Hacker News new | past | comments | ask | show | jobs | submit login
Testing Phone-Sized Faraday Bags (mattblaze.org)
368 points by jor-el 9 months ago | hide | past | favorite | 201 comments



This is a super cool blog post. However I think it alludes to a much larger problem. For many products today, it’s very difficult or impossible for most people to verify the product works.

For a network switch, there are free and open source tools like iPerf to test and verify speeds are as advertised. For a faraday box, you have to go through all these steps (and knowledge learned) just to be able to test these. What about for vitamins, or pet food, or any other “durable” products that are supposed to last for X years?

In an age of snake oil salesmen, paid for reviewers, and fraudulent products on Amazon, there is a real opportunity for creating systems that enable individuals to verify products do what the sellers claim they do.


This problem was most famously studied by Akerlof in The Market For Lemons. The prediction is that such a market will be overrun with low quality lemons.

https://en.wikipedia.org/wiki/The_Market_for_Lemons


I agree that the free market is easily gamed and therefore I really am glad to be living in a country with relatively strong consumer protection laws.

I buy online, I can return within two weeks no question asked.

It breaks within two years - I return it. Either I get a repaired one or a new one or my money back.

There are few exceptions but mostly it makes shopping quite secure.

Yes. There are bad actors. Yes people get ripped off by shady online stores. But if using trusted shop, PayPal or one of the known big shopping brands the experience is mostly good.


What country do you live in?


2 years is minimum default warranty by law in EU.

In the UK we have a warranty period with no particular limit, undergirded by the EU 2 year default, through the Consumer Rights Act -- basically it's founded on how long products would be reasonably expected to last, a fridge should last a decade, a cheap toy arguably far less.

But, I've had a problem with this that I think it's a useful example: Steam sold me a defective game, I tried to play it but the bugs ultimately made it impossible to enjoy (the purpose of entertainment!). Under the CRA digital goods are explicitly included in the ability to return when defective; but Steam/Valve decided their rules on "play" time trumped UK law. PayPal provided a refund (tiny amount of money) in accordance with their terms, but now Steam have taken revenge (the employee time spent on the issue certainly cost more than the original purchase), threatening to close, and then simply limiting my account. That should be illegal IMO, but I don't know if it is. I'm not going to pursue them at this point.

Imagine if a fast-food outlet said "if you complain about your food we'll ban you from buying from us", that would have a perverse effect on consumers and reduce the ability to push back against instances of low quality food. Sure, you can boycott them but that seems worse for everyone.

TL;DR at least in the digital domain, even with strong consumer protections companies can work around the law.


Norway has similar 14 day return right for things ordered online. It is originated in eighties when the phone or postal orders became popular. Basically if you do not have a chance to examine the thing one is getting like in a physical shop, the seller must accept returns within 14 days. This cannot be restricted to unopened or unused things.


Sounds like something in EU to me.


I'd like to describe a complementary problem to yours - that it's very difficult or impossible to find out others' experiences with a product's quality, durability, and performance. That is - the complement to the problem of "it's hard to determine if some products work" is "it's hard to find other users' experiences with the product".

Amazon reviews are completely worthless, but very few other platforms have anywhere close to the same number of reviews on them. Most platforms have no verification of purchase for reviews. It's hard to determine information like "does this device require a cloud login? for which functionality? are there ads?" that isn't explicitly supplied by the manufacturer (or hidden by them). Negative reviews about product breaking quickly aren't very useful because people whose products work for a long time leave reviews at a lower rate. Google is almost useless for finding out information like this because of how SEO-gamed everything is, and the ol' "site:reddit.com" trick will only work for a while longer until these fraudsters create enough fake reviews on Reddit that it also succumbs (which is already beginning).

(rant "...and this problem will likely won't be solved anytime soon, because consumers don't care about these things. That's the reason that we're in this situation - consumer apathy. When was the last time you heard a non-tech-savvy relative say something along the lines of "Wow, this phone didn't last very long. Is there a place where I can add that data point so that other people will be more informed before they purchase one?" Users don't care about performance, privacy, or durability - they just want to watch Netflix and pay the lowest sticker price they can (regardless of annual cost of ownership). You see people self-organizing around things like video games or paintball or book clubs or whatever all the time - why won't they put even a fraction of that effort into ensuring that they buy a good car?")


> because consumers don't care about these things

I think that's not the issue. Consumers DO care about durable products, and consumers DO share their experience. Consumers talk to others about stuff they like all the time, and they also complain to others when stuff doesn't work. Consumers also spend a lot of time online researching products.

Amazon Reviews were amazing in the beginning, because so many customers shared their honest experience.

The problem is that as soon as there is a popular place where people go to read reviews, companies realise they can make a lot of money if they post fraudulent reviews (or send free samples to folks who write positive reviews). Products with good reviews make lots of money, so companies are going to put a lot of effort into getting good reviews.

On the other hand, consumers trying to share their honest experience don't have anything to gain from doing so, so they are not going to put as much effort into sharing their experience.


Amazon and Coolblue reviews have been decent for me. With Amazon, the nice thing is that even if there aren't any reviews on your local Amazon, it will show reviews from other countries' Amazons with the option to translate. Combine that with professional review sites like Rtings or The Wirecutter and you can usually get a decent idea.


Maybe products have just reached a point of being overall just cheap enough and just good enough that consumers largely don't need to care about reviews? You talk about effort to buy a good car, maybe the average car is just good enough now. I wonder what percentage of younger people have bought an actual lemon that would cause them to be cautious.


I begrudgingly feel that things being good enough is they main why. And I say begrudgingly because it means less and less are caring about excellence while more and more becomes trash.

Fuelling it is that there are people in the “I want my <$500 things to last a long time because they should last” and people in the “If there’s a QC issue or it’s not as advertised I’ll return it, and if it breaks after I use it for a while I’ll just get the then-current one which will be better anyways”, and almost no one in between.

In our current society people with funds and not time see a clear ROI for shooting for 80% success because it means not having to spend time thinking or sorting out logistics.


