Author Archives: Tyler Watthanaphand

Quick Fix: Can’t remove group policy comment

Came across this bizarre problem with group policy.

I Configured a GPO to enabled with a comment, later set it to not configured and removed the comment.

When I came to check back, the GPO was not configured, but comment was still there

Seems to be a problem with Server 2008, and in Server 2012 R2. Microsoft is unwilling to fix a cosmetic issue, so here is a workaround.

This workaround will delete all comments in the GPO. You’ve been warned.

Some of you may know Group Policies are stored in \\domain\SYSVOL\Policies\{UID}

  • Go into your group policy management MMC find your offending policy, go to the Details tab, and find the Unique ID
  • Open your SYSVOL Directory and find the policy by UID. Make sure you’re logged into your primary domain controller with sufficient rights.
  • Depending on if your Policy is Machine or User, go into that folder and delete the Comment.cmtx file

Background: Comment.cmtx is created in SYSVOL once you add a comment to your group policy object. Deleting it won’t break anything.

WARNING Do not do business with D. Bren Photography or David Brendorfer

I was scammed $220 out of selling my Canon 5D Mark III in Brunswick, Ohio.

He left without paying the full amount I asked for the camera and now has the audacity to say that I scammed him!

Do not sell camera gear to this person, do not do business to this person, he isn’t a true photographer, he is a shady scam artist who acts on his own indulgences.

His contact number he used was: (440) 796-4884

Camera serial number 288022001868 5D Mark III

 

Enabling WiFi on Screenly OSE [Digital signage for Raspberry Pi]

Screenly is a preconfigured port of Raspbian, a Linux distribution for Raspberry Pi devices.

In Screenly’s FAQ, they say console login and wifi aren’t recommended, but in this tutorial, we will show you how to do all that.

1. Hook up a keyboard to your Pi while screenly is booted

2. Press Ctrl+Alt+F1 to open a terminal

3. Enter credentials pi | raspberry

4. Follow this guide to set up wifi normally

5. Reboot and it should connect, verify by going into the console and typing ifconfig

Some other info:

  • It appears Screenly uses UZBL, a webkit web browser to display webpages.
  • After getting into the console and logging in, you can do run startx, this will open the screenly application. Pressing Windows key+ D will get you to the desktop.
  • Screenly uses a lightweight DE called black box.
  • Right clicking the desktop will give you a couple extra options.

2015 Macbook and iPad Pro model numbers revealed

Didn’t see this anywhere else on the internet, it seems I just found these model numbers

2015 Apple Macbook

  • Input voltage (USB-C) 14.5V 2A
  • Model: A1534
  • FCCID: BCG-A1534

Suposed iPad Pro

  • FCC ID: BCG-A1489
  • Model Name: A1622, A1623
  • Input voltage: 20V 4.25A, 5V 1A
  • Interesting note, it looks like the iPad Pro may have USB type C for charging instead of lightning.

Apple Watch

  • FCC ID: BCG-E2871
  • Model Name: A1554, A1638

Other things

  • APPLE WATCH MAGNETIC CHARGING CABLE
  • MODEL NUMBER: A1570
  • Magnetic Charging Case
  • Model number: A1647
  • APPLE WATCH MAGNETIC CHARGING TRY-ON CASE
  • MODEL NUMBER: A1668
  • APPLE WATCH MAGNETIC CHARGING CABLE FOR DISPLAY CASE
  • MODEL NUMBER: A1667

Online Camera stores to avoid

Here’s a list of online camera stores to avoid, these commonly pop up on Google Shopping, and Google doesn’t seem to care enough to take them down.

These vendors are generally shady, try to upsell you on accessories or “the real version” of what you’re trying to buy. Almost all of these vendors are not Nikon or Canon authorized vendors.

What you shouldn’t do

  • Buy their product direct from their website, especially if using a credit card number
  • Buy their product on eBay without carefully reading the listing

What you can do:

Buy their product on eBay or in store, after carefully reading the listing/ what they have to say

  • These vendors do have some loopholes they can go around like the “US Warranty” badge when selling a gray-market camera
  • Gray market cameras are cameras imported from other countries, that Canon or Nikon will refuse to service from a US Warranty.
  • The US Warranty the seller offers is mediocre at best, don’t rely on it at all.
  • Always make sure to check what’s inside the box, make sure the lens they say you’re getting is what you actually get.
  • A lot of these lens+body bundles were “split” to be sold separately for profit, then bundled with another cheaper lens. A Canon reputable dealer is not allowed to do this.
  • In the end, if you don’t get what you paid for, you do have recourse if you bought on eBay.
  • eBay generally sides with customers for complaints and will refund you if you receive an item that wasn’t as described

Vendors to avoid include:

  • Gadget Circuit
  • America Cameras
  • AudioVideoNation
  • Nice Electronics (upsell scam)
  • fumfie (sells gray market but doesn’t inform buyer)
  • Abe’s of Maine (upsell scam)
  • Chat and Vision
  • rakuten
  • 6th Avenue Electronics/Express (use eBay only)

 

Most of these vendors sell gray market cameras without letting the customer know. How can you tell though? The price is lower than a popular site like B&H.

