I created a simple project poke-move to generate fake GPS signal via BladeRF playing Pokemon Go on predefined geography trace (You just sit in room with your iPhone while playing).
The script works quite well for iPhone 6, 6s, SE, but not for my iPhone 7 (My iPhone 7 has Intel baseband).
Why it doesn’t work for Intel baseband iPhone 7? I don’t have conclusion yet, but some guess: Maybe it is related to different iPhone GPS solution? (Broadcomm GPS performs better than Qualcomm GPS in aspect of anti-fake-GPS?)
(Finally I most probably have conclusion now. See the end of the article.)
GPS information of iPhone from internet:
iPhone 6: teardown: Baseband chip MDM9625 includes GPS
iPhone SE: teardown: Baseband chip MDM9625 includes GPS
iPhone 6s: teardown: Transceiver chip WTR3925 includes GPS
iPhone 7: teardown: Qualcomm baseband: Transceiver chip WTR3925 includes GPS
iPhone 7: teardown: Intel baseband: GPS chip BCM47734
Now question is: Will Qualcomm baseband iPhone 7 be attracted to fake GPS signal as easy as iPhone 6/6s/SE or not?
Anyone has Qualcomm baseband iPhone 7 to verify this?
Update:
Thanks to my friend @huanglin_bupt (twitter)’s experiment. She confirms that Qualcomm version iPhone 7 is still easy to be cheated as usual (6, 6s, SE).