about & FAQ

absorptions is a blog about my hobbies. So far it's mostly about signals, electronics and programming, but may pick up a random new field at any point. It's a place for me to direct my need to talk nerdy. Why? I like the smell of unsolved mysteries. Call them obsessions or special interests; I call them absorptions.

Here I've collected some questions often asked in the comments section etc.

Contact info

Why?

I write this blog because I want to share the joy of researching something interesting.

I'm one of those people who enjoy absorbing information about something very specific and solving mysteries for no apparent reason. Maybe it feels natural for us; maybe we see patterns in everything and are tempted to get to the bottom of them. Or maybe we never wanted to stop playing. Perhaps you would like this Quora answer: Why do people like puzzles?

Sometimes I may do things the hard way, instead of the obvious way. Why? Because this is how we roll in this blog.

How did you learn about signals? How could I learn, too?

See my nerd story. I learnt by spending much of my free time SWLing, programming, playing musical instruments, and reading for many, many years. This geeky stuff is what I've always enjoyed doing and I find it relaxing as well. It's like when some people like listening to heavy metal or reading manga, and end up having a lot of knowledge on the subject as a byproduct.

Here are some sources that might be suitable for beginners:

And maybe not-so-beginners:

No. This blog is a diary documenting my hobby – I don't sell ad space nor do I write sponsored content or product reviews at this point.

Will you publish our article in your blog?

No. This blog is a diary documenting my hobby. If someone else wrote entries in my diary I'd get pretty confused.

Do you do talks or workshops?

Yes, I've talked about my blog at several events, notably Chaos Communication Congress (CCC) in Hamburg, 44CON in London, and t2 infosec in Helsinki. See above for contact info and availability.

Videos of some talks:

What's your decoding software of choice?

Some command-line tools I use (Linux and macOS):

  • csdr does many kinds of basic low-level DSP tasks and can be used with Unix pipes on the command line. It can, for example, demodulate AM and FM, shift frequencies up and down, and convert integer data to floating point and back. It also works quite fast.
  • SoX can do brick-wall sinc filtering and arbitrary resampling. It's sometimes easier to use than csdr because the frequency parameters are in Hertz. I also use it to change the number of channels, to write WAV file headers, and to convert between file types.
  • For simple FSK stuff, minimodem is the perfect choice.
  • multimon-ng for many digital modes.

For visually browsing the live radio spectrum and listening to carriers by ear I use the GnuRadio-based gqrx. For all kinds of offline measurements and visual inspection I use baudline.

I also write my own tools, many of them in C++ using the liquid-dsp library. Some of these are open source:

What kind of radio hardware you've used in this blog?

In most radio-related projects I've used a cheap USB DVB-T receiver stick, also known as RTL-SDR. Currently I use the Airspy R2 as my main receiver. Some FM radio related projects were done using a modified "worldband receiver".

What's the software you use to draw graphics and waveforms?

For waveforms I use my own program called oscille (explained in a blog post). Baudline renders beautiful spectrograms. For graphics design and compositing I use free software like Inkscape, GIMP, ImageMagick, and librsvg.

Could you release source code for this project you wrote about?

Short answer: probably not.

Long answer: I like to write about my projects but I only occasionally release full source code. There are a couple of reasons behind this:

Firstly, publishing big software projects is a commitment. I would have to sacrifice a lot of my free time, and it would become less fun. And I want to keep writing this blog fun. Examples of the types of work it takes:

  • Software is expected to work on different OS distributions, hardware configurations, and compiler versions. There is already plenty of dysfunctional software in the wild, and I wouldn't want to contribute to that.
  • User input should be validated and all possible errors and exceptions should be foreseen and handled. "Dirty hacks" should be avoided.
  • I must be legally allowed to release all parts of the software. A single snippet of copy-paste from a tutorial or example that has no licensing information means I cannot release the software.
  • Published code has to be well-documented, preferably in English which is not my first language. Manuals and usage help should be up to date and internally consistent.
  • Once published, software needs to be maintained to work with current libraries and operating systems, and for possible portability and security issues.
  • Users require support. I wouldn't want to leave my users without support.

Secondly, I work professionally as a programmer, and code is a programmer's calling card. Therefore I like to control the quality of code that I release.

Also, I feel partly responsible for things people do with tools I made.

Instead of source code I prefer to share ideas, blog posts, diagrams, flow charts, algorithms; this is much more portable.

However, I have published many of my command-line tools on GitHub. These include:

  • redsea, an RDS decoder that aims to be fast and light-weight while still supporting most if not all RDS features.
  • deinvert, for descrambling a type of voice encryption known as voice inversion scrambling.
  • darc2json, for receiving DARC carriers. At the moment it only supports a few types of data packets.
  • squelch, a noise gate to facilitate RLE compression of PCM signals.

So you're a 'hacker'. That means you break into computers? Please hack my friend's Facebook?

No, this is a misconception. People who break into computers are security hackers; I'm not a security hacker. Contrary to the popular image, a 'hacker' to me is someone who misuses technology to learn and alter how it works. See hacker definition ambiguities on Wikipedia.

Why I originally labeled myself a 'hacker' is explained in this post. Long story short, I reverse engineered an encryption that was supposed to be "adequate to deter other than the most determined hacker", a literal quote from the specification. So, according the these specs, I would be a 'hacker'. But I didn't break into any computer; instead I received a public FM radio broadcast via the headphone jack of an ordinary radio and ran a program on my own computer, offline.

I recognize that usage of the term is bound to cause misunderstandings, but perhaps I want to contribute to keeping the broader meaning alive.