Unlike these sites, B&H, Adorama, etc are genuine retailers and have a minimum sale price set for their products, anyone who goes below this price can’t be a genuine re-seller of camera products.

It’s fine to buy a gray market camera, just don’t expect any warranty support. If you need warranty support for a gray market camera, try a third party service like squaretrade.

Waves MaxxAudio on Dell Workstations

This post will be a bit of a rant. I recently got a Dell Precision M4800, a professional mobile workstation.

It comes with software preloaded called Waves MaxxAudio, it provides some of the same features other notebooks include that can “make audio sound better”.

I’ve been comparing the sound output with MaxxAudio enabled, and MaxxAudio disabled. And while it does sound somewhat better while on. The audio still sounds terrible for some strange reason.

I turned the audio enhancement off, and the audio that came out sounded like a megaphone. I  instantly knew something was up. So I stuck the audio from the headphone jack straight into a calibrated audio spectrum analyzer and found that:

1. When MaxxAudio is ‘off’, It isn’t actually off. The mids are boosted, and bass/treble cut off to make the audio sound much worse than it should be

2. When MaxxAudio is ‘on’ It boosts the bass and treble to levels where music begins to sound nothing like what it was intended.

So what I did next was uninstall the realtek driver, and rebooted my PC. Music sounds much better now, not distorted, and full of adequate sub bass that i’m used to hearing from a semi-decent DAC.

 

Now, I really expected better from Dell. I find this completely unacceptable in a professional notebook. Audio coming out of the speakers, when audio enhancements are “off” should not be tampered with at all.

My advice is, UNINSTALL THIS CRAPWARE the moment you get it. Use the stock driver provided by microsoft. Wave audio’s enhancement software is nothing but a scam and a battery/CPU hog.

This is the only way to make the speakers and headphone jack sound normal again.

 

Introducing ScanEyes

What is ScanEyes?

ScanEyes is a PHP web front end for visualizing, listening to, and archiving trunked radio traffic.

It allows user registration, permissions, and playlist creation.

screen

sdrscan viewed from a mobile device

conbined pic

Talkgroup browse mode

Screen Shot 2014-05-21 at 1.03.16 AM

Number of calls in a 24 hour period chart

Screen Shot 2014-05-21 at 12.59.35 AM

Screen Shot 2014-05-21 at 12.54.13 AM Admin control panel, log section

Screen Shot 2014-05-21 at 12.54.38 AM

App config of AdminCP

fakescanner

Fake scanner interface

Problem, Objective and Solution

Problem
  • A new radio system is being deployed in my city. New talkgroups pop up every day, need a way of logging them for review later so I can identify the unknown ones and submit the info (X City Police Dept) into the RadioReference Database
  • A means to record police dispatch calls in my city, so I can recall them when my local news paper publishes their “police blotter” section.
Objective
  • Program a script that records the calls so I can listen them to later, a pretty web interface is optional
Solution

How it works

Two essential pieces of software were written by me. LogRecorder (Available here) and the main ScanEyes application

The ScanEyes application is run in Apache with PHP without the need for a SQL server.

LogRecorder is a PHP script that runs in php-cli.exe (no web server) It polls sdrsharptrunking.log for file changes every 150ms and spawns an audio recorder if an active talkgroup is picked up by Unitrunker.

LogRecorder tells sox.exe to write an mp3 file containing call audio to a specific folder ‘YYYY/MM/DD/UNIXTIMESTAMP_TGID_TGNAME_RID_RNAME.mp3’

EverythingSearch by Void Tools indexes these files and when a user queries ScanEyes, the query is sent to es.exe with the search term. The resulting data is manipulated into various tables and charts.

Here is a diagram of the entire setup, including extra features I’ve built into the server for, for example, streaming live audio with low latency. This entire setup runs at about 7% total CPU utilization for a Core i5 4670K during idle. Main culprits for CPU usage are SDRSharp, 5%; and Unitrunker, 2%.

SDR flow diagram

There are two pieces of hardware in this setup, two SDR dongles. One talks to Unitrunker, another talks to SDRSharp.

