The Amp Hour Electronics Podcast

A weekly show about the trends in the electronic industry.

You are here: Home / Transcript / #161 – Transcript – Gifted Grimgribber Grokker

#161 – Transcript – Gifted Grimgribber Grokker

Episode:  #161
Date: September 3, 2013
Title: Gifted Grimgribber Grokker
Presenters: Chris Gammell, Chris Gammell’s Analog Life and Dave Jones, EEV Blog
Guest: Michael Ossmann, Great Scott Gadgets
Episode link: https://theamphour.com/the-amp-hour-161-gifted-grimgribber-grokker/
Source file: http://traffic.libsyn.com/theamphour/TheAmpHour-161-GiftedGrimgribberGrokker.mp3

Dave: Welcome to the Amp Hour, I’m Dave Jones from the EEV Blog.
Chris: And I’m Chris Gammell of Chris Gammell’s Analog Life.
Michael: And I’m Michael Ossmann of Great Scott Gadgets.
Dave: Great Scott! What a brilliant name.
Chris: It is a great name.
Dave: Trademarked I see?
Michael: Yeah
Chris: How did you do that one?
Michael: Well I just claimed it as a trademark – I did a search to see that nobody was using Great Scott for anything – or at least Great Scott Gadgets.
Dave: Well yeah I don’t think you’d be able to get Great Scott.
Michael: No it’s too common a phrase.
Dave: Right
It’s a good one.
Dave: I’m jealous.
Chris: He’s going to have to pun it up later, he’ll be thinking of good ones.
Dave: So I’m a huge fan of Back to the Future as a lot of people know.
Michael: Oh I know, of course. That’s why I always have to remind people of if they ask me about it. People who are native English speakers know the name – Great Scott Gadgets that’s a cool name and then when I speak to someone who doesn’t speak it they always say who’s Scott? They don’t know the expression like we do. Even if they speak excellent English they’ll say who is Scott and then I always have to remind the … oh you remember Doc in Back to the Future – how he says Great Scott and they say ohh ok…
[Laughter]
Dave: Somebody actually added up the number of times he says Great Scott in the entire series and I think it was something like 38 times. Some nerd went through and counted them all – as you do.
Chris: 50th time through what else do you have to do really ?
Dave: Well yeah exactly.
Dave: Speaking of which I’m probably going to build up my Lego back to the future after this and shoot a time lapse video of me building my …
Chris: Very nice Dave.. perhaps we should ask Michael about his background and stuff…
Dave: Yeah no sorry.
[Laughter]
Michael: I don’t know I wanna hear more about the Lego Back to the Future kit.
Chris: Alright we’re changing the show format – all Lego all the time!
[Laughter]
Chris: So tell us about your background where did you come from.. what have you worked on in the past?
Michael: So I’m one of these people who came to electronics by way of software.
[Laughter]
Chris: They’re my new favorite that’s my new favorite type of person too for contextual electronics.
Dave: It isn’t like when zombies attack it’s like when software people attack.
Chris: What kind of software though? Are we talking like JavaScript or are we talking C++
Michael: All kinds of stuff. If you’d asked me when I was 8 or 9 years old what I wanted to be when I grew up I probably would have said electrical engineers or an inventor and then I just totally lost sight of that for many years. I used to put together electronics kits when I was a kid but I never got very far. I could tell you how a resistor worked but I couldn’t tell you how a transistor worked. So then I didn’t pick up a soldering iron for 20 years or more.
Dave: Ouch 0:04:53.6
Michael: Cause I was I just got interested in other things. Music, computers and eventually got into IT stuff and worked for a long time as a system administrator and network administrator and did a lot of little software development projects along the way and gradually did more and more security work. Eventually became an information security consultant and through my work in information security I got into wireless communication security and through that I ended up doing some pure research in wireless communication security that led me to software defined radio cause software defined radio is kind of the ultimate tool for hacking on all things wireless and then from there I got into electronics to kind of build my own devices for wireless security research and development. So really that was in the least few years. Four years ago I had never done any surface mount soldering I had never programmed a micro controller I had never designed any kind of a circuit board. It’s all new to me.
Chris: You’re making us look bad here you know.
[Laughter]
Chris: That’s awesome. So when you say wireless security type stuff is that actual people tapping into lines and trying to see what other people are tapping in – is that the idea?
Michael: Partly yeah. Interception, eavesdropping on communications or interfering with communications. Inserting your own messages and spoofing legitimate communications. All of those kinds of things. A lot of people are familiar to some extent with WiFi security and how bad wifi security used to be and how much better it has improved over the years. But there are a lot of wireless communications systems in the world and none of them have gone through as much positive change for security as 802.11 has . It’s an amazingly diverse field and the security elements that they have or lack … it’s a fun field to be in because sometimes you find things that are very sophisticated and sometime you find things that are completely broken and wide open and easy to break. You get a little of both. You get some that are fun and easy to break and you get that are a real challenge.
Dave: I’m using I think WEP2 is it?
Michael: Probably WPA2.
Dave: WPA2 – should I be concerned?
Michael: Well it’s a huge upgrade over WEP which was the mechanism for securing WiFi in the early days and was completely broken ..
Like the why even bother
Dave: Right I’m generally ok but the NSA can still tap in?
Michael: Once it gets onto the wires they probably can.
Dave: Yeah
Michael: Today probably the worst vulnerability for 802.11 systems if you’re using WPA2, probably the worst vulnerability is that there are some weaknesses in the way that a lot of WiFi equipment sets up an initial key for you. So if you use the build in feature for it to generate a seemingly strong pass phrase. It may not be a strong as it appears. But as long as you set up WPA 2 and you choose your own pass phrase and you make it a good one.. it’s pretty solid. 0:09:18.7
Dave: Right. is there anything better than that or do you have to buy some sort of high end commercial product to get better security products ?
Michael: So most of the high end security have far worse security than WPA2.
Dave: Oh right.
Michael: It’s mostly a function of the lack of peer review on a lot of the commercial products. The more proprietary products that is. The ope standards and the more popular open standards and especially WiFi get a lot more scrutiny.
Chris: So it has the one thing that makes me sound like I know what I’m talking about in software, security by obscurity?
Michael: Right. Yes security by obscurity is the norm in the WiFi business.
Chris: Oh ok.
Dave: Does it really matters like if somebody hacks your WiFi they are just going to steal your bandwidth it’s not like they are going to steal your credit card details info and all that.
Michael: Well they could steal your credit card info.
Dave: Hmm? ok
Michael: If somebody is on your WiFi .. is very likely able to gain access to every computer on your network and maintain that access even after they aren’t in range of your WiFi.
Chris: Oh fancy
Michael: Right of course they can install some back door thing that allows them to access your machine from anywhere.
Michael: Yep
Michael: But really you need someone with intent to do that .. most intrusions are gonna come from people who are gonna suck your WiFi bandwidth for an hour or something right.
Michael: Most yeah but it only takes one …and you’re owned forever.
