May 152022
 

So, for a long while now I’ve been a user of a Yaesu FT-857D. I bought it back in 2011 as shop-soiled stock (someone bought it before me thinking they could make it work on 27MHz!) and have used it on the bicycle pretty much ever since.

The FT-857D is a great rig. Capable of all common amateur bands from 160m through to 70cm, 100W on MF/HF/6m, 50W on 2m, 20W on 70cm, and able to work AM/FM/SSB/CW, in a nice small package. It’s ideal for the bike in that regard. The only thing I could wish for is an actually waterproof head unit, but the stock one has been good, until now.

Last time I rode the bike I had no issues with the head unit display, things were stable and working just fine. That was some months back. Today fired it up to check the battery voltage: it seems I’ve got the dreadded zebra stripe issue. The bike has been in the garage for the past few months, so under cover, not in the sun… anecdotal evidence is that this problem is caused by vibration/heat in vehicle installations, but some reports suggest this can happen for indoor fixed installations too.

The problem

Either way, the zebra has made its home in my radio’s head unit and the display is now pretty much unreadable. Reports suggest I can send it back to Yaesu, pay them $200 (I presume that’s USD, and does not include shipping), and they will replace the defective LCD. However… given they discontinued making these things a few years back, I think I’ve missed the boat on that one!

Time for replacement?

Buying a new replacement isn’t viable right now — Yaesu don’t make anything equivalent: the FT-991A is too big (same size as the FT-897D), the FT-891 doesn’t do 2m/70cm, the FT-818ND is only QRP. Icom’s IC-7100 is the nearest competitor, not out of the question, except it’s a pricey unit for something that will be out in the weather.

Also, a lot of these options are out-of-stock with a big lead time.

Most of the Chinese units only do FM, and are at best quad-banders. Not that I’m interested in buying one: I hear they’re not the longest-lived of transceivers and right now I wish to avoid buying from China anyway.

Kenwood are basically out of the market here in Australia, and they never had an offering like the Icom or Yaesu units; their TS-480SAT was the closest, but does not cover 2m/70cm. The TS-2000 is a monster.

Alinco don’t have anything in a mobile format that competes either. The DX-SR9T does not cover 2m/70cm and is rather big; none of their 2m/70cm sets do HF or SSB.

Keeping the old faithful going

The radio itself works fine. It looks like the wreck of the Hesperus… with paintwork rubbed off the body, screws missing, a DIY fix on the antenna ports, and miscellaneous fixes to other bits. It still works though.

DIY Repair

This could be tricky as I’m not entirely sure what the issue is. It could be just a need for re-flowing everything, or there’s talk of parts needing replacement. The information I have is pretty murky and I could wind up making my partially-working head unit completely non-working.

Replacement used head unit

If someone had a working head unit that they were willing to part with, that might be an option. That said, the used unit could have the same problems my existing unit has, so no guarantee it’ll fix the problem.

CAT port auxiliary display

There are projects that link to the CAT port and present a UI on a separate screen. I was planning on putting a Raspberry Pi 4 there for SDR work, so that’s an option.

Homebrew head unit

Another option is to make a new front head unit. It turns out this has been partially reverse-engineered, so might be a worthy avenue to consider. That would give me a head unit that I can purpose-build for the bike: an attractive option. The hardware interface is 5V TTL UART with a 62kbps baud rate and 8-bits, no parity, two stop bits.

I have a big LCD (128×64) that has been kicking around for a while as well as some TFT resistive touchscreen displays with STM32F103VEs.

The Raspberry Pi 4 scraping the data and presenting it via a remote UI is also an option, in fact may be the direction I wind up going simply because Python on an ARM CPU is much easier to use prototyping something than doing C on a MCU whilst I bed down the finer details of the protocol.

The attraction of this is that I can use what I have on-hand now. Possibly use my tablet as the front-end in the short term. Not good in the rain, but can’t argue with the price!

I’ll go ponder this some more… one thing I am short of though is time to work on this stuff. This week-end is through, and the next one I’ll already be tied up on the Saturday, so I guess I’ll have to squeeze something in.

May 142022
 
Seriously Amazon, why?

So, yeah, I’m trying to convert music wish-list entries to actual recordings in my music collection (as I won’t hear many of these on the radio anymore). I must stress I do want to support the artist by buying at least one license to their work. Preferably in a lossless form like CD or FLAC, but LP will do if the other two aren’t available. Heck, I even have a cassette player if it comes to that!

I don’t want to pirate music. That was something I did in the last century because I didn’t have money — those MP3s are deleted long ago (they got thrown out around 2004 or so; for both technical and legal reasons).

Making legally-purchased copies unobtainable does not help make this happen! Making copies unobtainable encourages piracy!

In this case, someone does have a copy for sale. There’s even an “Add To Cart” button to indicate a desire to purchase. Guess what, it just tells me “Not Added” when I click it. Can I contact Amazon about it? Not that I can see!

Seems the recording industry and the retailers are their own worst enemy on this front. Too distracted by the modern “hip” stuff than the stuff the rest of us actually listen to.

May 082022
 

So, this is quite sad news… I learned this on Friday morning that one of Brisbane’s longer-serving radio stations will be taken over by new management and will change its format from being a “classic hits” music station, to being a 24/7 sports coverage station.

It had been operated by the Australian Radio Network who had recently done a merger with a rival network, Grant Broadcasters, picking up their portfolio which included their portfolio of stations which included a number of other Greater Brisbane region stations. This tipped them over the edge and so they had to let one go, the unlucky victim was their oldest: 4KQ.

Now, you’re thinking, big deal, there are lots of radio stations out there, including Internet radio. Here’s why this matters. Back in the 90s, pretty much all of the stations here in Brisbane were locally run. They might’ve been part of a wider network, but generally, the programming about shows and music was decided on by people in this area. Lots of songs were hits only in Brisbane. There are some songs that did not make the music charts anywhere else world-wide. But, here in Brisbane, we requested those songs.

Sometimes the artists knew about this, sometimes not.

