Acoustic Coupler Pole-Vaults Over China’s Firewall

[agp.cooper]’s son recently went to China, and the biggest complaint was the Great Firewall of China. A VPN is a viable option to get around the Great Firewall of China, but [agp] had a better idea: an acoustic coupler for his son’s iPhone.

Hackaday readers of a recent vintage might remember an old US Robotics modem that plugged into your computer and phone line, allowing you to access MySpace or Geocities. Yes, if someone picked up the phone, your connection would drop. Those of us with just a little more experience under our belts will remember the acoustic coupler modem — a cradle that held a phone handset that connected your computer (indirectly) to the phone line.

With a little bit of CNC work, [agp] quickly routed out a block of plywood that cradled his son’s iPhone. Add in a speaker and a microphone, and that’s an acoustic coupler. There’s not much to it, really. The real challenge is building a modem.

In the late 90s, there were dedicated chipsets for modems, and before that, there was a 74xx-series chip that was a 300-baud modem. [agp] isn’t using anything like that. He’s building a modem with an Arduino. This is a Bell 103A-compatible modem, allowing an iPhone to talk to a remote computer at 300 bits per second. This is a difficult challenge; we’re not able to get 33kbps over a smartphone voice connection simply because of the codecs used. However, with a little bit of work, [agp] managed to build a real modem with an Arduino.

70 thoughts on “Acoustic Coupler Pole-Vaults Over China’s Firewall

      1. considering thats an iphone 4…(has a headphone jack) you should totally be able to…heck, its probably plug and play.

        on more contemporary iphones – a lightning to 1/8 would do fine or build in some sort of audio interface to the kit and just do it all over USB (youd be surprised how many USB devices iOS has a driver for ethernet, audio, mass storage just to name a few of the interesting ones)

      2. Yah. No analog I/o, no side loading, you can’t even run code that you write yourself on your own phone unless you pay a yearly fee to Apple.

        Why would any hacker/maker/diy enthusiast or whatever we each like to call ourselves ever consider owning an iPhone? Seriously, stop giving those assholes money!

    1. exactly my idea – but was to lazy to implement that. you just need some pretty basic stuff to match your headphone/mic lines to the phone line, and the iphone can take care of dialing as well. so essentially you can pull off a software based modem and even your own (simplified) tcp stack in-an-app – and put a basic (text based) browser on top of it

    1. Yah, 5190s did too, needed the funky data cable though. Then later phones worked as modems over bluetooth, like the Razr V3 I think. Used that mode in combo with a WinCE handheld once.

        1. I have one of those old satnavs and I can confirm that. I opened it and found a serial port on a pin header, but sadly Windows CE only listed one COM port (the one used for the GPS). The GPS receiver was on the same board so I couldn’t remove it and use the serial port.
          These satnavs’ USB port can be often reconfigured at low-level to be a host, but almost all boards lack the circuitry to output 5V and CE doesn’t support OTG. Most devices also have a slot for SD cards, so an ESP8266 in SDIO mode could be used for WiFi.

          The satnav ended up in my “things to hack” box, together with a Mediatek MT1389 DVD player motherboard, an old digital picture frame, a cheap Chinese smartwatch and a Nintendo DS. Ironically, one of these is very easy to hack yet it has a custom chip and DRMs to prevent running unofficial software. Why? Because a lot of hackers have (or had) it and wrote a lot of code and documentation while reverse engineering it. It’s like PIC vs AVR: PICs are better but AVRs win because of freely available dev tools and community support. Searching for hacks with my satnav only brought up some guides for running virus-filled pirated map software inside of CE and no real hacks such as installing Linux on it. (However, these guides showed how to open Windows Explorer from the map software by triple-clicking the manufacturer logo, so they provided some useful information.)

  1. I am being curious about this: “In the late 90s, there were dedicated chipsets for modems, and before that, there was a 74xx-series chip that was a 300-baud modem.”

    But according to this list: https://en.wikipedia.org/wiki/List_of_7400_series_integrated_circuits , it doesn’t seems to be available. My guess would be that a modem from the 80’s would use a handful of 74xx TTL chips, plus a couple of analog ICs (like switching filters and VCOs).

    1. At 300 baud not much of that was necessary. Frequency Shift Keying (FSK) would easily go a cross a phone network and the network itself was the so called ‘filter’. There was no analog to digital conversion in the phone network so filtering to avoid quantising error was not necessary.

