Monitoring NextGen ATC (on the cheap!)

A key component of next generation air traffic control is Automatic Dependent Surveillance – Broadcast (ADS-B). The current FAA mandate is for all included aircraft to output ADB-B transmissions no later than January 1, 2020. But you don’t have to wait to receive and map ADS-B. There is a lot of air traffic to be seen.

dump1090 as viewed via a remote web browser.

Some folks are using complete downloadable images that are set up to feed flight tracking services such as FlightAware. If you’re interested in doing this, The SWLing Post recently featured an article that you’ll enjoy. I wanted to explore whether I could use some items already on hand to see a map of overhead aircraft on any computer on my home network.

I pulled out an older Raspberry Pi Model B and a 4 GB SD-Card and installed a copy of Raspbian Jessie Lite. The Model B has been retroactively called a Raspberry Pi 1 Model B. It is equipped with 512 MB of RAM, two USB ports and a 100mb Ethernet port.

I decided to use a spare older RTL-SDR stick based on the RTL2832U and R820T chips. This USB device comes with a small antenna that I hoped would be good enough to get me started. It is not in any way optimized for the 1090 MHz signals that are used by ADS-B and is roughly 19 parts per million (ppm) off frequency. It cost a bit over $10 at a hamfest a couple of years ago. The designs have improved since the early models were offered. Newer models include a TCXO (thermally compensated crystal oscillator) for stability and accuracy.

I needed software to take signals from the RTL-SDR stick and plot them on a map. That software is “dump1090”, originally written by Salvatore Sanfilippo. I added an install stanza to the Makefile, along with a systemd service file, for a smooth system install. I also needed to install the RTL-SDR USB drivers. The complete installation runs “headless”, meaning no monitor, keyboard or mouse need be connected. Remote management can be done via ssh.

First, bring the Raspbian Jessie installation up to date.

sudo apt-get update
sudo apt-get upgrade

Add some needed packages.

sudo apt-get install git cmake libusb-1.0-0-dev

Compile and install RTL-SDR drivers.

git clone git://
cd rtl-sdr
mkdir build
cd build
sudo make install
cd ~
sudo cp ./rtl-sdr/rtl-sdr.rules /etc/udev/rules.d/

Prevent native DVB-T drivers from loading.

cd /etc/modprobe.d
sudo vi blacklist.conf

Add blacklist dvb_usb_rtl28xxu to the file and save. You may now reboot. After the system comes back online, plug in your RTL-SDR device and the driver should load. You may test by running rtl_test -t. If the device is properly seen by the driver you should see the following:

Found 1 device(s):
  0:  Realtek, RTL2838UHIDIR, SN: 00000001

Using device 0: Generic RTL2832U OEM
Found Rafael Micro R820T tuner
Supported gain values (29): 0.0 0.9 1.4 2.7 3.7 7.7 8.7 12.5 14.4 15.7 16.6 19.7 20.7 22.9 25.4 28.0 29.7 32.8 33.8 36.4 37.2 38.6 40.2 42.1 43.4 43.9 44.5 48.0 49.6 
[R82XX] PLL not locked!
Sampling at 2048000 S/s.
No E4000 tuner found, aborting.

Don’t be concerned by the “No E4000 tuner found” message. The E4000 is an older chipset that is no longer used by today’s RTL-SDR devices.

Compile and install the dump1090 code.
cd dump1090
sudo make install
sudo systemctl daemon-reload

Configure dump1090 options.

cd /etc/default
sudo vi dump1090

Here’s what I placed in the file.

# Default settings for dump1090.
DUMP1090_OPTS="--quiet --net --lat xx.xxxxx --lon -yy.yyyyy --ppm 19 --gain -10"

–quiet runs in the background
–net starts a webserver so that you can access via a web browser
–lat set to YOUR decimal latitude (negative for South)
–lon set to YOUR decimal latitude (negative for West)
–ppm if you know the ppm tolerance of your device (otherwise omit)
–gain -10 which sets gain automatically

A full parameter list can be reviewed by typing dump1090 --help.

With an antenna connected you can perform a quick device check by typing dump1090 --interactive. If all is well you’ll see a screen like this:

