gr-dect2 ======== This project was developed to demonstrate the possibility of real-time DECT voice channel decoding by Gnuradio. It allows to listen to a voice when encryption isn't applied. As an example DECT digital baby monitors don't perform encryption. Usage of this project for phone connection eavesdropping may be illegal in some countries. Hardware requirements ---------------------- DECT operates in the 1880–1900MHz band and occupies ten channels from 1881.792MHz to 1897.344MHz. So in order to receive DECT digital stream an appropriate hardware is necessary. This project was developed and tested with USRP2 + WBX daughterboard and USRP B200. It also should work with other SDR radios that can cover 1880–1900 MHz band and can provide sample rate at least two times more than DECT data rate (1152000bps). But some adaptation may be necessary. As a DECT link source the Motorola MBP12 baby monitor was used. Because of the high DECT data rate a computer on with to run the project should be powerful enough. To build --------- git clone git://github.com/pavelyazev/gr-dect2.git ( git checkout pyqt4 - optional in case of old Gnuradio and PyQt4) cd gr-dect2/ mkdir build cd build cmake ../ make sudo make install sudo ldconfig Then Gnuradio companion should be used to open and run the flow graph dect2.grc from gr-dect/grc Usage ------ Each device that can emit DECT signal will be called a part. According to the DECT specification there are parts of two types – RFP (Radio Fixed Part) or base station and PP (Portable Part) or handset. RFP emits a signal that setups frame structure on the air. A RFP can be listened to independently. But in order to get a voice from a PP it is necessary to receive its pair RFP. The project uses QT-based controls. There are RX gain slider, channels and receiver ID drop-down lists, status console. The status console shows parts on the air. Information about a part consists of a receiver ID, part’s ID in DECT system, part’s type and voice presence sign. The status is updated every time when a part is gained/lost or voice data is gained/lost. A pair of RFP and PP will have the same DECT ID. The receiver ID is an internally assigned number inside receiver. The current implementation allows to listen to only one part. A necessary part is selected by ID from the drop-down list. The selected part will be marked by asterisk in console. If voice data is available a status line will have the “v” letter at the end and decoded voice will be routed to a sound card. From time to time parts may change frequency channel. So to catch something a periodic manual scan over channels is necessary.