spoofing

14 Articles

Long-Theorized GPS Weakness Exploited On Large Scale

June 23, 2026 by 33 Comments

GPS has become fairly common in our everyday lives, not only able to pinpoint our locations on Earth but also as an incredibly accurate timekeeping method. But since these satellites are around 20,000 km above Earth, the received signals on the surface of the planet can be incredibly weak. This makes them prone to jamming and spoofing, a weakness of the technology that has long been known. Although attempts to mitigate these problems have been ongoing, there has recently been a large-scale attempt to interfere with these signals that put all mitigation efforts to the test.

One proposed way to improve resilience is to supplement existing GNSS systems with low-Earth-orbit navigation satellites. In this example, a company called Xona is using a satellite called Pulsar-0 that operates in low-Earth orbit (LEO) and provides positioning and timing signals that are around 100 times stronger than standard signals from GPS/GNSS satellites. It is able to receive GPS signals as well, ensuring the two systems agree on one another. And, because Pulsar’s navigation signals originate from LEO and are much stronger than conventional GNSS signals, Xona expects them to be significantly more resistant to jamming.

Beyond geopolitics, spoofing GPS has some applications in finding legendaries in Pokemon Go as well as making it fairly trivial to steal GPS-guided drones.

Liberating AirPods With Bluetooth Spoofing

December 12, 2025 by 19 Comments

Apple’s AirPods can pair with their competitors’ devices and work as basic Bluetooth earbuds, but to no one’s surprise most of their really interesting features are reserved for Apple devices. What is surprising, though, is that simple Bluetooth device ID spoofing unlocks these features, a fact which [Kavish Devar] took advantage of to write LibrePods, an AirPods controller app for Android and Linux.

In particular, LibrePods lets you control noise reduction modes, use ear detection to pause and unpause audio, detect head gestures, reduce volume when the AirPods detect you’re speaking, work as configurable hearing aids, connect to two devices simultaneously, and configure a few other settings. The app needs an audiogram to let them work as hearing aids, and you’ll need an existing audiogram – creating an audiogram requires too much precision. Of particular interest to hackers, the app has a debug mode to send raw Bluetooth packets to the AirPods. Unfortunately, a bug in the Android Bluetooth stack means that LibrePods requires root on most devices.

This isn’t the first time we’ve seen a hack enable hearing aid functionality without official Apple approval. However, while we have some people alter the hardware, AirPorts can’t really be called hacker- or repair-friendly.

Thanks to [spiralbrain] for the tip!

This Week In Security: Quantum RSA Break, Out Of Scope, And Spoofing Packets

October 18, 2024 by 13 Comments

Depending on who you ask, the big news this week is that quantum computing researchers out of China have broken RSA. (Here’s the PDF of their paper.) And that’s true… sort of. There are multiple caveats, like the fact that this proof of concept is only factoring a 22-bit key. The minimum RSA size in use these days is 1024 bits. The other important note is that this wasn’t done on a general purpose quantum computer, but on a D-Wave quantum annealing machine.

First off, what is the difference between a general purpose and annealing quantum computer? Practically speaking, a quantum annealer can’t run Shor’s algorithm, the quantum algorithm that can factor large numbers into primes in a much shorter time than classical computers. While it’s pretty certain that this algorithm works from a mathematical perspective, it’s not at all clear that it will ever be possible to build effective quantum computers that can actually run it for the large numbers that are used in cryptography.

We’re going to vastly oversimplify the problem, and say that the challenge with general purpose quantum computing is that each q-bit is error prone, and the more q-bits a system has, the more errors it has. This error rate has proved to be a hard problem. The D-wave quantum annealing machine side-steps the issue by building a different sort of q-bits, that interact differently than in a general purpose quantum computer. The errors become much less of a problem, but you get a much less powerful primitive. And this is why annealing machines can’t run Shor’s algorithm.

The news this week is that researchers actually demonstrated a different technique on a D-wave machine that did actually factor an RSA key. From a research and engineering perspective, it is excellent work. But it doesn’t necessarily demonstrate the exponential speedup that would be required to break real-world RSA keys. To put it into perspective, you can literally crack a 22 bit RSA key by hand.

Continue reading “This Week In Security: Quantum RSA Break, Out Of Scope, And Spoofing Packets”

Hackaday Links Column Banner

Hackaday Links: March 17, 2024

March 17, 2024 by 16 Comments

A friend of ours once described computers as “high-speed idiots.” It was true in the 80s, and it appears that even with the recent explosion in AI, all computers have managed to do is become faster. Proof of that can be found in a story about using ASCII art to trick a chatbot into giving away the store. As anyone who has played with ChatGPT or its moral equivalent for more than five minutes has learned, there are certain boundary conditions that the LLM’s creators lawyers have put in place to prevent discussion surrounding sensitive topics. Ask a chatbot to deliver specific instructions on building a nuclear bomb, for instance, and you’ll be rebuffed. Same with asking for help counterfeiting currency, and wisely so. But, by minimally obfuscating your question by rendering the word “COUNTERFEIT” in ASCII art and asking the chatbot to first decode the word, you can slip the verboten word into a how-to question and get pretty explicit instructions. Yes, you have to give painfully detailed instructions on parsing the ASCII art characters, but that’s a small price to pay for forbidden knowledge that you could easily find out yourself by other means.

