usrp-users@lists.ettus.com
Discussion and technical support related to USRP, UHD, RFNoC
View all threadsMobile phones interrogation using the B210
Hello guys
I'm wondering if there is a way you can think of, to use the USRP to send
some kind of signal that can get cellular phones nearby to increase their
TX power.
I'll explain-
When a cellular phone is connected to the network, and untouched by the
user or with no activity with the network (such as calls/sms/etc) it is in
"rest" mode - it's tx power is very low and can be seen in a spectrum
analyzer as a flat line.
For my project, i need to use cellular TX power in order to know when i'm
coming closer/further to the phone, and for now it's working only if i make
a call for example, or even download something off the internet.
My question is if there is a way i can make a phone come out of it's rest
when i'm not a part of the cellular network?
Thanks a lot,
Meny
Hi Meny,
in short: no.
Long answer: You could potry to inject stuff in the downlink channel
that looks like it was coming from the base station and at least would
make the cell phone respond, but that would take a little more serious
intelligence on a TX side.
It'll be much easier to just make a call with the phone, or constantly
sending control message/short messages to it.
Best regards,
Marcus
On 12/28/2015 04:38 PM, Meny Sidar via USRP-users wrote:
Hello guys
I'm wondering if there is a way you can think of, to use the USRP to
send some kind of signal that can get cellular phones nearby to
increase their TX power.
I'll explain-
When a cellular phone is connected to the network, and untouched by
the user or with no activity with the network (such as calls/sms/etc)
it is in "rest" mode - it's tx power is very low and can be seen in a
spectrum analyzer as a flat line.
For my project, i need to use cellular TX power in order to know when
i'm coming closer/further to the phone, and for now it's working only
if i make a call for example, or even download something off the internet.
My question is if there is a way i can make a phone come out of it's
rest when i'm not a part of the cellular network?
Thanks a lot,
Meny
USRP-users mailing list
USRP-users@lists.ettus.com
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
Thanks for the reply,
The idea is that i don't know what phones are around me or even if there
are phones,
so to make a call or send messages is not a possibility.
Thanks anyway,
Meny
2015-12-28 18:37 GMT+02:00 Marcus Müller usrp-users@lists.ettus.com:
Hi Meny,
in short: no.
Long answer: You could potry to inject stuff in the downlink channel that
looks like it was coming from the base station and at least would make the
cell phone respond, but that would take a little more serious intelligence
on a TX side.
It'll be much easier to just make a call with the phone, or constantly
sending control message/short messages to it.
Best regards,
Marcus
On 12/28/2015 04:38 PM, Meny Sidar via USRP-users wrote:
Hello guys
I'm wondering if there is a way you can think of, to use the USRP to send
some kind of signal that can get cellular phones nearby to increase their
TX power.
I'll explain-
When a cellular phone is connected to the network, and untouched by the
user or with no activity with the network (such as calls/sms/etc) it is in
"rest" mode - it's tx power is very low and can be seen in a spectrum
analyzer as a flat line.
For my project, i need to use cellular TX power in order to know when i'm
coming closer/further to the phone, and for now it's working only if i make
a call for example, or even download something off the internet.
My question is if there is a way i can make a phone come out of it's rest
when i'm not a part of the cellular network?
Thanks a lot,
Meny
USRP-users mailing list
USRP-users@lists.ettus.com
USRP-users@lists.ettus.com
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.comhttp://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
USRP-users mailing list
USRP-users@lists.ettus.com
USRP-users@lists.ettus.com
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
Well, it's going to be hard talking to someone you don't know is there.
However, seeing that a) for a fixed location, it's relatively easy to
figure out which downlink channels are used by base stations, and b)
it's pretty likely that there will be regular communication between base
stations and a mobile phone, you should be able to detect the presence.
It's really not that magic from a signal point of view; "just" look for
the right spectral shape.
Best regards,
Marcus
On 12/28/2015 06:41 PM, Meny Sidar wrote:
Thanks for the reply,
The idea is that i don't know what phones are around me or even if
there are phones,
so to make a call or send messages is not a possibility.
Thanks anyway,
Meny
2015-12-28 18:37 GMT+02:00 Marcus Müller <usrp-users@lists.ettus.com
mailto:usrp-users@lists.ettus.com>:
Hi Meny,
in short: no.
