Admit it: As a child, you all have played some good ol’ Ding Dong Ditch. The practical prank — whose name has a number of variances from knock down ginger to knock knock run — dates all the way back to 19th century England. It involves knocking on the front door (or ringing the bell) of a neighbor, then running away before the door can be answered. Now in the 21st century, a Maker by the name of Samy Kamkar is ushering the vintage game into the digital-savvy era.
Kamkar recently hacked into his friend’s wireless doorbell (using less than $100 in equipment) in such a manner that whenever he sent a text message to the device, it would ring. Even better, it’s also a surefire way to know that the unknowing victim will come outside to an empty doorstep.
To bring this idea out of the 19th century simply called for a $14 software defined radio, a GSM breakout board and an RF transmitter to transmit custom signals. With just a little extra hardware and software support from an Arduino Nano (ATmega328) and some reverse engineering of a proprietary radio signal, he was well on his way to the ultimate prank.
In order to accomplish this feat, Kamkar first needed to know the frequency, the modulation scheme, as well as what the doorbell was sending. Though some of the information could be revealed by just finding the FCC ID, the Maker discovered a much better way. While his friend was out of house, Kamkar rang the doorbell several times while watching the waterfall view with an RTL-SDR TV tuner. In his efforts to capture and demodulate the signal, he observed that the bell was transmitting at around 433.8 MHz.
From there, the Maker examined the audio waveform in Audacity, which revealed that the doorbell used On-Off Keying — or just turning the radio on for a binary “1″ (high signal at 750us) and off for a binary “0” (lows/no signal also appear to be in blocks of 750us). And, with just 434MHz ASK RF Transmitter from SparkFun, Kamkar was able replicate the output of the doorbell.
The Maker says that creating the code to trigger this is pretty simply once you’ve created an array with all the times the ‘1’ (or high) signal begins.
“You do need to power the Arduino (easy by connecting USB to it), as well as connecting USB to the FONA and a 3.7v Lion/LiPo battery to the FONA and leave it outside the location of the doorbell. Don’t worry as the FONA USB connection simply charges the battery. It’s silly, I know, but it’s necessary. If just running temporary, USB batteries work great too,” Kamkar writes.
For this project, he used a mini GSM cellular breakout board from Adafruit. The module enables him to simply send a text message with the word “doorbell” to the device, which relays a signal to the ATmega328 based Arduino and transmits the created signal to ring the doorbell.
Not only can you watch the ingenious hack in action below, you can read the Maker’s entire step-by-step breakdown here.