> For many products today, it’s very difficult or impossible for most people to verify the product works.

Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems. - Jamie Zawinski via Coding Horror [0]

To your point, maybe Zawinski's aphorism is broader than regexp.

The quote investigation [1] linked from CH is well worth reading.

0. https://blog.codinghorror.com/regular-expressions-now-you-ha...

1. http://regex.info/blog/2006-09-15/247


> What about for vitamins, or pet food, or any other “durable” products that are supposed to last for X years?

We could, as a society, make rules that prohibit these things and create organizations with the expertise and power to enforce those rules. We are hardly helpless, but the political trend is to forgo and even decry that power, do nothing, and then whine about how helpless we are.


It's called consumer protection, and it's weaker in the US than many other advanced countries.


It's supposed to be called the Federal Trade Commission.


I suppose the FDA is also supposed to make sure our food isn't leaded?

These agencies seem to test one vector while ignoring everything else. I don't trust them.

https://www.consumerreports.org/food-safety/your-herbs-and-s...


> What about for vitamins, or pet food

https://www.consumerlab.com/ does a great job testing vitamins and other various things put in or on your body. Well worth the subscription price.


Linus Tech Tips is attempting something in this field: https://www.youtube.com/watch?v=pt3-6BsWlPk

tl;dw They're building a setup where they can test a bunch of computer equipment with standardised tests (built by them) in a standardised environment (also built by themselves).


Gamer's Nexus, also on youtube, has done something very similar and designed a bunch of "Standardized" tests for their benchmarks of computer systems and hardware


Sounds like what Consumer Reports does across various fields.


It’s all well and good until you get enough clout that a bad actor offers you a very large cheque to rig the game.


Is this a veiled accusation against CR? If so I’d appreciate some specifics. If not, I’ll just mention that AFAIK CR has always foregone all advertising, specifically to avoid such conflicts of interest.


Not directly, though I have some personal doubts that have zero basis in evidence.

It’s more a misplaced disappointment along the lines of “this is why we can’t have nice things” (because at a certain point money corrupts it). The number of times I’ve seen products and brands really have something special, and believe in them, and purchase and use the products, only to have them sacrifice integrity for money at some point is heartbreaking.

But that’s a me problem (and society’s problem), and not a Consumer Reports problem.


An easy solution would be putting your phone in the bag and have someone else call it.

The post does mention something similar near the bottom where they suggest putting an AirTag in the bag and seeing if your phone can find it.


I really like Snowden's recommended Faraday cage for phones or other devices of similar size: two drink-shaker cups[1].

Drink shakers are cheap and widely available. The average hotel room in any medium/large hotel chain probably includes a shaker as a standard item as part of the minibar. The simple two-cup style (as seen in [1]) is preferred over the fancier "strainer top" style because you can press the two cups together; this should cause the inner cup to slightly cut into and/or deform the outer cup along the circle where they join together. The seal between the cups should work sort of like the knife-edge seals used in vacuum chambers.

A metal box or conductive bag is only a Faraday cage if it is fully closed/sealed. Any imperfection in the seal or hole[2] might allow the radio signal to leak out. Most improvised items (freezer, random metal box, etc) have poor seals. Making a high quality cage that actually block a modern phone can be done without much trouble, but the drink shaker method is the only method I know of that will do the job using widely available (free) or very cheap ($10-ish?) parts.

[1] https://ae01.alicdn.com/kf/HLB1yRyhXZTxK1Rjy0Fgq6yovpXaZ/Win...

[2] Holes of sufficient size. How big are the waves you are trying to block?


> The average hotel room in any medium/large hotel chain probably includes a shaker as a standard item as part of the minibar.

Maybe the hotels you stay in, Bond, James Bond.


I admit the vast majority of my experience with hotels consists of a single repeated data point: the staff[1] suite(s) we shared in the Hilton attached to the SJ convention center. They always had glasses/shaker/etc. You could probably ask for a shaker from roomservice or the hotel bar, if necessary.

[1] If you registered for FanimeCon 2000-2011, the weird software you had to use was my fault...


She's not an average ship, Jim!


Hilton is a tiny bit more fancy than the average.


> The average hotel room in any medium/large hotel chain probably includes a shaker as a standard item as part of the minibar

I've stayed in dozens of hotels all over the world, and never once have I seen a cocktail shaker in the minibar?!


I've stayed in over a hundred, frequently in suites (upgrades), often at 4* hotels, in 22 countries (Full set of brands - Marriot, Hyatt, JW, etc...) Ice Buckets are pretty common - but I have never once seen a drink shaker in a room mini-bar.


The Fairmont Royal York in Toronto has shaker cups. It is 5-star though.


It is hard to believe this would perform better than a Lazzaroni tin.

And I don't recall ever finding one of these things in a hotel room, even in Europe.


Depends what the tin and shaker are made of. The tin is probably made of aluminum which has a higher skin depth than stainless steel, which I assume the shaker cups are made of. A Faraday cage of continuous surface needs walls that are thicker than the skin depth of the material the cage is made of. Since the skin depth of stainless steel is lower, the cage wall thickness can be lower while still creating an effective Faraday cage compared to an aluminum cage.

Ref skin depth of different materials at different EM frequencies:https://upload.wikimedia.org/wikipedia/commons/f/f3/Skin_dep...


The tin is painted, and paint is nonconductive. A very thin long slit in an otherwise conductive surface or mesh can be extremely leaky.


Reminds me of a joke my dad used to tell:

Dad: What's five plus five?

yosito: Ten!

D: How many fingers do you have?

y: Ten!

D: What's an aluminum can made out of?

y: Tin!

D: Wrong! Aluminum!


I'm from Europe and I've never seen one either.


I imagine I've seen them now and then but they're hardly common. I'm grateful when I get real glassware.


Now would be a great time to sell a ton of mints that just happens to fit an iPhone max with a case inside.

“Security Mints - sweet & secure”.

Maybe a kickstarter?


