Hardware Not Required: WebSDR and the Open RF Layer

#cybersecurity #wirelesssecurity #sdr #opensource

Anyone with a browser can access live radio spectrum from receivers around the world.

No SDR dongle. No antenna. No local setup. Just a browser and an internet connection.

The WebSDR project began at the University of Twente in 2007. Since then, browser-based RF access has become widely available, with public receivers covering different countries, bands and antenna sites.

Examples of WebSDR in Use

Image 1: The public WebSDR directory, showing receivers across Europe with their own locations, antennas and frequency ranges.

Image 2: Qatar-OSCAR 100 at Goonhilly Earth Station, Cornwall. Live satellite RF from Es’hail-2, streamed through a browser.

Image 3: Hack Green, Cheshire. A former Cold War nuclear bunker, still transmitting.

What a waterfall reveals

Not every signal tells a story. Much of what appears on a waterfall is simply evidence of a transmission, on a frequency, at a point in time.

Where signals are left open or technically decodable, SDR tools can reveal more.

Frequency use. Timing. Signal type. Volume.

On their own, these details may look minor. Combined over time, they can reveal routines, system behaviour and operational change.

The layer most organisations do not monitor

Many organisations rely on wireless systems for communications, access control, logistics and safety. Few monitor the RF environment around them.

The assumption is often that signals disappear into noise and go unnoticed.

They do not.

WebSDR makes passive RF observation accessible. With the right receiver, antenna, band coverage and propagation conditions, a signal may be observable well beyond the site that transmitted it.

The RF layer should not be assumed private by default. It is a layer many security teams have not yet thought to look at.

If a signal is transmitted, it may be observable.

The RF layer is not invisible.

See for yourself: websdr.org