Project Devlog: The Sigkill bag

A project that will involve some collaborative testing so I’m starting a separate thread for another sewing project here*.

px4a-20231025_1848041920×1440 185 KB

We’re making faraday bags!

Making a what?

A faraday bag is for the main purpose of blocking unwanted RF signals from reaching an enclosed device. Either to secure a device from electronic surveillance or data leaks, a proper faraday bag will prevent a cell phone, laptop, etc. from sending or receiving wireless data. Personal comsec/sigint is one use case, evidence collection and storage for criminal investigations is another. For the purposes of securing a phone, this provides a simple means of carrying a phone around for use when you need it, yet keeping it ‘off the grid’ until you do.

It also provides HEMP protection for small and sensitive electronics, per a few testing standards we’ll get into later. No I don’t mean it’ll keep the drug dogs from finding your stash, wrong hemp. This one is about High-altitude ElectroMagnetic Pulse

I’ll leave it to some of the other great minds of this forum to perhaps chime in with why this is a useful bit of kit to have. If you’re on this forum however, there’s a good chance you already know.

Can’t I just turn the phone off?

No. That really stops nothing from being tracked with the state of modern cell phones these days. It will just kneecap your own ability to get any use out of it in the meantime.

So is this like an absurdly overbuilt talisman like a “crystal that protects your chakras from the 5G’s”?

No, they’re not. Or should I say, mine won’t be. The sad state of online knowledge about protecting equipment and organic bodies from the damaging effects of HEMP, RF exposure, and lightning strikes is that its filled with preposterously absurd amounts of bullshit. Even for the internet. Countless bizzare old-wives-tales exist everywhere on the topic from supposedly legit product marketing, to even most amateur radio forums. I see the most demonstrably false claims about what protects what from lighting/EMP damage on the HAM radio forums from people who supposedly have a scientific background and/or have at least read the ARRL radio handbook.

I make no claims to being an expert on the subject, but I do read the books by those that are. ‘The Grounds for Lightning and EMP protection’ by Polyphaser is a terrific primer on the topic of how to lightning proof a radio tower; it also covers how a lightning strike behaves, how and why the surge propagates through the ground and nearby conductive materials, as well as the similarities and significant differences in the mitigation required for lightning strikes vs an EMP.

Anyway, I’m way off track here. My point is that garbage data on the subject exists everywhere, and sorting the legit, standards-tested engineering practices from slick-marketed talisman salesmen is a chore.

So what are you building again?

Right, the faraday bags! I’m calling mine ‘Sigkill’ bags if only because its the first amusing term about them that came to mind. These will be cellphone and laptop pouches made from TitanRF Faraday Fabric made by MOS equipment. Other brands of faraday fabric exist and they’re probably functional, but this is one of the few I’ve found that was supported by actual testing standards and data about proper design practices to use the stuff effectively.

Current plan is to do some quick and dirty testing with the materials and a bunch of binder clips, then proceed to make a couple cell-phone sized bags with 3-layers of the faraday fabric, combined with a hyperD300 waterproof outer layer and a soft ripstop nylon lining for scratch protection of devices. The rest of the materials I need just arrived yesterday so, actual test reports coming soon!

* Pun intended and you can’t prove otherwise.

Initial impressions of the fabric

px4a-20231025_1850011920×2560 344 KB

Softer than I expected, quite stiff though. Sort of like a sheet of transparency film. I don’t have the exact numbers in front of me but this was, IIRC, something like 60% polyester, 30% copper and %10 nickel content.

px4a-20231025_1850241920×2560 405 KB

A closeup of the material. There was a bit of a frayed edge here, but pulling at it it seems much more fray-resistant than say, typical ripstop nylon. I could pull a small tear in it, but it took some doing. Fairly durable stuff on its own, given some very preliminary impressions.

Also I got a roll of tape with conductive adhesive. Holes and stitches can allow RF leaks, so they say, so I’ll be using the tape as a sort of seam-sealer over the threads to restore the full integrity of the shielding.