If you're interested in simple cages similar in effectiveness to the EDEC Window Pouch (they drop off above 3GHz)... try a Microwave Oven. They are highly available, reasonably convenient and well designed, with pretty good quality control. You can even still see your phone inside has zero bars. I do, however, recommend unplugging the microwave (or even cutting the power cord) as a fire would likely result from cooking your hardware.

To answer [2] How big are the waves you're trying to block? - it's actually crack length not width that usually determines the effective re-radiating antenna length. They can be very narrow, but a long (a few cm) crack will allow one polarization through almost completely.

I've run this test with a GSM base station and confirmed the effectiveness. If you want to test communication with a device to a base station, but have many other local antennas interfering and want to fit many devices inside... it's a decent choice. The alternatives are less convenient and usually thousands of dollars to construct.


The door seals in most microwave ovens consist of tuned slots (eg half-wave stubs) to prevent the RF escaping. These are ineffective at frequencies other than 2.4Ghz.

The reason for the tuned slots is that it's basically impossible to make a conventional metal joint which will seal sufficiently well.


I encourage you to test a few. I found that the cheap ones blocked 2.45GHz ~60dB, but that they were still down 40dB at 600MHz... the real problems were at higher frequencies and 5GHz was only down ~20-30dB at the worst case polarization. I tried using RF absorbing tape, but while it's possible to improve another 10-20dB it's painful and not repeatable without testing, if you need to remove it.

I've also worked in RF Antenna test rooms with seals that are expensive, finicky, and easy to damage... they're also at least $10k and usually much much more. In a corporate environment that's not a problem, but for a home lab it's unrealistic.

If these bags were big enough to put a few phones and a small base antenna in they'd have other uses.


What's the physics behind being able to make a container light-tight with a couple of right angle corners yet radio waves seem to leak out like water?


There are two important differences between light and radio waves:

Difference 1 is the wavelength. Light has a wavelengths of 400-700nm, whereas radio waves used by phones have wavelengths in the mm and cm range.

If structures are of similar size to the wavelength, then waves can "bend around" obstacles. This effect is called diffraction and can be observed with sound waves, electromagnetic waves, water waves, etc.

Difference 2 is the photon energy / frequency. How well radiation is absorbed depends on the photon energy. There are lots of molecules that absorb visible light very well, so it's easy to make surfaces that absorb light. But there are few things that absorb radio waves as well, so it's hard to make things that neither reflect nor transmit radio waves.


Radio waves (well, light and radio are the same thing just with different wavelength) are bounced from conductive materials, light is absorbed


Light bounces too. As you said, it’s the same thing.


How much EM radiation bounces and how much it gets absorbed is highly variable depending on the material and, most importantly, the frequency of the EM radiation. A great example in this article is the faraday bag that was visibly transparent but blocked the EM radiation in the 1-6gHz range. The metal tin was basically the opposite, it blocked visible radiation very effectively but not radiation in the radio frequency range.


Does the right-angle corner trick still work if the container surfaces are made of mirrors?


A couple of right angles not really make it light tight either.

I remember going caving and we would have to go 100m or more through many different turns before we all turned our lamps off and truly experienced perfect dark.


Are you familiar with daylight tanks for film processing? They work as advertised using right angles.


The last time I used a daylight tank was in the mid '90s so maybe newer models are different, but I believe they are made out of black/dark plastic? Several right angle turns of black plastic provides multiple opportunities for a visible-light photon to be absorbed into a black body where it should be re-radiated as infrared (heat).

A hole/leak in the metal wall of a Faraday cage is going to be a lot more reflective and can easily act like a crude waveguide[1].

[1] https://en.wikipedia.org/wiki/Waveguide_%28radio_frequency%2...


There's an old man made cave near me that consists of two small connected chambers, and once you are in the second chamber it is pitch black.


Also, 20-30 Db of attenuation for light is already quite a lot. Whilst for a radio signal it is still very conceivable that 30Db of attenuation still allows for a signal to be received.

Our eyes simply aren't very sensitive instruments. And the visible part of the spectrum is uncharacteristically full of 'noise', so it makes some sense that our eyes don't need to detect any signals that are too far below the noise-floor.

That makes me wonder. How much 'darker' is any given bit of radio spectrum as compared to the visual spectrum earth at night.


> our eyes aren't very sensitive instruments

I take umbrage with that statement! Our eyes are exquisitely sensitive, and most importantly, have staggering dynamic range.

Our eyes are capable of perceiving a single photon [1], albeit noisily (I've been lucky enough to have performed this experiment myself!).

But the greatest thing about our eyes is the dynamic range: the difference in brightness between a moonless, starry night (which we are perfectly capable of navigating by eyesight) and a bright sunny day is nine orders of magnitude. A bright day is a billion times brighter!

Show me an RF receiver or light camera with that dynamic range!

The one place our eyes are limited is in frequency range.

[1] https://www.nature.com/articles/ncomms12172


I knew the dynamic range was large. I did not know about the sensitivity! That is quite impressive.

The magnitude of the dynamic range is even more impressive if converted to 'stops' from photography, yielding about 30 stops (1 stop halves the light). Whereas a really good camera will do about 15 stops. Though I suppose that the camera gets 15 stops in a single 'scene'. Whilst the 30 stop figure for the human eye does not hold up if half your vision is taken up by daylight and the other half by a night sky. For a single 'scene' I think it becomes hard to define the dynamic range of a human eye though.


As well: because of reed solomon a modern digital signal can be reconstructed from flickers and fragments of the radio waves


What does this mean? A fragment of a radio wave is still a radio wave and can carry information irrespective of whether reed solomon or other encoding is used, no?


Think of it like trying to receive morse code:

If the signal gets choppy and you miss some of it, how do you know what you missed?

`..--- -.... ----- -----` (2600) could come through as `..- -. —` (Uno). Uno is a valid word, so passes validation, but it’s the wrong message.

What Reed-Solomon allows us to do is pad the message with n% of error correcting ‘bits’. That way, if >100-n% of the message gets through, the whole message can be reconstructed from whatever bits that made it. And if not enough of the message made it, it immediately fails the validation check and so you know you must resend the message.

