For years, a backdoor in popular KiwiSDR product gave root to project developer
Users are rattled after learning their devices and networks were exposed.
KiwiSDR is hardware that uses a software-defined radio to monitor transmissions in a local area and stream them over the Internet. A largely hobbyist base of users does all kinds of cool things with the playing-card-sized devices. For instance, a user in Manhattan could connect one to the Internet so that people in Madrid, Spain, or Sydney, Australia, could listen to AM radio broadcasts, CB radio conversations, or even watch lightning storms in Manhattan.
On Wednesday, users learned that for years, their devices had been equipped with a backdoor that allowed the KiwiSDR creator—and possibly others—to log in to the devices with administrative system rights. The remote admin could then make configuration changes and access data not just for the KiwiSDR but in many cases to the Raspberry Pi, BeagleBone Black, or other computing devices the SDR hardware is connected to.
A big trust problem
Signs of the backdoor in the KiwiSDR date back to at least 2017. The backdoor was recently removed with no mention of the removal under unclear circumstances. But despite the removal, users remain rattled since the devices run as root on whatever computing device they’re connected to and can often access other devices on the same network.
“It’s a big trust problem,” a user with the handle xssfox told me. “I was completely unaware that there was a backdoor, and it’s hugely disappointing to see the developer adding backdoors in and actively using them without consent.” [Click here to continue reading the full article…]
Thank you for sharing this, Franco (and many other readers who’ve recently shared this article.
I’ve always been a big fan of the KiwiSDR network and the receiver so, of course, this is disappointing news. It sounds as if there’s no evidence the developer did anything nefarious through this root access backdoor, but they were also well aware it existed. That is, without question, a huge security issue.
The KiwiSDR developer comments here on the SWLing Post so my hope is that, perhaps, they can shed some light on this story in our comments section.
Arecibo Observatory’s 305-meter telescope in November 2020 (Credit: University of Central Florida)
Radio Waves: Stories Making Waves in the World of Radio
Because I keep my ear to the waves, as well as receive many tips from others who do the same, I find myself privy to radio-related stories that might interest SWLing Post readers. To that end: Welcome to the SWLing Post’sRadio Waves, a collection of links to interesting stories making waves in the world of radio. Enjoy!
Many thanks to SWLing Post contributors Ned Wharton, Pete Eaton, Zack Schindler, and Dave Zantow for the following tips:
Today, the National Science Foundation released video taken at the moment the Arecibo Radio Observatory’s cables failed, allowing its massive instrument platform to crash into the dish below. In describing the videos, the NSF also talked a bit about the monitoring program that had put the cameras in place, ideas it had been pursuing for stabilizing the structure pre-collapse, and prospects for building something new at the site.
A quick recap of the collapse: the Arecibo dish was designed to reflect incoming radio radiation to collectors that hung from a massive, 900-ton instrument package that was suspended above it. The suspension system was supported by three reinforced concrete towers that held cables that were anchored farther from the dish, looped over the towers, and then continued on to the platform itself. Failure of these cables eventually led to the platform dropping into the dish below it.
[…]The video of that collapse comes from a monitoring system put in place in the wake of the cable failures. Due to the danger of further cable breaks, the NSF had instituted no-go zones around each of the three towers that supported the cables. With no personnel allowed to get close enough to inspect the cables, the staff started monitoring them using daily drone flights, one of which was in progress during the collapse. In addition, a video camera was installed on top of the visitor’s center, which had a clear view of the instrument platform and one of the support towers.
Lessons of a successful electronic business—an interview with Chas Gilmore, former Heath executive.
For those of you who do not know or remember, Heath Company was the largest kit company in the world. Heath designed and put practically every type of electronic product into kit form. Its products, called Heathkits, were exceptionally popular and many are still in use today.
Over the years, Electronic Design has published many Heathkit-related articles and blogs. Recently, I had a chance to talk with Chas Gilmore, who was a Heath executive. For those of you who fondly remember Heathkit and miss its products, here’s a look back at this amazing company and the lessons it offers.
Chas, what was your affiliation with Heath?
A recent physics graduate, I joined Heath in 1966 as an engineer in the Scientific Instruments department. This was a new group designing laboratory instruments supporting the Malmstadt/Enke, Electronics for Scientists program. The kit business was making great strides.
