Bring Pokémon to you with a Rohde & Schwarz signal generator
https://www.youtube.com/watch?v=9mC71c6zRUE
A team of Rohde & Schwarz engineers have found a new way to hack Pokémon Go, the massively popular app that debuted last month.
The engineers are generating GNSS data with a Rohde & Schwarz signal generator, and feeding the signal directly into the mobile device, making it possible to collect dozens of Pokemon right in the lab.
The team produced a video showing the hack, which has received almost 400,000 views on YouTube, and received coverage from Bloomberg and The Verge.
The Munich-based Rohde & Schwarz team provides the following hardware diagram of the setup:
The team also describes the technical details:
“The setup is a little proof of concept by simulating GPS signals with an HIL — hardware in the loop — interface, which can also be used for a flight simulator or similar applications.
“A R&S-SMBV100A vector signal generator serves as a source to simulate real-life GNSS RF signals. We use a custom PC software with a joystick controller for the ultimate gaming experience *wink* — it may as well be controlled with a mouse. This software streams HIL commands to the signal generator over a LAN interface and interpolates position and velocity changes. The interpolation will be done according to a desired inertia model — pedestrian/car/plain — we actually used a slow car here with a maximum speed of ~15km/h. This is useful, for instance, if you assume that cars will not make 90° turns.
“We set the GNSS coordinates of the signal generator to some arbitrary position in the world and start the HIL mode — this will result in a ban if you jump quickly from Moscow to Sydney! You have to wait a reasonable amount of time in between.
“The signal generator simulates a real-life GNSS RF signal, which is fed indirectly into the mobile phone and to a u-blox M8 GNSS receiver. This is why we use an RF splitter. The losses from antenna to device are roughly 30 dB. We therefore generate a signal of -80 dBm in order to achieve the common GNSS signal strength of -110 dBm at the device. The idea behind the shielding box is to protect the device from the signal from outside. You could also build the setup in a cellar.
“We use the corresponding u-center v8.11 software, which is connected to the GNSS receiver to visualize our current position using a Google Maps plug-in. The u-blox is connected via USB to the computer.
“By doing so, we create a closed-loop realtime GNSS simulation with user feedback and interaction.”
About the Author: Tracy Cozzens
Senior Editor Tracy Cozzens joined GPS World magazine in 2006. She also is editor of GPS World’s newsletters and the sister website Geospatial Solutions. She has worked in government, for non-profits, and in corporate communications, editing a variety of publications for audiences ranging from federal government contractors to teachers.
Subscribe to GPS World
If you enjoyed this article, subscribe to GPS World to receive more articles just like it.
Now R & S can make another fortune selling this setup to those folks who want to hack the game big time. A super business opportunity indeed. Just give me written credit for the suggestion, seeing an idea work out is a great reward.
This was obviously a students project of some kind and not an actual business case. Awesome idea by jumping on the recent Pokemongo hype. Gives them a lot of publicity showing off what they are capable to do with a hardware in the loop setup. Quite impressive!