      1. Way back when (1940s ish) a friend of mine leased a point to point phone line off the post office (now BT) and used it to transmit baseband video 425 lines. It worked for years then the comms company fitted filters and it never worked again. :)

          1. The example above would have been a bare cable pair to the exchange and then linked to another bare cable pair to the destination.

            A bare cable pair is unshielded Twisted Pair (UTP) just like your gigabit Ethernet cable except that gigabit used four pairs – two send, two receive so sending one TV base-band down a pair is not a problem but if you were to try to send two base-band signals down the same cable then there would be too much interference.

            Initially local point to point connections like this didn’t involve filters as they would just be extra work to install but eventually telcos woke up to what they were being used for and installed filters so you had to pay a higher price for an unfiltered line.

            All of the above is to do with local connections only or connections close enough they can be ‘cable’ all the way. On longer hops the signal want into a RF carrier, sometimes microwave and these signals are strictly filtered during the modulation process. That left them with about 3kHz bandwidth.

        1. A suicide cord and alligator clips solves those filters. I used to blow up the phone line filters all the time for an analog telemetry link we used to use for water tanks. Idiot phone guy would install filters, we would use 120VAC to blow them up and the line would work again for the next 3 months until they replaced them again.

        1. We called there companders and they were not used often. There were also companders that used frequency multiplexing instead of digital compression.

          They were used for remote locations when you run out of cable pairs and demand requires more lines. Over on pair in an existing cable could be used for 3 calls (analog frequency modulation) or 16 calls (digital compression). They were used to buy time until another cable could be put in the ground.

    2. I used to work with 300 baud modems. There was no 74xx chip that implemented a modem — TTL was a digital technology, completely unsuitable for receiving analog signals. You *might* have been able to generate the audio tones with a collection of TTL logic, but receiving would require opamps. Up through the 1980s, low speed modems were large and expensive. The receive side was typically a pair of active filters, one for each of the tones, with some kind of decision circuitry which chose the loudest output. DSP didn’t come until later I paid about $600 in the early 90s for a GDC 1200 baud modem that was the size of two laptops. It had DSP.

      The first integrated 103-type modem was by Cermetek, IIRC. It was an expensive, hybrid, I think, and large, ceramic part. They still sell integrated modems: http://www.cermetek.com/Catalog/Low-Speed-Modems/Datasheet/CH1786_607-0004/ 103 modem tones were 1070/1270Hz (originate) and 2025/2125Hz (answer) — not much difference in frequency, so your filters had to be pretty good. With good filters, you could send up to 450 bps (I had an Omnitec 701B acoustic coupler that worked fine at 300 baud with my VT05 in the late 70s)

      Here’s a reference (paywall) to another design from 1984: http://ieeexplore.ieee.org/document/5469130
      /?reload=true

      202 (1200 baud? half duplex) modem tones were easier to generate and detect:: 1200Hz and 2400Hz, IIRC, and were also used for cassette data storage and ham radio packet comms.

    3. I don’t know about a 74 series chip. Aren’t those all digital? I bet the author was thinking of the LM565. That one was way popular back in the day and you can still find all sorts of projects, forum posts and datasheets with a quick Google search today.

      1. Yes, you *could* use one of Signetics’ PLL chips to decode FSK…if you were a very good designer. I never got it to work reliably.

        The issue with running 103 tones over a cellphone, is that today’s cellphones use some pretty aggressive CODECs to compress speech (for a lower over-the-air data rate => more conversations => more profit). https://www.voip-info.org/wiki/view/GSM+Codec

        These voice encoders and decoders are not much good on random waveforms, because they’re trying to extract parameters from your voice and send the parameters, so the speech can be regenerated at the far end.. When the input isn’t generated by a human vocal tract, they kinda fall on their face.

        On the older, analog cell phones, you might have stood a chance, because they sent audio directly over the air (you could listen to them on scanners, but you weren’t supposed to), but analog is long gone from cellular.

    4. National made both MM74HC942-3 and MC145442-4 single chip solutions. Earlier modems, like first Commodore vicmodem used MC14412 + a bunch of support chips(opamps, level shifters, flip flops), and that was 1984. Maybe modems before this actually used discrete individual filters?

    5. MM74HC943

      The MM74HC943 is a full duplex low speed modem. It pro-
      vides a 300 baud bidirectional serial interface for data com-
      munication over telephone lines and other narrow band-
      width channels. It is Bell 103 compatible.
      The MM74HC943 utilizes advanced silicon-gate CMOS
      technology. Switched capacitor techniques are used to pe-
      form analog signal processing.