Over time, other stations have adjusted their format, and in many cases, abandoned local programming, doing everything from Sydney and Melbourne. Southern Cross Austereo tried this with Triple M years ago, and in the end they had to reverse the decision as their ratings tanked and complaints inundated the station.

4KQ represented one of the last stations to keep local programming. I’m not sure how many still do, but in particular this station was unique amongst the offerings in this area due to its wide coverage of popular music spanning 1960 ~ 1995, and in particular, its focus on the Brisbane top-40 charts.

Some of the radio programs too were great: Brent James in particular had an art for painting a picture of Brisbane at that time for both people who were there to experience it, those who missed out because they lived someplace else, and people like myself who were either too young to remember or not alive at the time in the first place. A lot of their other staff too, had a lot of music knowledge and trivia — yes you can reproduce the play lists with one’s own music collection, but the stories behind the hits are harder to replicate. Laurel Edwards is due to celebrate her 30th year with the station — that’s a long commitment, and it’s sad to think that this will be her last through no fault or decision of her own.

It’s loss as a music station is a major blow to the history of this city. To paraphrase Joni Mitchell, they’ve torn down Festival Hall to put up an apartment block!

A new normal

The question is, where to now? The real sad bit is that this was a successful station that was only culled because of a regulatory compliance issue: ARN now had too many stations in the Greater Brisbane area, and had to let one go. They reluctantly put it up for sale, and sure enough, a buyer took it, but that buyer was not interested in preserving anything other than the frequency, license and broadcast equipment.

In some ways, AM is a better fit for the yap-fest that is SEN-Q. They presently broadcast on DAB+ at 24kbps in essentially AM-radio quality. 4KQ has always been a MW station, originally transmitting at 650kHz back in 1947, moving to 690kHz a year later… then getting shuffled up 3kHz to its present-day 693kHz in 1978 when the authorities (in their wisdom at the time) decided to “make room” by moving all stations to a 9kHz spacing.

Music has never been a particularly good fit for AM radio, but back in 1947 that was the only viable option. FM did exist thanks to the work of Edwin Armstrong, but his patents were still active back then and the more complicated system was less favourable to radio manufacturers at a time when few could afford a radio (or the receiver license to operate it). So AM it was for most broadcasters of that time. “FM radio” as we know it today, wouldn’t come into existence in Brisbane until around 1980, by which time 4KQ was well-and-truly established.

The question remains though… ratings were pretty good, clearly there is demand for such a station. They had a winning formula. Could an independent station carry forward their legacy?

The options

So, in July we’ll have to get used to a new status-quo. It’s not known how long this will last. I am not advocating vigilante action against the new owners. The question will be, is there enough support for a phoenix to rise out of the ashes, and if so, how?

Existing station adopting 4KQ’s old format?

This might happen. Not sure who would be willing to throw out what they have now to try this out but this may be an option. There are a few stations that might be “close enough” to absorb such a change:

  • 4BH (1116kHz AM) does specialise in the “older” music, but it tends to be the softer “easy listening” stuff, they don’t do the heavier stuff that 4KQ and others do. (e.g. you won’t hear AC/DC)
  • KIIS 97.3 (97.3MHz FM) was 4KQ’s sister station, at present they only do music from the 80s onwards.
  • Triple M (104.5MHz FM) would be their closest competitor. They still do some 60s-80s stuff, but they’re more focused on today’s music. There’s a sister-station, Triple M Classic Rock (202.928MHz DAB+) but they are an interstate station, with no regional focus.
  • Outside of Brisbane, River 94.9 (94.9MHz FM) in Ipswich would be the closest to 4KQ. They make frequent mentions of 4IP and its charts. Alas, they are likely beaming west as they are not receivable in this part of Brisbane at least. (VK4RAI on the other hand, located on the same tower can be received, and worked from here… so maybe it’s just a case of more transmit power and a new antenna to service Brisbane?)

I did a tune-around the other day and didn’t hear anything other than those which was in any way comparable.

Interesting aside, 4IP of course was the hit station of its day. These days, if you look up that call-sign, you get directed to RadioTAB… another sports radio station network. Ironic that its rival meets the same fate at the hands of a rival sports radio network.

A new station?

Could enough of us band together and start afresh? Well, this will be tough. It’d be a nice thing if we could, and maybe provide work for those who started the year thinking their job was mostly secure only to find they’ve got two more months left… but the tricky bit is we’re starting from scratch.

FM station?

A new FM station might be ideal in terms of suiting the format, and I did look into this. Alas, not going to happen unless there’s a sacrifice of some sort. I did a search on the ACMA license database; putting in Mt. Coot-tha as the location (likely position of hypothetical transmitter, I think I chose Ch 9 site, but any on that hill will do), giving a radius of 200km and a frequency range of 87-109MHz.

Broadcast FM radio stations are typically spaced out every 800kHz; so 87.7MHz, 88.5MHz, 89.3MHz, … etc. Every such frequency was either directly taken, or had a station within 400kHz of it. Even if the frequency “sounded” clear, it likely was being used by a station I could not receive. A big number of them are operated by churches and community centres, likely low-power narrowcast stations.

The FM broadcast band, as seen from a roof-top 2m “flower pot” in The Gap.

There’s only two ways a new station can spring up on FM in the Brisbane area:

  • an existing station closes down, relinquishing the frequency
  • all the existing stations reduce their deviation, allowing for new stations to be inserted in between the existing ones

The first is not likely to happen. Let’s consider the latter option though. FM bandwidth is decided by the deviation. That is, the modulating signal, as it swings from its minimum trough to its maximum peak, causes the carrier of the transmitter to deviate above or below its nominal frequency in proportion to the input signal amplitude. Sometimes the deviation is almost identical to the bandwidth of the modulating signal (narrowband FM) or sometimes it’s much greater (wideband FM).

UHF CB radios for example; deviate either 2.5kHz or 5kHz, depending on whether the radio is a newer “80-channel” device or an older “40-channel” device. This is narrowband FM. When the ACMA decided to “make room” on UHF CB, they did so by “grandfathering” the old 40-channel class license, and decreeing that new “80-channel” sets are to use a 2.5kHz deviation instead of 5kHz. This reduced the “size” of each channel by half. In between each 40-channel frequency, they inserted a new 80-channel frequency.