It’s so handy and so solid that it’s used almost everywhere. From optical discs to ECC ram to radio communications and a bunch more.


Microwave wavelength lower than visible light. It interacts with atoms differently by interacting with magnetic fields in atoms more.

There is:

- lines-of-sight propagation in free space,

- reflect from the surfaces like light (spectacular reflection)

- microwaves can be channeled trough tubes (think sound waves). If you fold a conductive material like tin foil multiple times, it can still work as a wave guide and escape.


I think the issue is then you have to wait until you are already inside the hotel to use those shakers, which as others have said don’t actually exist in most hotels, and at that point you have been tracked to your exact location. Then it would be trivial to surveil you with other methods without needing your phone.


Pretty sure Google uses dead reckoning geolocation tracking when no signal is available. So as long as your phone is outside of the bag at some point, you're being tracked even when the phone is in the bag, and Google can correct any errors in their dead reckoning calculations once a signal is found.


It's possible, but I'd be surprised. Dead reckoning is terribly inaccurate. To get briefly acceptable accuracy, you need extremely precise sensors that you are reading very very quickly (which would make battery life plummet).


At one company I worked at we had an 'out of coverage bucket'. It was a zinc plated steel bucket. Worked almost every time. Some dude had found at an arts and craft store a very small version of the same thing. It fit over phones perfectly. Basically put device on ground. Put bucket over it. If you had any gaps or any cables hanging out it was sort of iffy and you would get coverage sometimes.


At my former job we had a rather large faraday cage for testing telco equipment. Two things surprised me: 1) It is more fiddly to ensure a room-sized faraday cage doesn't leak RF than I thought. It is really easy to make mistakes that compromises experiments. 2) There was a bath-towel sized piece of cloth that came with one of the expensive Rohde & Schwarz instruments that was astonishingly effective at blocking signal.

So I mainly used the room because that's where the magic blanket was - which was easier to use than ensuring the room was set up correctly.


I see one of the founders (Ulrich Rhode) of Rhode and Schwarz on amateur radio some times, and I always ask for test equipment and he always says no.


I see you are from <insert whatever company you are at is>, can you please send me a lifetime supply of whatever you make / have / sell please?


Hey, when my customers ask they are free to have a lifetime supply of our product! It’s free to anyone!


Maybe stop asking then?


That's very cool, he's basically test equipment royalty. But he's the son of one of the founders - Rhode & Schwarz was founded in the 1930's.


It’s good natured ribbing usually exchanged over QSL cards. I didn’t know he was the son! Ulrich never misses a QSL card for me. Cool dude!


I once tried to acquire a RS PR100 like the one used in the test here. Turns out they cost more than a fancy car!


I wonder how much more capable they are than the cheap crap I can afford.


A lot! An Ettus USRP + GNURadio could get you part of the way, but you then you don't get the nice handheld form factor and ruggedized chassis.


> While the cookie tin performed much better than the mylar bags, and could provide a modicum of useful attenuation under some circumstances, it was not sufficient to provide meaningful assurance of signal isolation at any frequency. However, it was unique among the containers tested in providing tasty snacks during measurements

Back in the day working for Symbian I used to regularly have to run a load of automated Bluetooth tests. Unfortunately there were 200+ engineers in the close vicinity of my test setup and they all had smartphones and all had Bluetooth turned on, causing loads of the test to timeout. We were very pleased with ourselves when we thought of using a biscuit tin as a Faraday cage to try and improve things. Didn't work as well as we hoped, but got the tests running within their timeouts. I always thought it'd be interesting to try using an old microwave.

Best thing was that we got to eat all the biscuits first :)


Biscuit tins and aluminium foil have layers of insulation on them, the varnish of the tin and the Al2O3 oxide layer for the foil. It is true that the gap in each case is small, but when you look for 10 orders of magnitude in attenuation - a little leakage goes a long way. Silver has the unusual property in that both the metal and it's oxide are both conductors = true silver foil made of thin metallic silver will make a good wrap around Faraday bag. Even better would be true gold metal foil - note they often use gold plated shields in space uses, even though gold foil is like fly paper in space = contact welds readily, much more so than most other metals (many of which have also contact weld problems that have to be mitigated). Those Ramsey boxes are excellent, far better than many costlier, but crappier boxes, obviously made by someone who knows an ohm from a volt...


I think the biggest issue with cookie tin cans is that they usually don't close all the way around, because the lid or the box is always slightly oval and not round (they always "stick" just in two or three spots when opening), so it looks like there's a small gap around half the circumference long - far bigger than the wavelengths in question.

Square tin can works better because those seem to usually scratch on the corners. The smallest square tin can you can find should work best. A tin can sealed with adhesive cooper tape should work pretty well even if the copper tape is isolated by the paint on the can.


I had to do some testing with ble temp sensors once we're I needed to isolate them and then put them in a freezer. They were in advertising mode so I could tell at least if I could see them with a phone. A round tin that was used for green tea from Japan was the most reliable method I was able to improvise. It fit very snug and the lid was about an inch deep.


Yes, a one inch compressed gap like that is a tortuous attenuative path in it's own right...


The simplest test you can make to verify that the microwave oven & biscuit tin can are good Faraday cages is to put your phone in one and try to call it - every time I did that in the past they failed to function as a Faraday cage.

Edit: clarification.


Did you wrap your phone with something non conducting so that it doesn't touch the tin or microwave?

It works for me with a cookie tin, the phone is wrapped in a towel.


That's an easy way to verify failure (phone rings) but not success - unless the only thing you care about blocking is phone calls I suppose.


The Faraday cage failed (the phone rang?) or the phone failed to ring (Faraday cage succeeded)?


Clarified the text of my original comment.


When I was in jail I had a cellie who imported drugs from China. They were always shipped inside defunct microwave ovens. I wondered if it was just because it looked like a harmless kitchen appliance or because the microwave provided shielding from an x-ray scan?