Long answer: You could potry to inject stuff in the downlink
channel that looks like it was coming from the base station and at
least would make the cell phone respond, but that would take a
little more serious intelligence on a TX side.
It'll be much easier to just make a call with the phone, or
constantly sending control message/short messages to it.
Best regards,
Marcus
On 12/28/2015 04:38 PM, Meny Sidar via USRP-users wrote:
Hello guys
I'm wondering if there is a way you can think of, to use the USRP
to send some kind of signal that can get cellular phones nearby
to increase their TX power.
I'll explain-
When a cellular phone is connected to the network, and untouched
by the user or with no activity with the network (such as
calls/sms/etc) it is in "rest" mode - it's tx power is very low
and can be seen in a spectrum analyzer as a flat line.
For my project, i need to use cellular TX power in order to know
when i'm coming closer/further to the phone, and for now it's
working only if i make a call for example, or even download
something off the internet.
My question is if there is a way i can make a phone come out of
it's rest when i'm not a part of the cellular network?
Thanks a lot,
Meny
_______________________________________________
USRP-users mailing list
USRP-users@lists.ettus.com
<mailto:USRP-users@lists.ettus.com><mailto:USRP-users@lists.ettus.com>
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
_______________________________________________
USRP-users mailing list
USRP-users@lists.ettus.com <mailto:USRP-users@lists.ettus.com>
<mailto:USRP-users@lists.ettus.com>
http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com
<http://lists.ettus.com/mailman/listinfo/usrp-users_lists.ettus.com>
When a cellular phone is connected to the network, and untouched by the
user or with no activity with the network (such as calls/sms/etc) it is in
"rest" mode - it's tx power is very low and can be seen in a spectrum
analyzer as a flat line.
For my project, i need to use cellular TX power in order to know when i'm
coming closer/further to the phone, and for now it's working only if i make
a call for example, or even download something off the internet.
Phones that are not active don't transmit at low power ... they don't
transmit at all !
And the only thing they're doing is listening to the paging channel to
see if someone is paging them.
But you can't talk on those paging channels because :
- When idle (no paging) there is still 'dummy' paging transmitted
and so your transmission would be garbeled. (at least true for gsm,
not 100% sure for other - Since you don't know which phone are there you have no idea in
which slot to transmit nor which ID to page anyway.
There is nothing you can do to force phones around you to TX without
interfering with the normal operation. (I mean you could just jam all
frequencies and start a fake BTS and wait for phones to connect but
that would also prevent them from working normally at all ....)
They're cellphones, not locator beacons ... (at least to anyone which
isn't the operator they're registred to)
Cheers,
Sylvain
Hello again guys,
I'm very sorry for the late response, been busy lately.
However, i would like very much if we could pick up the discussion.
Sylvain,
According to this very nice device (found it just now, and it's similar in
idea of what i'm trying to do):
https://www.youtube.com/watch?v=5Bsiu04g1ho (Wolfhound-PRO)
it does seem possible to detect mobile phones in idle mode,
my big question of course is-
how?!
Thanks in advance :)
Meny
2015-12-28 20:29 GMT+02:00 Sylvain Munaut 246tnt@gmail.com:
When a cellular phone is connected to the network, and untouched by the
user or with no activity with the network (such as calls/sms/etc) it is
in
"rest" mode - it's tx power is very low and can be seen in a spectrum
analyzer as a flat line.
For my project, i need to use cellular TX power in order to know when
i'm
coming closer/further to the phone, and for now it's working only if i
make
a call for example, or even download something off the internet.
Phones that are not active don't transmit at low power ... they don't
transmit at all !
And the only thing they're doing is listening to the paging channel to
see if someone is paging them.
But you can't talk on those paging channels because :
- When idle (no paging) there is still 'dummy' paging transmitted
and so your transmission would be garbeled. (at least true for gsm,
not 100% sure for other - Since you don't know which phone are there you have no idea in
which slot to transmit nor which ID to page anyway.
There is nothing you can do to force phones around you to TX without
interfering with the normal operation. (I mean you could just jam all
frequencies and start a fake BTS and wait for phones to connect but
that would also prevent them from working normally at all ....)
They're cellphones, not locator beacons ... (at least to anyone which
isn't the operator they're registred to)
Cheers,
Sylvain
According to this very nice device (found it just now, and it's similar in
idea of what i'm trying to do):
https://www.youtube.com/watch?v=5Bsiu04g1ho (Wolfhound-PRO)
it does seem possible to detect mobile phones in idle mode,
The very first text info displayed on that video says "active cell phone" !
