Date   

Re: Shouldn't need to state this... Don't open random files from the Internets #offtopic

Noel f6bgc
 

Hello,
a similar email address jara8462(at)nelsonvilletv.com (yes, 8462, not 8426)
has been used in icom rs-ba1@groups.io to send the same scam email.
Adam VA7OJ banned this user from all groups he's managing.

If  not already done,
would it be possible for Youssef and Simon to ban the sender jara8426(at)nelsonvilletv.com
from all groups they manage respectively ?
Thanks in advance.

73 - noel f6bgc


Le mar. 29 sept. 2020 à 21:12, Simon Brown <simon@...> a écrit :

I host the sdr-radio.com e-mail on Google, it got past Google’s defences!

 

Not living in the 1980’s I don’t have any need for VBS so just ignored it.

 

Simon Brown, G4ELI

https://www.sdr-radio.com

 

From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow
Sent: 29 September 2020 20:02
To: airspy@groups.io
Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic

 

That's the one I just wrote about. I REALLY hope nobody opened it.

{^_^}



--
73 - noel f6bgc


Re: To dBFS or not dBFS - New SDR# release #announcements

jdow
 

On 20200929 06:37:11, David J Taylor via groups.io wrote:
From: Phil Karn
[]
I agree this is the preferred definition, but it's not the only one.
Think peak vs RMS. The AES (Audio Engineering Society) standard says a
full-scale sine wave is 0 dBFS, which means a full-scale square wave
will be +3dBFS. But there's an ITU-T standard (G.100.1) that defines a
full scale *square* wave as 0 dB. A sine wave thus cannot be above -3dB
without clipping, and it is impossible for any waveform to have a
positive amplitude. See https://en.wikipedia.org/wiki/DBFS

Hence multiple conventions with a 3dB difference, and that's just for a
single real channel. I want a convention where the same signal into a R2
will have the same digital amplitude with 20 Ms/s real sampling as with
10 Ms/s complex sampling. I think I'm off by 3 dB somewhere in my own
code, which is what got me thinking about this.

Phil
==========================================

It's the difference between peak voltage and RMS power, isn't it?

The R2 I have accepts only a single real channel, as do all the SDRs I have. With quadrature sampling you would have two signals with the same peak value, so you could measure either, but not both.

Cheers,
David

You measure both using instantaneous I^2 + Q^2. As I explained when one is maximum the other is minimum.

sin(X)^2 + cos(X)^2 = 1 is a basic trigonometric identity. So there is no 3 dB or RMS or anything else involved. If the channels are balanced (no center spur) then the "complex" peak voltage is the same as the "real" peak voltage.

{^_^}


Re: Help me flash my Airspy HF+ Discovery

prog
 

On Tue, Sep 29, 2020 at 09:11 PM, <viennaboy07@...> wrote:

Hi
I bought mine Airspy HF+ Discovery during Black friday to. The FW before dont show any BB, CD before.
And sadly nowhere was an information what it mean. So I flashed the BB. Well the SDR show up and SDR# show me the Device, FW, Serial so far so normal.

When I did install my SW Antenna who worked the day before fine nothing... I thought on the chinese crap is maybe broken... I connect it to my VHF Antenna (since the should cover the Radio Band) and what happen? Nada! Not even on the Radio Band.

So what did i do? Did I flash the wrong FW? Does  I brick them?
Thanks

If you messed up your firmwares:
1) Reset the device => Double click on hfplus_reboot.exe
2) Double click on Flash.bat
3) Don't miss the right option again.
...
4) It's not Chinese crap.


Re: Shouldn't need to state this... Don't open random files from the Internets #offtopic

Simon Brown
 

I host the sdr-radio.com e-mail on Google, it got past Google’s defences!

 

Not living in the 1980’s I don’t have any need for VBS so just ignored it.

 

Simon Brown, G4ELI

https://www.sdr-radio.com

 

From: airspy@groups.io <airspy@groups.io> On Behalf Of jdow
Sent: 29 September 2020 20:02
To: airspy@groups.io
Subject: Re: [airspy] Shouldn't need to state this... Don't open random files from the Internets #offtopic

 

That's the one I just wrote about. I REALLY hope nobody opened it.