This really depends on the X-ray machine, a powerful x-ray source might easily penetrate a small appliance.

A faraday cage/bag does not protect x-ray since it ‘only’ blocks electromagnetic fields.

So I guess in the case you mention it’s more hiding in the insulation/empty space of an appliance.


X-rays _are_ electromagnetic radiation.


Technically speaking, yes. But they're way off on the other side of the EM spectrum, giving them dramatically different properties. You can shield against radio with a shell of any conductive material -- even a wire mesh for longer wavelengths -- but X-rays are only absorbed by high-atomic-weight atoms, like lead.


Of course the are, but - if I'm correct - they don't produce an electromagnetic field. And are not shielded by a bit of mesh wire (I work with desktop microCT machines...).


X-rays are the exact same thing as any other electromagnetic radiation, just at a different frequency.

Generally a mesh can block an EMR signal if the holes are < 1/2 wavelength in size. X-rays have nanometer wavelengths so the mesh wouldn’t even be visible to the naked eye.


How many different biscuit tins did you try? :-)


I was hoping they would test chip bags, because it was a plot device in the most recent Terminator movie.

After searching, I found that Kaspersky has a blog post on the topic: https://usa.kaspersky.com/blog/terminator-dark-fate-chips/18...

It surprised me that chip bags were more effective in their test than cookie tins, but only when they double-bagged it


Also used in the, IMHO, underappreciated film Enemy of the State (1998).


truck drivers used them too to avoid tracking from their employer

https://arstechnica.com/information-technology/2017/11/austr...


The pink bag shown is actually a static dissipative bag, not a static shielding bag, so would not be expected to work. Though the article mentions trying other bags so no doubt some of those where static shielding (metallic appearance) bags.

I've had a lot of fun in the past trying to shield Bluetooth devices for testing... metal filing cabinet? Practically no attenuation. Biscuit tin? Minimal attenuation like in the article.

Modern radio receivers are ridiculously sensitive.


I noticed this as well.

> "Makeshift Pouch 1: Electrostatic Mylar Bag"

This is not a mylar bag. It's frustrating how often these two are confused, especially when said confusion can result in component damage.


> "Wrap it in tin foil" is perhaps the most common advice [...] Unfortunately the results were extremely inconsistent [...] 90 dB attenuation in one test would produce only 50 dB the next time [...] You would have no way to tell whether you've managed to fold and seal it adequately well

On the other hand, aluminium foil is incredibly commonly available, if not in a kitchen draw, it will be at the nearest shop. Although unreliable, the _potentially_ high attenuation the author shared is pretty good (we don't know his worst reading), better than all other improvised solutions tested, and similar to commercial products. I wonder if a more reliable construction method could be found.

I'm not sure what movie scene scenario I'm envisioning, but in the case you needed a Faraday cage and don't constantly carry one around, perhaps simply taking an entire kitchen roll of foil and wrapping the device into a giant unsightly ball of it would be a reliable enough process for an "emergency" (if not pocket sized). i.e rather than trying to make a neatly folded minimal version, just resort to sheer number of layers of material - unless RF doesn't care and even 1000 layers with tiny gaps is no good?

[edit] Similarly, I wonder how well (or poorly) common household appliances work as a Faraday cage, e.g a fridge, microwave-oven - From what the author described, it seems they would all have too many gaps, however they are also constructed from higher gauge metals... i'm particularly interested in a microwave-oven which is specifically designed to reflect and retain microwave frequency fields.


Microwave ovens make for poor Faraday cages. The problem is that you only need 30-60dB to "keep the power in" while you probably want at least 100dB to "keep the signals out."

You can test this: put your phone in the microwave and try to call it. Over the years I have had about a 75% success rate.

Other household appliances tend to be even worse; any gaps in metallic seals effectively turn into slot antennas and let signals through. You need a conductive mesh gasket to stop this, and I generally don't see mesh gaskets on consumer appliances.

Your "make an al-foil ball" strategy is what I would resort to in a pinch (I have some nice Anritsu shield boxes, but those are cheating). Quantity is a quality of its own. My only addition would be making sure that the gaps tend to not line up. You want to make it difficult for the "slot antennas" modeling the gaps in each layer to couple to each other.


For the sake of keeping people from doing stupid things.

DO NOT MICROWAVE YOUR PHONE.

The test involves placing your phone in the microwave and closing the door without turning the microwave on. I'd unplug the microwave before trying this.


“This is a man who has experienced The Public”

https://www.reddit.com/r/tumblr/comments/jy8wzj/rinse_your_e...


Microwave-ovens definitely don't leak below 2.4 GHz. Any frequency above that is a non-issue for microwave-oven operator safety. It also wouldn't be an issue for any communication device transmitting below 2.4 GHz. If you want to shut down 5 GHz communication then a microwave-oven would be leaky. 60 GHz: it shouldn't matter since it needs LoS anyway.

Also, remember to ground your faraday cages.


The width of the area around microwave doors looks suspiciously close to lambda/4 for 2.4 GHz (~3 cm) on pretty much every microwave I've ever seen - I'd almost be surprised if that construction isn't tuned to reflect 2.4 GHz, which would make it a very leaky container at say 0.9/1.8 GHz.


I think you should double-check the harmonics that would get passed relative to a quarter-wave mesh.


Yes, microwave ovens use a tuned slot to seal the door. It's basically a half-wave stub.


> ground your faraday cages.

Why?


I assume for the same reason you ground your home, building up charges is a great way for Bad Things to happen.


Why would a phone pouch/box build up great charge? You don't ground your home because of charge buildup either - grounding is there to decrease the chance a thunderbolt will run through precious things, like house walls, people, electric wiring etc.


You absolutely want to ground your home due to charge buildup, I have seen the exploded appliances, no lightning required.


Grounding and bonding is done for many safety reasons. Reducing stray voltage is certainly one of them:

https://www.mikeholt.com/technical-stray-voltage-newsletter-...


Better performance. Faraday cages can act as reradiators at frequencies dependent on cage geometry.


