jamming

22 Articles

Freak Out Your Smartphone With Ultrasound

July 17, 2018 by 13 Comments

There’s a school of thought that says complexity has an inversely proportional relation to reliability. In other words, the smarter you try to make something, the more likely it is to end up failing for a dumb reason. As a totally random example: you’re trying to write up a post for a popular hacking blog, all the while yelling repeatedly for your Echo Dot to turn on the fan sitting three feet away from you. It’s plugged into a WeMo Smart Plug, so you can’t even reach over and turn it on manually. You just keep repeating the same thing over and over in the sweltering July heat, hoping your virtual assistant eventually gets the hint. You know, something like that. That exact scenario definitely has never happened to anyone in the employ of this website.

Black Hat 2017 Presentation

So it should come as no surprise that the more sensors we pack into devices, the more potential avenues of failure we open up. [Julio Della Flora] writes in to tell us of some interesting experiments he’s been performing with the MEMS gyroscope in his Xiaomi MI5S Plus smartphone. He’s found that with a function generator and a standard speaker, he’s able to induce false sensor readings.

Now it should be said, [Julio] is not claiming to be the first person to discover that ultrasonic sound can confuse MEMS gyroscopes and accelerometers. At Black Hat 2017, a talk was given in which a “Sonic Gun” was used to do things like knock over self-balancing robots using the same principle. The researchers were also able to confuse a DJI Phantom drone, showing that the technique has the potential to be weaponized in the real-world.

It’s interesting to see more validation that not only is this a continuing issue with consumer devices, but that it doesn’t necessarily take expensive or exotic hardware to execute. Yet another reason to take ultrasound seriously as a potential threat.

Continue reading “Freak Out Your Smartphone With Ultrasound”

Beeping The Enemy Into Submission

April 17, 2018 by 45 Comments

In July 1940 the German airforce began bombing Britain. This was met with polite disagreement on the British side — and with high technology, ingenuity, and improvisation. The defeat of the Germans is associated with anti-aircraft guns and fighter planes, but a significant amount of potential damage had been averted by the use of radio.

Night bombing was a relatively new idea at that time and everybody agreed that it was hard. Navigating a plane in the dark while travelling at two hundred miles per hour and possibly being shot at just wasn’t effective with traditional means. So the Germans invented non-traditional means. This was the start of a technological competition where each side worked to implement new and novel radio technology to guide bombing runs, and to disrupt those guidance systems.

Continue reading “Beeping The Enemy Into Submission”

Self-assembling Polymers Support Silicone 3D Prints

May 18, 2017 by 12 Comments

We all know what the ultimate goal of 3D printing is: to be able to print parts for everything, including our own bodies. To achieve that potential, we need better ways to print soft materials, and that means we need better ways to support prints while they’re in progress.

That’s the focus of an academic paper looking at printing silicone within oil-based microgels. Lead author [Christopher S. O’Bryan] and team from the Soft Matter Research Lab at the University of Florida Gainesville have developed a method using self-assembling polymers soaked in mineral oil as a matrix into which silicone elastomers can be printed. The technique takes advantage of granular microgels that are “jammed” into a solid despite being up to 95% solvent. Under stress, such as that exerted by the nozzle of a 3D printer, the solid unjams into a flowing liquid, allowing the printer to extrude silicone. The microgel instantly jams back into a solid again, supporting the silicone as it cures.

[O’Bryan] et al have used the technique to print a model trachea, a small manifold, and a pump with ball valves. There are Quicktime videos of the finished manifold and pump in action. While we’ve covered flexible printing options before, this technique is a step beyond and something we’re keen to see make it into the hobby printing market.

[LonC], thanks for the tip.

Simple And Effective Car Lock Jammer Detector

February 25, 2017 by 40 Comments

[Andrew Nohawk], has noticed a spike of car break-ins and thefts — even in broad daylight — in his native South Africa. The thieves have been using remote jammers. Commercial detectors are available but run into the hundreds of dollars. He decided to experiment with his own rig, whipping up a remote jamming ‘detector’ for less than the cost of a modest meal.