{^_^}


Help me flash my Airspy HF+ Discovery

viennaboy07@...
 

Hi
I bought mine Airspy HF+ Discovery during Black friday to. The FW before dont show any BB, CD before.
And sadly nowhere was an information what it mean. So I flashed the BB. Well the SDR show up and SDR# show me the Device, FW, Serial so far so normal.

When I did install my SW Antenna who worked the day before fine nothing... I thought on the chinese crap is maybe broken... I connect it to my VHF Antenna (since the should cover the Radio Band) and what happen? Nada! Not even on the Radio Band.

So what did i do? Did I flash the wrong FW? Does  I brick them?
Thanks


Re: Help me understand how SDR# works

jdow
 

On 20200929 05:09:19, prog wrote:
On Tue, Sep 29, 2020 at 09:47 AM, jdow wrote:
1) Humor Youssef. It is easier for him to debug with the current build than old builds. It's pointless to waste his time if it accidentally did get fixed.
2) How do you perform the setting and when in the process does it jump (back?) to 10 kHz when you try to set 8 kHz?
3) Have you mucked with the config file to change any things like minimum sample rate or the like? I guess that asks the question, What happens when you unzip SDRSharp-x86.zip into a safe folder say C:\fubar as c:\fubbar\sdrsharp-x86/sdrsharp-x86.exe and simply run it doing nothing else?

If you want debugging be VERY explicit, step by step, with how you created it. Even the way you move out of adjusting the bandwidth matters.

{^_^}
New comers are often confused with the Band Plan plugin. Give them some time.

Nonetheless that is a good set of three things do do when reporting a bug or problem. A fourth might involve a full sized screenshot of the program just before and just after your repeatable bug hits.

{^_-}


Re: To dBFS or not dBFS - New SDR# release #announcements

jdow
 

If you have encryption software linked into the application, as for DRM protection, your software will often be gigged for that.

{^_^}

On 20200929 05:06:38, prog wrote:
Some dlls are optimized using PGO (Profile Guided Optimizations). Some average anti-viruses may get a false positive.


Re: Shouldn't need to state this... Don't open random files from the Internets #offtopic

jdow
 

That's the one I just wrote about. I REALLY hope nobody opened it.

{^_^}

On 20200928 12:32:41, Chris Spacone wrote:
I recently received a direct email from jara8426@... that contained a short cryptic message regarding a topic I and others have recently posted on.

I've never heard of this person so that was hint #1 and the message body contained no indication telling me whom it might have come from, hint#2.

The message body contained a link to drive.google.com and a document password, hint #3.

I downloaded the ZIP file and scanned it for virii, trojans and other potential villains, all came back negative. Hint #4.

I examined the ZIP file and it contained an oddly named file with a VBS extension. Hint #5.

I stopped there and deleted everything related to this. I may set up a playground and see what this thing intended to do but not terribly interested in expending a great deal of time on what is clearly a ham fisted hacking attempt.

So, if you get email from somebody you don't know, that isn't signed, that contains links you didn't ask for that point to files with questionable provenance you should probably do yourself a favor and delete it.

Remember, the vast majority of folks we meet are good, honest folk interested in the same thing we are, Airspy.

Remember also that there are bad actor out there as well and that you need to do your due diligence.

-Chris



Re: To dBFS or not dBFS - New SDR# release #announcements

jdow
 

1) There are examples of malware the Internet Storm Center has detected in their honeypots that give 0 Virus Total hits.
2) I have compiled DLLs that probably should have been detected as malware and were not for whatever reason. (I had to work HARD to get around an XP misfeature for MIDI dlls that could prevent a machine from booting. Apparently MIDI starts before networking and messing with anything networking before a user is logged in locks the machine. And ANY application starts MIDI as a general course, even "ipconfig.exe". So during boot some application or dll tried to open midi. That engaged my dll. That tried to taste the network as it was a MIDI translation device to talk midi via networking, the first to do so. I found a fix for the problem. Then years later another such DLL was spuriously caught by Windows Defender, which caused a crisis when the dll could not be run on a customer's theater machine aboard a cruise ship.)
3) The very nastiest viruses have to be detected at run time by their patterns of operation. Every copy is different.
4) Most (all?) download detection appears to be via checksums for patterns of bytes within the files. Theoretically duplicating these patterns should be difficult. BUT, "not so much" if the patterns are not big enough.