I'm not an expert on Faraday cages, would the effects stack if you wrapped your phone in aluminum foil, then put it in a cookie tin?


I wish it covered (so to speak) aluminum foil more thoroughly.

In particular, foil is cheap, so rolling up in several layers (3? 5? 10?) and twisting the ends cracker-style ought to be more reliable and practical than trying to do it with one layer and fiddly seams. A suggested minimum number of layers and number of twists would be useful.


I was hoping for this test https://www.youtube.com/watch?v=2u6KdHmoMbw


I wish it had covered practical tests more thoroughly. As in: did the phone communication effectively drop dead once in the cages which measure well? Looks very likely based on those attenuation numbers, but still: 'question everything' is usually the way to go in test&measurement.


I built something in college that needed UL testing for RF emissions, and visited a facility in Long Island with a TEMPEST room about the size of my house. Was very memorable.

I also read an article this year by a guy that made his house radio-wave proof, because, he claimed, he was very sensitive to radio waves. It was WAY more involved than I would have guessed - for the same reasons discussed in this article and in this HN discussion. Nails and screws are a problem. Windows are a big problem. But still - how cool to be cut off from the onslaught of EM radiation.


I actually have a little cookie box, which is lined with heavy aluminum foil, which I put in a steel lunch box.

Perhaps it sounds like overkill, but it’s the only way I seem to be able to fully isolate the devices.

That said, I’d probably just buy a bag... but I’ve been trying to keep it with what I have lying around the house.


Cheap science fiction book idea: imagine having to choose between living without your smartphone or living with every company and government agency willy-nilly spying on you. Oh, wait...


Please reduce the image size, they seem to be 3 Mb each. Some people (especially if their phone is in a pouch) won't be able to get to the interesting parts of your article!


That was really interesting. I can’t believe how poorly the metal tin box did compared to real faraday pouches.


The metal tin box will have had varnish and paint on it's surfaces.

That means at the junction between the tin and the lid (and maybe other joins), there isn't an electrical connection all along.

Having two metal surfaces next to eachother, but with an insulator in between, acts like a 'choke flange'[1]. However, they only work at one specific frequency - at all other frequencies they will leak either a little signal or a lot/all the signal.

The same technique is used on a microwave door edge to keep the microwaves in. It's why keeping the microwave door edge clean is critical to safety - a small bit of food there isn't an insulator like the paint, and energy leaks out.

[1]: https://en.wikipedia.org/wiki/Waveguide_flange#Choke_connect...


I wonder how many of us are going to end up cleaning our microwaves today after seeing this comment.


What I hear from you is that soldering a wire connection between the tin can and its lid should improve it's function as a Faraday cage?


That's interesting! As far as improvised faraday cages go, I always heard that microwave ovens are a good solution. Does this mean that microwave ovens wouldn't be any better as they would only block the specific microwave frequency they're designed for?


Correct. In fact, you can easily verify this by putting a phone in an unpowered microwave and calling it. It'll usually get both 4G (frequencies range, but 800Mhz in my area) and Wifi (over 5GHz).


TIL! Thanks!


If all phones were mandated to have a physically isolating means to disable their wireless chips, we could avoid this problem all together.


Even then, how could you trust that the physical isolation switch is enough?


Where I live, all I have to do to block 4G is to stop standing in the far corner of the yard.


left arm not in the air and both feet on the ground seems to get rid of the 4g signal for me.

I do miss the old days of tuning the rabbit ears on top of the tv for best reception.


Try this trick... with your feet in the air and your head on the ground, spin it.

Did you get an earworm? I sure did.


Interesting results. The article states that Faraday cages are no directional. My physics 101 understanding of them was otherwise. You show they work by integrating over the surface of the cage and saying that's equal to the charge within the surface. But you don't say it's equal to the charge outside. Indeed it couldn't possible, since that charge could be light-years away and steady state would never be achieved. Now that was for electrostatic which isn't really what we care about, if I remember correctly.

Wikipedia also states they are more effective at blocking incoming than outgoing signals. Can anyone clarify the situation?


Building an effective Faraday Screen is surprisingly difficult:

There are three completely different scenarios, blocking electrostatic fields, blocking RF energy, and blocking alternating magnetic fields.

The first can be achieved by a thin conductive screen (eg brass mesh with soldered seams), the second by thick copper sheet (with bolted seams) and the third requires thick magnetic material (eg iron or nu-metal).


If you consider the compactification of R^3 by a single point “at infinity”, an electric charge inside the surface is the same as the opposite charge at infinity (this is just Gauss’ result). In that sense, “infinity” acts as the opposite charge, does it not?

I do not understand your question, otherwise.

(Not a criticism, just an interested comment which may be very wrong though).


> If you consider the compactification of R^3 by a single point “at infinity”, an electric charge inside the surface is the same as the opposite charge at infinity (this is just Gauss’ result)

This is a mental operation, not physically possible. The difference is real: for example, charge inside a perfect conductor cavity generates electrostatic field outside. A charge outside perfect conductor cavity does not generate any static field inside.


This is what I wondered about back in physics class. Does that prove the universe is not compact? If it were, then inside-outside is the same. But surely that's not enough to know the shape of the universe. My 'resolution' of this was to say that the universe is surely very large and so the time to reach equilibrium will be very very long. So the experiment cannot really be run to completion.

But would a point charge outside a conductor cavity ever come to equilibrium where it does generate an electric field inside the conductor cavity? Assuming compact but very large universe. It seems strange but I guess it would.


Aaaahhhhh!!!!

Thank you for this comment, truly enlightening (I am a mathematician and know 0 physics). Shall have to think about it.


If you are sufficiently concerned, why not mod the phone to add a physical battery disconnect? Would this not provide 100% protection?


If you are concerned enough, but a phone with physical switches

https://www.androidpolice.com/2020/08/22/this-smartphone-has...

Or at least phone with a removable battery

I know I will never buy a phone without a 3.5 audio jack


That last sentence surprises me a bit. What does a 3.5 audio jack have to with any of this?