This is simple enough with a narrowband FM signal like UHF CB. There’s no sub-carriers to worry about, and it’s not high-fidelity, just plain old analogue voice.

Analogue television used FM for its audio, and in later years, did so in stereo. I’m not sure what the deviation is for broadcast FM radio or television, but I do know that the deviation used for television audio is narrower than that used for FM radio. So evidently, FM stereo stations could possibly have their deviation reduced, and still transmit a stereo signal. I’m not sure what the trade-off of that would be though. TV stations didn’t have to worry about mobile receivers, and most viewers were using dedicated, directional antennas which better handled multi-path propagation (which would otherwise cause ghosting).

Also, TV stations to my knowledge, while they did transmit sub-carriers for FM stereo, they didn’t transmit RDS like FM radio stations do. Reducing the deviation may have implications on signal robustness for mobile users and for over-the-air services like RDS. I don’t know.

That said, lets suppose it could be done, and say Triple M (104.5MHz) and B105 (105.3MHz) decided to drop their deviation by half: we could then maybe squeeze a new station in at 104.1MHz. The apparent “volume” of the other two stations would drop by maybe 3dB, so people will need to turn their volume knobs up higher, but might work.

I do not know however if this is technically possible though. In short, I think we can consider a new FM station a pipe dream that is unlikely to happen.

New AM station?

A new AM station might be more doable. A cursory look at the same database, putting in much the same parameters but this time, a 300km radius and a frequency range of 500kHz-1.7MHz, seems to suggest there are lots of seemingly “unallocated” 9kHz slots. I don’t know what the frequency allocation strategy is for AM stations within a geographic area. I went a wider radius because MW stations do propagate quite far at night: I can pick up 4BU in Bundaberg and ABC Radio Emerald from my home.

The tricky bit is physically setting up the transmitter. MW transmitters are big, and use lots of power. 4KQ for example transmitted 10kW during daylight hours. Given it’s a linear PA in that transmitter, that means it’s consuming 20kW, and when it hits a “peak” it will want that power now!

The antennas are necessarily large; 693kHz has a wavelength of 432m, so a ¼-wave groundplane is going to be in the order of 100m tall. You can compromise that a bit with some clever engineering (e.g. see 4QR’s transmitter site off the Bruce Highway at Bald Hills — guess what the capacitance hat on the top is for!) but nothing will shrink that antenna into something that will fit a suburban back yard.

You will need a big open area to erect the antenna, and that antenna will need an extensive groundplane installed in the ground. The stay-wires holding the mast up will also need a big clearance from the fence as they will be live! Then you’ve got to keep the transmitter fed with the power it demands.

Finding a place is going to be a challenge. It doesn’t have to be elevated for MW like it does for VHF services (FM broadcast, DAB+), but the sheer size of the area needed will make purchasing the land expensive.

And you’ve got to consider your potential neighbours too, some of whom may have valid concerns about the transmitter: not liking the appearance of a big tower “in their back yard”, concerns about interference, concerns about “health effects”… etc.

DAB+?

This could be more doable. I don’t know what costs would be, and the big downside is that DAB+ radios are more expensive, as well as the DAB+ signal being more fragile (particularly when mobile). Audio quality would be much better than AM, but not quite as good as FM (in my opinion).

It’d basically be a case of opening an account with Digital Radio Broadcasting Pty Ltd, who operate the Channel 9A (202.928MHz) and Channel 9B (204.64MHz) transmitters. Then presumably, we’d have to encode our audio stream as HE-AAC and stream it to them somehow, possibly over the Internet.

The prevalence of “pop-up” stations seems to suggest this method may be comparatively cost-effective for larger audiences compared to commissioning and running our own dedicated transmitter, since the price does not change whether we have 10 listeners or 10000: it’s one stream going to the transmitter, then from there, the same signal is radiated out to all.

Internet streaming?

Well, this really isn’t radio, it’s an audio stream on a website at this point. The listener will need an Internet connection of their own, and you, the station operator, will be paying for each listener that connects. The listener also pays too: their ISP will bill them for data usage.

A 64kbps audio stream will consume around 230MB every 8 hours. If you stream it during your typical 8-hour work day, think a CD landing on your desk every 3 days. That’s the data you’re consuming. That data needs to be paid for, because each listener will have their own stream. If there’s only a dozen or so listeners, Internet radio wins … but if things get big (and 4KQ’s listenership was big), it’ll get expensive fast.

The other downside is that some listeners may not have an Internet connection, or the technical know-how to stream a radio station. I for example, do not have Internet access when riding the bicycle, so Internet radio is a no-go in that situation. I also refuse to stream Internet radio at work as I do not believe I should be using a workplace Internet connection for personal entertainment.

Staff?

The elephant in the room is staffing… there’s a workforce that kept 4KQ going who would soon be out of work, would they still be around if such a station were to materialise in the near future? I don’t know. Some of the announcers may want a new position in the field, others may be willing to go back to other vocations, and some are of an age that they may decide hanging up the headphones sounds tempting.

I guess that will be a decision for each person involved. For the listeners though, we’ve come to know these people, and will miss not hearing from them if they do wind up not returning to the air.

In the meantime

What am I doing now? Well, not saving up for a broadcast radio license (as much as my 5-year-old self would be disgusted at me passing up such an opportunity). I am expanding my music collection… and I guess over the next two months, I’ll be taking special note of songs I listen to that aren’t in my collection so I can chase down copies: ideally CDs or FLAC recordings (legally purchased of course!)… or LPs if CDs are too difficult.

Record companies and artists could help here — there are services like ZDigital that allow people to purchase and download individual songs or full albums in FLAC format. There are also lots of albums that were released decades ago, that have not been re-released by record companies. Sometimes record companies don’t release particular songs because they seemingly “weren’t popular”, or were popular in only a few specific geographic areas (like Brisbane).