Beginners explanation of trunked radio

Unitrunker listens to the control channel and gives a birds eye view of the entire radio system. It shows all the talkgroups on the radio system (Talkgroups are like virtual channels, unlike traditional analog radio, talkgroups are not bound to a particular frequency, rather grouped into a pool with other channels, sharing or competing for a group of frequencies. When an officer keys up their trunked radio, the voice signal can be on any voice channel defined by the control channel. The control channel tells all the other radios what talkgroup to listen to)

Unitrunker has plugins that allow remote tuning of the active control channel. By default, every talkgroup has the same priority, so it’s first come first serve. Unitrunker has 2 features, priority, and lockout. Lockout mutes the talkgroup so it is never listened to, and priority gives a talkgroup more priority over others. Useful for example, when you want to hear SWAT traffic over FD traffic.

remote.dll is a plugin that writes the current listening talkgroup to a file. SDRSharp is a piece of software that acts as a virtual radio, you can tune it to what ever frequency you want, and it will communicate with the second SDR to receive radio signals.

SDRSharp has a plugin that listens to remote.dll. This way, unitrunker can tell SDRSharp what channel to listen to, to get voice out. SDRSharp will then output this sound to a virtual audio cable. Virtual audio cables act as pipelines for audio from one program to another. In this case, we are taking the audio from SDRSharp, and putting it into our digital voice program.

P25 is a radio communications protocol that usually carries voice traffic. If you were to listen to P25 straight from the speaker, you would not hear voice, but digital noises like this. These noises can be decoded into regular voice by a program called DSD. All DSD needs is an input and output audio device and you’ll get clean listenable audio.

Other info

Listenable talkgroups along with all data is set through unitrunker, locking out a talkgroup causes LogRecorder to not record the call in the first place.

User and talkgroup prototype feature in unitrunker allows a user to prioritize newly added talkgroups, or lock them out, if only known talkgroups want to be logged.

Features

Responsive design works on tablets, phones as well as desktop browsers
Playlist Creation
  • Users can create playlists to share via email, reddit, G+, or Facebook.
  • The playlist URL contains a gzipped encoded call ID (no DB required)
  • When playlists are called, every file is played back in chronological order
  • Example playlist from a May 12th storm in my city
User permission levels
  • 0: Peon – no browse access
  • 1: Regular user – Configured default user, can browse and create playlist
  • 2: Streamer – Can do all above and listen to live radio stream
  • 3: General Admin – Can delete calls, restart programs, delete/modify users and above
  • 4: Global Admin – All above and reconfigure program options
Access levels for guests
  • No access, browse or search (Admin access only)
  • Guest browse and search (default)
  • Guest browse, search and stream
Admin Control panel features
  • Full event log with file deletion logging, security breach logging, logins and logoffs
  • Restarting system services, DSD+, Unitrunker, SDR#, LogRecorder (planned)
  • File Deletion, and file not found handling for users trying to play back said file
  • File Renaming, updating all files to their latest definition (planned)
  • Configuration interface, skips the need to edit config.php manually
  • User modification, deletion, addition (planned)
User Control panel features
  • Change passwords (planned)
  • Notepad, for writing down useful call notes (planned)
  • Streaming (for privileged users)
Methods to access calls
  • Search (command based browsing planned TGID:1234 RID:1234 etc)
  • Day-by-day browse
Other misc features
  • salted, hashed passwords
  • Call timeline chart (shows number of calls per hour per talkgroup)
  • full context searching, click a radio ID or talkgroup ID to do an “all encompassing search” against it
  • fake scanner (skeuomorphic BCD536HP scanner)
Other Planned features
  • Problem alerting, no recorded calls in X amount of time
  • High traffic alerting, something important happening
  • HTTPS support

Limitations

  • ScanEyes uses files instead of a traditional database. This may cause issues with large amounts of user accounts (this is on the bug list)
  • Limitations provided by Unitrunker, SDR#, and remote.dll only allow LogRecorder to record 1 call at a time. There can’t be simultaneous recording of more than 2 talkgroups at once.
  • Playlist playback page load is slow, 100ms/call
  • EDACS support is untested

System Requirements

System requirements, a.k.a. everything needed to listen to and record trunked radio calls.

This system has been tested on an Intel Core i5 4670K and 2x Intel Xeon X5355. It is untested on AMD processors

  • CPU: 2nd Generation Intel Core i5 Desktop processor
  • Memory: 4GB DDR3
  • Disk: 500MB Disk (SSD recommended)

Licensing

I’ve decided not to open source my work until an experienced PHP developer can review my code from a security standpoint. I’ve taken all possible measures to deter hackers, focusing mainly on input sanitization. That said. If you find anything on sdrscan.com, I’ll pay you via paypal to report these vulnerabilities to me.