Dave: But once your computer is hooked onto the internet you’re screwed anyway right.
[Laughter]
Dave: WiFi is probably the least of your problems.
Chris: How much of your past experience was like .. were you securing other systems or were you mostly just doing a lot of analysis and trying to break stuff for people?
Michael: Some of both, actually the area where I did the most work initially in my career in information security was in health care. I did a lot of security assessments for different health care organizations around the US. This was in the early days of HIPAA. HIPAA is the regulation of … rather significant piece of legislation that governs how healthcare providers and insurers do a lot of different things. The part of it that is relevant to security is that it HIPAA increased the potential for sharing of patient information between different healthcare entities so as a part of that to kind of cover peoples fears about patient privacy they said well we are making it easier for them to share information about people so we are also going to establish these rules about when it’s appropriate and how they need to protect information so it included a privacy rule and a security rule that introduced a whole bunch of red tape for health care organizations and it forced them to start developing info security programs to protect the patient information that they had. So I was doing a lot of consulting for hospitals and other healthcare providers in the early days of the healthcare HIPAA rules enforcement and helping them figure out where their weak spots were and figure out how to shore up their networks and their procedures and eventually I found my way into a position as an information security officer for a hospital system and from there fell into a role as a wireless security communications researcher for the dept of commerce.
Dave: There you go.
Chris: That seems like a big jump. 0:13:48.5
Michael: It was a big jump. I was very interested in WiFi security and I had published an article or two not any real fundamental research of my own but raising awareness of WiFi security matters. Somebody just called me up out of the blue and said hey we have this research lab in Boulder. We have a whole bunch of people who are RF engineers studying communications systems and we don’t have – we want to look at security and none of our engineers know anything about security so we just wanted an information security generalist who knew something about wireless. So I started there and it was an amazing environment because I was suddenly just doing pure research which I love and I was surrounded by all these amazing smart people. They were all electronics engineers and RF experts and I was the one security guy, the one Linux guy.

Chris: Oh yeah.
Michael: The one .. maybe not the only software guy but my software skills were more advanced than most of the engineers.
Chris: So you were the one eyed man in the land of the blind huh?
Michael: Yeah exactly, so it was a real symbiotic relationship for a long time where people would come to me with interesting problems that I knew how to solve and I was surrounded by people who could help me solve problems that I had never tried to tackle before. So it became very easy for me to learn electronics rapidly because I had half a dozen Phds up and down my hallway that I could chat with any time.
Chris: That’s awesome, like a bootcamp.
Michael: There were a lot of conversations a lot of circuit diagrams and whiteboards and napkins over lunch – it was great.
Dave: So they had seen your articles and publications and called you out of the blue?
Michael: Right yeah.
Dave: That’s another example of – we keep saying this publish stuff!
Michael: Absolutely
Dave: It used to be in the old day sin the journals but these days you can just be on your own website or blog or Youtube and people will come to you if you have the skills.
Michael: Absolutely. I didn’t have anything other than systems stuff on the web.
Dave: There you go, works every time.
Chris: How did you start diving down into the hardware stuff. You had all those great mentors and guys to bounce ideas of what did you start diving down with?
Michael: Well kind of 2 things – one I was surrounded by people at work and the other was that I was getting more active in the information security community and going to more conferences and meeting people who were more involved in hardware hacking and just getting inspired that way. Ultimately I started doing some work, I was investigating a number of different communications systems especially public safety radio systems at work but I was having so much fun with software define radio that doing that kind of stuff that I started picking up projects on the side. One significant one was I became obsessed with Bluetooth and Bluetooth monitoring in particular because there weren’t any tools for Bluetooth monitoring so I started looking into using software defined radio for Bluetooth monitoring and I found this paper that had been written on the subject and I said hey this is a good start to what I wanted to do but I had a few ideas of things that went a little further so … I ended up contacting Dominic Spill one of the authors of that paper who had published code from that project. I started taking his code and updating it and adding new features to try to implement more complete Bluetooth monitoring capability producing software defined radio. We started collaborating, with in a few months at a presentation at a conference together, which was the first time I had met him in person. 0:18:44.0
Chris: Well me and Dave do stuff like that so …
Michael: Yeah really that’s pretty funny.
Dave: Small problem of 20,000kms.
Michael: When I first started contacting Dominic he didn’t answer my emails for a while because he was driving from London to Mongolia.
[Laughter]
Chris: What?
Michael: Finally he was back in London when we started collaborating. Yeah so that project ended up really cool stuff showing people hey it’s possible to discover Bluetooth devices that are non discoverable for example. Everybody thinks if you turn your Bluetooth device to non discoverable mode that other people cant monitor it’s transmissions or find it but we showed that’s absolutely not true and we showed how to use the tools of software defined radio to monitor arbitrary Bluetooth packets over the air and actually derive enough information just by monitoring one channel to figure out what the frequency hopping scheme is, the actual hopping sequence and be able to follow along with it. But ultimately very few people actually reproduced what we did. One of the reasons I think is that the platform we were using is fairly expensive. And we were like buy this $2000 piece of equipment and take a soldering iron to it so that our hack works. 0:20:25.5
[Laughter]
Michael: And then you can do this stuff. Not many people wanted to do that. So I started the Ubertooth project in response to that. We had this relatively conceptual way to monitor Bluetooth communications on one channel and I thought well it cant be that hard to take a more traditional lower cost approach as opposed to the software defined radio approach. It cant be that hard to make a device that monitors just one channel and spits out the bits over a USB interface to a computer. That one project, the Ubertooth project, that is what motivated me to dive into electronics and it was a ridiculously complicated project for somebody to …I barely knew what Ohms law was.
Chris: I wasn’t going to say anything …
[Laughter]
Michael: I had the benefit of being surrounded by all these engineers I had the benefit of getting to know hardware hackers at these security conferences. I was inspired by electronic badges made by people like Joe Grand and Travis Goodspeed and Amanda Wozniak and a whole bunch of people in the information security community who encouraged me and I also had the benefit, we are really in this Golden Age for people who want to get into electronics. 0:22:06.0
Dave: Yeah
Michael: I started out looking at SparkFun and going through the SparkFun..i think it’s called beginning embedded electronics tutorials. So I knew I was going to have some kind of a micro controller. So I looked for – how do I get started with micro controllers? I found this tutorial and I bought an app tiny and put it on a breadboard and got it to blink an LED.
Dave: Woo hoo!!
Michael: Yeah that’s such a huge step..
Chris: It’s all downhill from there guys …
Michael: It was amazing that I had this resource available to me online to walk me through that stuff and I was able to ramp up and take on .. I knew that I wanted to build a Bluetooth sniffer but I knew that I wouldn’t be able to build it right out of the gate so I just sort of set out to find projects that would help me learn along the way and somehow it worked.
Chris: It sounds like your research background helps there too. Researchers are always starting from scratch with that stuff. It’s always – well we don’t know what we are doing yet but we will figure it out eventually. That’s the whole point you are going into discoverable territory.
Michael: Absolutely.
