Today I came across an article on Hackaday . The article was Hackaday’s response to a DMCA Takedown Notice they have received from Tektronix. The DMCA Takedown Notice was aimed by Tektronix at a previous article that explained in great detail how to enable software options in Tektronix oscilloscopes without actually paying the licensing fee. What really shocked me was Hackaday’s attitude towards those software keys.
First off, let’s talk about how software options are installed on some Tektronix oscilloscopes. Instead of using actual text keys that a user would have to type into the oscilloscope, Tek has come up with rather nifty little hardware dongles. I find them nifty because they do not tie the license to a given scope. Technically speaking, you are buying a “floating license.” Just insert it into the scope you’d like to use a certain feature on and voilà, the software option is enabled.
Apparently, these modules, or rather the whole key authentication, can be hacked quite easily. Hackaday responds to this fact as follows:
“The real story here is that Tektronix designed a woefully weak system for unlocking these modules. Learn from this. If you’re ever designing a hardware key, don’t do it like this!
An EEPROM, a connector, and a plain text string of characters which is already published publicly on their website is all that is necessary to unlock these “crippled” features. Let’s just say that again: apparently every hardware key is the same and just uses a plain-text string found on their website which is not encrypted or obfuscated. If you were selling these keys for $2.99, perhaps this would be adequate but Tek values these modules at $500 apiece.”
All I can say, in kind: Hackaday, you have demonstrated how disengaged you are with the matter.
Judging by the comments under the referenced article, I couldn’t help but notice that understanding software options and associated cost seems to be a common problem among hobbyists. Since most of my readers are hobbyists, I thought I’ll help out.
First off, let me state the obvious: When purchasing a license module, you are purchasing a license that allows you to use a certain feature on your oscilloscope. You do, however, not pay for an EEPROM, a connector and a plain-text string. The module is merely the delivery method of the license key (i.e. your right to use that software option). It’s the same with PC software keys that are nowadays offered on a plain plastic card in retail stores. Nobody would accuse Adobe of selling overpriced plastic cards. People know they are paying for the software, not the card. Therefore, I was quite surprised to see how tough it seems for some to understand the concept of license keys in modern test equipment.
The irony is really this: Hackaday and many commenters suggest that Tektronix should learn its lesson and improve proper encrypted serial number based keys. Guess what happens to the cost? That’s right, developing such a system will cause non-recurring engineering (NRE) cost that has to be recovered from the customers legally purchasing the options. Isn’t it funny how a group complaining about the cost of such software options suggests a narrow minded solution that will only increase such cost?
The next thing that seems very hard for many people to grasp is why they have to pay for something that is technically available (but not enabled) in the instrument they purchased already. This is actually a very common complaint I hear at trade shows in particular. The complaints usually go on about how much more certain options cost and how that’s just not right for something that’s already there.
Like with the previous statement, this is something that is usually viewed from the wrong perspective. It is not the case that users who use more advanced features have to pay a steep surcharge. It is more so the case that customers who don’t use these features get a hefty discount. And companies don’t do this because they’re super nice. Sure, this is also used to drop the “starting at” sticker price a bit, but the secondary reason is something that hobbyists probably have a hard time understanding. Hobbyists are used to being “alone” when trying to figure things out. If they run into issues with their equipment, they will consult other hobbyists on online forums. A commercial user who paid a 5-digit amount of money for their instrument will call an Applications Engineer at the company who he bought the instrument from and demand instant help. And he will receive it. Thanks to pathetic customer support of cheap Chinese companies like Rigol, this doesn’t even cross a hobbyist’s mind.
The amount of support (and the associated cost) is highly dependent upon the feature set that a customer uses. If you take a look at what kind of software options are available, you’ll find that only very few are generic. Most of them are designed for very specific and complex tasks. Helping someone with a support request originating from such a complex task costs a whole lot more money than telling someone how to push a button on the front panel.