People like us do not want to pirate music. We want to support the artists. Their songs did get played on radio, and still do; but may not be for much longer. Not everything is on Spotify, and sometimes that big yellow taxi has a habit of taking those hits away that you previously purchased. They could help themselves, and the artists they represent, by releasing some of these “less popular” songs as FLAC recordings for people to purchase. (Or MP3 if they really insist… but some of us prefer FLAC for archival copies.)

The songs have been produced, the recordings already exist, it seems it’s little skin of their nose to just release them as digital-only singles on these purchase-for-download platforms. I can understand not wanting to spend money pressing discs and having to market and ship them, but a file? Some emails, a few signed agreements and one file transfer and it’s done. Not complicated or expensive.

Please, help us help you.

Anyway… I guess I have a shopping list to compile.

Apr 252022
 

So, over the week leading up to the Easter long week-end, a package I ordered way back in late January made its way from northern Finland via Perth to Brisbane and landed on my door-step the Thursday we headed to Imbil.

That’s timing for you… thankfully not that wet this last week-end, and in any case, I had a stomach bug which precluded me from wearing any single-piece clothing as I was running to the loo on a frequent basis. With that week-end (and the stomach bug) behind me, I finally had a close look at this outfit. These are some detail shots of the suit I ordered, there’s of course more general shots on the supplier’s website. The outfit is made by AJ Group who are based in Konin in the central-west of Poland.

I haven’t tried going for a ride in it yet, but it had been raining this morning, and I needed to clear a couple of clogged drains. This outfit is perfect for the job even in Brisbane’s somewhat humid weather.

Weather conditions this morning were overcast with light showers, 20.1°C and 84% relative humidity. No action shots on this occasion. I felt warm, but didn’t feel like I was going to start sweating heavily. That said, I probably wouldn’t want the temperature up much higher than it already was. In intermittent sunny/showery weather, I’d get steamed, no question.

In my case, I needed to clear bundles of leaves that were blocking the water from clean flow, ordinarily I’d be trying to do it with my foot, but here I could just kneel right in the gutter and get stuck into it. Drain was cleared in seconds and I stayed perfectly dry.

I found the hood, due to the thicker material, benefits from wearing a cap of some description underneath for head tracking. Or you can pull a helmet or something down over the top of the hood then it’ll track without issues. The hood can be pulled down but it’ll want to sit up and interfere with anything you’re wearing on your head, so you’re better off just leaving it up unconditionally unless it’s really bothering you.

Mikko (who runs rainwear.store) comments on his site that the gloves generally mean the wearer isn’t able to operate capacitive touchscreens. I guess mileage may vary. First time I tried it on, I did a brief check and found indeed, while my tablet touchscreen worked fine, the phone was unresponsive. However, on subsequent (longer) trials, I’ve observed the phone does in fact work.

The trick seems to be not having your hands too dry when you put the outfit on — a little moisture on your hands helps the conductivity needed for the touchscreen controller to sense your finger. Mileage of course may vary: I don’t use screen protectors or covers on any of my devices, which may be helping the sensitivity of the capacitive sensors, but in general I found I was able to do most things I could do with bare hands. The gloves could be a size smaller to be honest, size 9 (the smallest offered) is on the big size, but thankfully not too big to make things clumsy. They’re made by Showa, not sure what exact model they are or where they are made (they appear to be EU-based as well).

Typing on a physical keyboard is slowed down, but not impossible, multi-touch pointing devices still work (or at least the one on my Panasonic CF-53 does).

The boots are reasonably comfortable — in fact I think they fit better than any other boots I own. I wear orthodics for a high-arch and these fit well. I’m not sure who manufactures them, but they have “Made in the EU” stamped on the sole, so they’re somewhere in Europe.

The fabric is heavier than what I’m used to with the other rain overalls I have, but it’s not unbearably heavy for the task. This suit has pockets on the outside of the legs — this is a special extra.

The thinking was it’d be somewhere to keep a phone/wallet/keys if I’m out on a check-point in the weather. If I go wading into water, obviously I’m going to have to empty these pockets, and in fact, punching a couple of small drainage-holes on the outer wall of each pocket may be prudent so that they don’t fill with water… but in practice it’s rare that I’d be entering that depth of water. The positioning of them is perhaps lower than I’d like, with the ideal being waist-height — but given most come with no pockets at all, this is a big bonus. Another position I guess would be a large pouch across the stomach like some hooded jumpers. Next time I guess.

In short though, very much worth a look. I’ll know more when I try them out on the bike.

Apr 092022
 

I guess we’ve all been hearing about the “special operation” that Russia blundered into. This was supposed to be a week-long peace-keeping mission… and the locals were meant to be “welcoming” the Russian troops with open arms.

I tell you what, if that’s a “welcome”, I’d hate to see what the Ukrainians would reserve for true enemies… from what I can see the message seems very clear: “Outta here, Vladimir!” Still, Moscow appears to not have gotten the message, even after 44 days, they’re still at it. The banner up the top-right of this page is quite out of date now — not that the message is any less true, additional lives have been lost due to this conflict.

Only because Russia’s troops on the ground have so far failed to take any major cities by conventional means, they’ve resorted to bombing the crap out of these cities. And it appears, nothing is sacred, with places like shelters and hospitals copping it. Then there’s the allegations of rape and torture committed by these troops.

Russia denies being responsible of course.

It’s been hard to watch this unfold from the opposite hemisphere. I don’t know anyone in Eastern Europe personally, so there’s no “personal attachment”, but this doesn’t mean I don’t feel sorry for the everyday citizens in this region. This is a war ordered by the Russian Government under the pretence of “peace keeping”.

I’m reminded of the pilot episode of Yes Minister, “Open Government” — Sir Humphrey Appleby when asked about the title of a policy document drily replies “Always dispose of the difficult bit in the title, [it] does less harm there than in the text” (17:03 if you’ve got the DVD handy). Governments the world over are notorious for using euphemistic terms to label things, and this just another (albeit, extreme) example. Very few countries are going along with that, the rest are seeing right through this thin veil and seeing the conflict for what it is. Even China Radio International describe the two countries as “warring”.

