Difference between revisions of "Smartphone Wireless"
(Created page with "==Full Title or Meme== There are a large number of radios on a Smartphone. This wiki looks at those that are not part of the cellular network. ==References== Category: Glo...") |
(→Use Cases) |
||
(28 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==Full Title or Meme== | ==Full Title or Meme== | ||
There are a large number of radios on a Smartphone. This wiki looks at those that are not part of the cellular network. | There are a large number of radios on a Smartphone. This wiki looks at those that are not part of the cellular network. | ||
+ | |||
+ | ==Context== | ||
+ | ===Terminology=== | ||
+ | * RF = Radio Frequency | ||
+ | * HF = High Frequency | ||
+ | * UHF = Ultra High Frequency | ||
+ | * IR = Infrared - typically read by a IR sensor, but can also be an IR camera | ||
+ | * Light is even higher, but that is handled by the camera and not radios | ||
+ | * Exciter = an antenna that is designed to send energy to a passive RFID tag | ||
+ | |||
+ | == Existing Bands== | ||
+ | The distance measures here are for a "smart chip" to an antenna tuned to find and query the chip. | ||
+ | ===RFID=== | ||
+ | RF Identifier | ||
+ | * Passive = no battery, typically a tag applied to a inventory item - read range has been 12-15 originally now 30+ feet | ||
+ | * Battery Assisted Passive = typically a monitored sensor that is polled by RF | ||
+ | * Active = has battery and dual antenna - read range 300 feet | ||
+ | * Low Frequency 120 to 150 kHz. - near touch scanning | ||
+ | * HF/NFC 13.56 MHz - range in centimeters | ||
+ | * UHF = 300 MHz to 3 GHz - older | ||
+ | * UHF Gen2 = 860 to 960 MHz - range several meters (works through rain) | ||
+ | |||
+ | ===[[NFC]]=== | ||
+ | Near Field Communications | ||
+ | *Apple Pay | ||
+ | *Android Pay | ||
+ | * Smart card with build in antenna | ||
+ | * 13.56 MHz | ||
+ | * [https://www.idtechex.com/de/research-article/longer-range-rfid-at-hf/392 widely held limit of one meter can be extended]. | ||
+ | |||
+ | ===BLE=== | ||
+ | [[Bluetooth]] low energy + battery powered | ||
+ | * Also excited by a stationary antenna that causes the smartphone to respond | ||
+ | * Needs to have an app on a smartphone that is powered up and has bluetooth enabled that responds to the message with a UUID | ||
+ | * Operations at 2.4 GHz at about 70 meters between device and antenna. | ||
+ | * It is easy to test the range of BLE by seeing [https://blog.nordicsemi.com/getconnected/things-you-should-know-about-bluetooth-range how far away from the the phone an ear bud will work]. Typically that is about one room away. | ||
+ | * [https://github.com/vmware/herald-analysis/tree/develop/reference-data/rssi-raw-edison Here is some raw data on testing BLE] | ||
+ | * [https://developer.apple.com/library/archive/documentation/NetworkingInternetWeb/Conceptual/CoreBluetooth_concepts/CoreBluetoothOverview/CoreBluetoothOverview.html BLE connections may be used in ISO 18013-5] between mDL and reader, but security sessions are not required. The mDL can enable either peripheral or central roles. | ||
+ | |||
+ | ===WiFi=== | ||
+ | *Generally used for local internet connections. Can also be enabled by one of the above to send a UUID. | ||
+ | * Originally just used 2.4 GHz now also uses 5 GHz | ||
+ | It can be seen that the 2.4 GHz band is widely used for other applications including microwave ovens (as a result of the signal absorption in water) as well as Bluetooth, and many other wireless communications applications. Sometimes using other bands can improve the WLAN performance as a result of the lower interference levels. | ||
+ | |||
+ | ==Problems== | ||
+ | * Tracking and tracing are large potential problems, see use cases below. When radios display any [[Identifier]] or [[Attribute]] of any sort what-so-ever, the threat becomes even larger. | ||
+ | * Some of the radio chips, in particular BLE, can operate even if the computer is off, leading to increased range and effectiveness of tracking. It is even possible to hack the software running on the chip, but that requires a 'rooted' phone.<ref>Dan Goodin, ''Researchers devise iPhone malware that runs even when device is turned off'' Ars-Technica (2022-05-16) https://arstechnica.com/information-technology/2022/05/researchers-devise-iphone-malware-that-runs-even-when-device-is-turned-off/</ref> | ||
+ | |||
+ | ==Use Cases== | ||
+ | |||
+ | ===Contact Tracing=== | ||
+ | uses Bluetooth as it’s the most widely available technology. Bluetooth Low Energy devices are designed to be always on and, as the name implies, use very little battery. Depending on the scenario you can add in extra power management tricks. i.e., if there’s no accelerometer changes for many minutes, or contacts are constant, then you’re probably at home in bed, so check much less often for ‘contacts’. Wearables take this approach for example. Depending if you’re trying to “accurately measure risk” or “detect a contact or not” determines the level of data you need, and thus your scanning frequency. Generally though these apps will register a ‘background service’ - this enables the app user interface and non-Bluetooth components to be removed from memory, and only the network contacts/logging to operate. This saves battery consumption. 1-2% battery per hour, depending on age of device, is usual. That’s approx. half the battery use of WhatsApp just sitting in the background! | ||
==References== | ==References== | ||
[[Category: Glossary]] | [[Category: Glossary]] |
Latest revision as of 12:16, 20 May 2022
Contents
Full Title or Meme
There are a large number of radios on a Smartphone. This wiki looks at those that are not part of the cellular network.