I hope this helps to better understand how software options work and what is really involved. Just as a disclaimer, I’d like to add that I am not a fan of DMCA Takedown Notices and similar legal action without first approaching an alleged copyright offender in a less formal way. That’s why I am in no way commenting on that side of the matter. Tektronix is one of my blog’s sponsors. It’s important to know that this has zero influence on why I am writing this article. As a matter of fact, even though I am defending Tek, I am certain that Tek will in no way like me addressing this issue and thus drawing more attention to it. However, this article is very important to me on a personal level.
Links and Sources:
Bug 1 (WS3162): When modulation is applied to a channel, the amplitude drops below the set value.
Bug 2 (WS3162): Phase control dysfunctional on both channels when modulation is applied to either one channel.
Bug 3 (HDO4024): Spectrum calculation locks up and slows the spectrum update down significantly if “Average” or “Max Hold” mode has been selected previously to switching into “normal” mode. FW: Version: 126.96.36.199 & 188.8.131.52
UPDATE (06/16/2014): Just 15 minutes after I published the video, Dan Payne (Director of Distribution, Teledyne LeCroy) writes this: “Thanks Sebastian – I’ll have the applications team look at it immediately – The video makes it a lot easier to see the application.”
For less than $1 in material, you can significantly increase the receive and transmit performance of pretty much any handheld radio. Not just amateur radio, but practically any radio out there, including WiFi routers. The following picture shows a Tiger Tail for a 2m band HT.
So if all you need is a bit of wire and a ring terminal, then why bother to write a lengthy article? Well, there are a few caveats and tricks with a Tiger Tail. For instance, some math needs to be done to get the exact wire length just right. Most articles about the Tiger Tail just mention fixed numbers and completely disregard that the amateur radio bands are not the same around the world. They also neglect commercial and low-power (Part 15) applications. And to my surprise, many articles do not even bother to mention that a Tiger Tail is a tuned element. A Tiger Tail that may work perfectly on VHF, may perform pretty bad on UHF. So let’s get started!
The following shows all the tools you will need in some form or another:
You’ll need a ring-terminal appropriate for your wire diameter, some wire (14 AWG / 1.6 mm), wire strippers, a crimping tool and quite possibly a calculator.
Like I said above, the Tiger Tail is a tuned element and needs to be calculated for the specific frequency range of interest. Since I favor metric over imperial units, let’s start with the formula to use if you like metric:
Length = length of Tiger Tail in cm
f = frequency in MHz
What this formula does is calculate a quarter wavelength for the given frequency + 5%. The same formula rearranged for imperial looks like this:
If you would like to calculate the length in inches, simply divide the result by 2.54. Or use the following formula instead:
Lenn(in) = length of Tiger Tail in inches
f = frequency in MHz
Remember that this Tiger Tail works for a single band ONLY. But there’s a pretty easy trick: if you would like to cover more than one band, like 2m and 70cm at the same time, simply calculate a Tiger Tail for each band individually and connect them to the radio at the same time.
So after you calculate the correct length, simply crimp a ring-terminal on the wire and — just for good luck — isolate the other end with a piece of heatshrink tubing. That’s it, no black magic at all. And this is what the final result should look like:
And in case you don’t like to read and you’d like to see some of the math being done for you, here’s a video I made on the same topic. The video also contains a cross-check of the math using a spectrum analyzer:
For some reason, my new BCD996XT scanner wasn’t working as expected on the statewide digital (APCO 25) radio system. Since this radio system is the primary reason why I got this new scanner, I had to come up with a solution. In addition, I really wanted to expand my receive coverage geographically. This article shows how to improve receive signal strength, greatly increase geographical coverage and reduce out-of-band interference.
So where to start? The obvious. Taking a snapshot of the current situation. I am using a wideband discone antenna mounted on my roof. Since this is a very broadband antenna, I imagined that it was catching a whole lot of signals that I didn’t really care about. A look at the MDO4104B-6′s spectrum display confirmed this.