Manufacturers are always trying to push features that are more profitable to them. As expected.

Non-removable batteries is the new standard because of that. (Also stream lining) Which is bad for security (the point of the article)

I don't use bluetooth because it is not reliable enough for me, because I don't like charging another device and, less importantly, because in the past it has been exploited to hack devices. The audio jack is the one port I prefer never to part with.


What if there's a capacitor inside the phone that has enough electricity inside to let the phone ping cell towers?

Depending on your occupation it can have very serious consequences.


Even better: practice defense in depth and do both.


Better still, just leave it in a drawer.


That red plastic "mylar bag" isn't what should have been tested.

Red plastic == electrostatic dissipative. It is not good at conducting electricity -- it is still very good insulator. It just has ability to dissipate electric charge fast enough so that it will not accumulate in normal use.

What you have wanted to check is a clear bag with metalized layer (which is silver or gray looking). It should, per my understanding, act as much better faraday cage than an electrostatic dissipative bag. And I would be really interested in seeing that measurement.


This article was a fun read, and it really highlights how we trust the words on the tin to be accurate and not mistaken marketing gibberish.

However, the part about the cost ranging from $40 - $80 is simply not true. I know this, because I purchased for $20 yesterday a faraday box to hold my auto key fobs and my cell phone. [1] There are very many items for sale at this price point, fabric, pouches and boxes.

[1] https://smile.amazon.com/s?k=faraday+box


Key fobs! Isn't there a scheme where thieves clone the signal from a key fob when the owner is asleep in their home and drive off with their car?


The attack involves relaying the signal next to the car. Essentially mimicking the key fob being close to the car.

For what I know you can not clone the key, nor can you record the signal and replay it whenever you want access. It's a one time thing to drive away to your nearest chop-shop/hideout.


Here's hoping I get a good faraday box from Amazon!


What's the use case for these products?

Even if the radio is blocked, how does that stop a device from collecting data anyway, and exfiltrating it the moment it finds a network? Won't it look for a network the moment you take it out of the bag? And don't you have to remove it from the bag to use it practically?

Ultimately, if your device is compromised or untrustworthy to the extent that it has to be policed this way, is it not safer to just... get rid of it?


I still wonder why phone cases with physical blockers for camera and mic aren’t in high demand, and why there aren’t hundreds of pirated copies on the market for the ones that have been developed.


I think they could have done a better job with the aluminum foil. It looks rather not well done. He could have made a pouch and folded the sides over a few times.

I made a pouch for my car's key fob with aluminum foil and metal tape. It isn't as pretty as the ones you can buy, but it wasn't $25 either and It has worked really well.


Glad to see these tested. I've been using the EDEC bags for probably a decade to have on hand for incident response/forensics in security consulting, but I never had the gear to test the bags, I just trusted their supplier. Good to know about millimeter wave / 5g though.


One thing that most people should use a Faraday pouch for (in my opinion) is storing your key fobs if your vehicle uses keyless ignition with a fob. This prevents a very common relay attack which is to stand with a laptop by someone's front door and relay the keyfob signal between the keys (somewhere inside the person's house) and the car. For people who live in cities where you park on the street (as I do) it's extra-convenient for thieves in that most cars will flash some lights to say the alarm is disabled so the thieves know which car they just unlocked.


I was also thinking about this, after seeing this reddit thread of a woman putting a device in front of a doorbell.

https://www.reddit.com/r/whatisthisthing/comments/r7kb03/my_...


Yeah a work colleague had his car stolen and his door cam recorded the thieves kind of waving a laptop about in front of it. I guess the antenna they use is highly directional so you have to get it just right to trigger.

The apple watch unlock feature in recent macOs versions apparently avoids this relay attack by using a high-precision timer so they know (given the speed of light) that the watch is very close and the signal could not be relayed from a watch that's further away by a mitm (because the timestamp would be too old). I guess car keyfobs don't do this kind of thing because the electronics are intentionally quite primitive to avoid excessive battery drain.


I'd be curious if anyone finds it worthwhile to have a smartphone while being so paranoid that you have to hide it in a Faraday bag. I understand the problem. I just don't understand the practical use case: every time you use the phone, you have to take it out of the Faraday bag, and it can be used to spy on you or report information about you. Assuming you're keeping it in the Faraday bag all day, when and why would you find it useful and worth the risk to take it out? And with that level of use, wouldn't it be more practical to have a dumb phone or a laptop?


You would take out your phone if you would like to make a phone call, or check to see if you have received any messages. For the other 99% of your day, the IoT sensors being stuck on every conceivable object are unable to report back to HQ (and every agency and broker affiliated) your current whereabouts and trajectory.


So why not get a more basic phone and not a smart phone?


Dumb phones still ping cell towers?


Sure, but they also have simpler hardware that's easier to audit and almost all have removable batteries, which is most likely just as effective as a faraday bag.


Interesting experiment however his experience with tinfoil and metal boxes doesn't match mine.

I placed my phone wrapped in a towel inside a metal box: as soon as I close the lid I can't ping the phone on local WiFi and can't reach it with call (it goes direct to voicemail as if the phone was switched off). The GPS doesn't record any position while in the box. I didn't test the Bluetooth though.

Same thing for my car keys inside a paper towel and aluminum foil: impossible to open the car even at touching distance.

I wonder if he wrapped the device before putting it in the box or aluminum.


I would note that GPS is much more fragile than WiFi/Bluetooth/GSM. The GPS signals are already incredibly weak at the receiver.


I visited at the end of eighties a research institute in a former USSR. They had a whole room with computers put in a Faraday cage to prevent any data leaks with supposedly secret information. The cage was a mesh made of thin metal sheets with 1mm holes. As I remember the whole thing was done seriously, not a fake to please some inspector. It had double doors, all cables were put into metal tubes, all lights were outside I suppose to minimize the cabling.


Electronic voting machines should be put inside Faraday cages too. Specially now that communication chips have been found hidden in some of their motherboards.

https://letsfixstuff.org/2021/04/modem-chips-embedded-in-vot...


