Hacker News new | ask | show | jobs
by Jenda_ 1610 days ago
I would suggest not starting in the 2.4GHz band, the protocols used there (wifi, bluetooth) are very complicated to understand. Get a rtl-sdr and start with something simpler: FM broadcast (my blogpost: https://www.abclinuxu.cz/blog/jenda/2019/11/gnu-radio-first-..., there is even an example capture you can download and replay, so you can start without the physical radio), police radio (both analog and digital), radiosondes, weather satellites, ISM stuff - temperature sensors, garage and car remote controls, airplane multilateration (https://github.com/mutability/mlat-server )… You can do lot of stuff even with the $10 rtl-sdr, for example I have used it for multilaterating TV and radio transmitters (thesis: https://jenda.hrach.eu/dipl.pdf, unfortunately "layman's explanation" is available only as a lecture in Czech). I know people are even building radioastronomy stuff and passive radars (https://www.rtl-sdr.com/passive-radar-dual-coherent-channel-...) with rtl-sdr.

Once you have basic understanding of the topic, you can get better hardware: AirSpy (the same features as rtl-sdr, but MUCH better signal-to-noise ratio and bandwidth) or bladeRF (costly, but probably the best radio you can get now). For example I'm now building a weather radar based on bladeRF. The bladeRF has a FPGA with open-source HDL, so you can mess even with absolutely lowlevel and bleeding edge stuff.

Going back to your original question:

Most cards load firmware from a file when they are initializing (check "dmesg|grep firmware", on my machine, for example, it says it has loaded /lib/firmware/rtl_nic/rtl8153b-2.fw), you are free to modify it. However, all (or maybe almost all) wifi cards have the format of the blob completely undocumented so it would be very hard to make a modification that would allow you to transmit/receive arbitrary signals. Something similar has been achieved with GSM phones (see OsmocomBB), but it requires very complicated reverse-engineering.

Recently, there was a wifi stack released for a SDR, so the other way around: https://www.nuand.com/bladeRF-wiphy/.