Chris: It’s nice to have markers along the way from SparkFun and everybody else
Michael: Yeah and being able to do both software defined radio and doing hardware were very empowering to me. I came from a software background and I had a pretty good knowledge of communication protocols and how to look at a protocol and guess where the weaknesses might be and figure out what to probe. So I would look at a specification for wireless communication system and I would flip through 100 or so pages… It’s very boring work to analyze. 0:24:18.2
Dave: Gee yeah!
Michael: But I would go through them and I would point at something on p157 and say this message that’s transmitted. This should be authenticated and it’s not and that’s a vulnerability and people would look at me and say – ok that’s great kid. No ones ever going to do that. It’s too difficult for anyone. The off the shelf radios don’t actually support doing the kind of attack that you are proposing and it’s just not practical. Being able to build my own radios either with software or hardware gave me the ability to take theoretical vulnerability and turn them into practical vulnerabilities and demonstrate to people and say here’s what happens when I send unauthenticated control message and your radio dies.
Chris: It sounds like if someone would have cut into this story 2 minutes they would have been debating between someone getting into technology and someone becoming a super villain. ‘They dared me not to do and I did it anyway. I’ll show you all wa ha ha ha ha!’
[Laughter]
Chris: So jury is still out here Michael I gotta say!
Chris: We’ll see by the end of the episode if you are a super villain or not.
Michael: I’m a big believer in using super powers for good.
Dave: How long in the end did it take you to develop the Ubertooth One?
Michael: Well I started out with Ubertooth Zero and I think that stage took me a year and a half but it I didn’t know what it was going to look like at first. At first I thought it was going to be a software defined radio kind of architecture. That’s what my background was a I knew basically how SDR equipment should work and I thought maybe if I could kind rip the guts out of some 2.4 GHz device like the RF front end out of that and rip the back end out of something else, a TV tuner for example and make a Frankenstein device it could be low cost and easy to assemble and it would allow people to do this basic Bluetooth monitoring. Over time it became apparent that I was going to be better off designing this circuit from the ground up which was terrifying but I found these other projects to get me started along the way and I just kept going with them and I had great mentors like the folks at the labs and Gerard Boon of Share Brain Technologies, he’s an open source hardware developer that I met at a hacker camp and we are continuing to do a lot of projects together. I had a lot of people to help me along the way. 0:27:32.9
Michael: Eventually I made Ubertooth Zero which was a USB micro controller and a RF chip, a wireless transceiver IC and an antenna basically and I designed it in Eagle and had a few made and it worked so then I started to make Ubertooth One at that point because all my friends in the hacker community were saying hey that’s great when can I buy one? I was like really I don’t know about that. I decided to try my hand a making something a little more marketable so I designed Ubertooth One which was a little bit smaller a little bit cleaner design, it had a front end amplifier chip on it so it had better RF performance then Ubertooth Zero but otherwise was functionally equivalent to Ubertooth Zero and threw it up on Kickstarter to see what would happen and sure enough enough people wanted it that it actually not only was it worth manufacturing but within a couple of months of delivering my units to Kickstarter backers I had enough additional sales post Kickstarter that I was able to quit my day job.
Dave: Fantastic. It doesn’t take a huge amount – yeah you raised $50,000k $53,000 of your $16000 goal but it’s only 441 backers and it in today’s Global economy and marketplace that’s not many. It doesn’t take many to turn to into a full time business. It’s fantastic.
Michael: I announced the availability or launched the Kickstarter at a conference where I was talking about the project. I already had somewhat of a reputation within the security community which is the primary people who would be interested int this thing. So even though I was new to building electronics I had this niche market that was ready for this and knew me.
Chris: Yeah that helps!
Michael: It helps a lot !! And Great Scott Gadgets was born.
Dave: You’ve been doing that full time ever since?
Michael: Yeah ever since. Great Scott Gadgets was born a year or two before then because I just created a fake company website
Dave: As you do …
Michael: Trying to get some data sheets out of manufacturers and stuff.
Michael: I needed a fake company name and Great Scott Gadgets was the first thing I thought of. And later on people were wanting to buy stuff from me and I was like well yeah I have this company I’ll just pretend it was legit all a long.
Chris: Fake it til you make it man – works every time. 0:30:55.2
Michael: Absolutely.
Dave: So how many Ubertooth One’s did you end up selling?
Michael: I still sell them today. I think I’ve sold a total of around 5000.
Chris and Dave: Wow
Michael: Over the last 2.5 years.
Chris: That’s awesome.
Dave: Geez that’s a lot!
Chris: Where are you manufacturing? How did you get launched into that?
Michael: So I asked a friend of mine – hey you’ve had some electronic conference badges made who did you have manufacture those. I got a referral and I just tried these guys out and Edenet [?]. They are owned by someone who lives in the bay area but their operations are in Shanghai and I had great experiences with them. My first manufacturing went very smoothly, or as smoothly as you could possibly imagine.
Chris: Making us look bad here man…
Michael: One or two minor hiccups but I think I lucked out with a good referral early on. I had such good luck with that I keep using that manufacturer.
Chris: If you find one that is good that is the right thing to do. Referrals are the right way to go in the first place anyways I think because you have other people do the hard work for you of getting through the crap and finding the good ones. Which is fine.
Michael: Right.
Michael: One time I had a rapid project I was making a badge for a conference. It was a ridiculous thing that I put together in 8 weeks including design and manufacturing. I tested 2 or 3 units before it hit the factory. They were coming off the line in the factory and good 30-40% weren’t working. They stopped the line and I think I was in Europe at the time and they are in China and my main contact is in California so …time zone nightmare and it turned out by the time I got on the hone with people they had figured out that my load caps on the crystal were sub optimal and they had fixed the problem and resumed production.
On their own. 0:33:47.2
Dave: Which is good and bad. Sometimes it’s good they have found the problem and fixed it. Other times it’s bad that they … you don’t want them to make changes
Chris: Gimme a call next time .
Michael: That’s right exactly. Well they were trying to get a hold of me. But under the circumstances it was great because it was a very quick turn project and there really wasn’t the time to do anything but that. So I was kind of sold at that point.
Chris: So you’ve done a couple of badges here I see the Toorcon badges on the Great Scott site. Are you a conference junkie are you always at conferences? Seems like a lot of the …I don’t really do many conferences but I’m curious about going around a lot of ’em..
Michael: Yeah I am especially lately, I stayed at home 4 or 5 months last winter and then at this time of year it’s just ridiculous Ive been to 4 different places in the last month. I’m home for a week between 2 trips to Europe – it’s kind of ridiculous. The information security community has a huge number of conferences, just great people and really interesting content and they are my primary market for most of the stuff I’m doing. I continue to do projects not direct related to my products that are worth talking about at these kinds of events. Sometimes they are directly related to my products and I teach a lot of classes. I do software defined radio class. This year I’m teaching it 4 times as a 2 day class I usually do at a conference so it’s a big part of my life for both professionally and fun – it’s where all my friends are.
Dave: We don’t have conferences here in Australia being in the backwater an’ all.
