Intentional Unintentional RF for Sneaky CW Transmissions
An unintentional radiator is a device that emits radio frequency signals, even though it’s not intended to. Usually this happens as a result of poor circuit design or inadequate shielding, and it’s a problem. For sneaky purposes, an unintentional radiator can also be used intentionally to send a weak radio signal that carries real information, instead of just causing interference. For example, see this DDR SDRAM hack that uses carefully-timed memory accesses to transform memory bus traces on the PCB into a WiFi antenna, transmitting signals from air-gapped computers.
I’ve started wondering if a simpler version of the same idea could be used to send Morse code transmissions on standard ham radio bands. For example, say you have an Arduino with a built-in LED. If you use PWM to toggle the LED on and off at 7.4 MHz, and tune a radio that’s sitting next to the Arduino to 7.4 MHz CW, I think you would hear a steady carrier. By programmatically enabling and disabling the PWM, you could create the dots and dashes of Morse code. It might take a little experimentation to discover which traces on the Arduino PCB radiate best, at what frequencies. But this kind of thing seems to happen often enough by accident, so it maybe wouldn’t be hard to do it on purpose.
A more interesting avenue would skip the Arduino, and work directly on a typical computer. Is there some Javascript code you could write that would abuse the hardware APIs to enable and disable some oscillator on the computer whose frequency is in a standard ham band, that might unintentionally radiate a very weak signal, and that can be programmatically switched on and off to create Morse? For example, you can do USB HID stuff now through Javascript, and a USB cable might make a nice antenna. Or maybe try some carefully-timed sequence of RAM or SSD access. Or somehow abuse the camera API or anything else that would involve switching signals in the tens to hundreds of MHz range.
The end result could be like magic: just visit a web page in your browser, then tune a nearby radio to the right frequency, and hear a Morse code message. It would be like playing music with floppy drives, except at radio frequencies. Is there any existing proof-of-concept for an idea like this?
Read 4 comments and join the conversation4 Comments so far
Leave a reply. For customer support issues, please use the Customer Support link instead of writing comments.
It’s AM, not CW, but here’s a PDP-8/E having a birthday party. https://youtu.be/39ZCb65plIQ
Very nice PDP-8! I did a short test yesterday with a 32 MHz can oscillator on a breadboard, wired to blink an LED at full speed. I could easily see the 32 MHz carrier using an SDR with an untuned dipole antenna a few feet away, creating a signal 40 dB above the noise floor. It didn’t even really need the LED – just powering the oscillator produced a 30 dB carrier, probably from the power and ground wires of the oscillator acting as antenna.
What I’d really like to do is create a similar effect with a common laptop or desktop computer and no other hardware, using a bit of software. It would probably need to be a model-specific trick, but I could choose a common computer model like the Macbook Air M1. Unlike my can oscillator on a breadboard, I bet the Macbook circuitry is well-shielded. But I’m thinking there’s probably some piece of onboard hardware that I can access from software, that will involve a steady I/O or clock signal in the tens of megahertz, and that will create a weak RF signal I can view with the SDR or radio. I’m not talking about the built-in WiFi or Bluetooth antennas that are purpose-made for radio, but abusing other hardware like the trackpad, keyboard, display, power management unit, touch ID sensor, camera, and USB.
The oscillator emitted that much because it lacked a bypass capacitor at the supply lines that would short out the emissions. Also, a simple pin plus the long piece of sheet metal inside the breadbord used as contact sping works as an antenna.
Modern PCs, especially Laptops, need to have low emissions. I’m quite sure that those machines all went through an EMC laboratory.
Your best bet may be a big CRT monitor connected with a cheap VGA cable, ideally that ultra-cheap chinesium crap without any shielding. See https://en.wikipedia.org/wiki/Van_Eck_phreaking and the references listed in there for some details.
Trackpad, keyboard, power management are all incredible slow. Trackpad and internal keyboards are often connected via PS/2 or emulate PS/2. PS/2 has a clock rate in the 10 to 20 kHz range. Camera is typically USB. USB should be wired as twisted pairs, shielded for higher USB version numbers. That reduces emissions.
Similar to how one of the first “practical” uses of an Altair 8800 was to generate radio signals in a way that would cause “Daisy, Daisy” to be played on a nearby AM radio. https://www.youtube.com/watch?v=hphW62JARX0