Virus detection appears to be an arcane art form. New stuff is not detected for a period of time before somebody turns it in as suspect. That period of time can be annoyingly long. It can also be gratifyingly short. So a lot of your decision MUST involves "how well do you know and trust the source for the download?" And in a very recent example on either Youssef's list here or Simon's list, I forget which, involved a generically worded link to a password protected document from a source I'd not notice posting before. (Raise your hand if you opened it and your computer is still useful.)

{^_^}

On 20200929 01:45:21, Martin Smith via groups.io wrote:
I just got around to downloading this now, and is my habit I upload most things I download (excluding source code) to virustotal, and 13 out of 66 virus scan engines picked up 5 files as being in some way potentially malicious, see below:

spyserver.exe can easily be mistaken, it is a server that accepts commands from a remote machine and uploads (FFT and IQ) data to machines on the internet. It would be very bad if it was not being detected as something that could potentially be malicious, which it is not. It is good that it is being flagged, shows that the algorithms being used to detect potentially malicious code are actually working.

shark.dll I'm really not sure why this is being flagged, anyone have an idea ? I thought that the shark DLL was mostly DSP.

spyserver_ping.exe again sends commands to a remote machine and gets data back, can easily be detected as something that could potentially be malicious, which it is not.

airspyhf.dll I'm not sure why it is being flagged, any idea ? Maybe because it communicates at a low level with a USB device.

airspy_adsb.exe it is a server that local/remote machines connect to to download data, can easily be detected as something that could potentially be malicious, which it is not.



https://www.virustotal.com/gui/file/abaa2e7a66a74b523dcb81cfdac08f4cc4adef105c580f7b023c0938181850a5/relations
date of last scan of a file with the same hash: 2020-09-29
How many detection engines thought that something might be bad: 11 / 71
What type of file is this: Win32 EXE
What is the name of this file: spyserver.exe
SHA-256	1c28a2453cd1b2383b658531407ef52821be180b4cb4fc069a8f2b8de59feff6
Date Bundled	2020-09-27 22:40:14
File Size	643.00 KB

2020-09-28
3/70
Win32 DLL
shark.dll
SHA-256	bd8500f5da983f94a67ff900edbf7379929e4f4b7e53f9d4c43dc2c3dfe86947
Date Bundled	2020-09-21 15:20:20
File Size	326.00 KB

2020-09-29
4 / 68
Win32 EXE
spyserver_ping.exe
SHA-256	643ff6cf154eb04e2d6a8adaf596ce11d3cfe0e42d76f91617e5f6eedd66efcc
Date Bundled	2020-09-27 22:40:04
File Size	106.50 KB

2020-09-26
1 / 70
Win32 DLL
airspyhf.dll
SHA-256	fc53d024b647cc68c0ff1a9a82bd40fe20f4ac2884968df27b8ea88ff213696b
Date Bundled	2020-09-21 15:49:56
File Size	291.00 KB

2020-09-26
1 / 71
Win32 EXE
airspy_adsb.exe
SHA-256	dabc113af3a1d89d326c86f1825c17a7fb9c61506dfb3530a6eec0281cb97659
Date Bundled	2019-11-18 14:34:50
File Size	120.50 KB






Re: Help me debug my spyverter

Ron
 

When I did my testing I used a “sprung hook” jumper lead to the SMA’s center pin stud on the solder side of the board. It was a tentative “grab” but it worked. I clip lead grounded to the threads on the connector. The test leads then went to one of my antenna feed lines. Even if you can just touch a simple antenna to the center pin connection on the board with SDR# tuned to a known strong AM BC station you would see the band come alive, that is what I did first.