I also can't hack your friend's Facebook account. It's also illegal and wrong. I also cannot help with lost passwords or data unfortunately, even if I wanted to.

Hui, olet siis hakkeri. Ethän murtaudu tietokoneelleni?

Tämä on yleinen väärinkäsitys. Tietokoneisiin murtautujat ovat tietoturvahakkereita; minä en ole tietoturvahakkeri. En osaa edes murtautua tietokoneisiin. Hakkerit ovat yleisemmin tietokoneiden ja muiden teknisten järjestelmien toiminnasta, muuntelusta ja rakentelusta innostuneita harrastajia. Hakkeri saa laitteet toimimaan tavoilla, joihin niitä ei ollut suunniteltu. Populaarikulttuurissa "hakkerin" merkitys on typistynyt tietoverkkorikolliseksi.

Tämän postauksen alusta selviää, miksi kutsuin itseäni "hakkeriksi": erään salausmenetelmän kuvausdokumentissa nimittäin todettiin, että salaus on riittävän vahva pysäyttääkseen muut paitsi "kaikkein määrätietoisimmat hakkerit", ja purin tämän salauksen. En kuitenkaan murtautunut mihinkään järjestelmään, vaan vastaanotin ainostaan Radio Suomen FM-lähetystä tavallisella radiolla.

Tiedostan, että hakkeri-sanan käyttämiseen liittyy väärinkäsityksen mahdollisuus. Haluan kuitenkin osaltani pitää termin laajempaa merkitystä hengissä, sillä minusta siihen liittyvä historia ja ideologia on kiinnostavaa. Merkitykseltään läheisiä sanoja olisivat vaikkapa säätäjä tai virittelijä.

Oletko ns. valkohattuhakkeri tai hyvishakkeri, joka paljastaa tietoturvahaavoittuvuuksia?

En ole; tämä on yleinen väärinkäsitys. Olen työkseni ohjelmistokehittäjä eli ohjelmoija. Vapaa-ajallani muun muassa teen musiikkia ja kuuntelen radiotaajuuksia. En siis etsi tietoturvahaavoittuvuuksia enkä siksi myöskään voi sellaisia paljastaa. Teen näitä tutkimuksiani, koska se on minusta kiinnostavaa.

Lähimpänä valkohattuhakkerointia kävin kenties tutkiessani suomalaisen nettipankin analytiikkaskriptiä (pankkijuttu). En kuitenkaan harrasta tällaista mitenkään säännöllisesti. Haavoittuvuuksien etsijöille ja minulle on kyllä yhteistä uppoutuminen teknisiin yksityiskohtiin.

Tämän postauksen alusta selviää, miksi kutsuin itseäni hakkeriksi: erään salausmenetelmän kuvausdokumentissa nimittäin todettiin, että salaus on riittävän vahva pysäyttääkseen muut paitsi "kaikkein määrätietoisimmat hakkerit", ja purin tämän salauksen. En kuitenkaan murtautunut mihinkään järjestelmään, vaan vastaanotin ainostaan Radio Suomen FM-lähetystä tavallisella radiolla.

Tiedostan, että hakkeri-sanan käyttämiseen liittyy väärinkäsityksen mahdollisuus. Haluan kuitenkin osaltani pitää termin laajempaa merkitystä hengissä, sillä minusta siihen liittyvä historia ja ideologia on kiinnostavaa. Merkitykseltään läheisiä sanoja olisivat vaikkapa säätäjä tai virittelijä.

Will you decode this signal / write this program for me?

Yes, I can be hired to do reverse engineering or programming; see contact details and availability above.

C++ and Perl are my preferred programming languages. I don't do mobile app / web development at this point.

What do you do for a living?

I work as a C++ programmer.

What are you working on right now?

I always have some posts as drafts, but there are no rigid plans or schedules. When the blog starts to become a burden I take pauses of several months – even years – to think about other things. These would be outside the subject matter of this blog.

For example, I make sleepy music (EP on Spotify). I also like bike rides, gaming, and juggling.

What's that weird language?

It's Finnish, the official language where I live and also my native language. I started to learn English at the age of 11. I also know Swedish and some Estonian.

How is your name pronounced?

/ɔ:nɑ/ ("awna"). If you want to learn more about Finnish phonology, see this video, it's a great summary.

I have questions!

I'm on ask.fm.

9 comments:

  1. Discovered the dial-up poster last year. Loved it.
    Discovered your blog today. Enjoyed it.
    Saw that you have a radio license. Congrats!

    de VA1DF

    ReplyDelete
  2. I grew up hacking telephone systems, A lot of this for me is the old school of tech. Still, I find your signals analyses really interesting. Thanks again.

    -C

    ReplyDelete
  3. Hi

    Great blog! Would you mind sharing the details of the HW you use for your investigations?

    Thanks
    Cheers

    ReplyDelete
  4. Hi Oona,
    I started to follow your blog some years ago, congrats, I love this stuff... A personal question came up (sorry I'm curious), what's your type/result of Myers-Briggs test?

    Thanks!

    ReplyDelete
  5. Oona, what is the baudrate of the human ear and auditory processing system? What I mean is that someone could listen to and process a morse code transmission at 300 letters per second using just a single frequency (and different durations). If we added more frequencies could we double or quadruple this rate?

    ReplyDelete
    Replies
    1. Googling around, seems there's a world record for CW RX from 1939, at 75 WPM = 6 letters per second.

      Delete
  6. hi, if you didnt know there is a nice project on SDR, modem, codecs. There is even a physics defying low power tests... http://www.rowetel.com/blog/

    ReplyDelete

The comments section is pre-moderated; it will take some time for the comment to show up.

You might want to check out the FAQ first.