In any case, whether the people of these places agree with what’s happening or not, they get no choice in the situation. If they’re members of the military, they’re forced into this conflict and carrying out the orders as given, or face insubordination charges.

So on it goes, including the shelling from over the eastern border. Even Lviv in the west of Ukraine has not been spared — it too has been hit from long-distance missiles. I fear it’s only going to take a slight miscalculation on the part of the Russian unit firing it, maybe they aim a little too high, and instead of landing in Lviv, it sails clean across the border and hits something in Poland: a NATO member — then WW3 would be on for real.

Russia was initially using violence in the Donbas region as the justification for their “special operation”, in which case a question needs to be asked: why bomb Lviv in the west? If the military is the target, why did the Kramatorsk railway station get hit when it was clearly brimming with civilians? Are they that inept at their aim that they missed their real target and hit this place instead?

Valid questions that deserve investigation I think. The males of this species are known to have two heads: one above our shoulders and the other between our legs — personally I think Putin has been doing his “thinking” with the latter. No wonder we keep hearing chants of “Пу́тін — хуйло́” (roughly, “Putin is a dickhead” — assuming the Wikipedia translation is accurate).

The violence in the Donbas region should be investigated too — while it’s in no way a justification for the invasion, there seems to be enough reports to suggest there were problems here, and it’s correct that a (perhaps independent) body investigates. However, this will have to wait until the fighting stops.

Presently, the world is attempting to strong-arm Russia into dropping its fight by issuing sanctions. This is made difficult because much of Europe is dependent on Russian fossil fuel, but even those imports will fall under direct bans with sufficient time. Germany has already banned coal imports. The UK says it will ban Russian oil & gas by the end of the year. Some countries have already cut themselves off completely.

Russia’s Government is in a no-win situation now I think. Had they stopped after the first fortnight, realising that this wasn’t going to work, many of the atrocities we’re hearing about now likely would not have taken place and I think things would calm-down relatively quickly. Moscow might’ve been able to “save face” to a limited extent. Too late for that now: domestically they’ll look like a failure, and internationally they’re already being treated like a leper.

I’ve for a long time been blocking China, ever since they started relentless port-scanning activity on my IPv6 subnets. (Looking at you 240e:f7:4f01:c::3!) I’ve since added Hong Kong (because China says HK is “part of China” and the HK Government seems to agree with that… so I’ll treat them the way I treat China), along with North Korea (allied with China).

While Russia is officially fighting the Ukraine, the truth is their cybersecurity attack teams have had a bad reputation for a long time, and this war is being fought with IP datagrams as much as it’s being fought with bullets. They would think nothing of “conscripting” some home router or IoT device into their “digital army”. So into the blacklist they go, along with Belarus, Syria and Turkey who so far are helping support Russia or are otherwise maintaining diplomatic relationships with them.

I’m tempted to throw India into that list too as the Indian Government seems intent on fence-sitting. (They’ll get splinters in their bum doing that!)

Of course none of this stops an indirect attack on my infrastructure via some compromised router or VPN endpoint somewhere else in the world acting as a proxy, but at least it restricts direct attack.

The ugly bit will come though when it comes to the war crimes investigation. The atrocities have been severe, and I don’t think there’s much question at all that they’ve taken place. The true question though is the classic “who dunnit”. We’ll need to use our heads with this: the one above our shoulders, confirmation bias is going to be our biggest enemy. The vehicle of justice must be driven by objective evidence, emotions must take a back seat! I think this is going to be our greatest challenge this century.

Mar 132022
 

The other victims of the Brisbane 2022 flood at my workplace are a pile of Leader SN4PROv3 “NUC” clones, like the ruggedised Intel NUCs, were purchased as cheap “PLC”s. Out of the box, they run Windows 10, which seems insane given they, like the Intel NUCs, only have 4GB RAM and sport dual-core Celerons running at a whopping 1.1GHz. (Wow, let’s see that play Crysis!)

Most of these actually survived pretty well, with all but one booting. I had visually inspected each by opening the case and having a look inside, but obviously on this one specimen, I missed something. So let’s crack it open and have a look.

Leader SN4PROv3

First step is to move the rubber feet out of the way and remove the 4 case screws hiding beneath.

The four case screws hide beneath the rubber feet (which I have moved)

The Leader website claims these machines run eMMC. In all the units I have here, it appears all of them are not eMMC, but rather, are M.2 SATA SSDs. I’d consider that an upgrade. My guess is maybe the first of this model had eMMC, but then the chip shortage bit and so they endowed these ones with SATA. The footprint for the eMMC looks to be just near the battery.

In any case, that SSD is in the way making the screws to the left of it hard to reach, so let’s get it out of the way.

Removing the SSD to access board screws

The SSD here is a “Kston”-brand SSD… Not Kingston, don’t be fooled by the lettering…

The SSD… not pretending to be a “Kingston”, honest!!!

Anyway, having done that, the screws that hold the board down are now more accessible, so let’s get them out.

PCB screws

Finally, to actually get the board out, we’ll need to pop the rear cover out. There are four little plastic catches that we’ll need to push down and out to release the rear panel. A flat-blade screwdriver works for this.

Removing the rear panel

Having done this, you’ll note the board now rattles back and forth. Use the new opening to push the board out of its resting place.

Removing the board, pull it up in the direction shown.

As you do this, you’ll note the case will still interfere, but now at least you should be able to bend the plastic out of the way.

Bending the case to get the connectors past

Now, at this point you’ll note there’s some coax feeds connecting two stick-on antennas to the case. The mainboard end is socketed but the case end are just soldered on with no strain-relief!

The stick-on WiFi/Bluetooth antennas

The heatsink/fan assembly can now be seen, and it too is held on by four screws.

Heatsink/Fan screws

Undo these, and we should be staring at the CPU.

Ohh, so that’s what was causing your POST issue?

