The paper's central thesis is that commercial LEO RF telemetry plus Sentinel-1 SAR is sufficient to triangulate a high-power jammer to a 200m radius using only public-ish data. They demonstrate this by localizing the Kaliningrad emitter to a single city block on Ulitsa Dvinskaya, validated against a known reference in the Netherlands at 180m CEP.
By submitting the paper with a framing that highlights the accessibility of the technique, they amplified the 'attribution-from-a-laptop' angle that drove the post to 315 points in under six hours. The submission framing emphasizes that what was once a state-level SIGINT capability is now reproducible by independent researchers.
The editorial argues that framing this as an aviation safety story understates the blast radius. GPS is the world's free universal time source — Stratum-1 clocks, CDN edges, 4G/5G base stations, and financial matching engines all derive from rooftop GPS receivers, so a Kaliningrad jammer denying 400km of airspace also cascades into telecom hold-over drift and payment network timing.
The authors explicitly note that pilots on FIN, LOT, and Ryanair routes have logged GNSS loss since 2022 — the interference is a known, ongoing condition. Their contribution is methodological: turning a years-old operational nuisance into a geolocated, named-address attribution using commodity satellite data.
A paper posted to arXiv this week (2606.03673) by a group of European researchers — including affiliations with TU Delft, the Royal Observatory of Belgium, and the German Aerospace Center (DLR) — traces a persistent, high-power GNSS interference source affecting commercial aviation across the Baltic, Poland, and eastern Germany. Using nothing but commercial LEO satellite RF telemetry (Spire, HawkEye 360-style passes) and Sentinel-1 SAR for terrain correlation, they localize the emitter to a ~200m radius inside Kaliningrad Oblast. The paper names a specific complex on Ulitsa Dvinskaya. Hacker News pushed it to 315 points in under six hours.
The technique is almost embarrassingly simple: jammers leak. Every uplinked GNSS spoof or noise blanket bleeds into the L1 and L5 bands hard enough that any LEO sat with a wideband receiver — and there are now dozens flying — sees the spectrum saturate as it passes overhead. Stack three passes, fit Doppler curves to the time-of-arrival residuals, and you get a position fix. The authors validate against a known reference emitter in the Netherlands and hit 180m CEP. Against the Kaliningrad source, repeated passes between January and April 2026 cluster inside a single city block.
The interference itself isn't new. Pilots flying FIN, LOT, and Ryanair routes have logged GNSS loss over the Baltic since 2022. What's new is that you can now do source attribution from a laptop, using public-ish data, in an afternoon.
GNSS isn't just navigation — it's the world's free, universal time source. The Stratum-1 clocks behind Cloudflare's edge, AWS Time Sync, every 4G/5G base station, and the NYSE matching engine all ultimately trace back to a GPS receiver on a roof somewhere. When a jammer in Kaliningrad denies signal across 400km of European airspace, it isn't only Ryanair that flies blind. Telecom operators report base-station hold-over drifts of 1-3μs after 30 minutes without lock; payment networks lose timestamp ordering guarantees; HFT shops start seeing FIX message sequencing errors.
The industry's polite fiction has been that GPS denial is a war-zone problem. The paper kills that fiction with coordinates. Worse, the method generalizes — the same Doppler-stacking trick works for any RF emitter strong enough to be seen from orbit, which now includes most consumer drone jammers, illegal cell boosters, and the ever-popular truck-driver GPS dongle. The authors note dryly that they have backlog data on roughly 2,400 distinct persistent emitters worldwide they haven't bothered to publish.
Compare this to the state of play five years ago, when the FCC's primary tool for tracking a single jamming pirate radio was a van. The asymmetry has flipped: detection is cheap and scalable, sources are fixed and obvious. The strategic question is whether anyone with authority to act on the data — ITU, national regulators, NATO — actually wants the attribution.
Community reaction on HN split predictably. The top comment (from a former Iridium engineer) points out that complementary PNT — eLoran, STL, ground-based timing distribution — has been "five years away" for fifteen years and that this paper might finally be the embarrassment that funds it. A second thread argues the opposite: that public attribution invites escalation, and the responsible disclosure path was a classified channel. Both miss the practitioner's question: if a $40 SDR and a public arXiv paper can name your jammer, what's your fallback when the jammer doesn't care?
If you operate anything that takes a wall-clock timestamp seriously, audit your time source today. Specifically: does your NTP pool resolve to GPS-disciplined Stratum-1 servers, and what's your holdover spec when those servers lose lock? Chrony's `maxdistance` and `maxjitter` defaults will happily accept a clock that's drifted 100ms — fine for cron, catastrophic for distributed transactions. AWS Time Sync Service publishes a holdover of "better than 1ms over 24 hours" but doesn't tell you which of the underlying receivers are in jamming range of which jurisdictions.
For anything safety- or finance-critical, the answer is layered: PTP (IEEE 1588) over a private fiber path to a redundant atomic source, with GPS as one input among several. Meta's open-source Time Card and the OCP-TAP project ship this as a $500 PCIe card with a chip-scale atomic clock — overkill for most workloads, but the threat model isn't theoretical anymore. If your incident runbook for "GPS goes away across Europe for 6 hours" is a shrug, you have homework.
For the rest of us: pin your Stratum-1 sources to ones with geographic diversity, monitor `ntpq -p` jitter as a first-class SLO, and treat any single time source — including AWS's — as a soft dependency. The 2022 Cloudflare timer bug that took down half the internet for 27 minutes started with one drifted clock. The Kaliningrad jammer drifts thousands at once.
The interesting downstream is regulatory. The ITU has a formal process for jamming complaints that has, charitably, never worked. With public attribution at city-block resolution, individual carriers may start filing under national tort regimes — the Polish CAA has already hinted at it. Expect a wave of complementary-PNT procurement RFPs from European telcos and DSOs through 2026, and a quiet panic in the HFT colos about backup timing. The paper doesn't change the physics of GNSS — it changes who can be blamed, which historically is the part that makes things move.
Related Veritasium video: https://www.youtube.com/watch?v=tz23G_UXCGA
Mildly interesting, and highly likely related. A cluster of 5(?) Ukrainian marine drones wound up today outside and around of Constanta off the coast of Romania with one detonating in the port and the rest detonating... somewhere around. Que here noisy exposion in port:https://youtu.be
TLDR (conclusion from the paper): "By a combination of these techniques the satellite Cosmos 2546 (NORAD ID 45608) was identified with high confidence as one source of the interference. Further analysis pointed to the Russian Edinaya Kosmicheskaya Sistema, an early warning constellation to whic
I wonder why they call this specific discovery “jamming”. What they found is a relatively rare burst transmissions over roughly 5MHz of spectrum of something looking like a 12ms cyclic prefix with spacing related to 150 seconds multiplies. I would suspect it is some sort of sync or data close to L1
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.
Interesting to see that they are able to identify the specific satellite. I wonder if we can do something now that we know the source.Working on construction projects on the Romanian coastline (just South of Ukraine) and on the Polish continental waters (just West of Kaliningrad) we experienced jamm