      MM74HC942 looks like pretty much the same thing too.

  2. Back when carriers charged an arm and a leg for data access (seriously dollars per megabyte) I paired my moto razr to a laptop running ubuntu as a bluetooth headset, then patched the voice through to a soft modem (linmodem IIRC) to try and get data using my voice minutes. I managed to find a free dialup service to dial into, but due to the heavy compression of the voice channel I never could get it to connect reliably.
    As was pointed our already, the correct solution to this was to use the bluetooth dialup protocol, but the greedy bastards would only let you dial into their data service where they charged you full data rates. When trying to dial an external number the call would fail.

    If you didn’t mind paying the data rates it was pretty rockin back in 2005 to pair your palm pilot (something like a sony clie th55 or palm tungsten) over bluetooth. The end result was basically a slow ipone with a 320×240 touchscreen. Which is to say basically the same thing as the first gen iphone, just 3 years before apple sold it.

        1. Depends which you had, 200mhz and 64MB of RAM was a bit dire, but 600Mhz and 128 was quite useful, I had one I was using as a portable youtube viewer, until they cut off support at YT and didn’t update the Mobile 6.x.x app.

        2. Windows Mobile != WinCE. Windows Mobile came after Windows CE. I never used CE, I have heard lots of complaints about it. Windows Mobile was pretty much what I would expect a smart phone to be minus the store. You had to download and run your own installers.

          It had a web browser which did a decent job of displaying the sort of HTML & CSS that was common at the time. “Apps” (I don’t think they were called that) were available for SSH & VNC, all the then popular instant messengers and IRC (the biggest things I wanted at the time). I suspect it had the apps other people wanted too but I’m not other people. Mine had a camera which took decent pictures for the time.

          I don’t think mine had a built in GPS. GPS small enough to build into a phone was expensive kit in those days! Google’s nav app at the time allowed you to enter your starting location and would give you the turn by turn directions. A starting (or destination) location could be a street intersection so if you were lost all you had to do was find an intersection with road signs. I wouldn’t want to go back to that but it was a great improvement over the paper map!

          I really don’t remember having any complaints about my Windows Mobile phone except the need to buy Windows and Visual Studio to develop for it. I wanted a Linux OS with an X based GUI like GPE to take off so that the whole world of desktop applications could be ported to our phones. I’m still sad that didn’t happen.

    1. In South Africa it was R2.00 per MB in 2005 (about 31 US cents, at 2005 exchange rate). I used an infra-red link from my Nokia 5140 to my laptop for 2G internet. I was surprised when I visited Australia in 2006, that it was about 300 times that price. I always thought I grew up in a 3rd world country (South Africa).

      Well, maybe not – JRR Tolkein, Charlize Theron, and Mark Shuttleworth are all South African. although bet you don’t pronounce Charlize Theron correctly. (Neither does she since she learned to speak American :)

    2. Forget PalmOS stuff. The thing to have was a Sharp Zaurus! Extra points if you replaced the stock OS with OpenZaurus GPE edition and did the pivot root mod so that your internal memory is almost entirely uses as RAM and your storage is on the SD card. Use the SD card for pivot root because you want the CF slot available for wifi, Ethernet, etc…

      Do that and you don’t have a locked down proprietary piece of shit like an iPhone. You have a miniaturized Linux desktop that is fully under your control! And that keypad… I still dream of taking the keypad off of my old Zaurus and somehow grafting it to a modern smartphone. I don’t think I could bring myself to do that to my old Zaurus friend though.. even though it is too obsolete for me to actually use. Slideout keyboards in smartphones didn’t go away because they are a bad idea. They went away because they all sucked and nobody knows because only ex-Zaurus users have ever experienced a good one!

      Anyway, at that time I was tethering my laptop to my Nextel via a serial cable and dialing in to a free dialup provider at 9600 baud. I was doing PHP backend development, testing with images turned off in the browser!

      Unfortunately it took me a while to break down and spend the bucks on the proprietary Zaurus accessory connector so that I could have soldered up a serial cable for it. Shortly after that I discovered a friend’s Windows Mobile phone. I never liked it as much software wise as my handheld Linux ‘desktop’ (the Zaurus) but the built in cellular connectivity clinched it for me. The Zaurus has only come out of the cupboard for brief visits since.

      I still have the ‘Z’ and even the unused accessory connectors just waiting to get soldered to a cable!

