Jump to content

Zoombak - To hack or not to hack


Recommended Posts

What are you thinking of doing with it? Personally it seems like a waste of time. And also it is not a good idea to ask it is hackable for future reference. Try doing a vuln seach.



Link to comment
Share on other sites

And also it is not a good idea to ask it is hackable for future reference.

And why is that? Hacking in itself is not illegal. What you do may be though.

@CBSab - I would check with Moonlit, as I think he hacks GPS devices a bit. Google for starters, and then come back with what you found.

Link to comment
Share on other sites

I haven't done a lot of research on these particular devices but I imagine it could be a cell phone with a built in GPS (but with no screen or buttons, of course). I had considered making my own version with a cheap prepay mobile phone and a serial or bluetooth GPS inside a small waterproof box but my lack of Java knowledge prevented me from writing the software to accomplish it. I don't know exactly how the data is sent back on these particular models but if it is a cell phone it could be either some form of data connection (GPS data doesn't require much bandwidth) or a simple SMS based system. Replacing the SIM card, if it has one, could allow you to bypass the service charges and pay for alerts and such on your own tariff (as far as I'm aware that's entirely legal, you're not losing the Zoombak guys any money and you're still paying for service but you're paying your mobile carrier instead).

Basically I think it is hackable but without knowing exactly how the communication between the device and the service works I can't say exactly how hackable. If you can access the device's alerts and updates from the device itself I'm sure you could probably integrate it with Google Maps or Google Earth instead of their proprietary system Microsoft's Virtual Earth. Be aware though that if the device uses SMS to send the data back then it may work out to be expensive to receive realtime location data (a solution to this is to receive the updates less often and guesstimate where the device is inbetween, or record the route and send it back each hour or so).

Edit: Apparently it uses T-Mobile's network in the USA, I'm going to guess it uses SMS rather than data due to lower power usage and higher coverage. The device likely SMSs data back to the service's back end every so often so you can view it on their website or have it forwarded to you via SMS.

Edit2: It seems you can have 60 minute sessions where updates are sent at 5 minute intervals, that's 12 SMSs per hour. Given that SMS is 20c a shot, that's $2.40 an hour. At $57.60 per day if you track in realtime for a solid 24 hours, that's more than a month's service with Zoombak*, so they're either not using SMS, getting special rates from T-Mobile, or they have a limit on how many reports you can have in a month (which probably explains the lack of true realtime tracking and the 60 minute limit).

(*Apparently I managed to completely forget about the existence of "unlimited SMS" plans and similar enticing discounts. A contract with a cheap SMS rate or a given number of SMSs for "free" would solve the price problem.)

Just to clarify, I'm not 100% convinced that it uses SMS, it could still use GPRS/EDGE/HSDPA (where available) which would probably work out a lot cheaper because you only pay for data transferred and it costs less than SMS. SMS is much more robust, however, in that it doesn't require a constant data connection and most devices will retry until an SMS is sent, the network will keep trying to send the SMS until someone receives it, you can receive reports when SMSs are successfully received, etc...

I don't know much about the battery performance of the device other than I've read that it will die after 12 hours continuous tracking but will last 5 days with no access to it. Though with a little more knowledge of battery drain I'm sure that information could be used to guess whether SMSs or a data connection are used.

Summary: I'm sure you probably could do something with this device other than what it was intended to do but I'm not sure it would be cost effective to bother when you could buy a cheap phone and a cheap GPS device for the same price or less, this way you have much, much more control and you can do a lot, lot more with the same basic kit... oh, and you don't need to tie yourself to a contract either.

Replacing the SIM probably would work but it wouldn't gain you much beyond perhaps better coverage. How that would affect the device's integration with the system I don't know but I imagine it probably wouldn't make much difference - they would probably know, however, if the service is SMS based because your number wouldn't be a T-Mobile number.

There's not much else I can think of to do with this device tbh, unless it's not very tightly integrated, perhaps you could use the internals to send other data from a serial device via SMS, or remove the GPS for another project. Chances are though that this thing's heavily integrated and you're probably not gonna get much out of it if you take the thing to bits.

Link to comment
Share on other sites

  • 2 years later...
  • 2 weeks later...
  • 2 years later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...