If you scour eBay long enough for interesting electronic gadgets to rake in, you will definitely start recommending all sorts of dubious gadgets. So I recently came across these little GPS jammers that plug directly into a car's cigarette lighter socket. In the United States with delivery, you can buy them for no more than $ 10, and such a device seemed to me ideal to open it in the name of science.
You might be wondering what legitimate uses can be found for this gadget. As far as I know, none. The only reason you want to jam the GPS signals around your device is if you're trying to avoid being punished for something you shouldn't have done. Maybe you're driving a tracked corporate vehicle and want to take a couple of hours nap in the parking lot, or you want to turn off the GPS built into the stolen car so you have enough time to get to the workshop where it will be taken apart. Well, as usual.
But let's not ponder the potentially malicious reasons for such devices. Hackers have never had to be naughty about the devices they study and experiment with, so don't get started. Let's better test this piece of iron from the "gray" area of the law, and see how it works.
Can you hear me now?
Although the altitude of the GPS satellites, 20,200 km, is not as high as that of the communication satellites in geosynchronous orbit, they are still far enough away from us. Given this enormous distance, and considering the size of the antenna on most GPS devices, it should come as no surprise that the signal received from them is very weak. So much so that it usually turns out to be weaker than noise. Only very clever algorithms and a little magic allow your phone to hear this whisper of the stars and turn it into something that resembles useful information.
Finding the GPS signal on the RTL-SDR radio is like a needle in a haystack
It is this fragility of this signal that makes it possible to create such inexpensive jammers. It doesn't take much to suppress such a signal. Please note that this device is not trying to simulate a GPS satellite - it just broadcasts enough debris loud enough to prevent real satellites from being heard.
Turning on the jammer, we see how the already weak signal completely disappears in the sea of waves transmitted by the device.
After turning on the jammer, the signal becomes a needle in a stack of needles. It's
pointless to compete - a real signal travels tens of thousands of kilometers, and this thing yells at full power at arm's length. I have not tested the range of this device as I did not want it to last longer than necessary, but it is definitely capable of working up to several meters away.
Betrayed by an old friend
Now that we violated federal law for a few minutes by turning on this device (seriously, don't buy it), and confirmed that this creature really fulfills its advertising promises, all that remains is to open it and see how it works. I didn’t expect to see much inside for the $ 8 I spent on the purchase, but it’s still very interesting to see how easy it is to do so much damage.
For many years the 555 timer lost its popularity due to the Arduino, and now contacted a bad company
On one side of the board, two main components are visible - the 78M05 regulator, which lowers the car's 12V to 5V, and an old friend of the hackers, the NE555 timer. It is a pity that this legendary IC, an icon in the history of electronics, can now be seen only by picking out an illegal jammer - but that is, that is.
And yet, if you need a jammer for more than just AM radio, one timer will not be enough. Flip the board and look at the real bad guy.
Canned radio magic
The clear star of our show is the 13BA A041 component. But what is it? I didn't find the spec for this particular model, but our subject is a voltage controlled microwave generator (VCO). The top cover is a metal shield, and if we work on it a bit, we can look inside and see an incredible array of components crammed onto a 9 × 7mm pad.
Basically, what happens here is the VCO control pin (marked VC on the print) is connected to the 555 timer output on the other side of the board. The signal coming from the timer modulates the output signal of the VCO, which forms the frequency of our noise, located in the vicinity of the GPS frequency of 1575 MHz.
An oscilloscope connected to the VC pin shows us a 133 kHz sawtooth signal, which is output from the 555th timer. If you tune this signal, you can, in principle, change the frequency at which the jammer operates, but without the specifications for this VCO, it is difficult to say how much its frequency can be changed. Since it was probably the cheapest component available - not much, I guess.
It's also worth taking a closer look at the small device with four pins at the top of the board labeled Q6. It stands in the way of the high frequency signal from the VCO to the center pin of the antenna. It is logical to place the amplifier in this place. Although it can be a diode, protecting the electronics from everything that the antenna can receive.
An unpleasant surprise
I assumed that this micro GPS jammer simply would not work, or would work so badly that it would have little effect. However, contrary to all tradition, a cheap foreign device purchased on eBay exceeded all my expectations.
And not that I really liked it. Of course, assembly instructions for such jammers have been around for years, but you still needed to find ways to buy components and assemble them. But with such a low entry bar, this device can definitely become dangerous if it falls into the wrong hands. While WiFi or cellular jammers are likely to be more dangerous, I still don't want to see the proliferation of technologies like this one.