    3. I remember doing this with Verizon around 2005-2006, IIRC it didn’t charge me it just went against my regular minutes, the phone emulated a 14.4 modem although in practice it wasn’t even that fast most of the time, even with 3G. This was with an LG VX4400, had to use a serial cable with a serial-to-USB adaptor in it, as the USB implementation in the phone was buggy and would randomly drop the connection. Was a neat trick but I think I only dialed into one BBS with it, as by then most of the dial-in BBSes had shut down, and at the time I didn’t have dialup internet anymore. I think I tried it with NetZero once, but it was so frustratingly slow after being used to broadband, that I gave up.

  3. AFAIK is the great firewall pretty selective and most of your day-to-day activity would go through.
    And of course if a foreigner of a country which frequently describes China as an enemy start to build secret communication devices they might think it’s a spy (I’m assuming he isn’t right now) and that might cause some discomfort – and ejection.

  4. Gosh, takes me back – I did this hack over analogue cellular when mobile phones were a whole new thing using a 64180 (Z80 with extra bits) and rolled my own error correction protocol. It was hugely exciting at the time, totally cutting edge; I also had a radio-based positioning system the size of a shoe box that pre-dated wide availability of GPS and moving map displays on a Psion series 3. What’s the equivalent technology bleeding edge today?

    1. Today’s bleeding edge positioning system is something that piggybacks on the existing GPS infrastructure and adds Pokemon stuff. It’s called Pokemon Go and it’s not used anymore even if it’s still bleeding edge.
      And today’s error correction protocol for machine-to-machine is SHA hash and RSA signature with additional copy protection, also known as DRM. For machine-to-human it’s LHDECITB (Let Humans Do Error Correction In Their Brains), widely used in lossy image and audio compression.

  5. I guess this means that no one supports the GSM dial up networking protocol anymore? Back in the old days, a GSM phone could tell the network that it was making a data (or fax) call and it would be routed to a modem bank in a way that bypassed the codec. The maximum rate was 9,600 bps or 14,400 depending on which revision of GSM was used.

    1. This is GPRS and it’s almost identical to the old modem AT command set. GPRS was a feature of ‘G’ networks that are gone and 2G networks that are being phased out now.

  6. Just a thought – do Chinese cell service providers have unlimited international texting plans? If so, develop an Android app, assuming one doesn’t already exist, that sends and receives PGP encrypted text from files broken up into 140 character blocks. Of course, this guy’s voice channel method couldn’t be stopped without shutting down telephonic voice communication from a country whereas texting could be disabled with far less disruption. However, I think if this guy’s method became really popular that it would be relatively easy to set up automatic detection of voice modem tones and break the connection.

    1. This guy’s method is 300bps, and more complex for the end user than using any one of the widely available VPNs, encrypted messaging apps, SSH, or PGP. It’s a great proof of concept, but it’s not gonna become popular.

      1. Don’t they block VPN’s these days in countries that REALLY don’t like people to have their freedom?
        And outlaw encryption too I think, although I’m not sure about china.
        Hell, even in the US you are forbidden to use encryption on ham radio.

  7. For those too young to have experienced it, 300 baud is so slow that text appears on your screen as if someone were typing it. And text is all you will get unless you wait half an hour to download a binary of 140k to see a blurry image. I loved my acoustic coupler when it was the only thing available, but it would be useless now.

    1. If that’s all you had you could still send/receive text based emails and even browse websites with the images turned off. Imagine for example… having access to Wikipedia on a 300 baud connection vs having no connection at all. Why would one do this? I don’t know. Banished to a desert island and can just make a low bandwidth radio link to the mainland? Really really inventive prison tech?

  8. I’m all for hacks that allow an oppressed population to get suppressed facts out to the public in an attempt to make things better.

    I’m guessing this was just a typical kid on a vacation though. What is to gain from this? Keep some official from reading his ‘hey mom, having a great time, everything is good’ letter? Is Facebook blocked, does he need a social media fix? I would be afraid he would get caught with this device. Facebook isn’t worth it. Mark Zuckerberg isn’t going to come rescue his one of a billion unpaid content creator.

    1. Email. Wikipedia, actually all sorts of informational websites and forums (with the graphics turned off and probably a good ad blocker too). IRC. Project Guttenberg has 1000s of whole novels that are just simple .txt files! I’m sure SSH would feel sluggish but it would probably still be usable in a pinch.

      Don’t get me wrong. With today’s fast connections available I will choose those. But.. if I were somehow stranded somewhere and somehow had a 9600 baud (or even slower) connection available I would guard that connection with my life! There is still tons of useful stuff one could do with it. We just wont because it is easy to obtain better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s