For a temporary fix I took a dental pick under my magnifier and gently nudged the center sleeve in a bit. Then I connected a pig tail SMA to SO239, which will now stay in place until I replace the connector. Even then continuing to use a pig tail with your choice of antenna connector so there is less wear and tear on the SMA connector along with some strain relief is a good idea as has been discussed here.


Ron
WB5DYG
San Tan Valley, AZ
www.wb5dyg.com


Re: To dBFS or not dBFS - New SDR# release #announcements

David J Taylor
 

From: Phil Karn
[]
I agree this is the preferred definition, but it's not the only one.
Think peak vs RMS. The AES (Audio Engineering Society) standard says a
full-scale sine wave is 0 dBFS, which means a full-scale square wave
will be +3dBFS. But there's an ITU-T standard (G.100.1) that defines a
full scale *square* wave as 0 dB. A sine wave thus cannot be above -3dB
without clipping, and it is impossible for any waveform to have a
positive amplitude. See https://en.wikipedia.org/wiki/DBFS

Hence multiple conventions with a 3dB difference, and that's just for a
single real channel. I want a convention where the same signal into a R2
will have the same digital amplitude with 20 Ms/s real sampling as with
10 Ms/s complex sampling. I think I'm off by 3 dB somewhere in my own
code, which is what got me thinking about this.

Phil
==========================================

It's the difference between peak voltage and RMS power, isn't it?

The R2 I have accepts only a single real channel, as do all the SDRs I have. With quadrature sampling you would have two signals with the same peak value, so you could measure either, but not both.

Cheers,
David
--
SatSignal Software - Quality software for you
Web: https://www.satsignal.eu
Email: david-taylor@blueyonder.co.uk
Twitter: @gm8arv


Re: Shouldn't need to state this... Don't open random files from the Internets #offtopic

Johan Bodin
 

I got a similar, perhaps the same, message from the same sender. It referred to a thread on this list but was addressed directly to me.

/Johan

Den 2020-09-28 kl. 21:32, skrev Chris Spacone:

I recently received a direct email from jara8426@... that contained a short cryptic message regarding a topic I and others have recently posted on.

I've never heard of this person so that was hint #1 and the message body contained no indication telling me whom it might have come from, hint#2.

The message body contained a link to drive.google.com and a document password, hint #3.

I downloaded the ZIP file and scanned it for virii, trojans and other potential villains, all came back negative. Hint #4.

I examined the ZIP file and it contained an oddly named file with a VBS extension. Hint #5.

I stopped there and deleted everything related to this. I may set up a playground and see what this thing intended to do but not terribly interested in expending a great deal of time on what is clearly a ham fisted hacking attempt.

So, if you get email from somebody you don't know, that isn't signed, that contains links you didn't ask for that point to files with questionable provenance you should probably do yourself a favor and delete it.

Remember, the vast majority of folks we meet are good, honest folk interested in the same thing we are, Airspy.

Remember also that there are bad actor out there as well and that you need to do your due diligence.

-Chris


Re: Shouldn't need to state this... Don't open random files from the Internets #offtopic

Lyndxer
 

I received the same email yesterday claiming to be in response to my recent posts about my Spyverter problem. I immediately thought the wording and a reference to a form I supposedly requested was odd.  I looked at the path of the email and it looked legit. Out of further curiosity, I Googled "Nelsonvilletv.com to see if I could find someone there with that email address. No go.

I ran the link through an online malware detector and it came up negative on all the sites it checked. Then I decided to see if I could download the zipped file which had a .vbs doc in it, but Windows Defender would not let me  saying it detected a Trojan virus in it.  Defender has been known to be wrong before but at that point, my natural curiosity took a back seat to my natural skepticism and I went no further, other than forwarding the email to the group administrator asking whether the sender was a registered member of the group.