Michael: There is actually at least one information security conference in Melbourne.
Dave: There you go have you been to it?
Michael: I haven’t been yet. But I hope to eventually.
Dave: I think we have lost Chris.
Dave: No I’m back sorry, we had problem.
Dave: Someone hacked in as we …
Chris: My wifi is totally hacked.
Chris: You mentioned your 2 day course that kind of brings us to the main event here which is the HackRF which is the new Kickstarter project which funds today or tomorrow? What is the trigger date?
Dave: 38 hours left.
Michael: yeah by the time you post this episode there will be very little time left so if you are listening and you happen to be listening really soon after this was posted I’d love it if you’d go check out HackRF on Kickstarter and tell all your friends about but if not sorry for the bad timing. It will be available in some form after Kickstarter.
Dave: By the time our next episode comes out you’ll have half a million dollars in the bank?
Michael: Well hopefully – we’ll see.
Dave: That’s what it’s up to it’s up to $529,000
Michael: Oh great – we’ll see how long it takes my bank to release the funds.
Chris: You don’t need to build anything until then.
Dave: Yeah there might be an issue or two there.
Chris: You got how much? 0:37:48.3
Dave: see once again it sounds like a lot of money but it’s only 1700 backers. Right? I got 2300 backers for my little PCB ruler. 1700 is not a huge number. Course the product itself is $275 dollars so you multiply that by ..
Chris: It’s really the percentage of the market that matters there it’s how many people that want this kind of thing that are actually buying it I think that is a big chunk because the SDR is not necessarily new but in terms of accessibility to the public there is definitely a lot of interest in it. I think this is a great entry product into that kind of thing.
Michael: Yeah that was one of the major motivations of the HackRF project in the first place was to provide a very general purpose platform at a lower cost that people could use to get started with software defined radio. I don’t see HackRF being the best tool for any one job but it’s a great tool for a huge variety of jobs and I hope that it introduces more people to software defined radio and broadens the exposure of technology.
Dave: I had a whole bunch of people ask me about this HackRF thing on Twitter and other places and they said – are you going to get one?! Chris and I talked about it last week and well yeah it looks cool. Here in Australia it’s going to be $300 and I’m probably never going to really use it ..It would be a fun toy Id love to be able to experiment with this kind of stuff. For someone like me it’s just another gadget to play around with with the other 2 dozen gadget boards I’ve got sitting in a box.
Michael: It depends a lot on what your potential applications are.
Chris: It was really the software that scared me off too – I always talk about software scares me off. I’m not really into the software side of things and it seems that is what this thing is really good for you say it allows someone you know programming and now you can turn programming into RF signals which is amazing. before you had to go through tons of other stuff to get there. 0:40:35.0
Michael: Right
Chris: Now this is an abstraction layer for RF. That’s the beauty of SDR. It’s unreal.
Michael: It is and that’s what got me excited about SDR in the first place. I was a software guy and I was in a environment where in order to demonstrate some of the things I was theorizing I needed to build radios and I said ‘hey software defined radios – lets me build radios’
Chris: It’s got my expertise in the title!
Michael: Yeah exactly, I was so excited about that but a few years later I found my self turning into hardware guy anyway. But I think part of that was just the immaturity of the field at time. There were SDR platforms several years ago but they were more expensive and the software was less mature. Now we have less expensive more accessible platforms and we have better software frameworks and I think the dream can be more of a reality. If you are a software person you can build radios with SDR without having to learn all that much about hardware and RF.
Dave: At what point is the software at the moment for something like this. Is it good enough that you don’t need to program anything can you do useful stuff without having to cut code.
Michael: You can do some things without code. Spectrum analysis and demodulation of common things like FM radio stations like land mobile radios, public safety radios, digital and audio. Scanner type applications most that are common in the amateur radio community are well supported by software that you can use with an SDR peripheral without having to write code. But I always encourage people to get into the software side of things like GNU radio is the framework that I recommend. I do only open source hardware and software. I’ve been using GNU radio for years. It’s a fabulously powerful software framework for building stuff with SDR and it’s pretty easy to get started with because you can write code for GNU radio in either C or Python so it doesn’t matter.
Dave: I don’t know either! So …yeah there’s the first problem
Michael: Even better then for getting started it includes called GNU radio companion which is a GUI tool for building software. Just kind of drag and drop your signal processing blocks together and drag a line directing the output of one into the input of the other.
Chris: That’s my style.
Michael: Yeah
Michael: It works, it is an incredibly useful tool for getting started, learning software defined radio , GNU radio. Even if you are a c or python developer I recommend this is how you start with GNU radio because after you have build a flow graph in the GUI you click a button and it generates Python for you so you can look at the code it generates and learn to emulate that and use those signal processing blocks in the same way. 0:44:41.3
Chris: Twiddle and hack.
Dave: I think you’ve scared both of us with the term software framework.
[Laughter]
Dave: But then you just won us over with that just click here and it generates the code, yeah thank you very much.
Dave: That’s a great way to dive down into it too. Maybe I should buy one then?
Chris: There you go Dave. He’s selling now to.
Michael: Yeah you should buy a HackRF. or if you don’t think you are ready to jump in head first and spend the money on HackRF or any of the more expensive platforms you could get one of these Realtech TV tuner dongles.
Dave: Everyone’s talking about those.
Michael: Yeah
Dave: Are they any good?
Michael: They are amazing!
Chris: For 20 bucks they are that’s for sure.
Michael: For 20 bucks they are right.
Michael: They have more limited capabilities than HackRF obviously but as a way to get started and just experimenting with SDR it’s so cool that people can do that for 20 bucks.
Dave: You can use the same software tools?
Michael: You can.
Chris: Ive got that on my computer I think it’s SDR # a C# kind of interface program and it’s super simple. The only problem is that I’m in a basement that’s the main thing.
Michael: You know there s a solution for that.
Chris: I know [Laughs]
Dave: A bit of coax out the window.
Michael: Exactly You wouldn’t want to get out of the basement but …
Chris: Cant let the air in.
Michael: SDR sharp is from one of the programs that supports HackRF today and I think everything today that supports HackRF also supports the real tech dongles. They are receive only whereas HackRF can also transmit and they have a more limited operating frequency range but still a pretty impressive operating frequency range and you can explore a lot of spectrum and get familiar with how SDR works for a very low cost.
Dave: This would be an idea platform for those people who want to quite possibly experiment with their car rolling remote controls. If you’ve heard about some illegal hacking of cars. You can sit there and you can record peoples remote controls and then hack in their car.
Michael: Definitely, people have already experimented with those remote key entry systems with HackRF for example.
Dave: Right
Michael: All of those systems I think are vulnerable to some kind of attack. If you take somebodies remote out of range of the receiver and push the button and record the signal that it plays. if you beep the owner of the device back to their receiver, back to their car or garage door you can replay that code and use it once. Even if it is a rolling code with a non repeating.
Dave: Right you can still use it once and really -that’s all you need.
