Note to those designing trackers: if you want to make it difficult, use a board with internal layers and keep the GPS nets on the interior of the board. Doesn't make splicing impossible, but it would up the difficulty.
Here is a 787 logo 'drawn' with a 787: http://flightaware.com/live/flight/BOE236/history/20120209/2...
Imagine what your fans in government would think if the logs of your car included long periods over water or a trip to the stratosphere or a trek through the woods. Or they decided to find you once you decided to seemingly leave civilization behind to discover you turned into a bear. An angry bear with a GPS collar.
The other option would be to find a long-haul truck.
Full disclosure: I design smart-grid and telemetry applications, including a GSM + GPS device (GPS was initially used for getting accurate timestamps, but we also added positioning registers, which made the field maintenance people very happy).
Never mind court-warranted law enforcement tracking of legitimate suspects under investigation.
Iep, is there a lot of systems depending on GPS and a major system failure will bring us some chaos.
Morality is not something you outsource.
> "anything the government does is fine"
I have literally never met a single person who believes this. I have met someone who believes that anything the market does is fine (revealed preferences, doncha know?) but fortunately he's a minority, even among libertarians. If we instead interpret your statement as hyperbole with the intention of accusing people of complacency, then...
... you're no better.
Many people also go further, and claim that even when there are unjust government laws or actions, they should not be disobeyed or resisted, and that political action is the only valid approach to disagreeable actions of government. This is extremely common in any discussion about police violence.
Further - and while this is an entirely normative claim - if you would happen to agree that if you could save 1,000,000,000 lives by torturing one person for 5 seconds, that you should do so, then I would argue that torture is not inherently evil within your own normative value system.
It wouldn't be a 'vaccine' if it was in a vacuum, it would just be a vial of fluids. Once you have enough context to define vaccine, you can demonstrate that it is good.
>1,000,000,000 lives by torturing one person for 5 seconds
This argument is just obnoxious. Give me a moment.
You can play with all the numbers you want, they don't change the underlying act. Except to the extent that you make the time period so short it no longer qualifies as torture and you're not even asking a question any more.
I honestly do not know how those working for the NSA, GCHQ, etc. can live with themselves for the damage they're doing. Snowden said he was getting something like $120k p/a as a consultant for the NSA, so it's not like it's massively financially lucrative.
He said he liked "catching baddies".
Here, it looks like they didn't even try, or if they did, their designer wasn't very good.
What are the transmitters you're talking about? Multiple analog front ends each transmitting on a different L1 channel frequency? SDRs transmitting on multiple L1 channels? L1 is 1575.42 MHz (10.23 MHz × 154) so you'd need multiple channels to simulate multiple satellites. How can I do that for $50?
Thinking about how much trouble you could cause, I'm actually surprised that GPS transmissions aren't signed. I guess if you were implementing it today, that would be a logical feature to add....
After a little googling, it looks like the DoD did think of it, it's just not for the like of us:
"The Precision (P) code, sometimes called the Precise Positioning Service (PPS), is modulated onto the L1 and L2 carriers allowing for the removal of the first order effects of the ionosphere. The P code is referred to as the Y code if encrypted. Y code is actually the combination of the P code and a W encryption code and requires a DoD authorized receiver to use it. Originally the encryption was intended as a means to safe-guard the signal from being corrupted by interference, jamming, or falsified signals with the GPS signature. Because of the intent to protect against "spoofing," the encryption is referred to as "Anti-spoofing" (A-S). A-S is either "on" or it's "off;" there is no variable effect of A-S as there is with SA."
The transmitters I'm talking about are designed for the mobile phone industry. This is an example:
My guess is they're pretty expensive new, but I've seen them locally for about 50USD.
The best outcome for you is contacting a lawyer, a media outlet, and the people you think are surveilling you; the local police and FBI field office are a good start.
Making already suspicious people think you're doing something crazy or threatening isn't going to make your life any better. Something like how making jokes about bombs in airports will not improve your circumstances.
Or you can use the good old seal-the-whole-thing-with-a-coat-of-epoxy approach.
theres a main processor which is way overpowered (the big TQFP part) which is covered by a plug-in 2G GSM/GPRS modem. You can 'sniff' the modem control pins, its almost certainly the standard plain 'AT' command set used for these modems, at 9600 or 57600 baud, 3.3V logic
The plug in module looks a lot like a SIM300 or Spreadtrum 5100b. It probably had an IMEI sticker that was pulled off. Theres probably a dozen makers of nearly identical modems during that time period. This one looks fairly old since its a plug-in type. I'd guess the GSM module is at least 5 yrs old
On the other side is a standard 32-pin NAND flash, you could desolder and then use a NAND-reader kit (google etc) to suck the data off. its probably just the GPS coordinates stored between modem data uploads.
SIM holder, some crystals, power circuitry, and a (95% sure) uBlox GPS - the uBlox have that funny shape and pinout. uBlox have high sensitivity so a good choice! unclear which generation this us, they're up to Neo-8. You could decap it to find out.
probably the most fun could be had by first figuring out the RX/TX pins from the microcontroller to the GSM/GPRS module, then soldering thin wires to that and listening with a UART TTL cable. Put in a new SIM, wait a few seconds for the GSM module to get onto the cell network, then quickly faraday it up and see what website, IP address or phone number the micro is trying to connect to. ymmv tho, might just be a random drop point.
