Slashdot Mirror
Battery-Powered Transmitter Could Crash A City's 4G Network
DavidGilbert99 writes "With a £400 transmitter, a laptop and a little knowledge you could bring down an entire city's high-speed 4G network. This information comes from research carried out in the U.S. into the possibility of using LTE networks as the basis for a next-generation emergency response communications system. Jeff Reed, director of the wireless research group at Virginia Tech, along with research assistant Marc Lichtman, described the vulnerabilities to the National Telecommunications and Information Administration, which advises the White House on telecom and information policy. 'If LTE technology is to be used for the air interface of the public safety network, then we should consider the types of jamming attacks that could occur five or ten years from now (PDF). It is very possible for radio jamming to accompany a terrorist attack, for the purpose of preventing communications and increasing destruction,' Reed said."
AT+T has apparently been using this for months, in almost every major city
A communications disruption can only mean one thing...
I love it when one of my graduate advisors gets mentioned on the front page of Slashdot!
Wouldn't the source of the jamming be tracked down and eliminated fairly quickly?
That's why I use smoke signals.
First
what about my martian friends that use 3.9ghz will they get blocked?
What's the point here? You can do the same thing with all the proprietary public safety network gear various vendors are peddling - they are mostly hilariously insecure. Or if you have a portable generator, just flood the public safety band with interference. It accomplishes the same thing.
The article claims older 3G and 2G networks would still work if LTE were jammed but that's completely false. There are a ton of ways to jam those by using fake femtocell pilot signals or otherwise interfering with synchronization signals.
In fact the MIMO technology of LTE could make it slightly harder to jam if the base stations are properly filtering stray signals. Use car-mounted MIMO for the user-side and you would get something way better than any of the existing systems at resisting interference.
Natural != (nontoxic || beneficial)
Transmitting some random packets with the WiFi card.
There are many things you can do on the low level link.
Certainly, when in some hotel there is the paywalled internet asking for like $20/day, it is possible to sniff the traffic, find some MAC address that paid, and pretend to be him/her. There is nothing that could be done to prevent such hacks. Not that I recommend doing this. Please don't do this, this is illegal. I am just saying this is possible.
Got several amateur radios in my truck so no cell towers needed.
Karma: Bad
Imagine blocking all traffic lights so nobody can see if they are red and green, and see what happens to the traffic.
Actually if I were a bad guy I would turn all lights green instead of disabling them... there'd be a crash at every intersection!
I guess the only solution to wireless signal jamming is to go back in time and start using Police Boxes, again.
TFA says "miles", then goes on with conjecture that a car mounted rig could be worse.
Bear in mind that networks are actually pretty rugged, despite the articles fear mongering. Bad channels get re-assigned automatically, antennas are pretty directional, making it hard to take out more than a small portion of a base station at any one time. Base stations have overlapping coverage (for handoff, multipathing, etc), which means that even if you take out one band for one sector of one base station using a jammer, that channel and cell site quite likely can be covered by the next adjacent cell sites from a different angle.
TFA is mostly baseless non-sense.
The Bat Signal!
I don't know what the line:
came from but it is 100% false (unless you are talking about a very, very small "city".
This "attack" is just broadcasting noise and messing with communication protocols. So the range is limited to the coverage area of the transmitter. Including dead zones where there is too much concrete and steel for the transmitter to get through.
So you should see the same pattern for blocking as you do for regular access. With a similar requirement for blocking as for coverage.
The 4G service they offer isn't really there! Brilliant!
Join the Slashcott! Feb 10 thru Feb 17!
I do IT on yachts and heard a story of a yacht that had cell repeaters on board. The installation company had the power cranked all the way to 11 and knocked an entire coastal town's cell service out while they were in port. Vodafone politely asked them to turn that shit off.
At a wireless training session with one of our vendors they said that the US navy aircraft carriers jam all radio transmissions when they enter port. That sounds like a bit of a frustration.
No sig for you. YOU GET NO SIG!
Because rather then fix the problem in the system its self, they will just ban the 'small radio transmitter' that is under your control.
Can I^Han adversary jam first-responder and other emergency radio networks this easily?
What about the "if all else fails" ham-radio networks? Imagine if the aliens in Independence Day had jammed the entire usable radio spectrum. No more more-code-gets-the-word-out moving ending.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Such a device already exists and has plagued cellular networks for years - it is called the iPhone. ;)
People are gonna watch their entire lives go by sitting and staring at the palm of their hand!
That sounds pretty retarded, hand's get terrible wifi reception.
...I swear, humanity is doomed. People are gonna watch their entire lives go by sitting and staring at the palm of their hand!
That's my girlfriend, you insensitive clod!