Michael: Yeah like on a garage door for example most of those garage door openers are extremely easy to program with an additional remote so if you get into a garage door once and you bring your own remote along you can just push a button on the thing and get it to honor the codes from your remote and you can get in forever.
Michael: Attacks like that are not as well known as they should be. And of course there are some systems that don’t even use rolling code. Like any time the very old garage doors.
Dave: Like mine yeah.
Michael: A lot of the ones today that are multi user so if you have an apartment complex or gated community that pen for 100 different remotes. That is probably a fixed code that all the remotes are programmed to because implementing rolling codes with a large number of remotes is not very practical so those are things where you can just record a signal and play it back as many times as you want. It’s fun stuff! 0:49:18.8
Chris: What about the hardware on this thing. I’m looking for the schematic for the Jawbreaker, I keep calling HackRF but that’s more the platform side of it.
Michael: HackRF is the brand name. Jawbreaker is the code name of the beta board.
Chris: Oh ok
Dave: Right so what are the primary differences between the beta board and the finished Hackrf which you will actually deliver.
Michael: I don’t actually have a name actually for the finished Hackrf
Chris: Ooh contest??
Michael: It needs something.
Dave: It needs a Back to the Future name.
Michael: That would be good. Maybe Yeah I’m open to suggestions but for now I’m just calling it HackRF. By the time I ship it I will probably need to have some better name for it. It will differ from Jawbreaker a little bit but not a whole lot. Jawbreaker has a built in PCB antenna which was kind of stupid and I just wanted something that people could use out of the box. All they needed was a USB cable they could plug it in and start experimenting with something. Because I was distributing beta boards primarily to people in the information security community who didn’t necessarily have a background in RF and don’t have antenna’s around. That was just a way to facilitate testing. So I’m going to remove the PCB antenna and I’m going to shrink down the whole board by removing a little bit of dead space and some things that were… Like pads that I had for development that didn’t end up getting used. So it will probably be about 2 thirds of the size of Jawbreaker and then I’ll put it in a full enclosure and call it done. The important bits of the circuit design aren’t really going to change.
Dave: Got it. What sort of enclosure are you going to use?
Michael: I don’t know yet. I want it to be a full enclosure…
Chris: All steel.
Michael: All steel?
Chris: Yeah something all steel that’ll not be great for RF right [Laughs]
Michael: Right yeah I’m not sure what it’s going to be. I was putting off that decision until I knew what my manufacturing volume would be. I know I want it to be fully enclosed so I can throw it into my backpack and it wont get paperclips in the circuit.
Dave: At your current volume of 1700 that snot a huge volume – you wouldn’t go injection molding a custom enclosure for it.
Chris: Maybe it’s optional.
Michael: You might I don’t know I already have one product with an injection molded case that I’m only manufacturing in quantities of 1000 at a time.
Chris: Yeah it’s only 1700 too at the beginning not 1700 forever.
Dave: Well it’s China right we’re talking about China.
Michael: Right
Dave: If I was involved I would lay out the board to fit an existing off the shelf case then you can machine holes in. Then you can order it directly from the manufacturer.. You know all the mounting holes are in place and you …
Michael: Right
Chris: Beige cases..
Michael: That’s definitely an option.
Dave: I like to play it safe like that I just like having being able to buy the case off the shelf and going ok I can drill the holes manually but in volume production they’ll drill them for me and all that jazz.
Michael: I’m a big fan of the Sick of Beige cases too.
Dave: Right ok
Michael: Regardless of what kind of enclosure I have for the final product it will support a Sick of Beige style enclosure. So if people are building their own HackRF project they will be able to .. even if I have a custom machine or injection molded case they will be able to have some kind of enclosure that they can get made affordably.
Dave: I kind of liked this sick of beige fad when it first came out but now it’s like I want to start something else .. sick of clear acrylic plastic with no sides campaign.
[Laughter]
Dave: I think it’s been heavily overused.
Michael: I can see the point of view. It’s a great option to be able to support though for people who are building their own boards just because it is so easy to get those things manufactured. A friend of mine had 3 dozen of them or something like that on his friends laser cutter. We handed them out to everyone who wanted one at Defcon. It’s really great to be able to have that very accessible small unit manufacturing.
Dave: Brilliant. Shall we get on to our questions? 0:54:32.6
Chris: Yeah I was going to say the questions are probably a good idea. I had a question add on to one of the questions that was in here . Of course I need to find it now.
Dave: Oh ask yours first , cause you get priority ….
Chris: So the person here asked about the zinc chip which we have talked about it’s been popping up. Just if you had any opinions on that and I was wondering your design decisions behind the LPC is your main processor and then you have a Inaudible ? part I saw on there.
Michael: Yeah it’s just a CPLD.
Dave: And what is the CPLD doing?
Michael: Simply interface glue between the analog to digital converters and digital to analog converters and micro controller.
Dave: Oh so it’s not any heavy duty parallel processing.
Michael: No it is not giving any digital signal processing.
Dave: Glue logic.
Michael: In fact it may be possible to remove the CPLD from the next design.
Over speaking 0:55:38.2
Michael: Well there’s a pretty cool feature on this LPC 40300 micro controller that we are using where it’s called SGPIO serial GPIO peripheral. Basically a highly configurable external interface that can support various parallel or serial modes. We are using a parallel mode with external clocking. That’s a pretty rare interface to have on a micro controller. Something that can be a parallel interface that can handle 8 bits 20 million times per second 43 million times per second with external clocking. The only reason we put the CPLD in originally was because the ACDAC chip uses a DDR interface and…
Chris: Oh
Michael: Interfacing the DDR SGPIO peripheral looked tricky so we got the CPLD in because we knew we could do it that way.
Chris: It’s configurable so you can always fix it later.
Michael: Yeah it looks like we could do without but we might keep it anyway just because it’s fun to have that configurability there.
Dave: You don’t want to go rocking the boat, you know your platform works so you wouldn’t want to go changing it for this HackRF thing ..
Michael: Yeah it’s not as critical or as a difficult a test as changing the RF path but it’s still
Dave: It’s a risk.
Michael: I don’t want to delay manufacturing because I made some stupid design change that I didn’t need to and it didn’t work
Dave: Yeah just because it would be cool to get rid of one part
Michael: Right
Michael: I think relating to your question your original question was about Zinc processor. So we aren’t using anything like that on HackRF which is a little unusual that we don’t have any kind of FPGA on board we just have this tiny CPLD that doesn’t really have any digital signal processing capability and then we have this LPC40300 micro controller. It was our intent.. this decision was primarily made by me and Gerard Boon who I mentioned earlier who is really had a huge role on this project. We decided that we wanted to have the lowest cost solution that would let us get samples in and out of high speed USB at the maximum rate.
Dave: Oh ok
Michael:We didn’t really care if we had digital signal processing on board because the DSP capability in every bodies laptop is so impressive theses days. Now there are benefits to having DSP on board so we are having fun with the fact that we did end up with the solution to have some kind of capability but that wasn’t the main goal there. The core M4 …inaudible LPC40300 is a cortex M4 which is kind of the top of the line cortex M series with DSP instructions and it has a floating point unit and it’s running at 200 MHz and it has a cortex M0 coprocessor so…. 0:59:23.8
Dave: So it’s pretty beefy yeah.