Hex     Mode  Sqwk  Flight   Alt    Spd  Hdg    Lat      Long   Sig  Msgs   Ti/
A39D11  S                                                         6     1    4
A25D36  S                     1775                                7     4    3
AAA593  S                     2575  205  075                      7     2    7
A25238  S                                                         4     1   12
A0480B  S                    19650                                8    28    3
ACF4DD  S                     3825                                7     2   14
A41F61  S           FDX3018   2800  211  025   40.428  -74.332   23    83    0
A6FFFE  S     1753  LXJ550   30475  371  226                      8    63    0
C060B3  S                     4625                                6    14    1
ACF69B  S                    23250                                6    25    1
A2D27C  S                    24000                               13    42    2
A0BF90  S                     9500  249  257                      5     3    9
A7D30A  S                    40000                                8   111    1
AE0192  S           SPAR958  32675                               22    93    0
ACC040  S                     7825                                8   146    2
ACA5DF  S                    26600                                6    79    0
A80C7B  S                     4550                                9   108    1
A7CC00  S                     7825                               35   123    0
ACF841  S     1507           14425                               50   132    0
A8C802  S           NKS149   23575  332  216   39.995  -74.262   12   160    0
A61949  S           UAL1105   2725                               14    60    0
AC2E20  S     1006           19925                               22   130    0
AB766A  S           DAL1526   8525  216  038   40.444  -74.213   81   249    0
AA4440  S                     5400  253  066                      6     6   13

Control-C exits this screen.

Now start the dump1090.service.

sudo systemctl start dump1090.service

If all goes well, a netstat -an will show that there is a binding to port 8080.

tcp        0      0  *               LISTEN

Now you can start up a web browser from any computer on your home network and see a map of planes overhead. If your router supports internal dynamic DNS you can name the RPi and access via something like http://skynet:8080. Alternatively, use the IP address, which can be obtained via ifconfig.

eth0      Link encap:Ethernet  HWaddr b8:27:eb:12:34:56  
          inet addr: Bcast:  Mask:
          inet6 addr: fe80::1234:5678:8765:abcd/64 Scope:Link
          inet6 addr: fd68:bee:1f21:2221::5/128 Scope:Global
          inet6 addr: fd68:bee:1f21:2221:1234:5678:8765/64 Scope:Global
          RX packets:990830 errors:0 dropped:418120 overruns:0 frame:0
          TX packets:323700 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:87491798 (83.4 MiB)  TX bytes:207659746 (198.0 MiB)

lo        Link encap:Local Loopback  
          inet addr:  Mask:
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

In this case, the URL would be

Once the map appears, re-position it to your part of the world and enjoy learning about what is flying overhead. You can enhance your enjoyment by listening to your closest airport tower or air traffic control frequencies on a scanner. These transmissions use amplitude modulation (AM) and can be monitored an another RTL-SDR stick or a scanner, even a relatively old model.

New Raspberry Pi 2/3 DV4mini Image

The DV4mini software developers have been hard at work fixing bugs, especially with DMR, and making things work better. So, I thought it time to create a new DV4mini RPi image for your enjoyment. I first built my own image last year when I wanted to have turnkey vnc access to my DV4mini/RPi system.

This build no longer contains the unsupported DV4MF2 software. Rather, it has the most recent version of the DV4mini dashboard (201.77), the updated dv_serial (20170106) and my add on Brandmeister XTG Dialer. If you haven’t used the XTG dialer before, you’re in for a treat. It works great with a touchscreen display, but just fine with a keyboard and a mouse too. You might need to edit a couple of text files to set it up to your liking. For details, see /opt/dv4mini/bmxtg/README once you have the distro up and running.

Important default password info follows.

root / raspberry
pi / dv4m

vncviewer – dv4m

You SHOULD change the default passwords after you get things going. The standard unix passwd command is used to change the root and pi passwords. To change the vnc password, use x11vnc -storepasswd.

RTL-SDR on the Cheap SWL Fest Links

As promised during Thursday afternoon’s presentation at the SWL Fest, here are the links for RTL software and info mentioned. If you attended the presentation, I hope that you enjoyed it and found it useful.

SDR#, a flexible SDR app for Windows with MANY plugins
DSD+, decodes P25, DMR, Fusion, DStar (data only), and others
Virtual Audio Cable, a virtual patch cable to send the output of one program into the input of another
Unitrunker, analog and digital trunk tracker with lots of data decoding
HDSDR, a software radio that can also make use of the RTL-SDR hardware
Linrad, for those who prefer to work in a Linux or Mac environment
DAB Player, requires the original (not Zadig WinUSB drivers

The Big List of RTL Supported Software, in Russian, but Google Translate is your friend.

Update: I have added the video narratives as a YouTube playlist.

Correction: During the talk I stated that I thought the MCX connector used on the earlier DVB-T dongles appeared to be the same as the connector used on some Sirius satellite receivers.  I just took a close look and realized that while they are somewhat similar in appearance, the Sirius connector is larger and is actually an SMB connector.

Some document management advice for the White House

USA Today reports that in at least 5 instances, copies of Executive Orders published at do not match the official versions published in the Federal Register. This is a practical use case where the White House staff should invest in two IT staples — document management software and digital signature software.

Document management software allows for tracking history of changes and approvals to content such as Executive Orders. Microsoft’s widely deployed Sharepoint is just one solution that can be used for document management. Digital signatures are a feature of Public Key Infrastructure and document signing certificates are widely available. Microsoft Word and Libre Office both support document signing.

