Spoofing GPS is surprisingly easy; detecting it is surprisingly hard


#1

Originally published at: http://boingboing.net/2016/08/04/spoofing-gps-is-surprisingly-e.html


#2

wait, does this mean I could make a device that tells Pokemon GO that I’m walking around when I’m actually not, and hatches my eggs for me?


#3

I was thinking about that a few days ago. I mean, spoofing a GPS signature to crash a tanker or a ferry boat as a terrorist attack would take significant coordination and would be able to be foiled by humans who were paying attention. But when you are both the “attacker” and the “victim” of the attack, it seems like this would be easy*.

* “Easy” being a relative thing. I sure as hell couldn’t do it.


#4

I think it’d be easier to root your device and just write software that feeds false GPS data directly into the app.


#5

If you have an Android phone, you can use the built-in mock applications options (settings > developers options > allow mock locations, though it is probably easier to download an Android app that sets it up for you). Set it in front of one of those Doom-style screensavers for extra fun. Don’t “travel” faster than the speed of light, or you will be blocked. Have fun.


#6

You need a bunch of very expensive equipment and expertise to use it, but other than that it doesn’t look too hard to do. Check these guys out: http://www.theverge.com/circuitbreaker/2016/7/28/12311290/pokemon-go-cheat-gps-signal-spoofing

That said, probably easier for regular people to just use software spoofing, if you must cheat.


#7

But if you going to spoof software, can’t you just write your own software that says, “You own all the Pokemans!” on your screen whenever you want it to?

Wait, why does anyone do anything again?


#8

But then you don’t get to dominate your local gyms with your huge e-peen!


#9

Wasn’t this the plot of a James Bond movie? “The World is not Enough” if I recall correctly. The villain spoofed GPS to cause an international incident/war so he could report the news on it.


#10

Tomorrow Never Dies.

The World is Not Enough was about oil pipelines.


#11

My bad. Both PB, though, right?


#12

Yep. 


#13

This is a serious problem in the game, although it’s more easily accomplished in software than with a physical spoofing device. All the gyms in the newly-launched Latin American market are full of high-CP pokemon from level 30+ players.


#14

I guess the reason a physical device is appealing as opposed to software is that someone could actually sell a hardware device that does this that is compatible with any GPS enabled device and that could be made user friendly. A person with no knowledge could buy the device to cheat at Pokemon GO and other GPS-dependent games and wouldn’t need to trust someone else regarding malware.

I don’t think it could be created cheaply enough to make this a real entrepreneurial opportunity, though, and I bet transmitting on GPS frequencies is a no-no in most places (though you might be able to avoid that by transmitting at very low power).


#15

#16

If you’re clever enough to do this, you’re probably patient enough to wait for a foggy day to do it. I wonder whether ILS is similarly spoofable…


#17

Well, I do realize that ‘easily’ is a relative thing, but all you’d need is a sextant, some charts and tables, a decent chronometer, and a pencil and paper.

/ Why wasn’t a Navy ship doing this as check in the first place. Well sir, back in my day…


#18

This can be handy to avoid being tracked by e911, hint-hint.


#19

I thought this was one of use cases of public key encryption. You want to ensure the sender of data is who you think they are, but you don’t need to hide the content of the communication.

The satellite sends the GPS signal signed with its private key, which is pinned and well published. You them use the public key to decode the signal, to verify the sender. GPS is a one way signal anyways, making it two way is unnecessarily complicated.


#20

Public-key is a lot more computationally intensive than symmetrical cryptography, which is why a common thing to do with public-key cryptography is to encrypt the message with a symmetrical key, encrypt the symmetrical key with the public key, and then send both together.

It’s not so big a deal on, say, a battleship, where getting the information 10s late and going 100m off course puts you in a slightly different patch of ocean, but it would render commercial GPS a lot harder to use - especially since, for proper triangulation, a receiver should be decoding signals from three different satellites, which send the location information every six seconds.

Being able to set up a secure channel to a GPS satellite with a one-time session key would reduce the computation involved and maybe make it plausible; alas, GPS is not a two-way communication medium.