Michael: Yeah it’s not a very micro micro controller and it has this built in high speed USB interface that we have been able to run at the very maximum theoretical speed so it’s been great and we haven’t really missed having an FPGA on board and Gerard put together this really cool think the HackRF porter pack which is a prototype at this point. It’s like an add on board that plugs into the Jawbreaker and it has color LCD screen and a couple of directional buttons and an audio codek with headphone and microphone jack. he just wrote some code that does wide band spectrum analysis sand plugged in a USB battery pack and is just running the HackRF with this work pack in stand alone mode just as a handheld spectrum analyzers
Dave: Nice yeah yeah.
Michael:Across 6ghz of bandwidth .. well not 6 at once 20MHz at once. He was able to get that running at 1000 FFTs per second so ..
Dave: Wow Nice
Michael: I’m not usually running FFTs that fast on my host computer so I was pretty excited that he was able to do that and it kind of showcases that we do have some DSP capability even though it wasn’t our original intent.
Dave: Any plans to have that as an official add on?
Michael: It’s definitely something that we are going to keep working on Gerard may be working on manufacturing a small number of them just for the people who have the Jawbreakers and then he’s definitely going to update the design for the final HackRF board and we’ll make it available for anyone who has HackRF down the road.
Dave: I’ve got a question from OJazz1 will there be a different way to power the board? He cant imagine it being abel to transmit any significant distance sourcing power from just the USB port.
Michael: That is a good observation.  We don’t really want people transmitting any considerable distance from the USB.
Dave: Is that your problem though ?
Michael: Yeah the FTC is a thing and so we’re pushing the limits of USB 2.0 bus power and this was another one of our major design goals for HackRF. Our big goals were no 1 open source hardware, no 2 very wide operating frequency range, no 3 transmit and receive, no 4 portability and being able to just plug this thing in on USB and all you need is a laptop and USB cable and antenna and you can take it with you anywhere you go. This was a key goal for me and part of that is that it doesn’t give us that much left over power say for a front end amplifier for transmit. We do have a 10db or so of amplification that you can switch on at the front end but that doesn’t get you into any kind of power that’s going to go further than 10s of meters for most applications. So it’s something that you can use HackRF to experiment on your bench or across the room but if you want to actually transmit signals any great distance you’re going to have to have external amplification and if you do that you should also add external filtering and you should know something about what you are doing. 1:03:49.8
Chris: Yeah get a ham license and everything else.
Michael: Yeah exactly so that’s my answer for anybody who wants more transmit power. You’re on your own but there are many options out there. We have a 50 ohm center port and you can plug whatever you want into the front of it. I just caution you to take care and be a good neighbor on the spectrum and follow your country’s laws and all of that.
Dave: Boo hiss!!
Chris: Well that’s kind of what Gregg did, Gregg Charvat one of the former guests. I went with him to Hamvention. He ended u buying this old super heavy bad ass receiver and he ended up pairing it with a transmitter separately because it was only a receiver. You know actually pairing up equipment like that you can do the same thing here where you just have a transmitter you hook it in and your ready to go using that as your front end.
Michael: Right that was a pretty cool hack.
Chris: Yeah I liked that stuff. I had a question on a personal selfish basis. Did I hear you are using KiCad for all your stuff now? Hows that going?
Michael: I am yeah I adopted it for Ubertooth One originally , I did Ubertooth Zero in Eagle because I was using the SparkFun tutorials and that’s what they were using and what everyone else seemed to be using and then I started working on Ubertooth One and it quickly became apparent that I needed to make it a 4 layer circuit board and my first thought was lets see how much it costs to upgrade Eagle and I said well it’s not that expensive but this is an open source project, I want anybody to be able to take this design and do whatever they want with it. Open source is most important goal for me and my business and so I decided that I should look around for any alternatives because I didn’t want people to have to pay for a license for some software to modify my open source design. So I found KiCad and I started working with it. I thought it was great, it has it’s quirks.
Chris: Yeah totally
Michael: As do most tools but Ive gotten used to those quirks and I think it’s a pretty exciting project that’s progressed a lot since I started using it. I’m using it now for absolutely everything including some pretty complicated projects including HackRF and my Daisho project which is a multi person board project that involves FPGAs and USB 3.0 and all kinds of crazy stuff. We are pushing KiCad to it’s limits in some ways.
Dave: What’s it called Daisho?
Michael: D-A-I-S-H-O. his is a project primarily for monitoring and security research into high speed wired communication system so the idea is it’s a main board that has FPGA and some RAM and USB 3.0 backend to a host computer and then a pluggable front end boards that each implement some target communication medium so we are targeting high speed media like USB 3.0, gigabit ethernet, HDMI and we put on the front end boards connecters and transceivers like the Phi chips for the target technology. We put a pair of each on so a signal will come into a connecter into a transceiver go over to an FPGA on the main board in digital form then go back out the other transceiver and connecter and it’s a man in the middle type of architecture. 1:07:59.3
Dave: Oh yeah right
Michael: It lets us do monitoring or injection or modification on the fly on these very high speed wired communication systems. Yeah so it’s pretty exciting for multiple reasons. One is that we haven’t had tools for some of these high speed communication technologies. The only thing I can think of that is a similar architecture is Bunnie’s NETV.
Chris: Oh yeah where he injected the messages on top of the HDMI signals.
Michael: So we’re doing a very similar architecture to that except supporting higher rate signals like the NETV only supports up to 1080I HDMI and so we are going to support 1080P and beyond and we’re going support a whole bunch of other different protocols and were throwing RAM on the board that makes it capable of doing fun stuff and we’re also putting on this backend USB 3.0 which is one of the most exciting parts of the project there are basically only 2 USB 3.0 chips that you can buy in small quantity today and one of them is a pretty high cost micro controller with USB 3.0 from Cyprus and the other is a bare 3.0 transceiver from TI and so we’re just using the very simple transceiver and plugging it into the FPGA and developing an open source USB 3.0 core running on the FPGA.
Dave: Ooooh nice
Chris: That’s gonna make a lot of companies angry I bet. Small ones happy, big ones mad.
Michael: Anybody who wants to develop a low cost open source USB 3.0 device would find this quite cool. This work is being done primarily by Marshall Hecht who is a contractor working for me. He has already completed all the USB 2.0 functions and is currently working on USB 3.0 and it’s a little bit slow going but he has made great progress and it’s pretty exciting.
Dave: What’s the plan for this another crowd funded project?
Michael: I don’t know? I suspect that Daisho may be less marketable than HackRF but I’m not sure. This project still has aways to go and exactly what the applications are … our main goal is to get the platform working an support inline monitoring of a handful of different communication media. That has some pretty good uses especially in the information security community. But I’m not quite sure how marketable it’s going to be because it will be a more expensive platform than the stuff I’m working on.
