 This is my talk on electronic weaponry. I initially titled it how to rule the world while shopping at Radio Shack. I proved myself wrong on that one. I went to Radio Shack. Let's just say they don't sell speakers anymore. So I don't know what else to say. They do have some cool stuff on sale if you want electronics, so. So the stuff I'm playing with, high voltage, high current can kill you. It can also destroy all the electronic stuff that you care about. So if you decide to muck about with it, keep things you care about it shielded or far away. Just saying. And also FCC really doesn't like you broadcasting on frequencies that you're not licensed for, especially high power levels like taking out cell phones, ambulances, airplanes. They tend to come to your house. And like I think the minimum finds about 10 grand not to mention jail time. So, there you go. I'm not good at talking. So, y'all are in for a ride. This is my 10th year at DEF CON. I decided to give something back to y'all, so here I am. Who's here for the first year? Anybody? Good. We need more people. Yes, the reviewer is getting full, but we still need more people. So keep coming back. So I'm going to go over what EMP is. This is a pretty basic talk. I was looking mostly to judge interest. I mean, I can go into like far deeper topics, but most people I know are programmers. So this is more aimed at people that don't have hardware knowledge or are getting into hardware knowledge or are wondering what all the hype is about EMP. There's also a thing called EFI or RFI which is interference. It's more like a DOS attack. And then we have the cutting edge laser type stuff that the military is using to do things like shoot drones out of the sky and shoot satellites. And I'm also going to demo a sonic attack. There's a thing called LRAD, I'll cover it in a little bit, but I basically build a small version of it from a trip to fries and radio shack. I just want to assume that up on the screen there's some basic electronic concepts. All conductive material acts as an antenna. That's why EMP matters. Your shielded case actually will absorb RF and will produce a voltage because of that. The more RF or EMP power, the higher the voltage. Get to about 100 volts, get to about 10 volts and most ICs stop working. CMOS type things are rated at 3 volts, so you put 100 in them and they just go flash in the night. Most communication things run on one or two watts like your cell phone, you know, about two watt transmitter. So if you put anything out bigger than that, you can easily swamp and just take out everybody around you. The only good way to build an EMP is a nuclear weapon as of right now. There are some other tests that are, it's like a compressed flux explosive, but it's all explosive generated so I'm not demoing that either. I don't want to go to jail. Ohm's law is the basic thing you really need to learn. Knowing the power levels you're going to be messing with will save your life. It's saved mine a couple of times. We know all computers run out binary signals. It usually means like plus or 0.3 volts or 0 or 5 volts. When you start sending like 2 volts, you get into a floating state and makes logic go all haywire. So by injecting a 2 volt signal, you can make things go really crazy. Just a rule for transformers, you will trade current for voltage, which means you see neon sign transformers are putting out 15,000 volts off the wall current. They're putting in about 10 milliamps. That's still enough to kill you, but it won't make you catch on fire usually. RF powered dimensions over distance. Just like light does. It's a square inverse law. So the farther you are away from the target, the better off or safer you are. I can say I've done things with spark gaps and interrupted cell phone and cordless phone a quarter mile from my house. I found this out on accident because my neighbors asked me if I had problems with my phone that day. I also was really close to an EMS station. Yeah, not good. This is XKCD. I'm sure you've all seen it before. I ran across it when I was doing some pictures for the talk. It just basically covers like the spectrum of RF. Everything basically is energy, like matter, all of its energy. It comes down to what frequency you're vibrating at. So 60 hertz to light. It's all RF. It's all EMP based idea. Okay, so RF or electromagnetic interference is usually a DOS type of attack. You're usually not going to damage the thing completely, but you can stop service. Doing things like, oh, a lot of theaters overseas are using cell phone blockers to stop people from using cell phones in the movies. That's an FCC violation. There is no licensed jammer in the U.S. You can buy jammers on the internet, though. Pretty easily. For a while I was actually going to list off places you can buy them. Yeah, Google. Okay, so some of the easy ones to build are a spark gap transmitter, which is a really, really wide base, wide bandwidth device. And you can buy some other off-the-shelf transmitters. Spark gap transmitter was the first device used to transmit over air. One of the first tests was actually to cross the Atlantic Ocean with our radio signal using Morse code to give you the idea of power levels. In the like 1920s they were doing RF, and they could cross the ocean with it. Now we have a lot of noise in the air, but RF still works. You can still use spark gap transmitters. Just the FCC doesn't like it because it's not very focused anymore. They're really easy to build. That is a basic spark gap transmitter schematic. A battery, a coil, a couple of capacitors, a spark gap and an antenna. It'll put out RF like you will not believe. Not demo net. Off-the-shelf transmitter, like I said, I thought about talking about, you know, like you can buy them. Anybody can buy them. I mean, there are China distributors that will ship you things that will block out cell phones and stuff for 50 bucks, $100. If you get caught with it, yeah, not good. Also, ham radios, a lot of them, the reason they sell them to ham radio operators is because they can usually operate on licensed frequencies that they're not normal for public, like airplanes. You live in an airport, you start keying up those airplane frequencies, the black trucks will show up at your door. They will try to annihilate on you and be unhappy with you because you can mess with the telemetry. So, just to talk about