gps

349 Articles

A Teardown Of Something You Should Not Own

December 1, 2017 by 67 Comments

GPS jammers are easily available on the Internet. No, we’re not linking to them. Nevertheless, GPS jammers are frequently used by truck drivers and other people with a company car that don’t want their employer tracking their every movement. Do these devices work? Are they worth the $25 it costs to buy one? That’s what [phasenoise] wanted to find out.

These tiny little self-contained boxes spew RF at around 1575.42 MHz, the same frequency used by GPS satellites in high Earth orbit. Those signals coming from GPS satellites are very, very weak, and it’s relatively easy to overpower them with noise. That’s pretty much the block diagram for these cheap GPS jammers — put some noise on the right frequency, and your phone or your boss’s GPS tracker simply won’t function. Note that this is a very low-tech attack; far more sophisticated GPS jamming and spoofing techniques can theoretically land a drone safely.

[phasenoise]’s teardown of the GPS jammer he found on unmentionable websites shows the device is incredibly simple. There are a few 555s in there creating low-frequency noise. This feeds a VCO with a range of between 1466-1590 MHz. The output of the VCO is then sent to a big ‘ol RF transistor for amplification and out through a quarter wave antenna. It may be RF wizardry, but this is a very simple circuit.

The output of this circuit was measured, and to the surprise of many, there were no spurious emissions or harmonics — this jammer will not disable your cellphone or your WiFi, only your GPS. The range of this device is estimated at 15-30 meters in the open, which is good enough if you’re a trucker. In the canyons of skyscrapers, this range could extend to hundreds of meters.

It should be said again that you should not buy or use a GPS jammer. Just don’t do it. If you need to build one, though, they’re pretty easy to design as [phasenoise]’s teardown demonstrates.

Distributed Air Quality Monitoring Via Taxi Fleet

November 20, 2017 by 11 Comments

When [James] moved to Lima, Peru, he brought his jogging habit with him. His morning jaunts to the coast involve crossing a few busy streets that are often occupied by old, smoke-belching diesel trucks. [James] noticed that his throat would tickle a bit when he got back home. A recent study linking air pollution to dementia risk made him wonder how cities could monitor air quality on a street-by-street basis, rather than relying on a few scattered stations. Lima has a lot of taxis, so why wire them up with sensors and monitor the air quality in real-time?

This taxi data logger’s chief purpose is collect airborne particulate counts and illustrate the pollution level with a Google Maps overlay. [James] used a light-scattering particle sensor and a Raspi 3 to send the data to the cloud via Android Things. Since the Pi only has one native UART, [James] used it for the particle sensor and connected the data-heavy GPS module through an FTDI serial adapter. There’s also a GPS to locate the cab and a temperature/humidity/pressure sensor to get a fuller environmental picture.

Take a ride past the break to go on the walk through, and stick around for the testing video if you want to drive around Lima for a bit. Interested in monitoring your own personal air quality? Here’s a DIY version that uses a dust sensor.

Continue reading “Distributed Air Quality Monitoring Via Taxi Fleet”

Snail Is Actually Cleverly Strange Geocaching Waypoint

November 11, 2017 by 12 Comments

Basic geocaching consists of following GPS coordinates to a location, then finding a container which is concealed somewhere nearby. Like any activity, people tend to add their own twists to keep things interesting. [Jangeox] recently posted a video of the OLED Snail 2.0 to show off his most recent work. (This is a refinement of an earlier version, which he describes in a blog post.)

Another of [Jangeox]’s Electronic Waypoints
[Jangeox] spices up geocaching by creating electronic waypoints, and the OLED Snail is one of these. Instead of GPS coordinates sending someone directly to a goal, a person instead finds a waypoint that reveals another set of coordinates and these waypoints are followed like a trail of breadcrumbs.

A typical waypoint is an ATTINY85 microcontroller programmed to display an animated message on the OLED, and the message reveals the coordinates to the next waypoint. The waypoint is always cleverly hidden, and in the case of the OLED Snail 2.0 the enclosure is the shell of a large snail containing the electronics encased in resin. This means that the devices have a finite lifespan — the battery sealed inside is all the power the device gets. Fortunately, with the help of a tilt switch the electronics can remain dormant until someone picks it up to start the show. Other waypoints have included a fake plant, and the fake bolt shown here. Video of the OLED Snail 2.0 is embedded below.

Continue reading “Snail Is Actually Cleverly Strange Geocaching Waypoint”

Hackaday Prize Entry: Global Positioning Clock

October 27, 2017 by 30 Comments

How do you get the attention of thousands of Hackaday readers? Build a clock! There are just so many choices to agonize over. Do you go with a crystal as a clock source, a fancy oven controlled crystal oscillator, or just mains voltage? Should you even think about putting a GPS module in a clock? All these are very interesting questions that encourage discussion or learning, and that’s what Hackaday is all about. Clocks are cool, and the engineering behind them is even cooler.

For one of [Nick]’s Hackaday Prize entries, he’s building a minimalist GPS clock. First up, the centerpiece of every clock, the display. There are eight seven-segment displays, two each for the hours, minutes, and seconds, and a smaller digit for tenths of a second. These displays are controlled by an ATXmega32E5, an upgrade on an earlier version of this project that only used an ATtiny and a MAX6951 LED driver.

The GPS wizardry is where this project gets really cool. [Nick] is using a SkyTraq Venus838LPx-T (that’s also available on a breakout board on Tindie). This GPS chip has a handy edge mount SMA connector to receive the signals from a GPS satellite, and has a bidirectional UART to dump the NMEA time codes and a PPS output. By combining the timecode, PPS output, and playing around with the timers on the microcontroller, [Nick] has a fantastically accurate clock that also looks great.