Dave: Well the good thing about the crowd funded platform is you put it out there and if you meet the target then nothing happens
Michael: That’s true, that’s true. That’s one of my favorite things about doing crowd funding is that it is built in market research.
Chris: Did I see on your Kickstarter profile that you had one that was not successful.
Michael: Yeah I had one that was not funded a little over a year ago. I think of that project as being a great Kickstarter success because I learned that that device was not marketable the way I thought it was. I learned that at very little costs. I didn’t make a 1000 of them.
Dave: Can you tell us what that project was? 1:12:21.0
Michael: It’s called the firefly cap and it’s just a hobby electronics product, which is a little different for me to have something that was pure hobby electronics . It’s a lid – do you have Mason jars in Australia? They are like home canning jars of jelly jars that have a 2 part lid and a seal..
Dave: No …
Dave: Oh right yeah …
Michael: It has a disc and then a threaded ring that holds the disc on to the glass jar. These are super common in the US and everybody has some of these jars in their cupboard. So what I did was I made a circular circuit board. Made to replace that disc and it has contacts on it to which you can solder an array of LEDS and it’s a jar of fireflies which of course lots of people in the hobby micro controller world have built their own jars of fire flies which is how this project started. What was unique about his project was that I had it powered by a photo voltaic panel and a super capacitors with an energy harvesting circuit that would work in indoor lighting conditions.
Dave: Ahhhh
Michael: So you guys know that is a major challenge. So for me as a designer for my own personal project that was what was fun about it – making it work indoor. Under moderate indoor lighting conditions it would wake up as soon as it got dark after charging all day and put on a light sow for a little while might only have been 10 minutes but it would simulate fireflies for a while. If it happened to get a lot of sun light if it was put in a window it would put on a show for much longer like an hour …So that was a big challenge and it made the thing more expensive that it would have been. What I learned from putting it on Kickstarter was when people see this thing they immediately think of a 5 dollar garden light and they think why does this thing cost 30 dollars – it’s stupid. I don’t want to pay for this and he’s never going to reach his funding goal…and so it was extremely educational for me and Kickstarter did what I needed to do which was it showed me that while this project was great fun for me personally it wasn’t marketable in the way I thought it was.
Chris: Customers are still a thing huh?
Michael: Yeah – go figure.
Chris: Just like the FCC yeah. Still a thing.
Michael: That was a really cool project and it might be something I revive someday but it’s never going to have the mass appeal that I thought it might. I set my funding goal higher than I needed to in part because I wasn’t 100% convinced that that’s where I wanted to take my company. I wanted to make something high volume for a larger market as opposed to focusing on a real niche product and more on my own community ….. the information security community. So it was kind of like well if there’s enough interest to make it worth taking on and supporting all these first time micro controller hobbyists, then maybe I’ll manufacture the thing. So I set the goal kind of artificially high and that to some extent bit me too cause people would see the high number and say….
Dave: It’s a psychological thing yeah
Michael: He’s never going to meet that goal …I wont bother
Chris: Psychological stuff .. barriers [?]
Dave: That’s a mistake a lot of people make they think that to be successful they have to go into high volume consumer stuff yet some of the most successful people out there are the niche players. For example, yeah it may not make you filthy rich , it may not make you Apple rich but you can make a damn good living from almost any niche product.
Chris: I think the Pebble guys are filthy rich…
Dave: Well maybe.. no I wouldn’t say they are filthy rich they got their $10 million but I’m sure they spent a lot of that actually manufacturing a proper polished consumer product.
Michael: That is such a huge responsibility.
Dave: Yeah
Chris: Plus it’s nice that you target people that re using SDR type stuff at least have a very deep interest in it. You have a certain type of person you are targeting so you probably get a lot of benefit from people that contribute to the repositories and feedback bugs and everything instead of just asking for a lot of support, they’ll go figure it out themselves. 1:18:08.9
Michael: Oh huge benefit and that’s been a part of the way I run Great Scott Gadgets from day one is I do everything in the open source way. All the things that people commonly do to execute and support open source software projects I do with my open source hardware projects I use open repositories and I use wikis and I have support channels like email lists and IRC channels and I’ve really had the benefit of getting a lot of my own users involved in the project and contributing to the projects. Now I have half a dozen contractors working for me and they are pretty much all people who volunteered to help with my projects and then down the road I was able to say hey hey hey I have some funding for … how’d you like to do more of this stuff and get paid for it? That’s my only recruitment method really. Taking volunteers who I know do good work and who I know are interested in this stuff and funding ways to give back to them the way that they are giving back to my projects. I cant do that for everybody but I try to it where I can specifically in the form of contract work for them to them to do specific development tasks on various projects.
Chris: So I have another selfish question. I was just learning Github. Whats the deal with that and hardware because I’m kind of learning about that as I go and I mean is it does it fit well, is there stuff that it’s good at and not good at. We’ve been talking about it on the show in the past and just revision control in general with hardware.
Michael: I’ve pretty much migrated all my projects to Github. I like Github and the main reason is I really like Git. Git is an outstanding tool and Github is a convenient place to use that tool. Almost all of my projects have multiple facets there’s a hardware design and there’s some firmware and then there’s some software on a host computer that talks to that firmware. So I have multiple parts, some of which are hardware and some of which are software that all need to be consistent with each other and track version numbers together and so forth. I have a lot of volunteers or contractors who are helping out with my projects so it’s essential to have some way to collaborate. I find Git to be an excellent tool for hardware and for software as long as your design software for the hardware side uses a text base file format which KiCad does of course. I get more collaboration on software than I do on hardware typically but it’s very common to have in my loose knit team, 2 or 3 people working on a hardware design together, where only one person is making substantial changes and the others are acting as sounding board or doing design review or helping with architecture decisions like how about you use this chip here. We very much take the approach of one person is the designer and other people are there to help that designer. Git and other revision control systems aren’t too well suited for software like KiCad. Or it’s the other way around KiCad isn’t too well suited for suited..
Chris: Concurrent design..
Michael: Right in terms of concurrent design. we’ve done a little branching and merging with our KiCad designs but it’s dangerous waters.
Chris: Yeah! I didn’t put that part there – who put this part here!?
Michael: Mostly certain changes work really well like if you go through update all of the manufacture and part number information in for all the 10k resistors in a design without actually changing the layout. That kind of a change works extremely well in a revision control system. But actual changes to the layout and circuitry are things that we haven’t done much of in a multi user or multi designer mode.
Chris: A script I saw over the weekend where this guy Robert on Twitter, he creates Gerbers from the dynamically generates them and then overlays them so you can see the where the parts have changed. It’s like a visual dif…
Michael: Oh cool. Like in real time or close to it?
Chris: Yeah
Michael: Yeah that’s cool it’s like a continuous integration concept.
Chris: It still seems really difficult but he wrote it for himself. Again getting it to a wider audience would be tough but it’s really cool.