Re: To dBFS or not dBFS - New SDR# release #announcements

Martin Smith
 

After a bit of digging, one is using a neural network, so a false positive on it's pattern matching.
SecureAge APEX - Malicious
I submitted shark.dll as a false positive to https://www.secureaplus.com/features/antivirus/report-false-positive/

The second one is surprise surprise also machine learning (neural network) based, so a false positive on it's pattern matching.
BitDefenderTheta - Gen:NN.ZedlaF.34254.uy4@amMEQZki
I submitted shark.dll as a false positive to https://www.bitdefender.com/submit/

The third one is also an Artificial Intelligence Antivirus (it is a neural network), yet another false positive on it's pattern matching.
Bkav - W32.AIDetectVM.malware2
They do not appear to have a way to submit false positives, which is not a good sign.


Re: To dBFS or not dBFS - New SDR# release #announcements

prog
 

On Tue, Sep 29, 2020 at 02:24 PM, Martin Smith wrote:
If you look at the two links below those dll's are modifying entries in the registry, deleting entries in the registry (I'm assuming when finished) and launching (microsoft) applications. I can see how an virus detection engine would get a false positive.
If you have time to debug these average anti-viruses, get IDA and disassemble the dlls. Look for anything that could access the registry. If nothing is found, maybe it's the OS itself that is enabling some performance stuff.


Re: To dBFS or not dBFS - New SDR# release #announcements

Martin Smith
 

If you look at the two links below those dll's are modifying entries in the registry, deleting entries in the registry (I'm assuming when finished) and launching (microsoft) applications. I can see how an virus detection engine would get a false positive.


Re: Help me understand how SDR# works

prog
 

On Tue, Sep 29, 2020 at 09:47 AM, jdow wrote:
1) Humor Youssef. It is easier for him to debug with the current build than old builds. It's pointless to waste his time if it accidentally did get fixed.
2) How do you perform the setting and when in the process does it jump (back?) to 10 kHz when you try to set 8 kHz?
3) Have you mucked with the config file to change any things like minimum sample rate or the like? I guess that asks the question, What happens when you unzip SDRSharp-x86.zip into a safe folder say C:\fubar as c:\fubbar\sdrsharp-x86/sdrsharp-x86.exe and simply run it doing nothing else?

If you want debugging be VERY explicit, step by step, with how you created it. Even the way you move out of adjusting the bandwidth matters.

{^_^}
New comers are often confused with the Band Plan plugin. Give them some time.


Re: To dBFS or not dBFS - New SDR# release #announcements

prog
 

Some dlls are optimized using PGO (Profile Guided Optimizations). Some average anti-viruses may get a false positive.


Re: Mode A/C for ADSB-Spy?

prog
 

On Tue, Sep 29, 2020 at 12:11 PM, Ben Hall wrote:
Can anyone point to a reference on how to enable mode A/C on ADSBSpy or confirm that it is a feature that would need to be added?
Added to the pile of rareware things to be implemented.


Mode A/C for ADSB-Spy?

Ben Hall
 

Good evening all,

I asked this question a while ago with no reply. Figured that may have been at a bad time when everyone was busy with other tasks, so thought I'd try it again today. :)

Many months ago, I moved my AirSpy / Planeplotter over to a Raspberry Pi 4. The RPi runs ADSBSpy and feeds Planeplotter on my PC. It works FLAWLESSLY. In fact, the RPi/ADSBSpy combination is more reliable than the Win10 PC that runs PlanePlotter.

About two months ago, the PlanePlotter folks upgraded the software to take advantage of Mode A/C information. From what I can tell, either dump1090 already had Mode A/C available via command line switch, or it was something recently added. (I don't know, because when I went to the AirSpy, I ditched my RTL-based dongles as well as dump1090)

I've been searching around trying to see if ADSBSpy has a mode A/C switch, or if it would be a new feature that would need to be added. I've tried all the usual places without any luck.

I *do not* want to go back to an RTL-based dongle, as the AirSpy (even the original, non-R2 unit I'm using) has very much superior performance at ADSB frequencies. At my location, probably another 100 messages per second better.

Can anyone point to a reference on how to enable mode A/C on ADSBSpy or confirm that it is a feature that would need to be added?

thanks much and 73,
ben, kd5byb

6901 - 6920 of 43124