GPS NMEA Spoofing

gps spoof

[Chris Barron] is getting pretty unnerved by the UK moving to charging for road use based on GPS coordinates. He built this device to prove that GPS data can be spoofed and shouldn’t be relied upon. He promises future firmware updates that will provide two knob etch-a-sketch style path control.

20 thoughts on “GPS NMEA Spoofing

  1. whoa whoa whoa, that is fucked.
    gps is easy fake, all you do it change the numerical values of the latitude and longitude.

    i did it on my phone, fuck being tracked.
    here’s some advice for those under blair, don’t use the box. just place a gigantic magnet on top of the gps device. or under it. so the pigs can’t see it. and that should fuck it decently? plus a little water damage never hurt.

  2. I think it’s about to time for the next global revolution, where we forcefully remove the standing members of office in US and UK and put in something that, say, works.

    We went to Iraq two years ago, we’ve been seizing the worlds oil for our own interests, why am I, a TEXAN, paying $2.89 for Regular Unleaded. This fucked up madness has to end. And it has to end soon. I am calling upon the RU members to go to Code Nine-Oh-Six.

    Everyone else, just take over a gas station. fill up a tour bus or eight, load it down with good men, and trek to D.C. Keep an ear to the wind, and we’ll take down the White Elephants.

  3. Firstly the UK govenrment is never going to use GPS for taxation. It’s just a crazy pipedream that’ll never happen and secondly the more tax on petrol & road tax the better. We’ve messed up this planet too much already and the more we can do to reduce emissions the better. And yes, I own a car (but rarely use it).

  4. how do you build one of these GPS things :) ?

    I also read something about using your credit card on the pump and when it asks if you want a recipt, you hit CANCEL and its supposed to not charge your credit card acct…Does this work?

  5. So how does that thing exactly work? If you want to fool a sealed GPS unit, you need to create at least three independent radio signals just as the ones coming from the satelites. I would be curious how you do that for 5 quid. Or does that box just create an RS232 signal with NMEA? In that case you are not exactly fooling the GPS system, but the computer that is attached to it (via serial). I seriously doubt that the government will provide the British motorist with the convenience of a RS232 data cable in the proposed system.

  6. Yes Kenny, and did you know if you drive backwards through a tollbooth, they pay you the toll amount instead of you paying them?

    Or if you put all your groceries down your pants, and push your empty shopping cart through the checkout aisle, they won’t charge you for the food you stole?

  7. It’s a nice hack, but it is more accurately described as a NMEA spoofer, not a GPS spoofer. This attacks the problem at the serial port & changes the data — not the over-the-air interface. I would expect that any nationalized toll system would only use one processor for GPS measurement and milage recording — not a two-processor system that would be vulnerable to NMEA spoofing. Even if a two-processor system was used, it would still be simple to encrypt this data. (and that could be hacked easily, too.)

    Two GPS design goals were anti-spoofing and anti-jamming. The signal level is actually below the noise floor! … so jamming it with a CW signal wouldn’t do anything. You’d need to replicate the spread-spectrum chirps of the satellites, which isn’t too hard, but more complicated. Spoofing would require you to transmit 4 fake satellite signals (hard), and totally surpress the real satellites (much harder). The receiver could be easily programmed to detect spoofing or jamming attempts.

  8. Hmm. An NMEA spoofer isn’t going to be useful; I’d expect the box to be a sealed unit. The whole thing is still at least 5 years off, after the national biometric database project.

    The German goverment built a similar system for taxing trucks. It has been a disaster; it keeps cropping up in RISKS as an example of how not to do things.

    Note to Americans: in the UK petrol is

  9. Can someone help me out? i have webtech 5000 (check my site link for Webtechs website) unit on my van, i wouldnt mind it being there if everyone else had one, but there is only 2 employees out of 9 that have one. I just happen to have been unlucky.

    What can i do to either spoof the box, or stop it from working without causing any signs of damage.

    Thanks

  10. How about using the GPS Simulator called the LabSat which records and replays GPS RF data? You can record various journeys or even a vehicle at rest and then replay this wirelessly into the GPS, thus spoofing the signal very reliably.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.