(theres a bunch of chips with no clear markings, could be motion/accel/gyro or other sensors - @ioerror if you post up the #s on each chip it'll be easier to tell! :)
edit: i thought about the huge coin cell battery backup. its a bit odd, quite large sized! if its well designed, the microcontroller will detect that the battery has been disconnected, and while on backup coin cell power quickly erase the NAND flash and microcontroller memory :(
The large power drain of the CPU could indicate this off-shelf product is meant to be installed, rather than attached with battery? Which could indicate a product as someone else linked to: http://www.miniinthebox.com/es/gps-v103b-sms-gprs-gps-sistem...
I'd be curious if any code were installed on the GSM module since many of these provide jvm's or python interpretors. Then again, what they heck is this 120 pin CPU for.
If the thing still has power it is worth keeping it alive without the SIM.
PS. Azul=Blue Negro=Black Marron=Brown Blanco=White in spanish
The battery pack on the left, and the tracker on the right were in a magnetic Pelican case attached to the underside of a black Escalade. The sim in the tracker was from some US MVNO that I didn't recognize.
I have a car I don't use very often and often forget where I park it. DX and BangGood have GPS trackers you can buy for $20-40 that you can install a prepaid SIM card in, text message and receive coordinates. Not a bad roll-your-own-LoJack.
I like how the agency gummed over the chip silkscreens so you can't see what chips they're using. Even though it's obvious that one is flash, another is a GPS module, and the third is the micro. And it appears that some scraping will show you the part numbers anyway. Amateur hour.
Would be interesting if they could lift any prints from the tape on this newest one and publish them. I can't imagine it's easy to apply duct tape with gloves on.
Edit: this is downvoted, but a similar comment with the same link, posted 10 minutes later, is upvoted? I don't understand.
The low integration of the design suggests that it's probably at least 5 or more years old; these days, all that functionality would fit in 3-4 tiny BGA ICs.
These were large convex mirrors mounted horizontally on castors and with a long handle. They were slid under the car to look for suspicious packages that may have been attached covertly with malicious intent.
Very quick to use and were widely issued to individuals who might have been at risk. So it was common to see people using them each morning before heading off to work ( by a different route each day of course ).
Sounds like there might be a new market for them.... I should have bought a few hundred when they were being sold as surplus!
If you go along narrow country roads in NI you can find many of the mirrors re-purposed in a vertical orientation opposite blind-exits, as they give a fisheye-type view of the road either side of the junction.
In the case of my provider, the permission to use the self-service portal which include the possibility to view/change billing addresses and shows all the numbers active on a contract, can, of course, be enabled/disabled per telephone number. But it will be worth a try...
Although I hope it's a three-letter agency, because that'd make me a bit less frightened of them.
Also, I don't know why everyone is up-in-arms about the solder job quality. Rip apart a Chinese Futaba-knockoff RC transmitter, dash cam, or counterfeit Lenovo/Apple power-brick for similar quality (and that stuff is everywhere). All that anyone cares about is that it passed the bench test. (who cares if it burns up later?)
So yeah, even if this is private investigator grade hardware, according to the info available it would not surprise me if this was either CNP (police) or CNI (our joke version of the CIA).
It would be pretty ironic if they routed through Tor...
The device was probably SMS'ing location data. There might still be log data in the device that could be extracted via a serial port.
In fact even the soldering for the power wires to the strange battery array board looks rather amaturish. I'm not sure I'd chalk this up to any agency that's got much of a budget for this kind of thing. I think it's likely to be some other activist group that's in disagreement with this one and wants to dig up dirt (Private Eye maybe?)
Edit: correction, what I thought was a bunch of batteries on a board looks like it's actually the magnets that held it in place on the car. D'oh. Either way it still looks odd that it's built like a set of development boards by a chip manufacturer.
Not to mention the board layout is pretty good, and because the GPS & GSM are integrated the layout engineer probably had to know a thing or two about routing antennas- while as you point out the solder job is quite amateur.
GPS + GSM modules are available (now - maybe not when this thing was designed) which would shrink the whole tracker down to one module, a few voltage regulators and related passives, and a battery:
If you know you got the contract anyway and know that aren't dealing with technical people anywhere in the customer chain, you don't have to worry much about quality, it just has to barely work.
I was working for the competition at the time, and like to think that the black boxes we made were better than that, although the first couple of revisions were also a mess... at least ours got better!
that's how it works isn't it?
A transponder replies to an interrogation with a squitter response.
Navstar satellites zip along merrily broadcasting to anyone who will listen ( regardless of the receiver's ability to process the signal ). You as an intending user don't communicate with them at all.
In the receiver there is no transmission capability related to GPS. Why would there be? The only uplink to which Navstar sats will listen is that from Boeing's system control center ( or presumably a spoof thereof ).