Just because you don't see anything in the screen doesn't mean it's idle
- This is a smart phone, you have no idea what it's doing in the
background, it could be updating apps or downloading emails for all
you know. - The operator can enable a RF channel to the phone without actually
making a call and this will trigger no visible UI, but the phone will
not be idle and it will be actively transmitting. This can be used to
do direction finding to a target phone very easily and without the
user knowing about it.
Cheers,
Sylvain
Thank you very much guys.
I see what you are saying, but still-
After viewing some videos of this product, including some interviews with
the person responsible for it,
i'm pretty positive that it can actually find phones in idle mode.
This product isn't cheap to buy and manufactured specifically to places
with no-phones policies, i would rather think they don't count on the
phones to currently download emails, etc...
Marcus, thank you for the detailed response.
I have to be honest, i didn't quite understand the radar-method you were
talking about.
Perhaps i should investigate more on that area.
Than again, just to be clear, i don't really care for now about
frequency-lock or actuall phone's direction.
All i'm intersted about at this point is to try to find a phone with
"hot-cold" method- which i did manage to do- i have a pretty good code that
could track down a tranmitting phone.
And one last thing, in one of his interviews, he mentioned that it is
possible to achieve due to phone's autonomous registration.
Maybe you see a path here to succeed?
I know it's a longshot, i have been watching my spectrum analyzer for a lot
of time trying to learn and investigate. of course when phone in idle- it's
a flat line. so it makes me wonder, where is this "invisible" frequency
where all the action goes (this so-called autonomous registration)?
Thanks again for your time,
Meny
2016-01-11 23:32 GMT+02:00 Sylvain Munaut 246tnt@gmail.com:
According to this very nice device (found it just now, and it's similar
in
idea of what i'm trying to do):
https://www.youtube.com/watch?v=5Bsiu04g1ho (Wolfhound-PRO)
it does seem possible to detect mobile phones in idle mode,
The very first text info displayed on that video says "active cell phone" !
Just because you don't see anything in the screen doesn't mean it's idle
- This is a smart phone, you have no idea what it's doing in the
background, it could be updating apps or downloading emails for all
you know. - The operator can enable a RF channel to the phone without actually
making a call and this will trigger no visible UI, but the phone will
not be idle and it will be actively transmitting. This can be used to
do direction finding to a target phone very easily and without the
user knowing about it.
Cheers,
Sylvain
Hi Meny,
On 12.01.2016 01:02, Meny Sidar wrote:
i'm pretty positive that it can actually find phones in idle mode.
[[
And one last thing, in one of his interviews, he mentioned that it is
possible to achieve due to phone's autonomous registration.
That is not a phone in idle mode. That is a phone registrating in a
cell.
I know it's a longshot, i have been watching my spectrum analyzer for
a lot of time trying to learn and investigate.
That's what the person in the video does, too-- A spectrum analyzer that
uses specific filters for some specific communication standards, and
unlike your spectrum analyzer, doesn't sweep over a whole range, but
only over specific typical frequencies.
of course when phone in idle- it's a flat line. so it makes me wonder,
where is this "invisible" frequency where all the action goes (this
so-called autonomous registration)?
Not. at. all. The phone is not invisible when it's registrating.
Best regards,
Marcus
Thanks again for your time,
Meny
2016-01-11 23:32 GMT+02:00 Sylvain Munaut <246tnt@gmail.com
mailto:246tnt@gmail.com>:
According to this very nice device (found it just now, and it's similar in
idea of what i'm trying to do):
https://www.youtube.com/watch?v=5Bsiu04g1ho (Wolfhound-PRO)
it does seem possible to detect mobile phones in idle mode,
The very first text info displayed on that video says "active cell
phone" !
Just because you don't see anything in the screen doesn't mean
it's idle
1) This is a smart phone, you have no idea what it's doing in the
background, it could be updating apps or downloading emails for all
you know.
2) The operator can enable a RF channel to the phone without actually
making a call and this will trigger no visible UI, but the phone will
not be idle and it will be actively transmitting. This can be used to
do direction finding to a target phone very easily and without the
user knowing about it.
Cheers,
Sylvain