The audio department was about to introduce the AR-15 FM receiver/amplifier. It had rave reviews, putting Heath in the top tier of the Audio/HiFi market. At the same time, the Ham (amateur radio) department was updating the phenomenally successful SB-line of an HF SSB receiver, transmitter, and transceiver, and modernizing the popular $99 single-band SSB transceiver line[…]
Found this interesting series at Radioworld called “Radio at 100”. It is 29 different articles about the history of broadcasting in the USA. A lot of your readers might enjoy these; https://www.radioworld.com/tag/radio-at-100
Another great series at Radioworld that your readers might be interested in “Roots of Radio”:
Amateur radio licensees and candidates will have to provide the FCC with an email address on applications, effective sometime in mid-2021.
If no email address is included, the FCC may dismiss the application as defective.
The FCC is fully transitioning to electronic correspondence and will no longer print or provide wireless licensees with hard-copy authorizations or registrations by mail.
A Report and Order (R&O) on “Completing the Transition to Electronic Filing, Licenses and Authorizations, and Correspondence in the Wireless Radio Services” in WT Docket 19-212 was adopted on September 16. The new rules will go into effect 6 months after publication in the Federal Register, which hasn’t happened yet, but the FCC is already strongly encouraging applicants to provide an email address.
When an email address is provided, licensees will receive an official electronic copy of their licenses when the application is granted.
Under Section 97.21 of the new rules, a person holding a valid amateur station license “must apply to the FCC for a modification of the license grant as necessary to show the correct mailing and email address, licensee name, club name, license trustee name, or license
custodian name.” For a club or military recreation station license, the application must be presented in document form to a club station call sign administrator who must submit the information to the FCC in an electronic batch file.
Under new Section 97.23, each license will have to show the grantee’s correct name, mailing address, and email address. “The email address must be an address where the grantee can receive electronic correspondence,” the amended rule will state. “Revocation of the station license or suspension of the operator license may result when correspondence from the FCC is returned as undeliverable because the grantee failed to provide the correct email address.”
A new antenna using single atoms could usher in the age of atomic radio
The team tested their device by recording themselves singing “Mary Had a Little Lamb”
In the 1950s, atomic clocks revolutionized precision time-keeping. Now we may be on the verge of so-called “atomic radio,” thanks to the development of a new type of antenna capable of receiving signals across a much wider range of frequencies (more than four octaves) that is highly resistant to electromagnetic interference.
An antenna is typically a collection of metal rods that pick up passing radio waves and convert their energy into an electrical current, which is then amplified. One might argue that the good old-fashioned radio antenna has served us well since the dawn of the 20th century, so why do we need anything to replace it?
According to David Anderson of Rydberg Technologies, those antennae are wavelength-dependent, so their size depends on whatever wavelength of signal they are trying to measure (they need to be about half the size of whatever wavelength they are designed to receive). That means you need antennae of several different sizes to measure different radio frequencies.
Anderson is a co-author of a new paper posted to the arXiv describing a novel alternative to conventional antennae, based on vapor cells filled with a gas of so-called “Rydberg atoms.” That just means the atoms are in an especially excited state, well above their ground (lowest-energy) state. This makes them especially sensitive to passing electric fields, like the alternating fields of radio waves. All you need is a means of detecting those interactions to turn them into quantum sensors.[…]
It’s a good time to be technical. Maker communities are thriving around the world, tools and materials to create and adapt are cheaper and more powerful now than ever, and open source hardware, software, and information mean that if you can think it, you can learn how to do it and then make it happen.
For one group of technological explorers, this is more than just a golden age of opportunity: it’s providing the means to save one of the oldest traditions in electronic invention and self-education, one that helped shape the modern world: amateur radio. That matters.
Radio amateurs get a sweet deal, with effectively free access to many gigahertz of the same radio spectrum that companies pay billions for. They’ve earned it. Throughout the history of electronics, they’ve been at the borders of the possible, trying out ideas that commerce or government deem impossible or pointless—and making them work. One example of hundreds: Allied military comms in World War II needed a way to reliably control the radios used by front-line forces, replacing tuning knobs with channel switches. Hams had the answer ready and waiting: quartz crystal oscillators. (That’s part of computing history too—you’re probably using about ten of them right now.).
