SENSEation Shows The Importance of Good Physical Design

Sensor network projects often focus primarily on electronic design elements, such as architecture and wireless transmission methods for sensors and gateways. Equally important, however, are physical and practical design elements such as installation, usability, and maintainability. The SENSEation project by [Mario Frei] is a sensor network intended for use indoors in a variety of buildings, and it showcases the deep importance of physical design elements in order to create hardware that is easy to install, easy to maintain, and effective. The project logs have an excellent overview of past versions and an analysis of what worked well, and where they fell short.

One example is the power supply for the sensor nodes. Past designs used wall adapters to provide constant and reliable power, but there are practical considerations around doing so. Not only do power adapters mean each sensor requires some amount of cable management, but one never really knows what one will find when installing a node somewhere in a building; a power outlet may not be nearby, or it may not have any unoccupied sockets. [Mario] found that installations could take up to 45 minutes per node as a result of these issues. The solution was to move to battery power for the sensor nodes. With careful power management, a node can operate for almost a year before needing a recharge, and removing any cable management or power adapter meant that installation time dropped to an average of only seven minutes.

That’s just one example of the practical issues discovered in the deployment of a sensor network in a real-world situation, and the positive impact of some thoughtful design changes in response. The GitHub repository for SENSEation has all the details needed to reproduce the modular design, so check it out.

GSM Phone Network At EMF Camp Built on Raspberry Pi and LimeSDR

The Electromagnetic Field 2018 hacker camp in the UK will have its own GSM phone network, and as we have already covered its badge will be a fully-functional GSM phone. This is as far as we are aware a first in the world of badges, and though it may not be a first in hacker camp connectivity it is still no mean achievement at the base station side. To find out more we talked to two of the people behind the network, on the radio side Lime Microsystems‘ [Andrew Back], and on the network side Nexmo‘s developer advocate, [Sam Machin].

There are sixteen base stations spread around the site, of which each one is a Raspberry Pi 3 B+ with a LimeSDR Mini. Development of the system was undertaken prior to the release of the Raspberry Pi Foundation’s PoE board, so they take a separate 24V supply which powers the Pi through a DC-to-DC converter. This arrangement allows for a significant voltage drop should any long cable runs be required.

On the software side the base stations all run the Osmocom (Open Source Mobile Communications) cellular base station infrastructure package. It was a fine decision between the all-in-one Osmocom NITB package and the fully modular Osmocom, going for the former for its reliability. It was commented that this would not necessarily be the case at a future event but that it made sense in the present. It appears on the network as a SIP phone system, meaning that it can easily integrate with the existing DECT network. Let’s take a look at how the network operates from the user side, and the licencing loophole that makes everything possible.

Continue reading “GSM Phone Network At EMF Camp Built on Raspberry Pi and LimeSDR”

Classic American Dial Phone Gets A GSM Makeover

For sturdy utilitarianism, there were few designs better than the Western Electric Model 500 desk phone. The 500 did one thing and did it well, and remained essentially unchanged from the mid-1940s until Touch Tone phones started appearing in the early 70s. That doesn’t mean it can’t have a place in the modern phone system, though, as long as you’re willing to convert it into a cellphone.

Luckily for [bicapitate], the Model 500 has plenty of room inside the case once the network interface is removed, because the new electronics take up a fair bit of space. There’s no build log per se, but the photo album makes it clear what’s going on. An Arduino reads the hook switch and dial pulses, while a Fona GSM module takes care of the cellular side of things. It looks like a small electret mic and a speaker replace the original transmitter and receiver. As a nice touch, the original ringer is used, but instead of trying to drive it electrically, [bicapitate] came up with a simple cam mechanism on a small motor. Driven at the right speed, the cam hooks the clapper arm, rings one bell, then releases it to let the clapper spring back to hit the other bell. Everything is powered by a LiPo, so it could be taken to the local coffee shop for some hipster hijinks.

We’ve seen similar retro-mods like this before using phones from all over the world; here’s a British take and one from Belgium, both using phones with equally classic lines.

