I’m traveling at present and staying in a hotel where, let’s just say, QRM is heavy.
I decided to cruise the KiwiSDR network and found myself on the VK2GGC KiwiSDR in Hunter Valley NSW, Australia. As I was band-scanning, I stumbled upon Shortwave Australia on 4,835 kHz around 9:40 UTC.
It was great hearing this low power shortwave broadcaster on the air again! Check out the recording below with ID:
WebSDRs are such a wonderful resource when you truly need to escape QRM. It’s fun to travel the globe and tune through the bands like a local. Again, it’s great to hear Shortwave Australia again–I’m curious if anyone has logged them as DX from home.
Connected to a Kiwi SDR installed in Portugal, I listened to this experimental station on its 15785 kHz DRM frequency and sent a listening report (in the form of an audio recording and a screenshot) to the Fraunhofer Institute in Erlangen, Germany: [email protected]
I received a nice QSL!
The signal was picked up as far as New Zealand one told me. I think reception reports from all over the world would be very much appreciated …
That’s brilliant, Paul. Thank you so much for sharing the recording and QSL info. Hopefully, they’ll continue to receive reports from across the globe. It might be fun, in fact, to see just how far one could DX this DRM broadcast via the KiwiSDR network. Frankly, good copy of Funklust’s 250W DRM signal in Portugal is pretty impressive!
Many thanks to SWLing Post contributor, Al Hearn, who writes:
Given the emerging situation in the Ukraine, I would appreciate any tips and suggestions that you might offer directly or on your blog as to what we might find interesting in terms of SWL — related broadcast stations, pirate stations, unencrypted government stations, ham nets, or numbers stations that might be monitored for increased activity. KiwiSDR could be an important tool in such monitoring.
Of course, the limiting factor to me is that I don’t speak the language, so I would appreciate any comments from and SWLing Post community members in the region. Have you noticed any new HF activity? What stations are you turning to for information?
For years, a backdoor in popular KiwiSDR product gave root to project developer
Users are rattled after learning their devices and networks were exposed.
KiwiSDR is hardware that uses a software-defined radio to monitor transmissions in a local area and stream them over the Internet. A largely hobbyist base of users does all kinds of cool things with the playing-card-sized devices. For instance, a user in Manhattan could connect one to the Internet so that people in Madrid, Spain, or Sydney, Australia, could listen to AM radio broadcasts, CB radio conversations, or even watch lightning storms in Manhattan.
On Wednesday, users learned that for years, their devices had been equipped with a backdoor that allowed the KiwiSDR creator—and possibly others—to log in to the devices with administrative system rights. The remote admin could then make configuration changes and access data not just for the KiwiSDR but in many cases to the Raspberry Pi, BeagleBone Black, or other computing devices the SDR hardware is connected to.
A big trust problem
Signs of the backdoor in the KiwiSDR date back to at least 2017. The backdoor was recently removed with no mention of the removal under unclear circumstances. But despite the removal, users remain rattled since the devices run as root on whatever computing device they’re connected to and can often access other devices on the same network.
“It’s a big trust problem,” a user with the handle xssfox told me. “I was completely unaware that there was a backdoor, and it’s hugely disappointing to see the developer adding backdoors in and actively using them without consent.” [Click here to continue reading the full article…]
Thank you for sharing this, Franco (and many other readers who’ve recently shared this article.
I’ve always been a big fan of the KiwiSDR network and the receiver so, of course, this is disappointing news. It sounds as if there’s no evidence the developer did anything nefarious through this root access backdoor, but they were also well aware it existed. That is, without question, a huge security issue.
The KiwiSDR developer comments here on the SWLing Post so my hope is that, perhaps, they can shed some light on this story in our comments section.
Operating a KiwiSDR in Iceland from my vacation spot in Québec (circa 2018).
Many thanks to SWLing Post contributor, Richard Cuff, who writes:
Radyo Pilipinas is one of those English language stations that are not very likely to make to my Pennsylvania location, even under excellent conditions, simply because propagation of their frequencies wouldn’t reach eastern North America when they’re on the air.
Web tunable SDRs change all that…I caught them today from 0315 to their 0330 signoff on 15640 and 17620, in English, with a chatty travelogue program.
I was listening via an Indonesian Kiwi SDR located in Jakarta.
I’m left wondering — is there interest in reporting logs like this? We wouldn’t normally include them in the regular Loggings column in the NASWA Journal, because I’m not tuning my radio, I’m in front of a computer screen tuning half a world away.
FWIW, Radyo PIlipinas broadcasts in English daily from 0200 to 0330 on 15640, 17700 (announced but not heard) and 17620 kHz.
73 – Richard Cuff / Allentown, PA (virtually in Jakarta, Indonesia…)
Wow–what a great question, Rich.
I suspect some DXers have very strong feelings about WebSDR loggings, both for and against.
In terms of loggings columns with various radio clubs and organizations, I suppose it’s up to the governing body to decide. As you say, I suspect it will come down to whether or not remote radio operation counts. With a KiwiSDR, for example, you’re controlling a remote receiver–one that is physically located in a known geographic spot–and the audio is being piped over the Internet. I know it wouldn’t be in the spirit of the thing if you submitted logs implying you’d logged Radyo Pilipinas from your home receiver and antenna. If, however, you disclose that you were using a remote RX station in Jakarta, the logging would be accurate. Whether or not it’s allowed is a separate issue.
Anyone care to share their constructive comments? What do you think about WebSDR loggings? Please comment.
Thanks, Rob! CATSync seems to allow control of a web-based SDR from any OMNI Rig-supported radio via CAT control (which is the majority of transceivers). It appears CATSync allows control of tuning and mode changes via your radio and from the web SDR interface back to your rig.
One interesting use of this would be to use a remote SDR for receiving while using your home antenna for transmitting. This could help those inundated with RFI at home. While this might not be an allowed practice for contesting (having your receiver and transmitter in two different locations) it’s certainly permitted if you want to check in with a net or chat with friends. You don’t need CATSync to do this–you can always manually tune a web SDR separately–it would simply facilitate keeping both your RX and TX on the same frequency.
CATSync has a free trial with limited control–you can purchase the full version for 9.95 EUR.