cumulonix city of circuits, this is a pretty simple transmitter. Anybody can build this with basically a trip to like Digi-key, you know, on the net, order the parts, put it together and you have a transmitter. Not as high power, but it runs on a 1.5 volt battery. So you're not really going for high power at that point. Okay, so EMP, an EMP is an electromagnetic wave, electromagnetic wave with enough power that it can create overvoltage situations in wires and traces. What that means is, as your wire, as the traces in your device are acting as a circuit, it'll induce enough power, enough voltage, enough current to blow out the pieces, which is basically everything you use nowadays. There's a lot of people that are thinking about like, you know, well, what happens if an EMP is launched or fired over the U.S.? Or what happens if a nuclear is fired over the U.S.? A nuclear bomb is horrid. A nuclear bomb detonated in air over the U.S. is 10 times that. Because while a nuclear device would be very localized, like it would take out a city or two or something, EMP could take out a coast. And all of it would stop, like all of your trucks, all of your cell phones, all of your everything. Luckily, they're kind of hard to do. So as I was saying, EMP's long range, difficult task, all of them require either a large power grid, where you probably need to be noticed, or atomic nuclear weapons. A guy named Arinko Fermi was the first guy that came up with it. He was part of the initial atomic bomb testing. And he's the reason we have recorded stuff about those tests, because he's the person that pushed to get everything shielded. And that's the reason we still have some of that scientific data now. Even with it, we still had lost a lot. There are reports of EMP type weapons being used that are non-nuclear. It's basically a government-only type thing. Popular science actually did, or it was popular mechanics, one of the two, did a little article on it. It was like a blurb about, you know, an EMP that was local and it was still explosive-generated, but it was like smaller and it didn't use a nuke. There have been reports of it being used in Iraq, but nothing confirmed. It's called an explosively-pumped flux compression generator. Basically, you charge up this big coil with a lot of power, and you set off a bomb underneath it that makes it change from like a thousand coil wire, or a thousand wrap coil to a one coil wire. So the magnetic flux just goes, current goes up really fast. Like I said, another option to use a low-inductance capacitor bank charged into, or jumped into a single coil antenna. That'll also give you a low-range EMP type effect. And I mean low-range, I mean like around me, not the room. Capacitors are heavy, not shipping them. Why do we care? Like I said before, I mean, how would you feel without your smart phone? I talked to a guy that recently had his Apple branded phone die on him on the way to a new city that he never been to before. So he lost his cell phone, his GPS, all of his directions, you know, all of his phone numbers because we rely on them so much that, and he was in a city that he knew no one. And he kind of wandered into a bad part of Houston. Luckily he got out without any scrapes, but it was still, it was very scary for him. How to protect from RFI and things like that. Basically good shielding using a spread spectrum frequency hopping will help you avoid it to a point unless somebody's just blasting out a lot. Better data correction of course will help you. But the best thing is just get away from it. That's the same thing with the MP. I mean, you can build a Faraday cage and if you have enough power near you, it'll just go through the Faraday cage like it's not even there. So there's some, the other thing I was going to go over really quickly are the projectile based things. Railguns, coil guns are called goss guns. Really cool. Not really what I'm going to talk about too much. I'm just covering them because they are considered electric or electronic weapons. Coil guns basically is a magnetic field to pull a magnetic projectile down the barrel. Using timing and lots of power you can get 22 caliber speeds give or take. Some people have beaten that a little bit. Railguns are much more efficient, but they require much more power. So I think Texas A&M has a railgun type thing. The military has one that they're working with. There's a couple guys on the internet that have built them. All requires large capacitor banks. Pretty interesting, but yeah, it's still a bullet. I mean, they're nowhere near the efficiency of just gunpowder yet. Weaponized lasers are coming of age. These being used nowadays for everything from blinding people like targets like terrorists will blind them to stop them from coming to shooting drones out of the sky. They've done three or four tests now I think with the military's newest weapon tracking system that uses a laser or a directed energy weapon to knock a predator out of the sky. This is a Navy based thing, but the fact that it works is kind of scary. They also have one that can knock out satellites. They did that a couple years ago actually. It got no press of course, but they shot an Air Force satellite out of orbit and blew the camera off. So they hit something this big from the ground. I thought that was pretty impressive considering all the atmospheric distortion you have to take up with. The miracle laser is actually in New Mexico. It's not too far from here. I want to go there one day, but I don't think I'll ever make it. So now you've noticed all these devices are pretty power hungry. I'm going to go through some pretty simple, easy to do at home power supplies for them. I'm going to go through really fast and supplies just for the people that don't have electronics experience at all because I think building in the bottom is best starting with a good baseline. We have the resistor. Basically it's a resistive flow of energy, turns it into heat, used in a lot of things pretty much. That's what it looks like. Hoils, also called inductors. They store energy in a magnetic field. They can be more efficient than capacitors, but are usually more prone to heat damage. Capacitors store energy between two plates. They're the bread and butter of all of the electronic weapons out there nowadays. Short of one laser that's actually a chemical laser powered by a jet engine. The