The HackadayPrize2017 is Sponsored by:

Don’t Miss Watching This Solar Eclipse High Altitude Balloon Online

August 20, 2017 by 8 Comments

[Dan Julio] let us know about an exciting project that he and his team are working on at the Solid State Depot Makerspace in Boulder: the Solar Eclipse High Altitude Balloon. Weighing in at 1 kg and bristling with a variety of cameras, the balloon aims to catch whatever images are able to be had during the solar eclipse. The balloon’s position should be trackable on the web during its flight, and some downloaded images should be available as well. Links for all of that are available from the project’s page.

High altitude balloons are getting more common as a platform for gathering data and doing experiments; an embedded data recorder for balloons was even an entry for the 2016 Hackaday Prize.

If all goes well and the balloon is able to be recovered, better images and video will follow. If not, then at least a post-mortem of what the team thinks went wrong will be posted. Launch time in Wyoming is approximately 10:40 am Mountain Time (UTC -07:00) Mountain Daylight Time (UTC -06:00) on Aug 21 2017, so set your alarm!

Autonomous Boat Sails The High Seas

July 30, 2017 by 13 Comments

As the human population continues to rise and the amount of industry increases, almost no part of the globe feels the burdens of this activity more than the oceans. Whether it’s temperature change, oxygen or carbon dioxide content, or other characteristics, the study of the oceans will continue to be an ongoing scientific endeavor. The one main issue, though, is just how big the oceans really are. To study them in-depth will require robots, and for that reason [Mike] has created an autonomous boat.

This boat is designed to be 3D printed in sections, making it easily achievable for anyone with access to a normal-sized printer. The boat uses the uses the APM autopilot system and Rover firmware making it completely autonomous. Waypoints can be programmed in, and the boat will putter along to its next destination and perform whatever tasks it has been instructed. The computer is based on an ESP module, and the vessel has a generously sized payload bay.

While the size of the boat probably limits its ability to cross the Pacific anytime soon, it’s a good platform for other bodies of water and potentially a building block for larger ocean-worthy ships that might have an amateur community behind them in the future. In fact, non-powered vessels that sail the high seas are already a reality.

Continue reading “Autonomous Boat Sails The High Seas”

Michael Ossmann Pulls DSSS Out Of Nowhere

July 29, 2017 by 23 Comments

[Michael Ossmann] spoke on Friday to a packed house in the wireless hacking village at DEF CON 25. There’s still a day and a half of talks remaining but it will be hard for anything to unseat his Reverse Engineering Direct Sequence Spread Spectrum (DSSS) talk as my favorite of the con.

DSSS is a technique used to transmit reliable data where low signal strength and high noise are likely. It’s used in GPS communications where the signal received from a satellite is often far too small for you to detect visually on a waterfall display. Yet we know that data is being received and decoded by every cell phone on the planet. It is also used for WiFi management packets, ZigBee, and found in proprietary systems especially any dealing with satellite communications.

[Michael] really pulled a rabbit out of a hat with his demos which detected the DSSS signal parameters in what appeared to be nothing but noise. You can see below the signal with and without noise; the latter is completely indiscernible as a signal at all to the eye, but can be detected using his techniques.

Strong DSSS Signal, no noise
Same DSSS signal not apparent

Detecting DSSS with Simple Math

[Michael] mentioned simple math tricks, and he wasn’t kidding. It’s easy to assume that someone as experienced in RF as he would have a different definition of ‘simple’ than we would. But truly, he’s using multiplication and subtraction to do an awful lot.

DSSS transmits binary values as a set called a chip. The chip for digital 1 might be 11100010010 with the digital 0 being the inverse of that. You can see this in the slide at the top of this article. Normal DSSS decoding compares the signal to expected values, using a correlation algorithm that multiplies the two and gives a score. If the score is high enough, 11 in this example, then a bit has been detected.

To reverse engineer this it is necessary to center on the correct frequency and then detect the chip encoding. GNU radio is the tool of choice for processing a DSSS capture from a SPOT Connect module designed to push simple messages to a satellite communication network. The first math trick is to multiply the signal by itself and then look at spectrum analysis to see if there is a noticeable spike indicating the center of the frequency. This can then be adjusted with an offset and smaller spikes on either side will be observed.

When visualized in a constellation view you begin to observe a center and two opposite clusters. The next math trick is to square the signal (multiply it by itself) and it will join those opposite clusters onto one side. What this accomplishes is a strong periodic component (the cycle from the center to the cluster and back again) which reveals the chip rate.

Detecting symbols within the chip is another math trick. Subtract each successive value in the signal from the last and you will mostly end up with zero (high signal minus high signal is zero, etc). But every time the signal spikes you’re looking at a transition point and the visualization begins to look like logic traced out on an oscilloscope. This technique can deal with small amounts of noise but becomes more robust with a bit of filtering.

This sort of exploration of the signal is both fun and interesting. But if you want to actually get some work done you need a tool. [Michael] built his own in the form of a python script that cobbles up a .cfile and spits out the frequency offset, chip rate, chip sequence length, and decoded chip sequence.

Running his sample file through with increasing levels of noise added, the script was rock solid on detecting the parameters of the signal. Interestingly, it is even measuring the 3 parts per million difference between the transmitter and receiver clocks in the detected chip rate value. What isn’t rock solid is the actual bit information, which begins to degrade as the noise is increased. But just establishing the parameters of the protocol being used is the biggest part of the battle and this is a dependable solution for doing that quickly and automatically.

You can give the script a try. It is part of [Michael’s] Clock Recovery repo. This talk was recorded and you should add it to your reminder list for after the con when talks begin to be published. To hold you over until then, we suggest you take a look at his RF Design workshop from the 2015 Hackaday Superconference.