Ideally a shielded device would be completely sealed in all the way by the material, but that wouldn’t be very practical for repeated use would it? Typical ‘China Inc.’ faraday pouches for phones have one flap fold over the top. This may or may not be sufficient for RF signal rejection. This is not sufficient for HEMP protection. From all the brands that seem to have actual, professional customers and testing behind them use a double roll-top design. Rather like the way one would roll down the top of a dry-sack.

And I’m using HyperD 300, so bonus, my design will be a waterproof pouch for the electronics as well.

Excellent. I used to name Windows servers after Unixisms. I had Devnull and Kill9 for a while.

Interesting. For protection from emp, that should do fine as long as it’s insulated. Lacking insulation, RF should just couple to the metal mesh and continue to radiate in and out. But I’m not too familiar with emp.

For a device that’s on, my understanding is that it needs to be grounded. Commercial use for something like that is usually a clearish (so you can see the screen) mylar bag so you can test apps on cell phones going into zero signal locations.

RF shielded rooms are a sight to behold! They are double to triple shielded, to prevent leaks due to wear and tear of the door opening, etc. I have no clue what they do for the HVAC ducts! Also used commercially for secret cell phone development.

You could also consider glueing the seams and then sewing, that could eliminate the need for taping. Or turn some fabric into bias tape and wrap the seam and sew again. That will also contain and protect the edge from fraying.

YMMV. I’m not sure how to test it aside from building an emp generator (spark plug, old car coil, metal “horn” to focus the output) and somehow measuring the inside

I definitely don’t have the facility to do through EMP testing, so I’ll just have to trust ‘best design practices’ for that. I can test signal blocking in several ways though, and signal blocking as footprint-reduction and mitigating things like geofence warrants is the primary purpose for these anyway.

Not to say that building my own EMP generator for testing wouldn’t be fun.

The tape has a conductive adhesive, so it’ll be a convenient way to attach the insides together. It’ll make more sense when I get some pictures later this week, but the plan is to sew through the tape for the faraday material, then slip that inside a waterproof HyperD outer shell with the velcro closure strip attached, and then dress up the outside seams with grosgrain ribbon/bias tape.

I know they’re a thing. You can buy some from Mission Darkness. I haven’t the slightest idea what the inside looks like but apparently it block RF while allowing air through. I’m assuming some kind of conductive foam/batting/mesh like a cross between a memory foam pillow and a microwave oven door?

The simplest answer is ‘it depends’. People ask questions like ‘Will XYZ device/enclosure protect against EMP?’, and it’s just like pointing to a random building and asking ‘will that survive an earthquake?’.

How strong an earthquake? What kind? How far from the epicenter are you? What’s the duration? The strength, type and duration of the EM pulse will have different effects on different types of electronics, what kind of enclosure they’re in, what other external cable connections are present, if they’re powered or not. In some cases the device’s physical orientation to the source of the pulse can make a difference.

When the space weather is getting messy, some satellite operators will re-orient the craft to present either shielding and/or minimal cross-section toward the sun, and power down as many nonessential systems as possible.

Ultimately, it is certainly possible that a significantly strong pulse could destroy every unshielded transistor within a hundred mile radius. It’s possible that a strong enough nuclear blast will still cause damage through insufficient levels/designs of shielded enclosures grounded or ungrounded; then again it’s possible to be close enough to such a blast that the electromagnetic radiation is the least threatening radiation in your vicinity at that moment…

In the case of say, a slower-rise pulse caused by a coronal mass ejection from the sun, handheld devices are probably at fairly low risk compared to anything connected to grid power. If the pulse isn’t fast enough to cause a damaging voltage differential across the distance of a printed-circuit-board, then the damage it will cause will be the induced surge current proportional to the ‘capture area’ of the antenna it is attached to. When I say ‘antenna’, that means any conductive material, such as several thousand miles of power lines connected to a substation’s bank of massive IGBT and other switching circuitry.

