't really know about Lora until now. Having watched this. It's clear that the only thing slowing down adoption is knowing it's benefits and it being proprietary.
Optical Fibre transmission chirps over long distance transmission, and subsea regen reshapes chirped signals before they lose too much shape. I never thought chirping was beneficial before now. ID'ing a signal by the chirp I'm sure has been considered previously.
Being able to pull the signal out at femto watts at a few km is going to create many many IoT applications where routing a wire or reinforced concrete radio blocking is an issue.
This was very instructive.
Thank you.
Now all that's needed is a non proprietary version.
I'm glad you liked it. To note - one of the major benefits of LoRa is you can get silicon to easily send/receive packets. So, while proprietary, it means we get chips.
What is the right input frequency for the European radio region that uses the 865Mhz band?
You would need to look up the band plan for your region and use those numbers.
Amazing story. The engineering makes no sense to me, but explained in such a way that I could come with you on the journey. Really makes me wonder what the 3-letter-agencies are able to achieve with funtennas.
There's already a lot of papers about all sorts of things average researchers are able to achieve with them.
Congratulations, one of the best things I've seen in a while!
Thanks!
Nice. Thank you for your hard work and proof of operation.
Welcome!
could you put a notch filter on the antenna pin that is tuned to for example 868mhz(eu) or 915mhz (usa)?
Absolutely. Though you would still need to tweak the code to select the new frequency. 868MHz actually would produce a cleaner and clearer signal than at 915.
you are a freaking stubborn genius!
This opens so many opportunities. Thanks dude
Indeed! I hope you can take this and move forward yourself!
I work with LoRaWAN in my day job. This is the coolest thing I have seen in a long time 😂 Bravo!
Thanks!
This is the definition of crazy, I learned so much!
Thanks. I do try to pack my videos full. Sometimes you may need to watch them more than once.
I'm in awe. Thank you!
Thank you for watching
16:50 That's because Nyquist ist always explained incorrectly, even in academic literature. The original theorem clearly says "bandlimited signal" meaning bandwidth and included different Nyquist-zones that can be used for sub-Nyquist sampling. The only condition is that the bandwidth of the generated or sampled signal is smaller than fs/2. And many people don't seem to understand this.
I mean clearly it is misexplained, but it's still so hard to explain it in a way that gets the point across and is still right. I feel like only after playing with it over a long time have I begun to grok it.