Raise your hands if you know where this can lead! OK, this is all interesting, but if you take a closer look at the 65 mph example, you might find a little problem. My device is constantly transmitting this speed because it operates on a certain fixed frequency, but what if I pass by a school where there is a speed limit? In addition, we never know exactly on what frequency the police radar transmits a signal.
However, friends, I must say that we live in interesting times. We live in a future where all the world's information is in our hands and we can do whatever we want with it. New car radar detectors, such as the Valentine One and Escort 360, detect radar signals from about 2-3 miles ahead of your car and use Bluetooth to display information on the screen at what frequency the police radar emits these signals (applause).
I'm going to take a moment to express my gratitude to Tri Wolfe, over there, for giving me a very comfortable place to run some tests, completely legal and official.
(23:50) So, all we have to do is create an application that would tell us the current speed limit, such a road API. The current generation of radar detectors perfectly recognizes the frequency of police radar waves at a distance of up to 2 miles. Based on this, you can calculate the current speed limit at which your vehicle should move, and the frequency of transmission of a signal showing this speed.
All we need is a very, very small processor. On the slide you see the ESP 8266 microcontroller, it is quite enough. The problem, however, is that SDRs, or software-defined radio systems that are commonly available today, do not operate in this high-frequency or microwave space, they are designed for the low-frequency spectrum. But if you take the hardware seriously, you can assemble the device we need for about 700 bucks. Moreover, most of this amount will be the cost of upgrading the SDR for high-frequency transmission.
(25:10) However, the FCC doesn't want you to do this. Using a radar jamming device is a crime that carries a $50 fine or 5 years in prison, or both. Radar jammers have been banned in the United States since 1996, so anyone using or selling these devices is a federal criminal.
The FCC takes this so seriously that you don't even have the right to advertise these devices or promote their use. If you take a close look at this $700 device, you'll see that it really isn't all that cheap. But knowing how to make a radar jammer, we make it available, and then you can already make the right decision - to use it or not.
So the FCC won't let us speed up this process. So let's see what effective and legal countermeasures are available to us? They exist and are represented by public things. If you do not have the opportunity to use modern electronic radar detectors, use other devices, their choice is simply huge.
Modern radar detectors Uniden R3 / R7, Escort Max360, Radenso Pro M or Valentine One w / BT perfectly capture any radio emission, all these reflected and direct radio waves, at a distance of up to 2 miles, but are completely unable to detect a laser. However, most people are aware that cops use a laser as a speed gauge. And here we have a loophole! The fact is that the regulation of the use of light devices, that is, devices that emit light, which are lasers, does not even fall within the competence of the FCC - this is the prerogative of the FDA, the Food and Drug Administration. So let there be light!
It turns out that these laser guns are very different from their RF cousins. They use the viewfinder to highlight a specific target. Looking at the picture, you will see that the handheld laser radar has two lenses. The smaller one is a transmitter lens that emits light waves, and the larger lens is used to receive waves reflected from the target. In a second, you will understand why this is important.
What I really love about the laser is that the officer has to handle it like a weapon. That is, this device must be stable, must allow you to aim and find a reflective surface on your car in order to get a signal back.
In fact, the cop should aim at the headlights, license plate, or other shiny and luminous place on your car. This video shows what an officer sees through the viewfinder when aiming a laser detector at a vehicle with glowing target marks.
Because lasers are regulated by the FDA, these devices must be Class 1 lasers. This is the same class that regular laser pointers belong to. Simply put, a laser detector is the same laser pointer. They must be safe for the eyes, so their power is quite small, and the amount of radiation returning to the police radar is just as small.
In addition, due to FDA regulation, these devices are limited in the frequency of light waves, using an infrared laser with a wavelength of 904 nanometers. It's an invisible laser beam, but what's even more amazing is that it's a standard wavelength beam.
This is the only allowed standard, devices that support it are low-powered and you and I can buy them too.
(29:40) Recall what the radar measures? Speed. A laser does not measure speed, it measures distance. Now I'm showing you a very important slide and giving you time to write down this amazing formula: speed equals distance divided by time. I noticed that someone even took a picture of this slide (audience laughter).
The fact is that when laser guns measure distance, they do it at a very high frequency, usually from 100 to 200 measurements per second. So while the radar detector has already turned off, the laser gun continues to measure your speed.
You see a slide showing that in 2/3 of the territory of our country, the use of laser jammers is considered completely legal - on the map these states are highlighted in green. The yellow color indicates the states where the use of these devices is illegal, and I just have no idea what the hell is going on in Virginia, where everything is prohibited at all (laughter in the audience).
(31:10) So we have a couple of options. The first option is to use a car with hiding headlights in the βshow-hideβ mode. Not very effective, but funny and will make it very difficult for an officer to take aim at him.
The second option is to use your own laser gun! To do this, we need to know how it works. Before we start, I'll show you examples of timings. The timings we're going to talk about don't apply to all existing laser radars, but they do apply to the frequency they use. Once you understand how they work, you will understand how to attack each of the laser radars, because it all comes down to a matter of timings.
So, the most important parameters are the pulse width, that is, how long the laser is on, and the cycle period, that is, how often it shoots. This slide shows the pulse width: 1,2,3,4,5 - pulse-pulse-pulse-pulse-pulse, that's what pulse width is. And the cycle period, that is, the time interval between two pulses, is 5 ms.
You'll understand in a second, but this part is really important. When a laser gun sends out a series of pulses, what does it expect as a response? What physical characteristic does she want to get? That's right, distance! Pulse measures distance. So when your car hits the first pulse and it comes back, does that mean the officer has picked up your speed? No, he can only find out how far you are from him. He will be able to calculate the speed only by receiving the reflected signal of the second, third and subsequent pulses. You can see how the time interval between the transmitted pulse and its received reflection changes with distance: 1000 feet, 800 feet, 600 feet, 400 feet - the closer the car, the shorter the time between the transmitted and reflected pulses. Changing these parameters allows you to calculate the speed of your car. That's why they take so many measurements per second - 100 or even 200 - in order to quickly determine your speed.