Ultra preliminary testing!

px4a-20231106_1514111920×1440 284 KB

Well simplest test was just to shove someone else’s phone in the material as it came out of the packaging, clip it closed and try to call it.

px4a-20231106_1516271920×1440 261 KB

Well good enough so far. Couldn’t connect. Next step was to try an app produced by Mission Darkness. It just graphs RSSI of Cell, Wifi, and Bluetooth.

Not exactly lab-grade testing, but certainly the easiest thing to get started. It should be noted that a better test will have to occur later while I’m in town. I live on a hill with direct line of site to a cell tower, but it’s about 7 miles away. The bluetooth headset and wifi signals however should be quite strong.

I started each test with the phone out of the bag, placed inside and clipped together. In this first test I then took it outside (to reduce the signal reduction of the metal building I work in.). I then removed it from the bag outside, which accounts for the Wifi signal not returning.

Screenshot_20231106-152306864×1499 219 KB

I’m not really sure what to think of the bluetooth RSSI indications, as it seems to be ‘all there’ or ‘not at all’. However ‘no signal’ is the goal here so good enough. I even heard the bluetooth headset reconnecting and drop again while I was opening the bag and taking the phone out. That’s the middle orange spike in the above test.

Screenshot_20231106-152554864×1476 202 KB

I ran the test again while outside. Good results, the cellular signal seemed to have dropped off adequately.

Screenshot_20231106-152715864×1504 188 KB

Now here’s where I just kinda wrapped up the phone like a taco in the already folded layers of faraday fabric. Not exactly tightly closed, but similar to the single-flap designs you see 2-for-$12 online from china inc. Results are uh… not what I’d consider satisfactory.

Future plans are to test this while right next to a cell tower, and also involve someone with a HackRF-one to get some better rx/tx numbers at various frequencies.

Oh hey, I found the test data that goes beyond the 0-5Ghz chart in their marketing graphics. Keystone tested it up to 40Ghz:

Significant attenuation improvements for 2Ghz+ double-layer vs. single-layer. Looks like beyond ~10Ghz, a third layer adds very minimal improvement.

I always assumed I could just turn off my phone and stick it in the freezer in a ziplock…

Or just get rid of it…

“In your freezer” probably won’t block signal. You run Android, try the app Cale was using in your freezer. See how it works. And “Off” is such a lovely fluffy concept with modern devices. They’re never really depowered, and a range of malware has demonstrated the ability to convincingly simulate “off” state without actually shutting down.

If I can physically remove the battery from a device, I’ll trust it powered down with the battery out and on the table. Otherwise, sorry. Nope.

that’s rather unnerving.

Even if it does though, I gotta imagine that’s a mighty inconvenient thing to also fit in a backpack or purse

Signal blockers like this can protect other devices from remote access/tampering/tracking too. RFID keys/credit cards, remote-start keyfobs, transponders like the kind used for toll-road access, etc.

Yes. Welcome to why I decided to take a break from cybersecurity. It hasn’t helped.

Persistence without "Persistence": Meet The Ultimate Persistence Bug - “NoReboot” - ZecOps Blog is some work demonstrating the process on iPhone, including hijacking the “force reboot” keystrokes before the hardware performs the forced reboot.

I assume similar has been done on Android, as Android is a hot mess from a security standpoint on most devices, but search engines aren’t helpful searching for this sort of thing.

Oh, hey, related!

My metric is simply, “If I can imagine someone or something doing a thing that’s user and privacy hostile, it’s in widespread use among analytics firms, streaming TV sticks, and automakers selling connected cars.”

“Just because a product you bought comes preinstalled with an undeclared warrentless wiretap doesn’t mean it’s a privacy violation, US court rules” Is how I read that headline.

Exactly. Because the prohibition against warrantless wiretaps only applies to the government. Not to corporations.

What’s all this talk of wiretaps? It’s a convenience connectivity feature.