Until then, I will allow other users(persons) to run this software provided that they don’t share it, or use my code elsewhere without my permission. Also, I doubt this will ever happen, but if a company would like this software, you can contact me directly.

As it stands right now, this software uses licensing servers with key validation.

Final thoughts

This was my first large scale PHP project. I’ve learned a lot along the way, which has caused some code discrepancies. For example not having a database out of pure laziness to learn MySQL. As I learn new things, I will begin to incorporate or update those features.

VSX-822K Telnet interface

One of my new projects is figuring out how to automate my Pioneer VSX-822-K AVR. There have been posts before on how to do this with telnet for higher end AVRs (VSX-1022). But there doesn’t seem to be any documentation on mine.

My plan is to make a PHP web interface for controlling it because:

1. The Pioneer Control App for Android is laggy and crappy

2. I can control it from a web browser as well

The VSX-822-K uses port 8023 for telnet commands. Only some of the commands that worked with the VSX-1022 worked with the 822. Many of the function commands are changed. I went through every possible FN combination below. This information doesn’t seem to be available anywhere else but here.

Function number:
01FN CD
02FN Tuner
04FN DVD
05FN TV
06FN Sat/Cbl
10FN Video H
15FN DVR/BDR H
17FN iPod/USB
25FN BD H
33FN Adapter
38FN Netradio
41FN Pandora
44FN Media Server
45FN Favorites
49FN Game H

TO get the rest of the commands like tuner preset+/-, I installed Shark for Root on Android. This application is like WireShark in that it captures packets to and from the device. I then opened the AVR application and made sure I pressed every button that was available.

But then I remembered that the app downloaded device specific data when I first opened it. I went on a hunt inside ESFileExplorer for the related application files. I found them in /data/data/jp/pioneer.avsoft.android.controlapp
I zipped that up for inspection.
And then I found the jackpot
Screen Shot 2014-01-03 at 2.56.30 AM

 

Every command the AVR uses, implemented in HTML and JS, by japanese programmers at Pioneer Electronics. I can’t blame them for using HTML, It’s easy, but it’s not responsive at all. No wonder the app was laggy.

After sifting through the code, here’s what I got out

?RGD ReceiveGenerationInfo
?RGF ReceiveEnableInputFunctionInfo
?RGC ReceiveNetworkStanbyInfo
?PWR ReceivePowerStatus
	Values:
	PWR0 Power on
	PWR1 Cold standby
	PWR2 Network standby
?VOL ReceiveVolumeStatus
?MUT ReceiveMuteStatus
	Values:
	MUT0 Mute on
	MUT1 Mute off
?FN ReceiveInputStatus
?ICA ReceiveiPodFunctionInfo
?GAP Prints OSD info
?GEP ReceiveDisplayInformation
?GDP ReceiveListAndLineInformation
?GCP ReceiveScreenInformation

Function number:
FU: Function up
FD: Functon down
01FN CD
02FN Tuner
04FN DVD
05FN TV
06FN Sat/Cbl
10FN Video H
15FN DVR/BDR H
17FN iPod/USB
25FN BD H
33FN Adapter
38FN Netradio
41FN Pandora
44FN Media Server
45FN Favorites
46FN AirPlay
47FN DMR (doesn't do anything?)
49FN Game H

Power Mode:
PO Power On
PF Power Off

Volume:
VU Volume Up
VD Volume Down
MO Mute On
MF Mute Off
MZ Mute toggle (doesn't work?)

FM Presets:
##PR (30 avail)

Surround Sound:
0100SR Advanced Surround
0005SR Auto/Direct
0010SR ALC/Standard

Buttons:
10PB Play
11PB Pause
12PB Skip Reverse
13PB Skip Forward
20PB Stop
30PB Enter
31PB Return
40PB iPod Control30

Some other things to note:

The AVR only allows one telnet session at a time, otherwise it will refuse the initial connection.

The remote is a huge pain in the ass to use, if you want to change settings you have to go into the internet radio function menu, just to get the 80’s style menu to open.

What’s worse is the menu goes from digital in the CPU, to analog in the DAC (so it can be outputted to composite video), THEN it gets converted back to digital for use in HDMI. It looks really ugly to say the least.

Tips for using SDR#

Intro

  • When you are using SDR# you are looking at a chunk of radio spectrum. Standard radios only have the ability to process one signal at a time, you now have the ability to not only hear, but also see the signals.