Operating on the principle that most remote locks work at 433MHz, [Nohawk] describes how criminals ‘jam’ the frequency by holding down the lock button on another device, hoping to distort or outright interrupt the car from receiving the signal to lock the doors. [Nohawk] picked up a cheap 433MHz receiver (bundled with a transceiver), tossed it on a breadboard with an LED connected to the data channel of the chip on a 5V circuit, and voila — whenever the chip detects activity on that frequency, the LED lights up. If you see sustained activity on the band, there’s a chance somebody nearby might be waiting for you to leave your vehicle unattended.

If you want to know more about how these jamming attacks work, check out [Samy Kamkar’s] talk from the Hackaday SuperConference.

Continue reading “Simple And Effective Car Lock Jammer Detector”

Jamming WiFi By Jumping On The ACK

February 3, 2017 by 27 Comments

As we fill our airwaves with more and more wirelessly connected devices the question of what could disrupt this systems becomes more and more important. Here’s a particularly interesting example because the proof of concept shows that you don’t need specialized hardware to pull it off. [Bastian Bloessl] found an interesting tweak to previous research that allows an Atheros WiFi card to jam WiFi by obscuring ACK frames.

The WiFi protocol specifies an Acknowledgement Frame (ACK) which is sent by the receiving device after error correction has been performed. It basically says: “yep, I got that data frame and it checks out”. This error correcting process turns out to be the key to [Bastian’s] technique as it provides time for the attack hardware to decide if it’s going to jam the ACK or not.

The jamming technique presented by [Mathy Vanhoef] at the end 2014 outlined both constant and selective jamming. The selective part involved listening for data packets and analyzing them to determine if they are headed to a MAC the attacker wishes to jam. The problem is that by the time your commodity hardware has decoded that address it’s too late to jam the packet. [Bastian] isn’t trying to jam the data frame, he’s jamming the ACK that the receiver sends back. Without that acknowledgement, the sender will not transmit any new data frames as it assumes there is a problem on the receiving end.

Anti-Drone Fence: Science Or Snakeoil?

November 9, 2016 by 81 Comments

Remember when it was laser pointers? Well, now it’s drones.

[Thinkerer] sent us this link to what’s essentially a press release for a company called Sensofusion that makes a UAV detector and (they claim) smart jammer, and apparently one is being installed at Denver International airport.

We buy that the “Airfence” system will be able to detect known systems by signature, and possibly even take them over. We’ve seen two exploits of quadcopter radio protocols (one a timing attack and the other a controller ID spoof) that would allow them to do just that. But is that the problem? Don’t most of the major manufacturers fence off airports in software these days anyway? And are drones really the droids that you’re looking for?

They also make some claims about being able to detect and stop DIY copters, but we don’t see how. Imagine that your copter ran encrypted on 2.4 GHz. How is this different from any other WiFi signal? Or imagine that it sends and receives infrequent data in the congested pager bands? And short of jamming, we don’t see how they’re going to take down anything that they don’t already understand.

So, commenteers, how would you do it? Detect and even take over an arbitrary drone? Possible or snakeoil?

Retrotechtacular: Radar Jamming

April 28, 2015 by 23 Comments

It’s been said that the best defense is a good offense. When aloft and en route to deliver a harmful payload to the enemy, the best defense is to plan your approach and your exit carefully, and to interfere with their methods of detection. If they can’t find you, they can’t shoot you.

As of May 1962, the United States military was using three major classifications of radar jamming technology as described in this week’s film: the AN/ALQ-35 multiple target repeater, the AN/ALQ-55 communications link disrupter, and the AN/ALQ-41 and -51 track breakers. The most important role of these pieces of equipment is to buy time, a precious resource in all kinds of warfare.

The AN/ALQ-35 target repeater consists of a tuner, pulse generator, transmitter, and control panel working in concert to display multiple false positives on the enemy’s PPI scopes. The unit receives the incoming enemy pulse, amplifies it greatly, repeats it, and sends them back with random delays.

The AN/ALQ-55 comm disrupter operates in the 100-210MHz band. It distinguishes the threatening enemy communication bands from those of beacons and civilians, evaluates them, and jams them with a signal that’s non-continuous, which helps avoid detection.

Finally, the AN/ALQ-41 and -51 track breakers are designed to break enemy lock-on and to give false information. It provides simultaneous protection against pulse ranging, FM-CW, conical, and monopulse radar in different ways, based on each method’s angle and range.

Continue reading “Retrotechtacular: Radar Jamming”