Mr. President, your Chief Information Officer should be able to quickly help you manage this mess. If he cannot, please find one who can.

On the current unrest

The liberal-left media, it seems to me, fails to understand the motivation behind all of the on-the-street in-your-face unrest by progressives against the new Washington Republican regime. Yes, folks are angry about the policies, but that is not why they are taking to the streets in the cold of winter. I believe the unrest to be about hypocrisy, self-dealing, and ultimately, the bad behavior of Donald Trump.

Policy differences we can discuss. But would you raise your son to emulate Donald Trump? Would you leave your daughter alone with Donald Trump?

Donald Trump may already be on his way to impeachment. He has not been transparent in his finances. We do know that there is clearly a conflict of interest in his lease for his new DC hotel. We don’t know the extent of his dealings with foreign regimes. We know for sure that he thinks he can put a stack folders on a table at a press conference to try to fool and impress us.

The right wing controlled Congress is willing to suspend long standing rules to get their way. That is bad for the nation no matter who is in power. The Republicans have the nerve to demand speedy acquiescence in the approval of unqualified Cabinet Secretaries as they disregard our fresh memory of how they ignored a moderate and eminently qualified Supreme Court nominee for 10 months.

Their President has invited white supremacists into the seat of decision making. He cannot seem to be civil to friendly leaders of other nations. He has appointed Cabinet members who either have no experience in the function that they are supposed to manage or want to abolish that function. He is so insensitive to our friends that his appointee as Ambassador to the European Union is known to be an advocate for the dismantling of the EU and the Euro currency.

Trump is a nasty, insecure, narcissistic, lying, crooked shell of a leader. He does not care that the First Amendment precedes the Second Amendment in the interest of a free press. He can’t control his Tweets nor his outbursts. He shrugs off societal norms of behavior as an unnecessary impediment on his crusade to smother dissent. He is a loser and the nation loses.

Then, there are those false Christians who endorse this behavior because, they believe, Trump will make America great (again). I believe he will lead us straight to hell.

Progressives, however, know that this country is (and has been) great, despite its many flaws. And they want to make it better. They certainly don’t want this petulant child to destroy progress that we’ve made toward economic and racial equality. We are reminded every time he opens his ignorant mouth to attack the “media”, or to start a tweet war with a celebrity or foreign leader, that he and his ilk menace our nation.

That is why the fight has been taken to the street.

Chromecast and Google Home — A Great Combination

Two new toys showed up at the front door today. I took my time deciding between Amazon Echo and Google Home. I decided that Google Home was the my best choice. When I went to order, I saw that the Google Store is offering a discount on a Chromecast dongle purchased along with Home. The discount of $15 is available through midnight Pacific time on January 28.

Google Home is about what I expected, although it currently has some limitations. If your content is on Pandora, YouTube, or Netflix you will love the device. It cannot currently access content on Hulu or the various broadcast network apps. However, you can still access the content via your mobile device and then press the “Cast” button to view the content on your big screen.

The sound quality of Home is good for the size of the device. Setup of home is fairly easy using the Android app. Chromecast connects via an HDMI port but just hangs there. It ought to have some way of attaching it to the rear of the monitor. I may try some 3M double faced tape.

Home integrates with my Google calendar, so in the morning I can say, “Hey Google, what is my day like?” I’ll hear appointments, the weather, and the NPR news. It is supposed to be able to support multiple identities but I haven’t tried this yet. Tina will want to be able to hear her calendar too.

I tried listening to a number of different audio sources via Pandora and TuneIn. It all worked, except for CKTB, a news talk station in the Niagara area that I enjoy. Google thinks I am asking for CK TV and cannot locate it. I was able to cast content from the CBS app installed on my phone with little effort.

I’m sure I’ll learn more about the capabilities of Google Home and Chromecast as the days go on. Home is said to rely completely on the cloud so lacking features such as Hulu ought to be remedied in short order.

If you’re concerned about privacy, you should know that all your searches are logged, but can be deleted via the Google Home Android app. The device also sports a mute button should you wish to prevent Home to hearing private conversations.

If you enjoy varied media content and like to experiment, Chromecast and Home make a great combination and will provide hours of enjoyment.

Running Brandmeister XTG Dialer

[Update January 17, 2017:

The Brandmeister XTG Dialer ( is now easier to configure. The program itself no longer needs to be edited to get it up and running. All configuration items have been moved to separate files. Download version 1.1 and be sure to read and understand the README file before you begin.]

I’ve received some inquiries on how to get the Brandmeister XTG Dialer script running. Assumptions here are that you can navigate your way around Linux, you know how to use a text editor, and you can look at the python program and figure out how to make a simple change.