We can see the culprit here that caused the failed POST… there’s a tiny 8-pin chip in amongst that rust residue, and of course I’m fresh out of the isopropyl alcohol spray… so we’ll try some circuit board cleaner on this and see if she goes afterwards.

Mar 132022
 

So, following on from the fun and games of migrating a network, the other outcome of the flood is cleaning out hardware that wasn’t so lucky to escape the flood waters. My workplace does a lot of industrial automation and meter integration work, and the tool of choice lately has been Linux machines with NodeRED (this is what WideSky Edge is built on).

Seeing a chip-shortage, they bought up a big stock pile of these ruggedised Intel NUCs. These machines are no front-page news spec-wise (dual-core Intel Celeron, 4GB RAM, 64GB eMMC), but are good enough for the task. However, mother nature had other plans, and machines that were not IPX7 rated got a dunking no one anticipated. Miraculously, I’ve managed to get most of them going. Initially when I got them home was I gave them all a rise in tap water to just wash away any mud and other muck that may have been in the river water, then left them to dry for a few days.

This didn’t help matters, with units still refusing to power on, so I opened each one up and sprayed them with some isopropyl alcohol spray… using an entire 300g can of the stuff on 14 rugged NUCs. I did this to one at first… and found to my amazement, it booted!

She lives!!!

I did find though, there was no documentation on how to disassemble one of these. Intel’s docs don’t even tell you. And much of what I did find was YouTube videos… apparently people are incapable of taking still photos and documenting the process in plain text. Never mind, I figured it out, and will document the procedure here.

I’m not going to bother identifying chips, this isn’t iFixIt. I’m primarily concerned about cleaning off any muck that’s causing the boot failure.

Disassembly

So presumably you’ve got one of these NUCs in front of you.

The NUC8CCHKRN2

First step is to flip it over (front still facing you), and you’ll see 4 very obvious screws. These are captive screws, so no risk of them rattling loose.

The screws for opening the case.

Inside we see the WiFi/Bluetooth module, a space for a M.2 SSD/peripheral, the RTC battery and the top of the main board.

Inside the bottom cover

The first step I found easiest is to remove the screw and nut that holds the WiFi card in place. This is a spacer+screw assembly which does double-duty of holding the WiFi card down, and holding whatever full-length M.2 peripheral you put in there. Pliers work for rotating that nut. Removal will allow us to better get the coax antenna feeds out of the way to access the screw beneath.

The nut+screw assembly holding the WiFi card down

Now we have that out of the way, we can remove the screws that actually hold the inner chassis down. There are two screws, one on each side.

The screws holding the inner chassis frame in place

Now, to finally release the inner frame, there are two catches, one each side of the case.

The plastic catches holding the chassis frame in place

You’ll want to push the plastic outwards whilst pulling upward on the USB / Ethernet connectors. Do one side, pulling the frame out by 5mm, then do the other.

Catches away!

Having done this, you’ll see continuing to pull on these connectors, the whole assembly pulls out. From here, we now can focus on extracting the PCB from the inner chassis frame. The PCB is fixed by two screws which the silkscreen helpfully points out.

The inner chassis removed, two screws fix the PCB itself.

Undo these two screws, then flip the board over, you’ll find 4 more that bolt the heatsink to the CPU.

Heatsink screws

These screws are captive like the case screws in the initial step, so just undo each a few turns, move to the next screw and loosen it, etc, and keep going until the PCB comes loose.

…and we’re in!

The PCB should now come free and you’ll be able to see the CPU and RAM (which are soldered-on).

Mar 052022
 

So, this week mother nature threw South East Queensland a curve-ball like none of us have seen in over a decade: a massive flood. My workplace, VRT Systems / WideSky.Cloud Pty Ltd resides at 38b Douglas Street, Milton, which is a low-lying area not far from the Brisbane River. Sister company CETA is just two doors down at no. 40. Mid-February, a rain depression developed in the Sunshine Coast Hinterland / Wide Bay area north of Brisbane.

That weather system crawled all the way south, hitting Brisbane with constant heavy rain for 5 days straight… eventually creeping down to the Gold Coast and over the border to the Northern Rivers part of NSW.

The result on our offices was devastating. (Copyright notice: these images are placed here for non-commercial use with permission of the original photographers… contact me if you wish to use these photos and I can forward your request on.)

Some of the stock still worked after the flood — the Siemens UH-40s pictured were still working (bar a small handful) and normally sell for high triple-figures. The WideSky Hubs and CET meters all feature a conformal coating on the PCBs that will make them robust to water ingress and the Wavenis meters are potted sealed units. So not all a loss — but there’s a big pile of expensive EDMI meters (Mk7s and Mk10s) though that are not economic to salvage due to approval requirements which is going to hurt!

Le Mans Motors, pictured in those photos is an automotive workshop, so would have had lots of lubricants, oils and grease in stock needed to service vehicles — much of those contaminants were now across the street, so washing that stuff off the surviving stock was the order of the day for much of Wednesday, before demolition day Friday.

As for the server equipment, knowing that this was a flood-prone area (which also by the way means insurance is non-existent), we deliberately put our server room on the first floor, well above the known flood marks of 1974 and 2011. This flood didn’t get that high, getting to about chest-height on the ground floor. Thus, aside from some desktops, laptops, a workshop (including a $7000 oscilloscope belonging to an employee), a new coffee machine (that hurt the coffee drinkers), and lots of furniture/fittings, most of the IT equipment came through unscathed. The servers “had the opportunity to run without the burden of electricity“.

We needed our stuff working, so we needed to first rescue the machines from the waterlogged building and set them up elsewhere. Elsewhere wound up being at the homes of some of our staff with beefy NBN Internet connections. Okay, not beefy compared to the 500Mbps symmetric microwave link we had, but 50Mbps uplinks were not to be snorted at in this time of need.

The initial plan was the machines that once shared an Ethernet switch, now would be in physically separate locations — but we still needed everything to look like the old network. We also didn’t want to run more VPN tunnels than necessary. Enter OpenVPN L2 mode.