[via r/arduino]

Inside an Amateur Bugging Device

[Mitch] got interested in the S8 “data line locator” so he did the work to tear into its hardware and software. If you haven’t seen these, they appear to be a USB cable. However, inside the USB plug is a small GSM radio that allows you to query the device for its location, listen on a tiny microphone, or even have it call you back when it hears something. The idea is that you plug the cable into your car charger and a thief would never know it was a tracking device. Of course, you can probably think of less savory uses despite the warning on Banggood:

Please strictly abide by the relevant laws of the state, shall not be used for any illegal use of this product, the consequences of the use of self conceit.

We aren’t sure what the last part means, but we are pretty sure people can and will use these for no good, so it is interesting to see what they contain.

Continue reading “Inside an Amateur Bugging Device”

Accidental Satellite Hijacks Can Rebroadcast Cell Towers

A lot of us will use satellite communications without thinking much about the satellite itself. It’s tempting to imagine that up there in orbit is a communications hub and distribution node of breathtaking complexity and ingenuity, but it might come as a surprise to some people that most communications satellites are simple transponders. They listen on one frequency band, and shift what they hear to another upon which they rebroadcast it.

This simplicity is not without weakness, for example the phenomenon of satellite hijacking has a history stretching back decades. In the 1980s for example there were stories abroad of illicit trans-atlantic serial links nestling as unobtrusive single carriers among the broad swathe of a broadcast satellite TX carrier.

Just sometimes, this phenomenon happens unintentionally. Our attention was drawn to a piece by [Harald Welte] on the unintended rebroadcast of GSM base station traffic over a satellite transponder, and of particular interest is the presentation from a conference in 2012 that it links to. The engineers show how they identified their interference as GSM by its timing frames, and then how they narrowed down its source to Nigeria. This didn’t give them the uplink in question though, for that they had to make a downconverter from an LNB, the output of which they coupled to an aged Nokia mobile phone with a wire antenna placed into an RF connector. The Nokia was able to decode the cell tower identification data, allowing them to home in on the culprit.

There was no fault on the part of the GSM operator, instead an unterminated port on the uplink equipment was enough to pick up the GSM signal and introduce it into the transponder as a parasitic signal for the whole of Europe and Africa to hear. Meanwhile the tale of how the engineers identified it contains enough detective work and outright hardware hacking that we’re sure the Hackaday readership will find it of interest.

If satellite hacks interest you, how about reading our thread of posts on the recapture of ISEE-3, or maybe you’d like to listen for a lost satellite from the 1960s.

Thanks [Kia] for the tip.

Emergency Cell Tower on a Budget

Cell phone towers are something we miss when we’re out of range, but imagine how we’d miss them if they had been destroyed by disastrous weather. In such emergencies it is more important than ever to call loved ones, and tell them we’re safe. [Matthew May] and [Brendan Harlow] aimed to make their own secure and open-source cellular network antenna for those occasions. It currently supports calling between connected phones, text messaging, and if the base station has a hard-wired internet connection, users can get online.

This was a senior project for a security class, and it seems that the bulk of their work was in following the best practices set by the Center for Internet Security. They adopted a model intended for the Debian 8 operating system which wasn’t a perfect fit. According to Motherboard their work scored an A+, and we agree with the professors on this one.

Last year, the same SDR board, the bladeRF, was featured in a GSM tower hack with a more sinister edge, and of course Hackaday is rife with SDR projects.

Thank you [Alfredo Garza] for the tip.

GPS Tracker Gets SMS Upgrade

In May of 2000, then-President Bill Clinton signed a directive that would improve the accuracy of GPS for anyone. Before this switch was flipped, this ability was only available to the military. What followed was an onslaught of GPS devices most noticeable in everyday navigation systems. The large amount of new devices on the market also drove the price down to the point where almost anyone can build their own GPS tracking device from scratch.

The GPS tracker that [Vadim] created makes use not just of GPS, but of the GSM network as well. He uses a Neoway M590 GSM module for access to the cellular network and a NEO-6 GPS module. The cell network is used to send SMS messages that detail the location of the unit itself. Everything is controlled with an ATmega328P, and a lithium-ion battery and some capacitors round out the fully integrated build.

[Vadim] goes into great detail about how all of the modules operate, and has step-by-step instructions on their use that go beyond what one would typically find in a mundane datasheet. The pairing of the GSM and GPS modules seems to go match up well together, much like we have seen GPS and APRS pair for a similar purpose: tracking weather balloons.