• General
  • RF reader spike (cell tower bands) when powering up

What is your radio lab setup for monitoring this? What frequencies are you seeing these transmissions upon and how do you determine that they are coming from the phones?

    Carlos-Anso

    Not a pro lab setup, I have a couple of home RF measuring devices and when I opened a thread on this forum I thought of what I measured with one of the RF meters a while ago and made it into this thread (another question another thread)

    I could check it again later (its been a while). But no lab here, just some readings I can't explain. Nothing more than a short burst or spike.

    Do you have a pro lab setup and own Pixels?

      Anticrime

      Couple of hard reboots. My cheap home meter says 1914 MHz and just lasts a fraction of a second.

      I can verify later using a more expensive freq counter which is in storage but this could be verified by other Pixel 6 owners. (EU)

      I have airplane mode on but this won't matter because the burst is prior to OS boot. Could it be a init of the chip, or does it ping the celltowers briefly?

      Kind of a giveaway someone uses a Pixel next door if you have some actual lab equipment:) you can see every time the device is booting from its emission

        • Edited

        Anticrime home RF measuring devices

        Could you share the model #s / relevant specs of these devices?

        I measured [...] some readings

        Its important to know: at what frequencies?

        Other stuff is important too:

        How far away from phone to measuring device?

        What kind of room did this happen in? (Hopefully it was inside a Faraday cage / anechoic chamber with 0 other electronics inside?)

        There are probably more things to make sure are set up correctly (I'm not an RF engineer!).

          Oops, didn't see the last post, ignore my most recent.
          @Anticrime Thanks for sharing some details!

            zzz

            Yes 1914MHz peek every Pixel6 boot

            I

            • zzz likes this.

            zzz

            Very close proximity, like next to the phone.
            This is a $200 home-amateur all-round RF meter but when it says 1914mhz that is pretty accurate.

            It's not about my testing equipment, I don't run a lab.
            Maybe another reader could verify with pro equipment

            But it signals , so powering on your Pixel may give away something?

            • Edited

            Anticrime My cheap home meter says 1914 MHz and just lasts a fraction of a second.

            Described at that level if detail, it could be anything. When a modern device including processors is powered on there are a lot of clocks that need to be spun up, and you could see brief spurious emissions when a clock is running far out of spec. An SoC could easily have several clock domains, and an RF modem could have more than one of its own.

            It could well be that turning on phones of different models would result in model-specific spurious emissions that could be fingerprinted. But it is also possible that two different Pixel 6's might emit different spurious signals.

            Check this topic
            https://discuss.grapheneos.org/d/10470-is-the-imei-broadcast-on-reboot-regardless-of-airplane-mode

            It has been speculated before that Imei is being broadcasted at power regardless of airplane mode but threads were locked by mods and no official answer also.
            However it seem to be device specific issue and not OS specific issue. So probably nothing can be done about it?
            Interesting to see if other devices behaves the same or if it is Pixel hardware specific issue.

              JayJay Check this topic
              https://discuss.grapheneos.org/d/10470-is-the-imei-broadcast-on-reboot-regardless-of-airplane-mode

              It has been speculated before that Imei is being broadcasted at power regardless of airplane mode but threads were locked by mods and no official answer also.

              I think one of those threads is locked and one isn't.

              Regardless, more threads speculating about something doesn't make that thing more likely. What makes something more likely is evidence. Literally thousands of labs have the right kind of equipment to produce evidence (or to look and not find anything). And a quick search suggests that GNU Radio has LTE receiver support, in which case a lab full of equipment may not be necessary.

              The same freq is hit only on the Pixel device, not on other devices

              Someone looking into this sniffing the protocol with better equipment would be an idea , but unfortunately I don't have the skill or equipment for deeper research

              I'll leave it here maybe for someone else interested in the subject

              I’m sure many folks could pick this up.

              The problem is that they may not read this discussion, and if they do, they may not choose to comment.

              (I’m not sure I would)

                Anticrime

                A description of the signal characteristics would be interesting, but I’m not holding my breath.