Establishing the VPN server

Up to this point, I had deployed a temporary VPN server as a VPS in a Sydney data centre. This was a plain-jane Ubuntu 20.04 box with a modest amount of disk and RAM, but hopefully decent CPU grunt for the amount of cryptographic operations it was about to do.

Most of our customer sites used OpenVPN tunnels, so I migrated those first — I managed to grab a copy of the running server config as the waters rose before the power tripped out. Copying that config over to the new server, start up OpenVPN, open a UDP port to the world, then fiddled DNS to point the clients to the new box. They soon joined.

Connecting staff

Next problem was getting the staff linked — originally we used a rather aging Cisco router with its VPN client (or vpnc on Linux/BSD), but I didn’t feel like trying to experiment with an IPSec server to replicate that — so up came a second OpenVPN instance, on a new subnet. I got the Engineering team to run the following command to generate a certificate signing request (CSR):

openssl req -newkey rsa:4096 -nodes -keyout <name>.key -out <name>.req

They sent me their .req files, and I used EasyRSA v3 to manage a quickly-slapped-together CA to sign the requests. Downloading them via Slack required that I fish them out of the place where Slack decided to put them (without asking me) and place it in the correct directory. Sometimes I had to rename the file too (it doesn’t ask you what you want to call it either) so it had a .req extension. Having imported the request, I could sign it.

$ mv ~/Downloads/theclient.req pki/reqs/
$ ./easyrsa sign-req client theclient

A new file pki/issued/theclient.crt could then be sent back to the user. I also provided them with pki/ca.crt and a configuration file derived from the example configuration files. (My example came from OpenBSD’s OpenVPN package.)

They were then able to connect, and see all the customer site VPNs, so could do remote support. Great. So far so good. Now the servers.

Server connection VPN

For this, a third OpenVPN daemon was deployed on another port, but this time in L2 mode (dev tap) not L3 mode. In addition, I had servers on two different VLANs, I didn’t want to have to deploy yet more VPN servers and clients, so I decided to try tunnelling 802.1Q. This required boosting the MTU from the default of 1500 to 1518 to accommodate the 802.1Q VLAN tag.

The VPN server configuration looked like this:

port 1196
proto udp
dev tap
ca l2-ca.crt
cert l2-server.crt
key l2-server.key
dh data/dh4096.pem
server-bridge
client-to-client
keepalive 10 120
cipher AES-256-CBC
persist-key
persist-tun
status /etc/openvpn/l2-clients.txt
verb 3
explicit-exit-notify 1
tun-mtu 1518

In addition, we had to tell netplan to create some bridges, we created a vpn.conf in /etc/netplan/vpn.yaml that looked like this:

network:
    version: 2
    ethernets:
        # The VPN tunnel itself
        tap0:
            mtu: 1518
            accept-ra: false
            dhcp4: false
            dhcp6: false
    vlans:
        vlan10-phy:
            id: 10
            link: tap0
        vlan11-phy:
            id: 11
            link: tap0
        vlan12-phy:
            id: 12
            link: tap0
        vlan13-phy:
            id: 13
            link: tap0
    bridges:
        vlan10:
            interfaces:
                - vlan10-phy
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.10.1/24
                - 2001:db8:10::1/64
        vlan11:
            interfaces:
                - vlan11-phy
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.11.1/24
                - 2001:db8:11::1/64
        vlan12:
            interfaces:
                - vlan12-phy
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.12.1/24
                - 2001:db8:12::1/64
        vlan13:
            interfaces:
                - vlan13-phy
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.13.1/24
                - 2001:db8:13::1/64

Those aren’t the real VLAN IDs or IP addresses, but you get the idea. Bridge up on the cloud end isn’t strictly necessary, but it does mean we can do other forms of tunnelling if needed.

On the clients, we did something very similar. OpenVPN client config:

client
dev tap
proto udp
remote vpn.example.com 1196
resolv-retry infinite
nobind
persist-key
persist-tun
ca l2-ca.crt
cert l2-client.crt
key l2-client.key
remote-cert-tls server
cipher AES-256-CBC
verb 3
tun-mtu 1518

and for netplan:

network:
    version: 2
    ethernets:
        tap0:
            accept-ra: false
            dhcp4: false
            dhcp6: false
    vlans:
        vlan10-eth:
            id: 10
            link: eth0
        vlan11-eth:
            id: 11
            link: eth0
        vlan12-eth:
            id: 12
            link: eth0
        vlan13-eth:
            id: 13
            link: eth0
        vlan10-vpn:
            id: 10
            link: tap0
        vlan11-vpn:
            id: 11
            link: tap0
        vlan12-vpn:
            id: 12
            link: tap0
        vlan13-vpn:
            id: 13
            link: tap0
    bridges:
        vlan10:
            interfaces:
                - vlan10-vpn
                - vlan10-eth
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.10.2/24
                - 2001:db8:10::2/64
        vlan11:
            interfaces:
                - vlan11-vpn
                - vlan11-eth
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.11.2/24
                - 2001:db8:11::2/64
        vlan12:
            interfaces:
                - vlan12-vpn
                - vlan12-eth
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.12.2/24
                - 2001:db8:12::2/64
        vlan13:
            interfaces:
                - vlan13-vpn
                - vlan13-eth
            accept-ra: false
            link-local: [ ipv6 ]
            addresses:
                - 10.0.13.2/24
                - 2001:db8:13::2/64

I also tried using a Raspberry Pi with Debian, the /etc/network/interfaces config looked like this:

auto eth0
iface eth0 inet dhcp
        mtu 1518

auto tap0
iface tap0 inet manual
        mtu 1518

auto vlan10
iface vlan10 inet static
        address 10.0.10.2
        netmask 255.255.255.0
        bridge_ports tap0.10 eth0.10
iface vlan10 inet6 static
        address 2001:db8:10::2
        netmask 64

auto vlan11
iface vlan11 inet static
        address 10.0.11.2
        netmask 255.255.255.0
        bridge_ports tap0.11 eth0.11
iface vlan11 inet6 static
        address 2001:db8:11::2
        netmask 64

auto vlan12
iface vlan12 inet static
        address 10.0.12.2
        netmask 255.255.255.0
        bridge_ports tap0.12 eth0.12
iface vlan12 inet6 static
        address 2001:db8:12::2
        netmask 64

auto vlan13
iface vlan13 inet static
        address 10.0.13.2
        netmask 255.255.255.0
        bridge_ports tap0.13 eth0.13
iface vlan13 inet6 static
        address 2001:db8:13::2
        netmask 64

Having done this, we had the ability to expand our virtual “L2” network by simply adding more clients on other home Internet connections, the bridges would allow all servers to see each-other as if they were connected to the same Ethernet switch.