 Sample Rates

  • Your sample rate is your bandwidth. If you only want to see 1MHz of spectrum, choose 1.0MSPS. Higher sample rates above 2.4MSPS are not recommended
  • sample rate

 Interference

  • Interference from very strong signals will show up as mirrors that run in the opposite direction of the actual signal or only appear at the edge of the screen.
  • oposite
  • disappear center

 

  • Interference from very strong signals will show up at intervals corresponding to your MSPS rate
    • If you have a signal at 100MHz, and your sample rate is 1MSPS
      • You will see a duplicated signal at 101MHz, 99MHz, 98MHz, and 102MHz.
    • If you have a signal at 100MHz, and your sample rate is 2MSPS
      • You will see a duplicated signal at 98MHz, 96MHz, 102MHz, and 104MHz.

 The two display methods of SDR#

  • What is the FFT and Waterfall?
    • FFT: Top half of the screen
    • Waterfall: Bottom half of the screen

 How to enter frequencies into SDR#

  • Frequency entry
    • Type it into the VFO
    • typing
    • Click on the bottom or top half of a number
    • updown
    • Drag the waterfall or FFT
    • dragging
    • Use your scroll wheel

 Eliminating the center signal spike

  • If you want to get rid of that DC spike in the center, enable Correct IQ
  • correctiq

 Decoding digital tips

  • For decoding digital signals
    • max out the volume, use WFM, change frequency step to 6.25KHz, and change the bandwidth to fit perfectly around the signal’s envelope.
    • env
    • Set your sample rate to .900000001 MSPS (I personally have had the best results with this)
    • Also uncheck the filter audio box, chances are, your application will want a clean signal coming from SDR# to decode digital data properly.

 Decreasing latency

  • If you are decoding time sensitive information (Trunked radio decoding), turn down your audio latency so it is low enough to where the audio doesn’t pop from buffer underruns, but is fast enough so that the beginning of conversations aren’t cut off.
  • audio digital

 Keeping things organized

  • If you are going to be using your SDR for multiple uses, like HF, VHF, and Digital. Duplicate your SDR# folder for each instance. This will save configuration time, so you won’t have to change modulation, volume, or Gain every time you want to listen to different modes.
  • copies

 When to use AM

  • If you do not have an upconverter, there are only very few times you will use AM,SSB,USB,LSB,DSB,CW,or RAW. These include
    • Listening to Airband (120MHz)
    • Listening to CB Radio (26-27MHz)
    • 12 and 10meter ham bands (24-30MHz)
    • Low tech gadgets that run on 27 and 49MHz (RC Cars)
    • Remote controls that run on ~400MHz (Car door unlocks)
    • some low tech ISM devices 902-928MHz (home automation, weather sensors)
  • Otherwise use NFM or WFM

 Common interference in the home

  • If you use Wi-Fi or Ethernet in your home, you may see lots of interference in the 140-160MHz range, when browsing these ranges don’t use Tuner-AGC unless you have already locked onto a signal you want to listen to. If you are just browsing, keep the gain somewhat low to avoid overloading the device.

 AGC

  • When to use AGC
    • Use AGC when you are aware that checking the box may lead to visible interference, only use AGC when you are sure the frequency you are on, is the only signal you want to listen to.
  • Tuner-AGC seems to work better than RTL-AGC at picking signals out from noise

 Calibration

  • RTL-Calibration
    • Generally RTL sticks need calibration. If you are only listening to FM Radio, calibration probably isn’t needed, but for narrow and more precise signals, it is required.
    • It is recommended to wait several minutes before calibrating, when the temperature of the dongle warms up, the frequency could shift 4+ppm.
    • Calibration is calculated in ppm (parts per million) AKA Hertz per MHz
    • so, if your correction is 50ppm, a signal at 1,000,000Hz(1MHz), will be 1,000,050Hz(1.00005MHz)
    • Remember that this scales the higher in frequency you go. So at 900MHz, the correction will not be 900,000,000/900,000,050
    • It will be 900,045,000. At 900MHz, a difference of 45 KHz is huge, especially for narrow signals like voice.
    • When calibrating your dongle, always opt for using a higher frequency reference point.
    • Calibrating to a local NWS station (162MHz) is good, but calibrating to a local GSM tower, or trunked radio control channel is much preferred.
    • calibrate

 Getting a clearer picture

  • FFT Resolution
    • If you are listening to narrowband signals, it may be helpful to get a clearer view of the signals you are looking at.
    • fft res
  • When you first start using SDR# turn your contrast down to a level where:
    • no signal = blue
    • weak signal = light blue
    • med signal = orange
    • strong signal = red
    • Note, while gain controls how the signal is heard and viewed, contrast is only visual.
    • contrast