Context
Terminology
- RF = Radio Frequency
- HF = High Frequency
- UHF = Ultra High Frequency
- IR = Infrared - typically read by a IR sensor, but can also be an IR camera
- Light is even higher, but that is handled by the camera and not radios
- Exciter = an antenna that is designed to send energy to a passive RFID tag
Existing Bands
The distance measures here are for a "smart chip" to an antenna tuned to find and query the chip.
RFID
RF Identifier
- Passive = no battery, typically a tag applied to a inventory item - read range has been 12-15 originally now 30+ feet
- Battery Assisted Passive = typically a monitored sensor that is polled by RF
- Active = has battery and dual antenna - read range 300 feet
- Low Frequency 120 to 150 kHz. - near touch scanning
- HF/NFC 13.56 MHz - range in centimeters
- UHF = 300 MHz to 3 GHz - older
- UHF Gen2 = 860 to 960 MHz - range several meters (works through rain)
NFC
Near Field Communications
- Apple Pay
- Android Pay
- Smart card with build in antenna
- 13.56 MHz
- widely held limit of one meter can be extended.
BLE
Bluetooth low energy + battery powered
- Also excited by a stationary antenna that causes the smartphone to respond
- Needs to have an app on a smartphone that is powered up and has bluetooth enabled that responds to the message with a UUID
- Operations at 2.4 GHz at about 70 meters between device and antenna.
- It is easy to test the range of BLE by seeing how far away from the the phone an ear bud will work. Typically that is about one room away.
- Here is some raw data on testing BLE
- BLE connections may be used in ISO 18013-5 between mDL and reader, but security sessions are not required. The mDL can enable either peripheral or central roles.
WiFi
- Generally used for local internet connections. Can also be enabled by one of the above to send a UUID.
- Originally just used 2.4 GHz now also uses 5 GHz
It can be seen that the 2.4 GHz band is widely used for other applications including microwave ovens (as a result of the signal absorption in water) as well as Bluetooth, and many other wireless communications applications. Sometimes using other bands can improve the WLAN performance as a result of the lower interference levels.
Problems
- Tracking and tracing are large potential problems, see use cases below. When radios display any Identifier or Attribute of any sort what-so-ever, the threat becomes even larger.
- Some of the radio chips, in particular BLE, can operate even if the computer is off, leading to increased range and effectiveness of tracking. It is even possible to hack the software running on the chip, but that requires a 'rooted' phone.[1]
Use Cases
Contact Tracing
uses Bluetooth as it’s the most widely available technology. Bluetooth Low Energy devices are designed to be always on and, as the name implies, use very little battery. Depending on the scenario you can add in extra power management tricks. i.e., if there’s no accelerometer changes for many minutes, or contacts are constant, then you’re probably at home in bed, so check much less often for ‘contacts’. Wearables take this approach for example. Depending if you’re trying to “accurately measure risk” or “detect a contact or not” determines the level of data you need, and thus your scanning frequency. Generally though these apps will register a ‘background service’ - this enables the app user interface and non-Bluetooth components to be removed from memory, and only the network contacts/logging to operate. This saves battery consumption. 1-2% battery per hour, depending on age of device, is usual. That’s approx. half the battery use of WhatsApp just sitting in the background!
References
- ↑ Dan Goodin, Researchers devise iPhone malware that runs even when device is turned off Ars-Technica (2022-05-16) https://arstechnica.com/information-technology/2022/05/researchers-devise-iphone-malware-that-runs-even-when-device-is-turned-off/