1 — Copy the program file along with the three configuration files (, buttons.conf and masters.conf) to your home directory. It doesn’t even need to be on the same computer that your dv4mini is connected to, as long as you are behind the same NAT router.

2 — Figure out the URL for the BM Master that you are currently connected to. To do this look at the Brandmeister Masters page. Looks through the list, locate your master, click the status button and note the URL host portion before the first slash. It could be a name or it could be an IP address.

3 — Edit the program and look for the bm_master assignment statement. There are currently two, with one of them commented out. You’ll need the bm_master variable to point to the master that your dv4mini is currently connected to.

For example, master 3021 is in Canada. Clicking the status button returns The line would read:

bm_master = ''

Be sure that only one bm_master assginment statement is active. You can leave the others there but comment them out by starting the line with a #.

2 — Carefully read and follow the instructions in the README file.

Brandmeister XTG Dialer

I’ve long hoped for a way to make it easier to change DMR talkgroups. I use a DV4mini and software installed on a Raspberry Pi 3 with a touch screen display. Wouldn’t it be nice if I could key in a Brandmeister extended talkgroup (XTG) number directly on the RPi, rather than use an Android app or a web browser? The now defunct DV4MF2 dashboard was a step in the right direction with XTG support, but its talkgroup list is now hopelessly out of date. Wireless Holding’s version of the dashboard allows connection to Brandmeister reflectors and to TG 4999, but doesn’t directly provide access to the XTGs.

So in the true Amateur Radio spirit, I built my own solution. Long ago, I made my living as a software developer. It was so long ago that we were called computer programmers. Nonetheless, I did some research and found that GTK provides support that I could use from within a Python program to create windows, buttons and so on in a Linux GUI environment.

DV4mini control panel in the background with the Brandmeister XTG Dialer in the foreground.

To further date myself, most Linux based programming that I’ve done in the past 20 years has been in Perl or Bash. I have recently gotten involved in implementing the Open Source Fail2ban host IPS system, which uses Python regular expressions. I have become slightly proficient with regexes, but knowing how to use them to match text in logs wasn’t going to help me.

Thankfully, a fellow named Kris Occhipinti put together a treasure trove of programming instruction videos, some of them covering Python, GTK, and specifically how to create a keypad. His intent in some of the videos was to create an app for spoofing caller id, but I could borrow what I needed.

What I came up with is a Python/GTK app that opens two windows. One window is a dialer keypad and the other window is a memory present keypad. A Brandmeister TGID can be keyed in from a keyboard, pressed on a touchscreen, clicked with a mouse…or you can just use a preset with a label like “USA” or “Tri State” instead of a number. The app makes use of the published Brandmeister API, which is very simple, uses HTTP and returns data in JSON format. Python very nimbly handles it all.

If you’re a licensed amateur radio operator, have a DV4mini, and are Linux proficient, please give it a try and leave your feedback below.

A Modern Manchurian Candidate?

Max Boot writes in the NY Times, “The fact that Mr. Trump seems to give greater credence to the Kremlin than to United States intelligence agencies is precisely what has set off so much speculation about his real motives in cozying up to Mr. Putin.”

The quote comes from his article covering the publication, by Buzzfeed, of unsubstantiated foreign intelligence about the next President of the United States, CNN’s reporting on the matter, and Mr. Trump’s reaction.

I think that Max has succinctly summarized a fundamental concern that Trump continues to raise with his Putin praise.

Installing Certbot on Raspbian Jessie

I wanted to install the Let’s Encrypt certbot package on a Raspbian Jessie installation that hosts my Asterisk PBX. I had manually installed a certificate but decided that the automated certificate installation is advantageous. Certbot is available as a backport.

Step 1 — Add the backport source location:

# echo "deb jessie-backports main" \
> /etc/apt/sources.list.d/backports.list

Step 2 — # apt-get update

I received the following error:

W: GPG error: jessie-backports InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 8B48AD6246925553 NO_PUBKEY 7638D0442B90D010

Step 3 — The two bolded keys needed to be added to the gpg keyring:

# gpg --keyserver --recv-key 8B48AD6246925553
gpg: requesting key 46925553 from hkp server
gpg: key 46925553: public key “Debian Archive Automatic Signing Key (7.0/wheezy) ” imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

# gpg -a --export 8B48AD6246925553 | sudo apt-key add -

# gpg --keyserver --recv-key 7638D0442B90D010
gpg: requesting key 2B90D010 from hkp server
gpg: key 2B90D010: public key “Debian Archive Automatic Signing Key (8/jessie) <>” imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

# gpg -a --export 7638D0442B90D010 | sudo apt-key add -

Step 4 — Update the package list:

# apt-get update

Step 5 — Install the backported package:

# apt-get install certbot -t jessie-backports