(This is part 1 of 2. The 2nd part covers actually transmitting the commands with Raspberry Pi's GPIO.)
This was quite a fun project because I had a practical use case at home, and because I wanted to show myself and others that wireless signals don't have to be a mystery black box. With a $15 RTL-SDR, you can snoop on all the wireless appliances in your house.
My house came with two ceiling fan/light combo units that the previous owners installed. They're Minka Aire brand and the exact model is unknown, which is fine because the remotes are pretty simple and they only sell a couple different remotes anyways.
Other people have reported that similar appliances like other ceiling fan brands, fireplaces, outdoor weather sensors, etc. can be similarly wirelessly controlled.
The video shows all of the fun steps and I don't have too much errata to put here, just some misc tips that aren't in the video.
The RTL-SDRs are USB TV Tuner's designed for analog TV and FM radio and designed around a Realtek chip (the RTL2832U) with a separate tuner chip. The tuner chip varies and affects what frequencies you can receive at.
Enthusiasts figured out you could just grab raw data from the device at whatever frequency the tuner supported, and thus a nice little community was born.
I think eBay is the best place to find them, by searching for "USB TV Tuner". There are no "bad" counterfeits (unlike, say, ELM327 chips) I'm aware of since the product is so generic - the main choice is between sellers in the US vs sellers in China which affects shipping speed. It looks like there are now sellers selling the cheap "classic" design (the one I have in the video) as well as nicer ones explicitly targeting SDR hobbyists (e.g. if you search for "RTL-SDR" instead of "USB TV Tuner").
The RTL-SDR as a receiver is a perfect complement to using a Raspberry Pi as an SDR transmitter - a cheap and easy starting point into the world of radio. Snoop on your car keys, garage door opener, and more!
Each compliant wireless device should have some FCC text on it along with an ID number. You might be able to find this inside the battery compartment of the remote.
You can search the FCC's website for this number and find the PDF that the manufacturer submitted for regulatory approval, which should detail the frequencies that it transmits and receives at (which may be different).
Really though, using a spectrum analyzer (the one shown in the video is spektrum) is so quick that looking it up in the FCC database might actually take more time.
Spektrum is a piece of open-source software with which you can scan across the RTL-SDR's frequency range. The GUI is written in Processing, which honestly is rather frustrating. (No HiDPI or native widgets AFAIK.) But it gets the job done. Just remember to toggle Max Hold as needed because it likes to reset itself to 0 instead of -inf for some reason. Are there better tools than Spektrum? I'm sure GNU Radio can do everything it can and much more.
I only used the most basic features of Universal Radio Hacker, but given how simple the ceiling fan protocol is, I didn't need much. The real radio enthusiasts out there can tell you much more about different encodings, but the ceiling fan (along with a separate cheapo remote-controlled LED light that I also tested) used on-off keying, which is basically like Morse Code. Super easy to understand.
A business called Bond sells the Bond Bridge, which is a "smart" hub that controls these "non-smart" wireless appliances like my Minka Aire fan. It's currently sold for $100. They run into the same limitation inherent to a bunch of these devices, which is the sad fact that there's no "Light Off" command, only "Toggle Light".
This makes it impossible to reliably turn off the light unless you know what state the light is already in. Bond works around it by trying to keep track of the light's state, but if you ever toggle the light using something other than Bond, the state gets out of sync.
RTL-SDR.com: https://www.rtl-sdr.com/hacking-a-ceiling-fan-radio-control-signal-with-an-rtl-sdr/
Copyright 2021 River's Educational Channel
Some links on this website are affiliate links - River's Educational Channel may receive a commission if you purchase an item through the link.