If you spend enough time trolling eBay for interesting electronic devices to take apart, you’re bound to start seeing suggestions for some questionable gadgets. Which is how I recently became aware of these tiny GPS jammers that plug directly into an automotive 12 V outlet. Shipped to your door for under $10 USD, it seemed like a perfect device to rip open in the name of science.
Now, you might be wondering what legitimate uses such a device might have. Well, as far as I’m aware, there aren’t any. The only reason you’d want to jam GPS signals in and around a vehicle is if you’re trying to get away with something you shouldn’t be doing. Maybe you’re out driving a tracked company car and want to enjoy a quick two hour nap in a parking lot, or perhaps you’re looking to disable the integrated GPS on the car you just stole long enough for you to take it to the chop shop. You know, as one does.
But we won’t dwell on the potentially nefarious reasons that this device exists. Hackers have never been too choosy about the devices they investigate and experiment with, and there’s no reason we should start now. Instead, let’s take this piece of gray-area hardware for a test drive and see what makes it tick.
Can You Hear Me Now?
While the GPS constellation average altitude of 20,200 km (12,550 miles) might not be quite as high up as communication satellites in geosynchronous orbit, they’re still pretty far away. With this incredible distance in mind, and given the size of the antenna on most GPS-equipped devices, it’s no wonder that the received signal is very weak. So weak, in fact, that it’s generally below the noise floor. Only with clever algorithms and a dash of wizardry can your phone turn this whisper from the stars into anything resembling useful information.
It’s this fragility that makes these sort of low-cost jammers possible. It doesn’t take much to overpower the legitimate signal. Keep in mind that a device like this isn’t trying to mimic a GPS satellite, it’s simply broadcasting out enough loud nonsense that the real satellite can no longer be heard.
With the jammer powered up, we can clearly see how the already meager signal is absolutely obliterated by the patterns being broadcast by the device.
There’s simply no contest; the legitimate signal is tens of thousands of kilometers away, and this thing is screaming its head off at arm’s reach. I didn’t test the range of this device, mainly because I didn’t want to have it powered up for any longer than necessary, but it’s certainly capable of doing the deed at several meters at least.
Betrayed By an Old Friend
Now that we’ve broken federal law for a few minutes by operating this device (seriously, don’t buy one of these) and verified that the dastardly thing does what it’s advertised to do, the only thing left to do is open it up and figure out how it works. For the $8 I paid for this unit I certainly wasn’t expecting a lot inside, but even still, it’s fascinating to see just how easy it is to cause so much trouble.
On one side of the PCB we can see there are only two major components, a 78M05 regulator to step the vehicle’s 12 volts down to 5 volts, and the hacker’s old friend, the NE555 timer. It’s a shame to see that it takes a teardown of an illegal jammer before we see one of the most iconic ICs in the history of electronics, but there you have it.
Still, unless you’re looking to jam an AM radio, a 555 isn’t going to cut it. Flipping the board over, we get our first glance at the real trouble maker.
RF Witchcraft in a Can
Clearly this component, labeled 13BA A041, is the star of the show. But what is it? While I wasn’t able to find a datasheet for this specific model, what we’re looking at is a microwave voltage-controlled oscillator (VCO). The visible top plate is actually a metallic shield, and with a bit of persuasion, we can look inside to see the incredible array of components that have been packed into the 9 mm x 7 mm area.
The basic theory of operation here is that the VCO’s control pin (labeled VC on the silkscreen) is connected to the output of the 555 timer on the other side of the board. The signal coming from the 555 modulates the output of the VCO, causing the noise we see centered on the 1,575 MHz GPS frequency.
With the scope connected to the VC pin, we can see the 133 KHz sawtooth signal being produced by the 555 timer. If you were to adjust this signal you could potentially shift around the frequency range that the jammer operates on, though without a datasheet for the VCO, it’s difficult to say how far you could push it in either direction. But since these were presumably the cheapest components available, probably not very far.
It’s also worth taking a close look at the small four pin device at the top of the board labeled Q6. Located directly in the path of the high frequency signal as it passes from the VCO to the center pin of the antenna connector, this would be a logical place to put an amplifier. Though it may also be some kind of a diode to protect the electronics from anything that’s picked up from the antenna.
An Unfortunate Surprise
Part of me assumed that the Mini GPS Jammer just wouldn’t work, or at least, it would work so poorly as to not be an issue. But no, in a break from tradition, a cheap imported device from eBay managed to actually exceed all of my expectations.
Not that I’m happy about it. Sure the information to build a jammer like this has been out in the wild for years, but you still needed to have the wherewithal to actually source the parts and assemble it. With such a low bar for entry, this device is clearly quite dangerous in the wrong hands. While a WiFi or cellular jammer would perhaps present a more immediate threat, this is still not technology that anyone wants to see proliferate.
via Radio Hacks – Hackaday https://ift.tt/3m1ETwr
No comments:
Post a Comment