Every time I hear the t-mobile chick say "my touch 4G" I keep hearing orgy.
I know this is slightly offtopic but I would really like to know if anyone else is having the same problems with 4G vs Orgy.
Does voice recognition software used in mobile devices suffer from this problem or is it just me? Are other phrases such as "Our prices are sofa king low" misrecognized as well?
You can jam radio frequency communications with a sufficiently powerful and/or noisy signal on the same frequency? Who would have thought? I realize that the article is more about LTE's weaknesses, but trying to play it off as some national security weakness is total fearmongering. Even if LTE is inherently weak against jamming attacks (which is probably by design for the "authorities" to shut it off as they please), so what if one idiot can jam one cell site? (which is what the article really says if you read it) That's really not the end of the world. And what if he moves around all over the city? The outage follows him from cell to cell, but the others still continue to operate normally. And I could do the same with 1G, 2G, or 3G given a noisy enough or powerful enough signal on the same frequency. And why the hell would first responders/emergency workers be using LTE for anything critical, anyway? They have their own private trunked digital systems to use (that can also be jammed if one was so inclined to do). So, that being said, can a "Battery Powered Transmitter Crash a City's 4G Network?" Absolutely, if the city has only one 4G cell site in the city.
I hate to say it but 4G for an emergency network is just a money sink. I hate to have a defeatist attitude but at least in my small new england town this would be a complete waste of time and money and effort. We have no unified dispatch system. All land line 911 calls go to police. If you want Fire or Ambulance it's transferred to the Fire department, who then transfers medical calls to the ambulance. If you call from a cell phone it goes to the state police regional office first, then to the local state police barracks, then to town police, etc. Police and fire are on separate frequencies. ICS is a joke and never implemented. EMA is run with all donated equipment and goodwill of Ham operators. Better than nothing? certainly but not by much. I put an IP camera onto their EMA vehicle, punched a hole in their firewall and the chiefs were able to view the scene and control the camera from the EOC. It took me 10 minutes but it was like the natives seeing an airplane. The average Police/fire/EMA chief is 50+ years old and typically holds a grease pencil, not an iPad.
Example, there was a mill fire in the neighboring city. Multiple towns responded. No ICS, no communication plan, everyone on one channel walking all over each other. There is no way any of these communities could implement, monitor or effectively use a 4G solution.
Thank God there's no real 4G yet ;-)
Far more fun and a better use of money to disable the police band. Every easy in the US for police departments that do not encrypt their communications.
They come in the dark, only in the darkest.
I want loud drums in Morse Code!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Interestingly, I found and reported a similar vulnerability in the P25 radio system about six years ago.
Nothing's happened. You can jam all the first responder radios in a city with a very small amount of hardware and a copy of the protocol.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
You're looking at it all wrong. Terrorists needn't go through the effort of attacking a military might at all. Just take down all communications in a city, and watch the mayhem.
Aside from huge inconvenience, and a whopping expense to resolve the problems, there's so much more. Businesses stop working. Security alarms stop working -- which doesn't matter because the traffic alone will stop any timely response. Here comes the looting, followed closely by the rioting.
It's not the end of the world, and it'll all get resolved in a day or two; but that's a day or two of mayhem, followed by a couple weeks of clean-up. And it all cost $500 to the terrorist -- which can just as easily be a local. Or worse, a local with an imported cellphone, who doesn't know that he's the one causing the mayhem.
And it can be a monthly occurance.
And it can be in ten cities at the same time.
Why oh why would you exchange hard-wired security for wireless broadcast? Dude, convenience is the antithesis of security.
But government wants to shut off communications anyway to hinder coordination or remotely-detonated bombs.
So cutting off communication increases damage, as does leaving it running?
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Hmm... a $30.00 junked microwave oven with a little help from my soldering iron can wreak havoc on cell coverage.
Just watch those dropped calls
stop pointing out the weak spots and giving the terrorists ideas!
Of course its possible to cause havok.
---- Booth was a patriot ----
This has been a game for HAM radio operators for a long time. Look up 'fox hunt'.
---- Booth was a patriot ----
Thanks for the tip,
Your 'friendly' local terrorist
You can jam any electromagnetic-based transmission signal by blast "loud" enough static. I think we've known that for like 80 years or something, just everyone ignored it.
Maybe for a primitive attack.
If I was evil I'd focus on the GPS synchronization pulses, as those signals are weak and relatively easy to spoof with low power and complexity. Once synchronization is disrupted the network will self-jam.
Somehow I suspect there are numerous protocol vulnerabilities as well, and we haven't even started with looking at ways to directly DDOS the backhaul radios.
Hilarity indeed, but I still have a VHF FM ham radio for emegencies.