What Is Ultra Wideband?

If you’ve been following the world of mobile phone technology of late, you may be aware that Apple’s latest IPhones and AirTag locator tags bring something new to that platform. Ultra wideband radios are the new hotness when it comes to cellphones, so just what are they and what’s in it for those of us who experiment with these things?

An Apple AirTag being paired with an iPhone. Swisshashtag, CC BY-SA 4.0.
An Apple AirTag being paired with an iPhone. Swisshashtag, CC BY-SA 4.0.

Ultra wideband in this context refers to radio signals with a very high bandwidth of over 500 MHz, and a very low overall power density spread over that¬† spectrum. Transmissions are encoded not by modulation of discrete-frequency carriers as they would be in a conventional radio system, but by the emission of wideband pulses of RF energy across that bandwidth.¬† It can exist across the same unlicensed spectrum as narrower bandwidth channelised services, and that huge bandwidth gives it an extremely high short-range data transfer bandwidth capability. The chipsets used by consumer devices use a range of UWB channels between about 3.5 and 6.5 GHz, which in radio terms is an immense quantity of spectrum. Continue reading “What Is Ultra Wideband?”

Apple AirTag Spills Its Secrets

The Apple AirTag is a $29 Bluetooth beacon that sticks onto your stuff and helps you locate it when lost. It’s more than just a beeper though, the idea is that it can be silently spotted by any iDevice — almost like a crowd-sourced mesh network — and its owner alerted of its position wherever they are in the world.

There are so many questions about its privacy implications despite Apple’s reassurances, so naturally it has been of great interest to those who research such things. First among those working on it to gain control of its nRF52832 microcontroller is [Stacksmashing], who used a glitching technique whereby the chip’s internal power supply is interrupted with precise timing, to bypass the internally enabled protection of its debug port. The firmware has been dumped, and of course a tag has been repurposed for the far more worthwhile application of Rickrolling Bluetooth snoopers.

The idea of a global network of every iDevice helping reunite owners with their lost possessions is on the face of it a very interesting one, and Apple are at great pains on the AirTag product page to reassure customers about the system’s security. On one hand this work opens up the AirTag as a slightly expensive way to get an nRF microcontroller for other applications, but the real value will come as the firmware is analysed to see how at the tag itself works.

[Stacksmashing] has appeared on these pages many times before, often in the context of Nintendo hardware. Just one piece of work is the guide to opening up a Nintendo Game and Watch.