Looking through the drops.wooyun.org website, it appears that every image posted is watermarked. It seems to be a blogging platform targeted towards hackers, with lots of authors represented. I imagine that the watermarking is an automated process applied to every image uploaded to the platform.
Of course, the author should have given attribution.
I was captivated until "2.1 Search for girls through Wechat People Nearby"
That just pushed the creepy a little too much.
Honest question, I assume playing with this is completely illegal in the US??
I guess you can get in real trouble if you are catched faking GPS signals? Does anyone know what are the regulations for something like this?
The FCC rules for Amateur radio which is defined in Part 97 clearly states that an amateur may not disrupt radio location services. The frequency for the GPS Signals, high UHF is not close to any privileges available, amateur operators included. In short, don't do this unless you're testing / putting out very low power. Better yet, get an RF enclosure.
Here is a graphic of the spectrum available in the US: https://www.ntia.doc.gov/files/ntia/publications/2003-alloch...
Awesome. Thank you. I didn't realize they had a new version of the chart out now.
The FCC would have absolutely no problem at all throwing around at least 5-digit fines for doing these things.
Beyond that, though, GPS is still considered military technology. The state department could very well come after you for exporting military tech were you to even make a blog post about it while based-in or having any ties to the US. They really don't fuck around with this stuff.
I got to play with a real GPS simulator a few years back for a school project (visiting the local defense contractor to verify some equipment) the narrow part of which was testing an unlocked (height and velocity restrictions disabled) GPS receiver as it would work in LEO.
You can get a Part 5 experimental license, although a likely condition of getting such a license would be taking steps to ensure that your work doesn't interfere with devices outside of a small designated test area. Alternatively, you can do all the GPS experimentation you want inside of a shielded chamber without asking permission from anyone.
RF and all the hacking I see in this domain are nothing short of fascinating. I will never trust my GPS watch again!
Further, imagine all the havoc one of these systems could bring. You could basically forge every Strava segment in your area to be at the top of the leader board. Heck, you don't even have to be in the area. Go to a race and just slightly zap every device that runs/cycles by. These are just the "haha", non-life changing ideas. There are some really shitty ideas too...
Wow... hack all the things!
I wonder if it's possible to detect and protect against a spoofed GPS signal by cross-referencing with trusted/canonical online data (eg. NTP and almanac data from NASA)?
Only against imperfect spoofing.
A GPS receiver in Los Angeles sees the same set of signals as a receiver in San Francisco - just the relative arrival times of the signals are different by, at most, a single-digit number of milliseconds.
So an attacker just needs to do a replay attack, and all the almanac stuff checks out fine because it's a perfect replica of the authentic signal.
Most phones also have a GLONASS receiver, which is Russia's GNSS.
I'm pretty sure the self-driving system wouldn't rely on GPS much, especially considering how inaccurate GPS can be (and that's when you can actually get a signal).
I believe there are two places where Tesla's system uses GPS.
One is to slow down for curves in the road. I'm not entirely sure why they don't just sense the curves with the camera, but there are reports of spurious slowing due to out of date maps, and I've seen it myself when the system thinks I'm taking an exit ramp that crosses over the highway and I'm actually driving under it. Not really a problem if this gets faked out.
The other some sort of input to the lane keeping system, perhaps to resolve ambiguity if the camera isn't quite sure where the lanes goes up ahead. The other sensors are by far more important in the calculation, so I don't think this would do much either.
Currently, there's no connection between the route in the navigation system and the autopilot system (e.g. it won't take exits for you if you're going that way) so you can't spoof it to make it go somewhere else. Pretty much the best you could do is confuse the driver with bad directions.