Electronic voting is much easier to subvert than boring old paper-tech voting. It should be rejected for important elections.


Bit of an aside but the ineffectiveness of tin foil hats to prevent government intrusion into our minds has been known for some time :)

http://web.archive.org/web/20100708230258/http://people.csai...


Btw, to prevent abovementioned government/other powerful groups intrusions into our minds, I recommend to stop consuming MSM. That's the most powerful tool of intrusion/control they have.


I've lately started seeing claims on some of the forums that embrace things like vaccines contain 5G mind control chips claiming that lead effectively blocks government mind control and that is the real reason lead paint was banned, and that it is not actually harmful.


Oh for the love of god


Perfect timing, I was just looking up this topic in the last week.

But how come these are all US-exclusive. It seems both winners don't ship to EU :/


> Faraday cages are non-directional.

Per-se, yes, agreed, but I was wondering whether the transmitter and receiver antenna couple into the surrounding screen differently. The degree of coupling may de-tune them differently. If so then the setup which most accurately represents the intended use would be with the receiver inside the screen.


I am happy to see EDEC performed well.

Idle comment: we use their smaller keychain bags for car fobs, after hearing with dismay first- and second- hand accounts of relay attacks being used to steal or ransack cars in our neighborhood (94110). We now keep our fobs in them except in use.


What is the use case for disabling wireless communication for your phone? How will you use it? How will anyone call you? If you don't want to use wireless functions, buy a tablet that lacks all the radio hardware.


Bad Guys can't follow you using the signal. That's about it. Sure, they can tail you, but that's Work. And they'll know where you are the moment you take it out, but hopefully they're too far away to act on it.

All in all, if you NEED something like this, your opec had better include more than this.


> Bad Guys can't follow you using the signal. That's about it. Sure, they can tail you, but that's Work. And they'll know where you are the moment you take it out, but hopefully they're too far away to act on it.

Why have the phone if it's not connected to the network? It's a communication device. Just leave the phone home.


> 20 dB represents a change of a factor of 10 in amplitude (volts), while 40 dB is a factor of 100, 60 dB a factor of 1000, and so on.

I always thought it was 10dB, or one B that was a change of factor 10. Have I missed something?


You're missing the distinction of power vs voltage. dB is defined in terms of power.

Power is proportional to voltage squared.

So a 10x increase in voltage == a 10^2 = 100x increase in power == a 20dB increase in power.


TIL: Two principal types of scaling of the decibel are in common use. When expressing a power ratio, it is defined as ten times the logarithm in base 10. That is, a change in power by a factor of 10 corresponds to a 10 dB change in level. When expressing root-power quantities, a change in amplitude by a factor of 10 corresponds to a 20 dB change in level. The decibel scales differ by a factor of two, so that the related power and root-power levels change by the same value in linear systems, where power is proportional to the square of amplitude.

https://en.wikipedia.org/wiki/Decibel


> The question is, then, how well do they actually work?

I tested some by putting the phone in the Faraday container, and then calling its number to see if it rang.


I prefer smartphones with kill switches, Librem 5 and Pinephone.


But you need to trust that they are actually working, and that the device was not intercepted and modified en route.


They have the schematics [0,1] for these devices and even X-rays [1] for Librem 5. Also, anti-interdiction services for the latter [2].

[0] https://wiki.pine64.org/index.php/PinePhone#PinePhone_board_...

[1] https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

[2] https://puri.sm/posts/anti-interdiction-services/


Isn't this rather a security theater for the more naive prospective buyers? Even if the device is verified to comply with high-level schematics, it still may not comply on the micro-level. There is the problem with all modem chips being able to access/control phone memory and being potentially controllable by the mobile network operator. How are we going to verify this vulnerability has been removed?



Tinfoil hat on - has anyone considered how suspicious that only the commercial products worked, maybe the post is just a very clever shill for those products?


> Tinfoil hat on - has anyone considered how suspicious that only the commercial products worked, maybe the post is just a very clever shill for those products?

Not really, tinfoil actually worked, but it was apparently too difficult to get right:

> In my experiments, I found I could sometimes achieve approximately 90 dB attenuation by carefully wrapping the generator in foil and double folding the seams on all sides, which is quite good (comparable to commercial pouches).

This actually matches my experience with a GPS logger. It only had an on/off switch and I wanted to download the track from my trip without getting points from the download location at the end. IIRC, it was still able to get fixes even wrapped in tin foil.


Solution: Wrap device in aluminum foil, place in Mylar bag, place bag in cookie tin.


Surprised slnt.com isn't mentioned. Happy with their product.


I can see a 99 dollars Faraday Cloth in the future


Doesn't even try a crisp packet? Madness.


Matt Blaze is a treasure.


My understanding is that a Faraday Cage, of any size, relies on a proper grounding system to work at all so these boxes and rfid blocking pockets etc all seem to be tinfoil hats parading as space age metamaterials.


A faraday cage converts the energy in the radio waves it absorbs into heat.

Eventually it will radiate the same amount of energy as the transmitter inside it, but in infrared wavelengths and without whatever modulation was carrying the signal.


> relies on a proper grounding system to work at all

does not


Apparently not: "Small Faraday cages with no conductors penetrating the shield do NOT need to be grounded."


Nope: RF shielding has nothing to do with having a ground reference.


Good RF ground is a bitch.


Wrapping your phone in aluminum foil also works.

I've made a few DIY Faraday bags that way. They're not perfect of course, but less expensive than these bags most of the time.

Edit: Ah, I see this was covered in the article. I didn't read it before posting this comment.


It also keeps them from drying out when you microwave them while still maintaining a crispy skin.


Also, caution: If your phone is made from a tomato or other acidic substance, the foil may corrode, further reducing RF containment.


I believe that the Tomato is more commonly used for routers - this may be why!

A good portion of phones, on the other hand, do seem to be made of the fruit of the domesticated Malus.




Applications are open for YC Winter 2023

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: