Wi-Fi/antenna mod? - Hardware Hacking General

Need to boost the signal on my Nexus S, it's almost unusable and switching to 3G in the next room from the router (expensive here in rural .au).
Tried three routers, channels, different devices etc.. it all points to a crap antenna in the nexus S or a crap wi-fi implementation.
I'm going to have a go at hacking it and while I have some experience messing with hardware, I've never successfully modded an aerial, I expect there's too much theory involved for me as whenever I read up on it there's a lot of conflicting info.
Anyway at this point my options I'm considering are:
- Cut internal antenna at start, wire in notebook wifi antenna (including cable/not including cable?)
- wire in notebook wifi antenna at end of internal antenna (including cable/not including cable?)
- wire in notebook wifi antenna at start of internal antenna (including cable/not including cable?)
Given that length is of utmost importance with antenna I'm hoping that it'll just go from a 1/4 length antenna to a 1/2 length or some such but does someone want to correct me?
Guess I'll just test it myself..
I couldn't find any other threads about this (with solutions) so I'll document as I go.
Anyone want to offer any advice before I get started tonight?

Well you should take into consideration the wavelength you use for the wifi router. That is all I really know. Too long an antenna and it wont even get those waves... too short as well, but wavelength depends also on the channel number router is on.
Sent from my SCH-I500 (Samsung Fascinate) using Tapatalk 2

defroster said:
Need to boost the signal on my Nexus S, it's almost unusable and switching to 3G in the next room from the router (expensive here in rural .au).
Tried three routers, channels, different devices etc.. it all points to a crap antenna in the nexus S or a crap wi-fi implementation.
I'm going to have a go at hacking it and while I have some experience messing with hardware, I've never successfully modded an aerial, I expect there's too much theory involved for me as whenever I read up on it there's a lot of conflicting info.
Anyway at this point my options I'm considering are:
- Cut internal antenna at start, wire in notebook wifi antenna (including cable/not including cable?)
- wire in notebook wifi antenna at end of internal antenna (including cable/not including cable?)
- wire in notebook wifi antenna at start of internal antenna (including cable/not including cable?)
Given that length is of utmost importance with antenna I'm hoping that it'll just go from a 1/4 length antenna to a 1/2 length or some such but does someone want to correct me?
Guess I'll just test it myself..
I couldn't find any other threads about this (with solutions) so I'll document as I go.
Anyone want to offer any advice before I get started tonight?
Click to expand...
Click to collapse
On your router have you tried to set the Radio Band to 20MHz?? This will increase your range but lower your bandwidth.
One other thing is to shield your antenna with foil on one side to make it more directional.
Just some thoughts...
If you do try to change the internal antenna, you will need to calculate the correct length for it to work effectively, just as point99trash2011 stated.
Antenna Length Calculation

yep i've tried 20mhz, and the problem isn't just with my router, i need decent wifi on the phone for use with any router and also to control my ar drone.
haven't got around to cracking it open yet.

Related

Kaiser's external antenna ports?

Hi,
Have a Kaiser on the way and want to have an external GPS antenna and an external phone antenna ready to go when it gets here.
But I can't find anywhere what types of antenna sockets the Kaiser has for these two antennas?
Does anyone know???
Thanks.
Great forum, by the way!
As far as i can see it only has a socket for a GPS antenna so i assume this would probably act as both although not sure
you can get the official antenna from expansys
http://www.expansys.com/htc/p_htc_item.aspx?i=151025
I can confirm spooki37 says, from what I can tell, there is only one port. It is located the rubber GPS stamp that is on the back of the device. eBay has them shipping to the US for about $15 - $20 non-oem from China.
When I remove the battery cover, it sure looks like there are two jacks. I too thought the other must be for external Cellular antenna.
So does anyone know what the 2nd port is used for?
Whatever you do dont use the second port because it will damage your phone. I plugged an external antenna into my original phone and when I removed it the phone had no signal at all. The only way to get any signal was to use an external antenna after that.
That second port is an antenna port but htc doesnt support any antenna for it and is supposed to be used for debugging purposes only.
I use an external antenna all the time with mine... (TyTN II / Kaiser) works ok.. not great, but gets me one more bar, and seems to hold the signal better in a low signal area.
I use this adapter:
http://www.wpsantennas.com/index.asp?PageAction=VIEWPROD&ProdID=441
with one of their antennas.
I don't have any problems with signal after I disconnect it, but i'm pretty careful with connect/disconnect, and I cradle it while connected. I bet a little torque would probably damage the connection which would probably damage the internal antenna connection as well.
So you remove the battery cover and plug that antenna into the smaller of the two ports? Ive damaged 2 phones trying external antennas and so have others. This one is a htc titan http://pdaphonehome.com/forums/ppc-6800-xv6800/96140-phone-signal-horrible.html and theres more reports like this one.
Ren13B said:
So you remove the battery cover and plug that antenna into the smaller of the two ports? .
Click to expand...
Click to collapse
I usually just pull my battery cover off, carefully seat the antenna into the port on the left, and then cradle the the thing.
I've done this with this phone, a moto blackjack, and at least two other moto phones in the past, and never had an issue. Again, though... I've pretty much ALWAYS immobilized the phone while it's got the antenna jack plugged in. I actually try to do the same when USB is in too... the boards inside these tiny devices are too thin and the amount of torque you can apply accidentally is quite high... best to be safe... but I get intermittent signal where I use it most frequently, so I accept the risk.
Thanks!
KarlFlick said:
I use an external antenna all the time with mine... (TyTN II / Kaiser) works ok.. not great, but gets me one more bar, and seems to hold the signal better in a low signal area.
I use this adapter:
http://www.wpsantennas.com/index.asp?PageAction=VIEWPROD&ProdID=441
with one of their antennas.
I don't have any problems with signal after I disconnect it, but i'm pretty careful with connect/disconnect, and I cradle it while connected. I bet a little torque would probably damage the connection which would probably damage the internal antenna connection as well.
Click to expand...
Click to collapse
That's exactly the answer I needed - thanks heaps!
So obviously it takes the some patch lead as the Tytn. In that case I'll just get a Tytn patch lead off ebay and hope for the best.
The owner's manual I found for the Tytn says you can use the antenna plug, so they obviously thought it was safe then, but maybe hid it on this model because of a few reported breakages. I'm going to use mine only occasionally and in a cradle, so I hope I'll be OK if I'm very careful. Maybe I'll never end up using it given the risk...
Another option would be one of those universal antenna leads. They clip on the back of the phone and work by an induction coil. Their performance is very variable - mine works OK (+1 bar) on a friend's phone, but seems to make no difference on my phone.
I want to add this as well: plugging in an external antenna can damage your phone. I have plugged a wilson antenna into my 8925 and now my reception is extremely poor... I am not sure of the cause, or how to fix it.. just hope to help people avoid this.
We have the 8925 here at our office and have found that the port on the right side is for GPS only. The left port is for cellular reception.
We have not damaged the phone that we have here and have had the 8925 for about 6 months.
There are a few issues with using external antennas:
First of all, the connector must be properly sized for the phone.
With some device/connector combinations it is normal for the connector to appear to not be fully seated. If you try to force the connector on further you can do permanent damage to the phone.
In the phone there is a tiny mechanical switch that gets tripped when you plug the external antenna in. This physically disconnects the internal antenna and connects the phone's radio to the antenna port. Sometimes this switch gets stuck in the port position, so you get poor performance when you disconnect the external antenna. This is especially common with CDMA Motorola V3 models.
-Jay
any body uses a wifi external antenna????
How hard is it to fix this "switch"? I have a kaiser that will only work with an external antenna after using one. Port isnt damaged as far as I can tell and ive never had problems with external antennas with other phones.
Jay2TheRescue said:
There are a few issues with using external antennas:
First of all, the connector must be properly sized for the phone.
With some device/connector combinations it is normal for the connector to appear to not be fully seated. If you try to force the connector on further you can do permanent damage to the phone.
In the phone there is a tiny mechanical switch that gets tripped when you plug the external antenna in. This physically disconnects the internal antenna and connects the phone's radio to the antenna port. Sometimes this switch gets stuck in the port position, so you get poor performance when you disconnect the external antenna. This is especially common with CDMA Motorola V3 models.
-Jay
Click to expand...
Click to collapse
DaMilky said:
How hard is it to fix this "switch"? I have a kaiser that will only work with an external antenna after using one. Port isnt damaged as far as I can tell and ive never had problems with external antennas with other phones.
Click to expand...
Click to collapse
I've never actually had this happen to any of my phones, so I don't know how hard it is to fix. If the external antenna was forced onto the connector you may have to send the phone in for service to have the port replaced. The only other thing I can think of is to put a small amount of contact cleaner on the port itself, the gently work it in with the external antenna connector. This may loosen the switch and let it return to the internal antenna position if this is your problem. In all likelihood I'd say that a warranty exchange is probably your best bet.
-Jay
has anyone notised a 3rd port? its between the camera and the speaker and slightly higer than the other 2 I bet that ones for wifi at 1st glance I thought it was a screw.
I don't understand why the port were designed in the first place when things seem to be such a useless purpose ...etc
comes with INTERNAL GPS ... so why the need for EXTERNAL ??? and if you do need to use it ... it is delicate and chances are, you're screwed and damage it !!
so why bother designed it ?? <scratching head> !!!
External antennae that are properly sized for the operational wavelength will always have higher effective gain than any built-on antenna that is capable of fitting on a typical handheld device.
The External GPS antenna has 27 dB Gain (typical)... I cannot find specifications for the internal antenna on our Kaiser's, but I am willing to bet they are probably at best a unity antenna, maybe 3db on the good side.
That means you will recieve SIGNIFICANTLY signal strength and more satellites when you are doing anything involving GPS, and weather, antenna position, and all standard environmental factors will have significantly less effect on your GPS activities.
The same goes for an external antenna for the cellular portion. The internal radio boosts power output when it has degraded reception which means when you're in a poor reception area, you burn more battery doing the same things you typically do.
A "gain" vehicular antenna directly connected to your phone will increase battery life when using wireless connections to the cellular network, as well as provide you good reception where you would otherwise have poor to none.
Of course, if you live in an urban area, this is probably of no use to you... but in a built up area with many large buildings around, you may not have as good GPS resolution and reception as you could with an external antenna..
*
The primary reason they put these on there is moreso for diagnostic purposes probably... hook it up to a freq counter and/or spectrum analyzer and you can tell that the radio is actually putting out what frequency and it's strength as well. Without those, there's no external way to ensure transmission is occuring without possible interference.
mech_supernova said:
has anyone notised a 3rd port? its between the camera and the speaker and slightly higer than the other 2 I bet that ones for wifi at 1st glance I thought it was a screw.
Click to expand...
Click to collapse
I've examined this very closely under a bright light, and I have concluded that it is a screw with a Torx head.

Will this Hardware Tweak really work for boosting wifi ?

Hello
iĀ“have found this site http://pockethacks.com/boost-wifi-signal-on-your-pocket-pc/.
Does anyone think this will work ?
My problem is that my AP is upstairs (Level 2), my room is on Level 0, with my MDA Pro i get the wifi signal only on the toilet(!), but i want it in my other rooms too.
And i think, if this Hardware Modification will work it will solve my problem.
If it works......what do you think?
thanks for answers
asid
Yes asid, anything that by any means "boost" the signal -in this case by adding extra gain using another antenna- should work, how good? Well, that's another story.
Anyway, I considered myselft the idea of directly change the internal antennas (not just the WiFi oen, but also the GSM and the BT) with another ones made by me with fractal shapes, but I sold my good old uni, so, the rest is history...
Done it and it works very well!
I came across your post and had a little look at the tweak, seemed relativly straight forward and i just so happened to have an old nokia to pull apart for the arial.
The tweak took about 20 mins with the only things to watch out for being:...
the forth torque screw hidden under a tiny red sticker (you will see it! dont worry).
You need a very thin guaged wire as there is very little space inside.
After the tweak i have found a greatly improved wifi range anda lot less signal drop in general.
Well worth it, especially as you dont really need anything more than a t6 screwdriver, a small headed phillips and a very thin wire.
What if we connect the wifi antenna to the headphone socket? So then, if we need a boost to the wifi signal, we will plug in our headsets, and it will be an 1m long wifi antenna? Is that possible?
Is there any risk connecting the antenna to the headphone socket?
toxicdog said:
What if we connect the wifi antenna to the headphone socket? So then, if we need a boost to the wifi signal, we will plug in our headsets, and it will be an 1m long wifi antenna? Is that possible?
Is there any risk connecting the antenna to the headphone socket?
Click to expand...
Click to collapse
the headphone socket is not linked to wifi at all so this won't work.... and another thing is you may short circuit your device by plugging that in....
rajivshahi said:
the headphone socket is not linked to wifi at all so this won't work.... and another thing is you may short circuit your device by plugging that in....
Click to expand...
Click to collapse
I was just thinking on connecting one pin of the socket, and the wifi antenna together, with a wire, inside the device.
But if that makes a short circuit, its a bad idea.
Yes it may work.
I remember that originally mobile phones used this method to boost their signal. However, that was soon noted to be a bad idea, as it meant the radio signal was going straight into your ear ! I don't know if wifi is any less worse.
As for short circuit, I would think the worse that would happen is that you'd loose the signal, but the effect would not be permanent once you remove the connection again (however, I obviously cannot guarantee this)
Yea the problem is Uni having wireless b not g so i personally have this problem as some of the new modems are only g and a compatible ......
wish we could change the wifi with the new hardware from newnew phones....
Or i can use sd card with g capabilities but has to compromise with the storage then....
rajivshahi said:
Yea the problem is Uni having wireless b not g so i personally have this problem as some of the new modems are only g and a compatible ......
Click to expand...
Click to collapse
Uni can be made 802.11g compatable (but will not have the g speeds)
-Jonny- said:
Uni can be made 802.11g compatable (but will not have the g speeds)
Click to expand...
Click to collapse
is it a hardware change or software... i remember applying some software named wirelesslanbgon which didn't seem to work .....
It's a registry setting, as I was led to believe the Uni is capable of connecting to 802.11g. I thought all ROM builders put it in their ROM. Hold on, I'll see what I can dig up...
Ok, hopefully this will work - you'll still get 802.11b speeds (11 Mbit/s)
HKEY_LOCAL_MACHINE\COMM\TIACXWLN1\PARMS: dot11SupportedRateMask=1
HKEY_LOCAL_MACHINE\COMM\TIACXWLN1\PARMS: dot11SupportedRateMaskG=8
then soft-reset
Let us know if it works (I've got 802.11b router, so can't test it)
Did anyone ever test this to see if it works?

wifi amplifer for HTC HD2,is it possible?

I have an htc hd2 I wanna amplifer my wici signal,anybody know is it possible?I bought a wireless usb adaptor for my laptop it is call Gsky 500mw.it is able to get 10 times mor signal and stronger than normaly.Can i do something els with my htc?
Thanks a lot!
good idea, but the current amps use to much power for it to work for long periods, wifi kanes the battery anyways and adding an amp to it would just kill it an hour ot two.
but...
you can make sure that your using the full power of builtin wifi by making sure that it isnt set to battery use over speed
my tg01, and my old diamond, i had the option to change the power of wifi for better battery times versus faster transmission and connectivity.
have a mooch around if you havent already done this, its on the powersave app normally. or performance?
or...
you could make an external antennae of sorts, it might work, but getting like 2 feet of copper wire and twisting it so it looks like a rectangle and affixing this on the back of your phone somehow, the phones wifi might gain more amptitude if can piggyback on something....or it might restrict your wifi usage somehow? i dont know,
have fun
No any plug for antenna at Back of my phone.It has only 1 micro usb 1 for the head set.I dont care if its eat my battery so fast I'm not gonna use my internet for long.And I dont care if a nedd to plug 2-3 feet cable.Because I wanna reach a wifi ruoter what is maybe far away from me.Thanks a lot!
no there wont be an antenna plug, youll have to take the back off, and remove the metal plate to access the htc wifi adapter, and solder or otherwise hold an antenna cable to that.
by the way, this WILL VOID your waranty. also its not the easiest task going...
kk most phones dont have wifi ant. plugs as they are not needed
but...
i remember seeing on ebay some time ago these little clear stickers with some copper wire etched into it to boost the 2g/3g signal, these were not directly affixed to the phones arieal in anyway, they literally were stickers you put under the battery ( so they are close to the phones builtin radio) and they boosted signal that way.
maybe a similar thing would work? if two wires are close enough but not touching they can both share the same signal ( try this with speaker cable,it works)
it works because all cables emit a sort of interference (apart from the noise free type) and if these interferences mix you get mixed results but maybe it could enhance your signal.
we need some experiments on this i think, anyone up for it?
So it is not gonna work,if I get an USB wireless adapter with antenna and plug it in my micro usb?And if I don't need it,I just unplug it.Or any other chance to get a strong wifi signal to my phone.What if I get a portable wifi router and I amplifer signal with this.I hope you understand what I'm wanna say.Or maybe it is not possible?I bought a yagi antenna and I plug it to my 500mw Gsky usb wireless adapter and the wifi signal is more stronger.How can I get my phone work with this?
you cant use a usb wifi adapter as your phone has no drivers, and never will do.
as for using an amplifier attatched to your router, or a seperate one, this will work reasonibly well.
You can look at http://www.cell-phone-accessories.com/htc-hd2-antennabooster-magnetmount.html
I don't know if it works fine. Only I' ve seen this site.
Also:
With my LEO I obtain the max WiFi connectivity removing the back metallic cover and taking the phone with my hand at the bottom half of it.

[WARNING]"BadBIOS' The superbug infecting pcs via speakers and microphones

A new super bug has been found by a security researcher, is is confirned the virus is transferred by radio frequency, infect all usb devices and all pcs on the network...
be aware everyone...
http://arstechnica.com/security/201...erious-mac-and-pc-malware-that-jumps-airgaps/
Has not been independently verified. So far only one security researcher has reported it and it seems far fetched at best.
sounds like woo
It's quite far fetched don't ya think? Only one reporter. I doubt it is real.
True, but these days anything is possible, all we can do is wait and see if it spreads
Sent from my GT-I9300 using xda app-developers app
It is impossible, and let me explain why.
A radio frequency is not powerful enough (from an electric current point of view) to induce any sort of data in a non-receiver device. That is, all devices which use radio to exchange data has a special part called a receiver which is made of a special material which is sensible to radio frequencies and causes electrons to go out. Usually, the data picked up by the receiver is also compressed, and additional decoding hardware is needed for said data to make sense. So even if the virus could be sent through to a receiver, it would automatically get "decompressed" and it would probably not get out alive from that.
Obviously, USB, speakers and Microphones do not use this kind of technologies. No other device apart from the transmitter and the receiver do, or if they do, it is not sensible enough, otherwise no electronic component could do its job due to the huge amount of interferences that would cause (we are surrounded by radio waves coming from various sources, ranging from the local radio post to the super massive black hole in the center of our galaxy).
Even if it were somehow possible to induce a virus on a USB device, pretty much any security system will catch it spot on.
It is impossible for a speaker to send data back to its master device (electricity only goes one way through your speaker's cable).
Microphones can not pick up radio waves (they do not have a receiver). They only pick up vibrations in the air.
Motherboards are shielded from EM. Unless a very powerful EMP hits it, there is no way radio frequencies could affect bios. And even if it were not shielded, writing data to BIOS chips requires a high voltage electrical current, which will probably damage the motherboard if it was running something else.
Erm... I'm sorry, but that is absolutely incorrect. While a lot of skepticism about this attack is absolutely warranted, the physics involved are not in any way the reason. I suspect that the source of your confusion is that you're confusing the communication method between infected machines (the ultrasonic sound waves) for an infection vector; it is not. You still make many false claims, though.
First point: a (sufficiently powerful) radio transmission can *easily* disrupt electronic devices not intended as receivers. Ask any HAM radio operator, especially if they have ever tried to use a PC near their rig. Iron ferrite "chokes" are used on wires (such as video, mouse, and keyboard cables, among others) to absorb signals which originate from high-frequency sources like radio waves. While it's true that equipment not specifically intended to receive radio frequencies is *usually* not interfered with unless the source of the interference is fairly strong or fairly close (only a few Watts of broadcast power in close proximity, but it falls off very rapidly with distance), it's inaccurate to claim that it doesn't happen.
Second point: the "special material" which receivers are made of is typically copper. It can be any conductive material, though. A basic knowledge of electromagnetism would make this pretty obvious; as a changing electromagnetic field (such as a radio wave) intersecting an electrical conductor (such as a radio antenna, which is often basically just a copper wire or tube with an anti-corrosion coating on it) will induce an electric field in the conductor. It's true that the conductor needs to be "tuned" (modified to have an effective length which is - typically - some integer fraction of the wavelength of the EM wave) in order to establish the standing waves (constructive interference; this is *slightly* more advanced physics) necessary to make that frequency stand out enough to generate a particularly strong electrical signal, but it's not very hard to tune an antenna. Your typical civilian FM radio broadcasts, for example, span a considerable frequency range with a difference in wavelength of around 25% from the highest to the lowest frequency, yet your car (or phone) can receive them all using the same antenna.
Third point: compression is irrelevant. If you're communicating between two devices which are *supposed* to communicate, such as between WiFi adapters, the decoding will happen automatically in the hardware. If you're communicating between two analog interfaces, such as a speaker and a microphone, the signals will pass through an ADC - an Analog/Digital Converter - to transform them between the digital format that the computing hardware understands and the analog waveforms of the transmission medium.
Fourth point: there is absolutely no reason why you couldn't infect a system through a USB device. When a USB port is connected, the machine queries the device for its particulars, including the device ID (how your computer knows the difference between an iPod and a printer), USB interface version, and other metadata. This happens even in modern BIOSes and EFI systems; how else could a computer boot from a flashdrive or external hard drive or USB-connected floppy drive? A vulnerability in the code which handles this handshaking could be exploited by the device - after all, there's an exchange of data going on, and the data needs to be parsed and processed - to take over the system at the firmware level.
Fifth point (but related to fourth): exactly *what* sort of "security system" do you expect to catch this? Your antivirus program, the one that runs as a process on the CPU and probably doesn't even pay attention to USB connections and disconnections, only to file systems being mounted or removed? Your state-of-the-art BIOS security, which amounts to requiring a password before running the Setup program and allowing you to block writes to the boot sector of the disk? The machine you pass every USB device through before connecting it to your computer, which uncaps the chips and traces out all their circuitry looking for anything that would send unexpected data?
Sixth point: You want to know the difference between a speaker and a microphone? Whether you pay attention to the currents constantly travelling on the wire from the transducer, or only bother applying your own currents to make the driver move. Mics typically need amplification (a trivially simple electrical circuit, by the way, EE101 material if you didn't learn it earlier) before the signals are strong enough to drive another speaker loudly enough for you to hear it, and it's possible to make a transducer which is much better suited to be a speaker or a mic, but either one can act as either.
Seventh point: pretty irrelevant, but unless you put a diode on that wire, electricity can flow down a wire in either direction. Speakers (and mics) don't typically have diodes. In fact, sometimes they are explicitly designed to have electricity flow in both directions as the sound waves move the magnet closer and further from the coil (for electromagnet-driven microphones; there are other kinds) or the electrical signals flow one direction to push the driver's magnet out and the other direction to draw it closer in (for electromagnet-driven speakers).
Eighth point: also pretty irrelevant, but speaker and microphone cables actually make pretty decent radio antennas. Ever noticed how smartphones require you to have headphones connected before the phone can pick up FM radio? That's because it uses the wire to pick up the signals from the radio waves. The frequencies are much too high for you to hear - typically radio waves in in the range of hundreds of kilohertz up well into the gigahertz, while audio signals are only a handful of kilohertz (most humans can't hear any higher than the low double digits of KHz). They are also *usually* pretty faint, but not always. Try listening to a speaker whose wire goes past a poorly-shielded AC motor (or anything else with significant AC current flow) and you'll hear a distinct 60Hz (or 50Hz, depending on what the mains in your country uses) hum. It's low-pitched, but it's audible, and it is coming from the AC wires and/or equipment into your speaker wires, then being rendered into sound by the speaker drivers.
Ninth point: back to the malware at hand, the radio waves aren't affecting the BIOS directly at all. The radio waves are being picked up by the radio transceiver (you would probably call it a WiFi adapter) and being converted into digital signals, then those signals are being sent to the rest of the computer. With the right exploits in the OS and/or BIOS, those signals could trigger the firmware flashing system, overwriting your BIOS/EFI with data from the transmitting computer.
Tenth point, and looping back to something you seem to have misunderstood from the beginning: the reason that this malware is so unusual is because it communicates between infected machines without any conventional network interface (including WiFi); instead, transmissions are sent via the speakers and received via the microphones. Some very low-level program is monitoring the data from the mic at all times (no different really, aside from being hidden, than any other program that listens to the microphone), looking for any waveforms that resemble the data it expects. Because this data is sent at a range outside of human hearing, you don't even notice it happening. Because it doesn't go over the conventional network interfaces, it works on "airgapped" computers that have their conventional interfaces disabled or removed. It probably doesn't have much range - the speakers aren't that powerful (or microphones that sensitive), especially so far outside their designed optimum frequency range, and there will be a lot of interference - but normally it's considered safe to have airgapped PCs sitting in the same room as one another, so you can analyze one (with the malware on it) while you remain connected to the Internet on the other.
I repeat: I remain skeptical. The infection vector is not fully determined right now, and the proposed option - USB devices (as opposed to data within USB devices) that attack the system they are connected to - is conceivable but unlikely. The concept of using the speakers and microphone as a short-range communication bus between airgapped machines is totally possible - it's been done before - but the use of sound as a communication medium was not conclusively proven, and anything well outside of human hearing range is going to be hard for the speakers to send and mics to pick up, most likely. The concept of malware that attacks the system firmware is totally reasonable, but usually it woul need to be very precisely targeted at that firmware; two Lenovos of the same family might both be vulnerable, a Lenovo and a Dell probably wouldn't be unless the attack was extremely sophisticated.
The most unlikely part of the story is frankly that it's so incredibly persistently attacking this one individual, but nobody else has reported it. There are a *lot* of security researchers in the world, with a lot of flashdrives being passed around between people and a lot of PCs that they've been connected to, and nobody else has noticed this attack despite it having some pretty clear markers Without independent verification and ideally a bit more study, it remains, at best, a curiosity.
Whatever it is, it doesn't come close to warranting a thread with WARNING in the subject line! @ricky310711, you should feel ashamed of yourself for trying to spread fear. Your summary of how this thing is believed to operate is almost as inaccurate as your assessment of its threat level, and overly sensational besides. For shame!
GoodDayToDie said:
Erm... I'm sorry, but that is absolutely incorrect. While a lot of skepticism about this attack is absolutely warranted, the physics involved are not in any way the reason. I suspect that the source of your confusion is that you're confusing the communication method between infected machines (the ultrasonic sound waves) for an infection vector; it is not. You still make many false claims, though.
First point: a (sufficiently powerful) radio transmission can *easily* disrupt electronic devices not intended as receivers. Ask any HAM radio operator, especially if they have ever tried to use a PC near their rig. Iron ferrite "chokes" are used on wires (such as video, mouse, and keyboard cables, among others) to absorb signals which originate from high-frequency sources like radio waves. While it's true that equipment not specifically intended to receive radio frequencies is *usually* not interfered with unless the source of the interference is fairly strong or fairly close (only a few Watts of broadcast power in close proximity, but it falls off very rapidly with distance), it's inaccurate to claim that it doesn't happen.
Second point: the "special material" which receivers are made of is typically copper. It can be any conductive material, though. A basic knowledge of electromagnetism would make this pretty obvious; as a changing electromagnetic field (such as a radio wave) intersecting an electrical conductor (such as a radio antenna, which is often basically just a copper wire or tube with an anti-corrosion coating on it) will induce an electric field in the conductor. It's true that the conductor needs to be "tuned" (modified to have an effective length which is - typically - some integer fraction of the wavelength of the EM wave) in order to establish the standing waves (constructive interference; this is *slightly* more advanced physics) necessary to make that frequency stand out enough to generate a particularly strong electrical signal, but it's not very hard to tune an antenna. Your typical civilian FM radio broadcasts, for example, span a considerable frequency range with a difference in wavelength of around 25% from the highest to the lowest frequency, yet your car (or phone) can receive them all using the same antenna.
Third point: compression is irrelevant. If you're communicating between two devices which are *supposed* to communicate, such as between WiFi adapters, the decoding will happen automatically in the hardware. If you're communicating between two analog interfaces, such as a speaker and a microphone, the signals will pass through an ADC - an Analog/Digital Converter - to transform them between the digital format that the computing hardware understands and the analog waveforms of the transmission medium.
Fourth point: there is absolutely no reason why you couldn't infect a system through a USB device. When a USB port is connected, the machine queries the device for its particulars, including the device ID (how your computer knows the difference between an iPod and a printer), USB interface version, and other metadata. This happens even in modern BIOSes and EFI systems; how else could a computer boot from a flashdrive or external hard drive or USB-connected floppy drive? A vulnerability in the code which handles this handshaking could be exploited by the device - after all, there's an exchange of data going on, and the data needs to be parsed and processed - to take over the system at the firmware level.
Fifth point (but related to fourth): exactly *what* sort of "security system" do you expect to catch this? Your antivirus program, the one that runs as a process on the CPU and probably doesn't even pay attention to USB connections and disconnections, only to file systems being mounted or removed? Your state-of-the-art BIOS security, which amounts to requiring a password before running the Setup program and allowing you to block writes to the boot sector of the disk? The machine you pass every USB device through before connecting it to your computer, which uncaps the chips and traces out all their circuitry looking for anything that would send unexpected data?
Sixth point: You want to know the difference between a speaker and a microphone? Whether you pay attention to the currents constantly travelling on the wire from the transducer, or only bother applying your own currents to make the driver move. Mics typically need amplification (a trivially simple electrical circuit, by the way, EE101 material if you didn't learn it earlier) before the signals are strong enough to drive another speaker loudly enough for you to hear it, and it's possible to make a transducer which is much better suited to be a speaker or a mic, but either one can act as either.
Seventh point: pretty irrelevant, but unless you put a diode on that wire, electricity can flow down a wire in either direction. Speakers (and mics) don't typically have diodes. In fact, sometimes they are explicitly designed to have electricity flow in both directions as the sound waves move the magnet closer and further from the coil (for electromagnet-driven microphones; there are other kinds) or the electrical signals flow one direction to push the driver's magnet out and the other direction to draw it closer in (for electromagnet-driven speakers).
Eighth point: also pretty irrelevant, but speaker and microphone cables actually make pretty decent radio antennas. Ever noticed how smartphones require you to have headphones connected before the phone can pick up FM radio? That's because it uses the wire to pick up the signals from the radio waves. The frequencies are much too high for you to hear - typically radio waves in in the range of hundreds of kilohertz up well into the gigahertz, while audio signals are only a handful of kilohertz (most humans can't hear any higher than the low double digits of KHz). They are also *usually* pretty faint, but not always. Try listening to a speaker whose wire goes past a poorly-shielded AC motor (or anything else with significant AC current flow) and you'll hear a distinct 60Hz (or 50Hz, depending on what the mains in your country uses) hum. It's low-pitched, but it's audible, and it is coming from the AC wires and/or equipment into your speaker wires, then being rendered into sound by the speaker drivers.
Ninth point: back to the malware at hand, the radio waves aren't affecting the BIOS directly at all. The radio waves are being picked up by the radio transceiver (you would probably call it a WiFi adapter) and being converted into digital signals, then those signals are being sent to the rest of the computer. With the right exploits in the OS and/or BIOS, those signals could trigger the firmware flashing system, overwriting your BIOS/EFI with data from the transmitting computer.
Tenth point, and looping back to something you seem to have misunderstood from the beginning: the reason that this malware is so unusual is because it communicates between infected machines without any conventional network interface (including WiFi); instead, transmissions are sent via the speakers and received via the microphones. Some very low-level program is monitoring the data from the mic at all times (no different really, aside from being hidden, than any other program that listens to the microphone), looking for any waveforms that resemble the data it expects. Because this data is sent at a range outside of human hearing, you don't even notice it happening. Because it doesn't go over the conventional network interfaces, it works on "airgapped" computers that have their conventional interfaces disabled or removed. It probably doesn't have much range - the speakers aren't that powerful (or microphones that sensitive), especially so far outside their designed optimum frequency range, and there will be a lot of interference - but normally it's considered safe to have airgapped PCs sitting in the same room as one another, so you can analyze one (with the malware on it) while you remain connected to the Internet on the other.
I repeat: I remain skeptical. The infection vector is not fully determined right now, and the proposed option - USB devices (as opposed to data within USB devices) that attack the system they are connected to - is conceivable but unlikely. The concept of using the speakers and microphone as a short-range communication bus between airgapped machines is totally possible - it's been done before - but the use of sound as a communication medium was not conclusively proven, and anything well outside of human hearing range is going to be hard for the speakers to send and mics to pick up, most likely. The concept of malware that attacks the system firmware is totally reasonable, but usually it woul need to be very precisely targeted at that firmware; two Lenovos of the same family might both be vulnerable, a Lenovo and a Dell probably wouldn't be unless the attack was extremely sophisticated.
The most unlikely part of the story is frankly that it's so incredibly persistently attacking this one individual, but nobody else has reported it. There are a *lot* of security researchers in the world, with a lot of flashdrives being passed around between people and a lot of PCs that they've been connected to, and nobody else has noticed this attack despite it having some pretty clear markers Without independent verification and ideally a bit more study, it remains, at best, a curiosity.
Whatever it is, it doesn't come close to warranting a thread with WARNING in the subject line! @ricky310711, you should feel ashamed of yourself for trying to spread fear. Your summary of how this thing is believed to operate is almost as inaccurate as your assessment of its threat level, and overly sensational besides. For shame!
Click to expand...
Click to collapse
Hahaha, this made me laugh. You should feel ashamed of yourself due to the lack of respect you have. I simply read an article and shared it to warn other, you may have your opinion but telling me I should be ashamed of myself , I took it as an insult.
Now either discuss the topic without insulting others or don't be reply at all. Theres a report button I'm I'm close to using it.
GoodDayToDie said:
Erm... I'm sorry, but that is absolutely incorrect. While a lot of skepticism about this attack is absolutely warranted, the physics involved are not in any way the reason. I suspect that the source of your confusion is that you're confusing the communication method between infected machines (the ultrasonic sound waves) for an infection vector; it is not. You still make many false claims, though.
First point: a (sufficiently powerful) radio transmission can *easily* disrupt electronic devices not intended as receivers. Ask any HAM radio operator, especially if they have ever tried to use a PC near their rig. Iron ferrite "chokes" are used on wires (such as video, mouse, and keyboard cables, among others) to absorb signals which originate from high-frequency sources like radio waves. While it's true that equipment not specifically intended to receive radio frequencies is *usually* not interfered with unless the source of the interference is fairly strong or fairly close (only a few Watts of broadcast power in close proximity, but it falls off very rapidly with distance), it's inaccurate to claim that it doesn't happen.
Second point: the "special material" which receivers are made of is typically copper. It can be any conductive material, though. A basic knowledge of electromagnetism would make this pretty obvious; as a changing electromagnetic field (such as a radio wave) intersecting an electrical conductor (such as a radio antenna, which is often basically just a copper wire or tube with an anti-corrosion coating on it) will induce an electric field in the conductor. It's true that the conductor needs to be "tuned" (modified to have an effective length which is - typically - some integer fraction of the wavelength of the EM wave) in order to establish the standing waves (constructive interference; this is *slightly* more advanced physics) necessary to make that frequency stand out enough to generate a particularly strong electrical signal, but it's not very hard to tune an antenna. Your typical civilian FM radio broadcasts, for example, span a considerable frequency range with a difference in wavelength of around 25% from the highest to the lowest frequency, yet your car (or phone) can receive them all using the same antenna.
Third point: compression is irrelevant. If you're communicating between two devices which are *supposed* to communicate, such as between WiFi adapters, the decoding will happen automatically in the hardware. If you're communicating between two analog interfaces, such as a speaker and a microphone, the signals will pass through an ADC - an Analog/Digital Converter - to transform them between the digital format that the computing hardware understands and the analog waveforms of the transmission medium.
Fourth point: there is absolutely no reason why you couldn't infect a system through a USB device. When a USB port is connected, the machine queries the device for its particulars, including the device ID (how your computer knows the difference between an iPod and a printer), USB interface version, and other metadata. This happens even in modern BIOSes and EFI systems; how else could a computer boot from a flashdrive or external hard drive or USB-connected floppy drive? A vulnerability in the code which handles this handshaking could be exploited by the device - after all, there's an exchange of data going on, and the data needs to be parsed and processed - to take over the system at the firmware level.
Fifth point (but related to fourth): exactly *what* sort of "security system" do you expect to catch this? Your antivirus program, the one that runs as a process on the CPU and probably doesn't even pay attention to USB connections and disconnections, only to file systems being mounted or removed? Your state-of-the-art BIOS security, which amounts to requiring a password before running the Setup program and allowing you to block writes to the boot sector of the disk? The machine you pass every USB device through before connecting it to your computer, which uncaps the chips and traces out all their circuitry looking for anything that would send unexpected data?
Sixth point: You want to know the difference between a speaker and a microphone? Whether you pay attention to the currents constantly travelling on the wire from the transducer, or only bother applying your own currents to make the driver move. Mics typically need amplification (a trivially simple electrical circuit, by the way, EE101 material if you didn't learn it earlier) before the signals are strong enough to drive another speaker loudly enough for you to hear it, and it's possible to make a transducer which is much better suited to be a speaker or a mic, but either one can act as either.
Seventh point: pretty irrelevant, but unless you put a diode on that wire, electricity can flow down a wire in either direction. Speakers (and mics) don't typically have diodes. In fact, sometimes they are explicitly designed to have electricity flow in both directions as the sound waves move the magnet closer and further from the coil (for electromagnet-driven microphones; there are other kinds) or the electrical signals flow one direction to push the driver's magnet out and the other direction to draw it closer in (for electromagnet-driven speakers).
Eighth point: also pretty irrelevant, but speaker and microphone cables actually make pretty decent radio antennas. Ever noticed how smartphones require you to have headphones connected before the phone can pick up FM radio? That's because it uses the wire to pick up the signals from the radio waves. The frequencies are much too high for you to hear - typically radio waves in in the range of hundreds of kilohertz up well into the gigahertz, while audio signals are only a handful of kilohertz (most humans can't hear any higher than the low double digits of KHz). They are also *usually* pretty faint, but not always. Try listening to a speaker whose wire goes past a poorly-shielded AC motor (or anything else with significant AC current flow) and you'll hear a distinct 60Hz (or 50Hz, depending on what the mains in your country uses) hum. It's low-pitched, but it's audible, and it is coming from the AC wires and/or equipment into your speaker wires, then being rendered into sound by the speaker drivers.
Ninth point: back to the malware at hand, the radio waves aren't affecting the BIOS directly at all. The radio waves are being picked up by the radio transceiver (you would probably call it a WiFi adapter) and being converted into digital signals, then those signals are being sent to the rest of the computer. With the right exploits in the OS and/or BIOS, those signals could trigger the firmware flashing system, overwriting your BIOS/EFI with data from the transmitting computer.
Tenth point, and looping back to something you seem to have misunderstood from the beginning: the reason that this malware is so unusual is because it communicates between infected machines without any conventional network interface (including WiFi); instead, transmissions are sent via the speakers and received via the microphones. Some very low-level program is monitoring the data from the mic at all times (no different really, aside from being hidden, than any other program that listens to the microphone), looking for any waveforms that resemble the data it expects. Because this data is sent at a range outside of human hearing, you don't even notice it happening. Because it doesn't go over the conventional network interfaces, it works on "airgapped" computers that have their conventional interfaces disabled or removed. It probably doesn't have much range - the speakers aren't that powerful (or microphones that sensitive), especially so far outside their designed optimum frequency range, and there will be a lot of interference - but normally it's considered safe to have airgapped PCs sitting in the same room as one another, so you can analyze one (with the malware on it) while you remain connected to the Internet on the other.
I repeat: I remain skeptical. The infection vector is not fully determined right now, and the proposed option - USB devices (as opposed to data within USB devices) that attack the system they are connected to - is conceivable but unlikely. The concept of using the speakers and microphone as a short-range communication bus between airgapped machines is totally possible - it's been done before - but the use of sound as a communication medium was not conclusively proven, and anything well outside of human hearing range is going to be hard for the speakers to send and mics to pick up, most likely. The concept of malware that attacks the system firmware is totally reasonable, but usually it woul need to be very precisely targeted at that firmware; two Lenovos of the same family might both be vulnerable, a Lenovo and a Dell probably wouldn't be unless the attack was extremely sophisticated.
The most unlikely part of the story is frankly that it's so incredibly persistently attacking this one individual, but nobody else has reported it. There are a *lot* of security researchers in the world, with a lot of flashdrives being passed around between people and a lot of PCs that they've been connected to, and nobody else has noticed this attack despite it having some pretty clear markers Without independent verification and ideally a bit more study, it remains, at best, a curiosity.
Whatever it is, it doesn't come close to warranting a thread with WARNING in the subject line! @ricky310711, you should feel ashamed of yourself for trying to spread fear. Your summary of how this thing is believed to operate is almost as inaccurate as your assessment of its threat level, and overly sensational besides. For shame!
Click to expand...
Click to collapse
You completely missed my point, aside from the green text
The long list of things were to correct misconceptions about the technologies involved; both for you and the OP. I'm aware that most of them aren't related to BadBIOS itself, really, just corrections to misinformation about subjects related to BadBIOS, but if you're going to tell somebody they're wrong you should make sense and avoid factual errors while doing so...
@ricky310711 I'd say I'm sorry, but I'm not, really... this is the forum equivalent of a email chain letter, sent by somebody who read something they didn't understand and then muddled it up further (I'm not sure which is worse, that you claimed it *spread* by radio, that you claimed it spread *by radio*, or that you claimed that this spreading by radio was *confirmed*; they're pretty much all wrong), added a huge load of sensationalism and fearmongering, and blasted out to everybody to "warn us." Warn us of what? Even if you'd gotten the description even remotely right, what exactly were we supposed to do about it? Not connect any strange USB devices to our computer? That's generally good advice - though also inconvenient, so nobody ever actually follows it except in high-sensitivity work unless they are paranoid - but you didn't actually say anything of the sort!
I have actually researched this, so far I havent came to a conclusion that this actually exist but I have seen videos and found out it has possible for the high radio frequency transfer?
Sent from my GT-I9300 using xda app-developers app
ricky310711 said:
I have actually researched this, so far I havent came to a conclusion that this actually exist but I have seen videos and found out it has possible for the high radio frequency transfer?
Sent from my GT-I9300 using xda app-developers app
Click to expand...
Click to collapse
No, its not possible to send data via RF transfer without the other machine being prepared for this (wifi for example is radio, but is prepared only for 2.4ghz or sometimes 5ghz transfers of a specific type). Your PC doesnt have proper transmission abilities either beyond wifi and bluetooth etc which again are specific data.
You cannot just have a machine sit idle and magically generate a radio signal which will infect another machine with a virus.
Correct. Note that it doesn't necessarily need to be doing much more than having the radio on, though. For example, when your WiFi adapter scans for networks to join (like it does repeatedly when on but unconnected) it receives data from other devices and parses it. A vulnerability in that parser could be exploited, and if it were a really bad vulnerability, malware could conceivable spread that way. I'm pretty sure that's not what's happening here; security researchers know better than to bring an infected machine with an active WiFi adapter into range of another active WiFi adapter.
GoodDayToDie said:
Correct. Note that it doesn't necessarily need to be doing much more than having the radio on, though. For example, when your WiFi adapter scans for networks to join (like it does repeatedly when on but unconnected) it receives data from other devices and parses it. A vulnerability in that parser could be exploited, and if it were a really bad vulnerability, malware could conceivable spread that way. I'm pretty sure that's not what's happening here; security researchers know better than to bring an infected machine with an active WiFi adapter into range of another active WiFi adapter.
Click to expand...
Click to collapse
There is that issue yes (haven't heard of this being done via wifi, have heard of an older intel NIC having a similar exploit though) but of course 1 exploit would likely only work on one specific wifi card family or possibly only one model within that family. An exploit for my old laptops broadcom wifi adapter likely wouldnt impact the qualcomm atheros adapter in my current laptop.
Which kinda brings me onto something else.
The researcher listed a few devices which had their bios firmware infected and many of them used entirely different motherboard chipsets, heck, he claimed a mac was infected and the chipsets driving their bios are totally different from those usually found in other machines.

On 7" terrible wifi connection

Hello I just bought the 7" onn tablet from Walmart yesterday. The wifi connection is TERRIBLE. I've tried TWO different routers and modems and even a wifi extender, if I move 10 feet from the access point my connection drops to basically nothing. Then ON TOP of that it I connect my Bluetooth the tablet could litterally be sitting next to the access point and lose internet and audio! Nevermind the fact I can't move 5 feet or I will loose my Bluetooth too! And don't tell me the Bluetooth is interfering with my wifi, the wifi is dog **** without the Bluetooth even being on.
Is this a defective item or all these ONN tablets like this?
Edit: I am also using updates from June 5 2019. I have tried updating BOTH system places, and BOTH updates say I am current!
Straitshot47 said:
Hello I just bought the 7" onn tablet from Walmart yesterday. The wifi connection is TERRIBLE. I've tried TWO different routers and modems and even a wifi extender, if I move 10 feet from the access point my connection drops to basically nothing. Then ON TOP of that it I connect my Bluetooth the tablet could litterally be sitting next to the access point and lose internet and audio! Nevermind the fact I can't move 5 feet or I will loose my Bluetooth too! And don't tell me the Bluetooth is interfering with my wifi, the wifi is dog **** without the Bluetooth even being on.
Is this a defective item or all these ONN tablets like this?
Edit: I am also using updates from June 5 2019. I have tried updating BOTH system places, and BOTH updates say I am current!
Click to expand...
Click to collapse
No, they are (obviously) not all like that. Might have a sample defect; sounds like the internal antenna may have an issue
Yeah I'd concur with @DB126. Sounds as though your tablet has an faulty antenna connection. If you cannot exchange or return the tablet, I can get you some instructions together for checking your internal antenna connection and repairing it if necessary. The antenna for WiFi and Bluetooth typically consists of a single (or pair of) wire with an FPC circular connector on each end. One connector usually attached to the main logic board and the other end will connect with the secondary (power) board. If either FPC connector gets detached, your WiFi/Bluetooth/Cellular signal will malfunction exactly as you have described -- little to no signal unless you are within a couple of feet from a WiFi access point or Bluetooth device.

Categories

Resources