diode direction current, transistors, basic electronic switches used in amplifiers, things like that. MOSFETs are really powerful or high current abilities for transistors the most part. And then you have transformers. Uses an oscillating or AC field to generate current in another one based on the number of coils. It's pretty easy. You can get ignition coils from their local auto zone or whoever you buy car stuff from. A lot more parts. Okay, so here's a Marks Generator. It's one of the more common uses to make spark gaps. You basically, you charge up capacitors and then you discharge them in series. You charge them up in parallel so you have, you know, say a thousand volt capacitor and you have ten of them. And you charge them up up to a thousand volts each. And when you discharge them, you discharge them in series so you add the capacitors voltage up over however many capacitors you have. So it's really easy to go to, you know, get a thousand volt capacitors off eBay and then produce a hundred thousand volt jump. I mean, it's really simple. This is a voltage multiplier. It's whenever you need high voltage DC. It uses a very similar thing but it uses diodes instead of sparks. And I actually meant to bring one of these with me but I forgot it. Okay, so this is actually the part that I started shifting the talk toward is using humans as targets. Recently, there have been a lot of advances in using less-than-lethal type of attacks from sonic to light. We have, of course, the taser. Everybody knows what that does. But yeah, they were called less than lethal until they started killing people. The heat ray is actually, this is an actual picture. I pulled it off a Wikipedia or something like that. They're using it as an active denial system like in military controlled areas. It basically uses a very, very high frequency microwave beam to make it feel like your skin is on fire without doing any damage. It's supposed to only penetrate a couple layers of skin. It's really uncomfortable. It makes you feel like you're getting a sunburn really fast and they kind of sweep it through the crowd to get people to go away. It'll blow through your clothes like nothing so you just feel like your whole exposed surface of your body is on fire. Don't think that's really fun. Glad I'm not on the other side. There's actually a thing that the DOD had built for them. It's basically flashing lights. Everybody here I'm sure has been to a concert at one point in their life and had the strobes going and how disorienting whenever you have alternating strobes going off. They basically turn that into a weapon. These really, really high brightness things and it's about the size of a flashlight and they're actually selling these to police and things like that also as a mode on their flashlight where it blinks in a pseudo-random pattern to throw off your equilibrium because you're basically blinded and you have this strobe going and it just makes people sick and makes you really lose the will to fight. It was recreated by a lady named Lady Adda. She's Adda Fruit Industries. She made one that's about that big around just because she saw the video and she's good at that kind of stuff. Then we get to the LRAD. Now these are currently being used. This is what I made a little mini demo of because I didn't want to deafen everybody in the front row. If there's a good response I'll probably build a bigger one just to show that you can build it for under $30,000 but these have been used in New York. This is actually a picture of the New York police department's LRAD. They were used against some protesters in the Republican convention. They've been used against the Somali pirates. They're being used against people in Iraq and things like that. Think of being in the front row of the loudest rock concert you've ever had but it's only you because it's a beam directed weapon and it's really high frequency. So I have one of those like I said a little mini version of that to demo and I'll show you what it sort of feels like. This is the schematic for one using. Anybody that's in here has electronics experience, built stuff before. Everybody knows what the 5-5-5 timer is, right? Okay. 5-5-5 timer is what I'm using to make a square wave. There are a hundred different ways of doing this. You can use microcontrollers, you can use just a transistor, you could use anything. I picked the 5-5-5 timer because it's what I like and I mess with it a lot. These are the actual ratings that I'm using to generate the frequencies and I'm fixing to let you all hear. If anybody has sensitive ears to high frequencies I'll turn it off quickly so that, well, my roommate doesn't kill me. These are all the parts. I'm going to put these up on the Defconn website. They didn't get done in time for the CD so they'll all be up there if you want to build them. I kind of had to muck with the actual ratings to get it to work the way I wanted it to do. Building tips. Use a protoboard. Don't solder first. It'll drive you insane because you'll be chasing down something retarded. Basically this is to build. I used a DC filtering cap because it makes the speaker not burn out as quickly. I used a pretty big one. Do you have an idea how big this circuit is? That's it. That's it. It's one 5-5 timer, couple resistors, couple capacitors, a breadboard, two 9-volt batteries and some speakers I found at Fry's that have a flat frequency response up to 30,000 hertz. So that's why I picked those. Okay so now you have one thing you can really annoy the neighborhood dogs or whatever you want to do. I think I'm blue through this talk a lot faster than I expected it to. So I need to slow down a little bit. I want you all to hear what this talk sounds like. Can anybody hear that? So it starts at about this frequency and it goes uh. So if you had this kind of sound at airplane decibels is what the LRAD does. How long would you hang around? I mean if something is doing like this that you know at the volume that they're talking about 160 decibels is like the loudest rock concert or an airplane. So that's what that is. I've been messing with this stuff for a while so I really enjoy, see, thanks to everybody and yeah, make up questions. So I'm going to be going to the room, the QA room soon because it turns out that they really rather you do that instead. This is my first time talking so I went through this way too fast.