Continue reading “Hackaday Links: March 17, 2024”

Hackaday Links Column Banner

Hackaday Links: December 4, 2022

December 4, 2022 by 25 Comments

Well, this is embarrassing! Imagine sending a multibillion-dollar rover to an ancient lakebed on Mars only to discover after a year of poking around at the rocks that it might not actually have been a lake after all. That seems to be the impression of Jezero Crater that planetary scientists are forming after looking at the data coming back from Perseverance since it nailed the landing in what sure as heck looked like a dried-up lake, complete with a river delta system. A closer look at the sediments Perseverance has been sampling reveals a lot of the mineral olivine, which on Earth is rare near the surface because it readily reacts with water. Finding lots of olivine close below the surface of Jezero suggests that it either wasn’t all that watery once upon a time, or that what water was there was basically ice cold. The results are limited to where the rover has visited, of course, and the nice thing about having wheels is that you can go somewhere else. But if you were hoping for clear signs that Jezero was once a lake teeming with life, you might have to keep waiting.

In other space news, we have to admit to taking NASA to task a bit in the podcast a couple of weeks back for not being quite up to SpaceX’s zazzle standards with regard to instrumenting the SLS launch. Yeah, a night launch is spectacular, but not having all those internal cameras like the Falcon has just sort of left us flat. But we should have been more patient, because the images coming back from Artemis 1 are simply spectacular. We had no idea that NASA attached cameras to the solar panels of the Orion spacecraft, which act a little like selfie sticks and allow the spacecraft to be in the foreground with Earth and the Moon in the background. Seeing Earth from lunar distance again for the first time in 50 years has been a real treat, and getting our satellite in the frame at the same time is a huge bonus.

Continue reading “Hackaday Links: December 4, 2022”

Tricking A Smart Meter Into Working On The Bench

March 31, 2022 by 27 Comments

When the widget you’re working on is powered by a battery or a USB charger, running it on the bench is probably pretty safe. But when the object of your reverse-engineering desire is a residential electrical meter, things can get a little dicey.

Not that this elevated danger level has kept [Hash] from exploring the mysteries presented by smart meters. Still, with a desire to make things a little safer, he came up with a neat trick for safely powering electrical meters on the bench. [Hash] found that the internal switch-mode power supply on the meter backplane was easy enough to back-feed with a 12-volt bench supply, rather than supplying the meter with the full 240-volt AC supply it normally gets when plugged into a meter base (these are meters for the North American market, where split-phase 240-volt is the norm for residential connections.) But that wasn’t enough for the meter — it powered up, but stayed in a reset state without fully booting. Something more was needed to bring the meter fully to life.

That something proved to be a small AC signal. Normally, a resistor network divides the 240-volt supply down to about 3 volts, which is used by the sensing circuit in the meter. [Hash] found that injecting a 60-Hz, 600-mV sine wave signal with about a 3-volt DC bias into the sensing circuit was enough to spoof the meter into thinking it’s plugged into the meter base. The video below has a walkthrough of the hack, and some nice shots of the insides of the meters he’s been working with.

[Hash] has been working with these meters for a while now, and some of the stuff he’s learned is pure gold. Be sure to check out his 2021 Remoticon talk on meter hacking for all the fascinating details.

Continue reading “Tricking A Smart Meter Into Working On The Bench”

HackRF PortaPack Firmware Spoofs All The Things

November 28, 2020 by 45 Comments

The HackRF is an exceptionally capable software defined radio (SDR) transceiver, but naturally you need to connect it to a computer to actually do anything with it. So the PortaPack was developed to turn it into a stand-alone device with the addition of a touchscreen LCD, a few buttons, and a headphone jack. With all the hardware in place, it’s just a matter of installing a firmware capable enough to do some proper RF hacking on the go.

Enter MAYHEM, an evolved fork of the original PortaPack firmware that the developers claim is the most up-to-date and feature packed version available. Without ever plugging into a computer, this firmware allows you to receive, decode, and re-transmit a dizzying number of wireless protocols. From firing off the seating pagers at a local restaurant to creating a fleet of phantom aircraft with spoofed ADS-B transponders, MAYHEM certainly seems like it lives up to the name.

[A. Petazzoni] recently put together a detailed blog post about installing and using MAYHEM on the HackRF/PortaPack, complete with a number of real-world examples that show off just a handful of possible applications for the project. Jamming cell phones, sending fake pager messages, and cloning RF remotes is just scratching the surface of what’s possible.

It’s not hard to see why some have already expressed concern about the project, but in reality, none of these capabilities are actually new. This firmware simply brings them all together in one easy-to-use package, and while there might be an argument to be made about proliferation, we all know that the responsibility to behave ethically rests on the user and not the tools.