FlightAware Discussions

USB Pro Stick Plus embedded memories

Greetings. We would like to purchase a USB Pro Stick Plus to put into a security sensitive computer. Our security folk would like to know what types of embedded memories (volatile/non-volatile) are available along with their sizes, and which ones are “user accessible” and which are not.

Does anyone know this information?

Buy one and open it to examine the chips.

2 Likes

LOL! Awesome support.

For $US20 you would be better off getting one and doing your validation.
I wouldn’t trust a vendor regarding security issues without validation.

This site has information on the generic version, that the FA versions are based on.
https://www.rtl-sdr.com/buy-rtl-sdr-dvb-t-dongles/

Wow, I didn’t realize I would sound so ridiculous asking for specs of an electronic device. So FlightAware basically just buys some 3rd party SDR boards and slaps a blue plastic case on it and calls it a day? That’s fine if that’s all it is, but at least give me the 3rd party info so I can interrogate them instead. There is no path to get information, datasheets, spec sheets on this? I’m not saying they would take a vendor datasheet and trust it 100% as validation, but it would at least be a starting point. And saying “it’s only $20” doesn’t excuse the lack of documentation in my mind: I’ve worked with $5 USB sticks that had user guides, datasheets, schematics, example firmware projects…the whole she-bang.

If someone wants to crack one open and post some close-up pics, that’d help too.

1 Like

@rdb9879 I’ve emailed you regarding your question.

Taken from rtl-sdr.com, they’ve opened both devices the orange and the blue one.

2 Likes

Just to add to what @rdb9879 was saying, I used to have to deal with these kinds of requirements too. It’s a real need in some applications and can be “embarrassing” to find out something had non-volatile memory that could be accessed like a thumb drive (or just accessed) on a secure system. The security folks do not like it one bit, and depending on the environment, such a discovery can even earn an investigation/infraction. Anything with a USB interface is an immediate red flag because thumb drives are what everyone thinks of.

The best CYA material is a statement of volatility where the manufacturer supplies a document that specifies any volatile and non-volatile memory where security types can accept or deny the risk. Nothing beats cracking the case and hitting the data sheet part highlights to discover big programmable areas in chips, though.

But the technology is always changing and this stuff gets more and more difficult to deal with as everything gets more programmable and writable registers and such increase in number.

USB ports (actually any external ports) are a red flag. I’ve worked on may very high security systems for many governments both domestic and foreign. I do not recall a single system that had a non-network external port that wasn’t disabled. The last thing I would do is enable a public ADS-B system on a secure system or secure network.

4 Likes

Thanks for all the inputs. It sounds like some of you are feeling my pain on high security computer systems. We do get some push back on anything and everything USB, and it’s not without total merit. But at the same time, you could have a sneaky data logger hidden in any type of device really, it doesn’t have to be USB. I think people just associate USB with thumb drives and that’s where all the nervousness originates from. They are actually much more lienient than they used to be in that they are already planning on treating this as a removable hard drive. Just like the hard drives, they will be locked into the chassis (yes they have a small USB cage with a padlock) and it will be placed in a safe when not in use. Getting the information about memories would come into play if they actually wanted to implement some sanitization procedures, allowing the device to go back into general use. If it’s not possible to figure this out, they will simply destroy the device when it’s not needed anymore. What would really be a show stopper is if the device is capable of transmitting (still researching this). Obviously we can’t have secure data being broadcasted via RF.

1 Like

These particular devices are not spec’d for Tx. Secondly, it sounds as though you are looking to plug the device into a PC and not a Raspberry Pi? You mentioned Pro-stick plus and it’s specific for ADS-B (filtered), but what sort of software/use is behind things to help some give you a more straight answer? Cryptic responses are a byproduct of chip data being non-released, not a bad user-base.

So far as user accessible memory space, I do not believe any exists within the current firmware/driver framework, but you may find this link somewhat useful as well:
https://osmocom.org/projects/rtl-sdr/wiki/Rtl-sdr

Here is some register info of the tuner chip:

Datasheet/Tuner: (not as complete as some would prefer)
https://datasheetspdf.com/pdf-file/792285/RafaelMicroelectronics/R820T/1

Information about the Demodulator - The rest is under NDA I think:
https://www.realtek.com/en/products/communications-network-ics/item/rtl2832u

The prosticks have a 256-byte (2Kbit - it’s a M24C02, I think) EEPROM for storing the RTL2832 configuration (notably, serial number). This can be read/written by rtl_eeprom on the host. It’s a discrete chip, if you have very good eyesight or a magnifying glass you can find it on the board. There’s no other non-volatile storage. There’s no dedicated volatile storage.

It’s not designed for tx, but there’s plenty of potential for back channels there (it’s a superheterodyne receiver, by design it generates a local oscillator and mixes it into the RF path, some of that is sure to leak back towards the antenna) depending on how paranoid you’re feeling.

5 Likes

A very excellent point about the radio. We had tons of trouble setting up a net of temperature monitors in our server room for this very reason. Anything with an antenna is a possible way for data to leak - and even things without antennas if you have the right equipment and know what to look for.

The tempest world is wildly fascinating. Anyone with interest should look up what Léon Theremin said long ago about classified conversations in rooms with fluorescent lights. Or just look up tempest examples. Theremin himself designed a number of very successful bugs and listening devices. Computers and connected devices also have a long history of having emanations being listened to to extract information. Even electric typewriters and the current pulses they put on the local wiring and RF they gave off. (https://en.wikipedia.org/wiki/Tempest_(codename))

It’s amazing all the ways important information can be teased out of devices and systems, and even the operators. People monitoring morse code communications back in WWII could identify the “fist” who was transmitting and with triangulation could watch troop movements. It was as if the soldiers had tracking devices which in effect they did.

I’m guessing FlightAware won’t be seeing data from the Pro Plus, though. :male_detective:

It sounds like you’re trying to set up a FA receiver at your place of business?

If so, why don’t you just get an RPi for your Pro Stick, and connect to your business’ guest wifi network for uplink?

Seems like your IT folks would be much more comfortable with hardware that’s physically separate from business systems.

1 Like