Let's increase the distance between individual pulses and talk about some countermeasures. So, these red bars represent the emitted pulses of the laser gun: pulse-tmpulse-pulse. Only 3 impulses. The orange bars are the returned reflections of each pulse. Between the two emitted pulses, we have a "window" 5 ms wide, into which our own reflected pulse returns. What are we measuring? That's right, distance! We do not measure speed directly.
So if we returned our impulse before the real, reflected impulse returned, we could show the radar how far away we are from it. What I will show you next is the usual brute force method.
Imagine that you are driving, knowing exactly at what frequency the laser irradiates you - 1 millisecond at a wavelength of 904 nm. The idea is that by replacing the reflected laser signal with our signals, we show the cops that we are at a certain distance from them. I don't tell the radar that I'm going at 97 million miles an hour, no, I make it think I'm very, very close, like 100 feet away from it. The first signal says I'm 100 feet away, then the second signal comes to it and says again that I'm 100 meters away, then the third one says 100 feet again, and so on. What does it mean? That I'm moving at zero speed!
For most laser radars on the market, using this method results in an error message. A simple brute force in the form of a millisecond pulse causes a measurement error message to appear on the radar screen.
(35:10) There are several devices that allow you to use countermeasures against countermeasures, we will talk about this in a second. Some of the newer laser guns can recognize that I sent out one pulse and received as many as 4 in response. To combat interference, they use laser shift, that is, they will change the width of the pulse so that the true reflected pulse will fit in the range not affected by dummy, distorted signals. But we can resist this too. Once we understand where the emitted pulse is shifted, that is, what is the value of the laser shift, we can shift our reflected pulses there as well. Interestingly, knowing the pulse width and timing, we can identify the laser gun by the second pulse.
Having received the first impulse, we immediately use the brute force method, get the second impulse and accurately determine which gun took aim at us, after which we can apply countermeasures against it. I will quickly tell you what they are.
The red bars on the slide represent emitted pulses from the laser radar, the orange bars are their reflections from a moving obstacle, and the green bars are the pulses we are returning to that radar.
All we can do is vary the pulses of our own laser. We have a 5 millisecond window to send returned pulses, and first of all we need to return the very first signal received at a distance of 600 feet from the radar. Having received the second impulse, we determine what kind of radar sent it and find out exactly who took us on the gun. After that, we can apply countermeasures and report that we are much further away, for example, at a distance of 999 feet. That is, in relation to the radar that has spotted us, we will move away. In this way, we can deal with most models of laser radars. Commercial laser jammers do the same. There are a couple of such devices on the market that can be freely purchased that implement the same countermeasures. Just be aware that these devices are available.
(37:20). Several years ago I created a device called COTCHA. This is an ESP 8266 Wi-F based hack based on the Arduino platform. This is a very good solution, on the basis of which you can create other hacker electronic devices. Now I want to introduce you to a more serious device called NOTCHACOTCHA. This is an ESP 8266 based laser jammer that uses 12V power, making it easy to install in a car. This device uses the brute force mode for light emission with a wavelength of 940 nm, that is, it emits pulses with a frequency of 1 ms. It connects to a smartphone via a wireless module and can be used in conjunction with an Android app. In some states, the use of this "jammer" is absolutely legal.
This "jammer" can cope with 80% of the laser radars used, but is not able to withstand such advanced systems as Dragon Eye, which the police use as a countermeasure against brute force.
In addition, we make these jammers as open-source, since there are commercial versions of such devices, and it is not difficult for us to apply reverse engineering to them. So, it's legal in some states, remember the green areas on the US map? By the way, I forgot to include Colorado among the "green" states, where laser jammers are also allowed.
NOTCHACOTCHA also works in laser radar emulation mode, allowing you to test other jammers, radar detectors, and so on. In addition, this device supports MIRT mode, including a green traffic light, but this is a very bad idea. Probably, it's still not worth doing this (laughter in the audience).
I will tell you that NOTCHACOTCHA is freedom, it is with its help that we can take control of any systems that are aimed at us. I will quickly talk about the materials from which this "jammer" is assembled. These are the ESP 8266 model D1 mini, which costs one and a half dollars, a 2,2kΞ© resistor for 3 cents, a voltage converter for 3,3V for 54 cents, a TIP 102 transistor for 8 cents, and an LED panel for emitting a light flux of 940 nm. This is the most expensive part of the $6 device. In general, all this costs 8 dollars (audience applause).
The list of materials, codes and a few other "bad" ideas you can download here All of this is in the public domain. I wanted to bring such a jammer here, I have one, but yesterday I broke it when I was rehearsing my performance.
Shout from the audience: "Bill, you suck!".
I know, I know. So this thing is open source and the brute force mode works great. I checked this because I live in Kansas, where everything is legal.
I want you to know that this is only the first round. I will continue to develop the code, and would be very grateful for help in creating an open-source laser jammer that can compete with commercial counterparts. Thanks a lot guys, we had a great time and I really appreciate it!
Some ads π
Thank you for staying with us. Do you like our articles? Want to see more interesting content? Support us by placing an order or recommending to friends, , a unique analogue of entry-level servers, which was invented by us for you: (available with RAID1 and RAID10, up to 24 cores and up to 40GB DDR4).
Dell R730xd 2 times cheaper in Equinix Tier IV data center in Amsterdam? Only here in the Netherlands! Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - from $99! Read about
Source: habr.com