Michael: Yeah I think that’s great use of the technology. That’s the kind of thing Id like to do more of and Id like to do more of automated testing. When you are making hardware design changes you cant really , you are limited as to how fast your testing cycle can be. It’s definitely worth pushing that limit and it’s also worth doing automated testing for things like firmware changes but it’s hard and you have to have some kind of set up where you have the attached hardware and you have programming system and some kind of automated tool to take whatever’s been committed to the rep and automatically compile it and install it and run some kind of test procedure. It’s a lot harder when it comes to hardware and firmware than when it comes to a pure software project. That kind of continuous integration and testing has become the norm in many areas for software development. It’s an incredibly valuable tool especially when you are trying to promote a collaboration with multiple people. if some body breaks something you want to find that out right away instead of finding out a month later after everybody else has forced that code. So finding ways to do that more with hardware and firmware is something Im very interested in pursuing down the road.
Chris: You software guys are messing up hardware in all kind of good ways.
[Laughter]
Michael: We’re only going to get so far with it …
Chris: Yeah soldering is still a thing … very much so.
Dave: It’s my favorite programming language.
Michael: That’s right.
Chris: Yeah it’s gonna fix a lot of stuff still … 1:26:06.7
Dave: Do we have any last minute Reddit questions? There is a technical one from Supercoup.
Dave: How fast will the HackRF be able to retune and set the oscillator to jump between frequencies?
Michael: Oh yeah that’s a good technical question.
Dave: Do you have a technical answer?
Michael: Yeah I can say a few things about that. One is that for a lot of frequency hopping systems you don’t actually have to retune in hardware because HackRF can operate simultaneously across 20 MHz of continuous bandwidth so if you in the 900 MHz ISM band in the US there are a lot of proprietary frequency hopping systems that hop through a set of channels that all the channels together fit within 20 MHz. So to implement that you don’t have to retune the hardware at all you just retune in software. It’s instantaneous but there are some applications where you might want to retune in hardware and Bluetooth comes to mind for example because Bluetooth operates over 79MHz of bandwidth and we don’t have that much on HackRF so if you wanted to hop along with the blue tooth network you would have to retune in between packets. In the case of blue tooth you have little over 200 microseconds in between. That’s your minimum time in between packets. I haven’t seen a lot of frequency hopping systems that really push that to a lower number than about 200 microseconds usually. With HackRF we haven’t really optimized the tuning and receive transmit time yet but when we do I expect to get that time under about 100 microseconds based on the parts we have. We have multiple stages that we could accomplish that tuning. if it turns out that one stage isn’t going to be as fast as I think it’s going to be then we can always just use a different stage. So I’m pretty confident that we will be able to hit that 100 microsecond ball park, however, this is the big gotcha. That’s the tuning time after the command is issued by the micro controller. If you want to control frequency hopping from the host computer you also had an USB frequency and that’s going to likely push you way over 100 microseconds and potentially be a problem for any frequency hopping implementation. So if you want to do a frequency hopping implementation that is wider than 20 MHz of all the channels then you’ll probably need to implement your frequency hopping in the micro controller which fortunately is pretty easy because it’s an arm micro controller and it has a built in boot loader and if you have any experience in software development it’s a pretty accessible platform. if you have done any C code on any architecture it’s not too big a leap to learn how to write C for an arm and getting it compiled and installed. That’s one of the nice things about having a general purpose micro controller as opposed to an FPGA it makes that kind of development more accessible. 1:30:09.3
Chris: Did you have to learn FPGAs as well? Is it another one of your skills?
Michael: Yeah I’m not great with FPGAs that’s one of the skills that I have sought out from people who work for me. I know enough to be dangerous and it’s something that I’m working on getting better at. I haven’t had to do too much yet because we went with an FPGA list design for HackRF. My first real project with an FPGA is Daisho and I have other people doing those parts of the project. I haven’t been forced into becoming as much of an expert in FPGA development as I probably should be.
Chris: Once it’s in the world the buck stops with you so you’ll be learning about it at 1-2 in the morning before it goes to the manufacturing. Yeah, You’ll be fine…
Chris: Mike I’m very impressed. 4 years really? Like I said at the beginning of the show you’re making us all look bad here.
Michael: Honestly a huge part of why Ive been able to do what I’ve done in a relatively short amount of time is online resources like the Amp hour, like SparkFun tutorials like so many of the things that have been made available by guests that you have had on the show and all of the people in the open source hardware community and that is really why I am so dedicated to open source. Even going back into my IT days absolutely everything I can think of that I’ve ever done in my entire career that I was proud of – I did with something that was open source. So I feel very strongly that I want to give back tot that community and that feeling has only increased as I have gotten into hardware because the rapid development of the open source hardware community over the last decade is really what has enabled me to take this stuff on.
Chris: Does that mean you’re gonna be there in Boston this coming week?
Michael: Unfortunately no. I just have a terrible travel schedule right now. For some reason everybody wants their conference to be in September and October. I really want to go this year and last year and both times had to make the hard choice not to.
Chris: Maybe next year. Maybe when Dave finally comes over.
Dave: Right
Chris: Finally.
Michael: I’ll make you a deal Dave if you go I’ll go.
Dave: Right ok.
Chris: That’s easy out. I think instead we just start having conferences in January February time .. there’s a bunch of conferences in Australia. Oh sorry dear I have to fly to this warm location while you are freezing in Cleveland.
Dave: That’s it just move everything here not a problem.
Chris: No Dave just start a conference that’s what I’m trying to say.
Dave: Oh right.
Chris: 3 person conference me you and Michael.
Michael: I’m there.
Dave: Thank you very much Michael Ossmann. Even your last name I just realized is Ossmann. Open source software man.
Michael: I didn’t even recognize that until someone asked me in all seriousness if I changed my name to Ossmann for that reason. I was like oh wow I never thought of that!
Dave: Oh boy. next thing you know we will be having peoples kids named open or something … yeah
Chris: After famous astro physicist
Dave: Satan’s an awesome name thank you very much I get much praise for that.
Chris: So Michael where can people find you on the net is Github sites or wheres the best place to start.
Michael: Probably the best place to start is www.greatscottgadgets.com that has links to my blog and Github for various projects. I’m @michaelossmann on Twitter but that means you have to know how to spell Ossmann.
Dave: Double S double N.
Dave: Double S double N that’s good alright well thanks again man. Enjoy your $500,000 that’s about to hit your bank account.
Dave: Now you have to produce them.
Michael: Thanks. That’s the thing I see the number go up and I think that’s a big obligation
Dave: There’s about 35 hours left folks as we recording this.
Dave: Probably about 14 when this hits press.
Michael: Thank you guys so much for having me I’ve been listening to the show for a 100 episodes or so..
Chris: We’re sorry [Laughs]
Michael: It’s one of my favorites and it’s a pleasure to be here.
Chris: Thanks for coming on. Alright we will see you at the next conference hopefully but until then we will be looking at all your awesome projects.
Michael: Alright
Dave: See ya mate.
Chris: See ya.
Michael: See you then 1:35:50.2