Feb 202022
 

So, for close to a decade now, I’ve had a bicycle-mobile station. Originally just restricted to 2m/70cm FM, it expanded to 2m SSB with the FT-290RII, then later all-band using a FT-857D.

It’s remained largely unchanged all this time. The station is able to receive MW/SW stations as well, and with some limitations, FM broadcast as well. My recent radio purchases will expand this a bit, freeing up the FT-857D’s general-coverage receiver to just focus on amateur bands. It’s been a long-term project though to move to SDR for reception.

What I have now

Already acquired is a Raspberry Pi 4 (8GB model) and a NWDR DRAWS interface board. I actually started out with a Raspberry Pi 3 + DRAWS and was waiting for the case for it to fit into. At that stage was the idea that the FT-897D would do much as it does now, no SDR involved, and I’d put a small hand-held with its own antenna as an APRS rig being driven by the second port on the DRAWS.

Since then; I bought the HackRF One for work (I needed something that could give me a view of the 2.4GHz ISM band for development of the WideSky Hub), the SDR bug firmly bit. Initially it was just DAB+ reception, I decided to get a RTL-SDR to do that so my radio listening wouldn’t be interrupted when a colleague needed to borrow the HackRF. That RTL-SDR saw some use receiving UHF CB traffic at horse endurance ride events at Imbil — I stated to consider whether maybe this might be a better option as a receiver for more than just commercial radio broadcasts.

Hence I purchased the Pi4: I figured that’d have enough CPU grunt that it’d still be able to decode a reasonable amount even if the CPU throttled itself for thermal management purposes. A pair of SDR interfaces would allow me to monitor a couple of bands simultaneously, such as 2m and 70cm together, or 2m/70cm and one of the HF bands.

Even the RTL-SDR v3 dongles are wide enough to watch the entire 2m band. With CAT control of the FT-857D, it’d be possible for the Pi4 to switch the FT-857D to the same frequency and possibly manage some antenna switching relays as well.

A rough design

This morning I came up with this:

A rough design of the SDR set-up

A critical design feature is that this must have a “pass-through” option so that in the event the computer crashes/fails, I can bypass all the fancy stuff and still use the FT-857D safely as I do now without all the fancy SDR stuff.

So while in SDR mode: the station pushbuttons on the handlebar go to a small sequencing MCU that can report events to the Pi4, on transmit the Pi4 can then instruct that MCU to connect the antennas into bypass mode, short-out the SDR inputs to protect them, then engage the PTT on the FT-857D, and transmit audio can either be delivered direct via the analogue inputs as they are now, or over USB/WiFi/Bluetooth through the MiniDIN6 DATA port.

The thinking is to have two SDRs, one of which is “agile” between HF/6m and 2m/70cm modes.

The front-end will be handled via the tablet: a Samsung Galaxy Active3 which can connect over WiFi or USB CDC-Ethernet.

I’ve shown gain-blocks between the antennas and the receivers, this is largely for impedance matching as well as to account for the losses involved in antenna sharing. Not sure what these will technically look like.

The two on the HF side should be ideally 0-60MHz devices. If I use the AirSpy HF+ as pictured, the VHF/UHF LNA connected to it only has to concentrate on the VHF band below 260MHz (really 144-148MHz, but let’s widen that to 87-230MHz for FM broadcast, air-band and DAB+) since that’s where the AirSpy stops.

The other, for now I’m looking at a RTL-SDR since I have one spare, but that could be any VHF/UHF capable SDR including the AirSpy Mini — the LNA on it, as well as the one feeding the FT-857D in receive mode will both need to handle 144-450MHz at a minimum.

It may be these frequency bands are “too wide” for a single device, and so I need to consider band-pass filters + separate band-specific LNAs and additional switching circuitry.

SDR selection

There are a couple of options I’ve considered:

The thing I don’t like about the SDRPlay Duo is the non-free nature of its libraries which seem to be only available for i386 or AMD64. Otherwise on paper it looks like a nice option.

KerberosSDR/KrakenSDR seems like overkill. It’s basically four (or five) RTL-SDRs sharing a common oscillator which is essential for direction-finding, but let’s face it, I’ll never have enough antennas to make such an application feasible on the bicycle. It looks like an echidna now!

BladeRF looks nice, but is pricey and stops short of the HF band so would need an up-converter like the RTL-SDR — not a show-stopper. That said, it’s dual-channel and can transmit as well as receive, so cross-band repeater would be doable.

I should try this with the HackRF One some day, see if I can combine a conventional transceiver + RPi + DRAWS/UDRC + HackRF One to make a cross-band repeater.

The Airspy HF+ is available domestically, and isn’t too badly priced. It doesn’t transmit like the HackRF does, but then again I could stuff one of my Wouxun KG-UVD1Ps in there wired up to the second DRAWS port if I wanted a traditional cross-band set-up.

Next steps

It would seem the LNA / antenna sharing side of things needs consideration next. RF relays will need to be procured that can handle seeing 100W of RF. Where I’ve drawn a single switch, that’ll likely be multiple in reality — when the transmitter is connected to the antenna, the receivers should all be shorted to ground so they don’t get blown up by stray RF.

Maybe the LNAs feeding the FT-857D will need to be connected to a dummy-load to protect them, not sure. Perhaps LNAs aren’t strictly necessary, and I can “cheat” by just connecting receivers in parallel, but I’m not comfortable with this idea right now. So this is the area of research I’m focusing on right now.