[…]Then, there’s backup. Take the European HAMNET, for example. That’s a four-thousand-node high speed data network covering a large part of continental Europe and providing full IP connectivity at megabit speeds. It connects to the Internet—ham radio owns 16 million IPV4 addresses, believe it or not—but is independent of it, doing its own robust and flexible routing. If the Internet was to go away, HAMNET would still be running. The same’s true of nearly all ham radio infrastructure: when everything else fails—power, comms, roads—ham radio is still there, and these days it can be a full-fat digital medium.[…]
Note that I’m not speaking strictly of the HF spectrum here. But mark this: a radio revolution is, right now, in the making. ARS Technica just last week published an article entitled, “How software-defined radio could revolutionize wireless” in which the authors argue that software defined radios (SDRs) might not only open the door to new uses for our radio spectrum–uses we can’t currently fathom!–but also open the door to unlimited free innovation. Innovation in the form of experimental hacking, much of which could simply fall below or outside of the FCC and other spectrum governing bodies, could become the province of literally anyone who wants to give it a go.
The article takes the reader through the evolution of SDRs and introduces a company manufacturing a product that could be to the radio spectrum and wireless communications what Apple became to personal computing.
Sunspots of September 1, 1859, as sketched by Richard Carrington A and B mark the initial positions of an intensely bright event, which moved over the course of 5 minutes to C and D before disappearing. (Source: Wikimedia Commons)
These days, CMEs and solar flares get a great deal of media attention. But it’s mostly speculation–for even with our advanced abilities to measure the potential impact, we can’t be sure what will happen each time this occurs. Might this solar flare be strong enough to damage our satellites and electrical infrastructure? we may wonder. Could it ‘fry’ our electrical grid?
The concerns are merely speculative. But is there actual cause for concern? Surely. A massive solar flare could damage much of our technology in space–such as our satellites–and could also certainly cause headaches for those who manage our electrical grids.
But do we know how powerful solar events can be? History may hold the answer.
In September of 1859, a solar flare was so massive that there were newspaper reports of it across the globe, and many found the strange light it created baffling. Of course, now, there’s no speculation as to what happened then–eyewitness accounts and plenty of written evidence in this pre-internet era paint a clear picture of a massive coronal ejection. This event has been referenced many times as a benchmark–one that, should it happen now, would certainly give us serious pause. Technologically, that is.
It hit quickly. Twelve hours after Carrington’s discovery and a continent away, “We were high up on the Rocky Mountains sleeping in the open air,” wrote a correspondent to the Rocky Mountain News. “A little after midnight we were awakened by the auroral light, so bright that one could easily read common print.” As the sky brightened further, some of the party began making breakfast on the mistaken assumption that dawn had arrived.
Across the United States and Europe, telegraph operators struggled to keep service going as the electromagnetic gusts enveloped the globe. In 1859, the US telegraph system was about 20 years old, and Cyrus Field had just built his transatlantic cable from Newfoundland to Ireland, which would not succeed in transmitting messages until after the American Civil War.
“Never in my experience of fifteen years in working telegraph lines have I witnessed anything like the extraordinary effect of the Aurora Borealis between Quebec and Farther Point last night,” wrote one telegraph manager to the Rochester Union & Advertiser on August 30:
The line was in most perfect order, and well skilled operators worked incessantly from 8 o’clock last evening till one this morning to get over in an intelligible form four hundred words of the report per steamer Indian for the Associated Press, and at the latter hour so completely were the wires under the influence of the Aurora Borealis that it was found utterly impossible to communicate between the telegraph stations, and the line had to be closed.
But if the following newspaper transcript of a telegraph operator exchange between Portland and Boston is to be believed, some plucky telegraphers improvised, letting the storm do the work that their disrupted batteries couldn’t:
Boston operator, (to Portland operator) – “Please cut off your battery entirely from the line for fifteen minutes.”
Portland operator: “Will do so. It is now disconnected.”
Boston: “Mine is disconnected, and we are working with the auroral current. How do you receive my writing?”
Portland: “Better than with our batteries on. Current comes and goes gradually.”
Boston: “My current is very strong at times, and we can work better without the batteries, as the Aurora seems to neutralize and augment our batteries alternately, making current too strong at times for our relay magnets.
Suppose we work without batteries while we are affected by this trouble.”
Portland: “Very well. Shall I go ahead with business?”
Boston: “Yes. Go ahead.”
Telegraphers around the US reported similar experiences. “The wire was then worked for about two hours without the usual batteries on the auroral current, working better than with the batteries connected,” said the Washington Daily National Intelligencer. “Who now will dispute the theory that the Aurora Borealis is caused by electricity?” asked the Washington Evening Star.