The bandwidth is 0 – 1000 MHz (100 MHz / div). Even though the resolution bandwidth is 5 kHz, the MDO4104B-6 was actually pretty fast. But that’s just an aside. You can clearly see the strong broadcast VHF signals on the left. Then there are a lot of signals between 500 and 700 MHz, as well. I have absolutely no interest in signals in that range. And over to the right, you can see — among other things — the desired signals. The control channels for the APCO 25 systems in my area are mostly between 850 and 860 MHz.
Since I am primarily using the BCD996XT scanner for the APCO 25 system, I was willing to filter out anything that’s not in the 800 – 900 MHz range. I realize that I’ll lose the capability to monitor most of the VHF and UHF channels (Aircraft, Amateur Radio, Law Enforcement, Business, etc.) by doing this. But I do have plenty of other analog scanners and I also have 2 more wideband discone antennas laying around. So my decision was made; Optimize the antenna system for 800 – 900 MHz and set up a second scanner (BCT15X) for analog channels.
I also decided to combine the signals of the wideband discone antenna (for local sites) and a commercial 850 MHz Yagi antenna (remote sites).
APCO 25 sites are smart in that they actually know what data it needs to relay and what not. If there is no radio logged into the site with a certain talk group, there is no need for this site to relay activity associated with that talk group. So while the discone picks up local sites very strongly, it may be of absolutely no help for communication of a neighboring county if there are no radios of those agencies being used locally. Looking at the map, I realized that there were about 6 remote sites northeast of my house. Perfect for a commercial 850 Mhz Yagi made by Larsen.
So besides filtering, I now had to combine two signals from the two antennas. And I thought while I was at it, I might as well include a preamplifier. For practical reasons, mostly cable loss compensation, it’s always smart to put the preamplifier close to the antenna. I did have a rugged outdoor case laying around. All I had to do is select the right things to put in it.
While looking for a combiner, I found one that actually had a bandpass characteristic for 800 – 920 Mhz. It’s the Mini Circuits ZN2PD-920+ . From Mini Circuits are also the 800-1050 MHz SMA inline filter  and the amplifier (ZX60-2534M+) . That’s pretty much everything needed except I did not want to run an extra power line for the amplifier. Therefore, I also ordered two Bias-Tees .
The wiring is pretty straight forward. The two signals from the antennas are being combined by the combiner, then being amplified by the amplifier and filtered by the bandpass filter. In that order. I was debating to put the bandpass filter in front of the amplifier. After all, amplifiers behave according to the “garbage in, garbage out” principle. Since the combiner had a bandpass characteristic, I did not want to introduce anymore loss.
I cut a small piece of rigid RF cable in half and soldered two capacitors (100 µF & 100 nF) as well as two wires for the amplifier’s voltage supply on the end. An old power supply for a USB hub supplies the 5 V for the amplifier on the other side of the coax.
Immediately after hooking up the scanner, I could tell a great improvement in performance. Not just remote, but also local signals were much clearer and the lock time for the scanner was significantly faster. Beforehand, I often missed the beginning of a transmission. Now I can eavesdrop right from the start. A quick look at the spectrum analyzer confirms that the signal situation increased significantly.
In case you’re interested in building a similar setup, here are the links to the datasheets of the Mini Circuits products used.
 Mini Circuits: ZN2PD-920+, Power Splitter/Combiner, 800 to 920 MHz: http://www.minicircuits.com/pdfs/ZN2PD-920+.pdf
 Mini Circuits: VBFZ-925, BPF, 800-1050 MHz: http://www.minicircuits.com/pdfs/VBFZ-925+.pdf
 Mini Circuits: ZX60-2534M, Low-noise amplifier: http://www.minicircuits.com/pdfs/ZX60-2534M.pdf
 Mini Circuits: ZFBT-4R2G+, Bias-Tee: http://www.minicircuits.com/pdfs/ZFBT-4R2G+.pdf