Daniel sent us this one — he's asking about the open source intelligence community that tracks flight movements and military activity, and specifically how electronic warfare shows up in publicly available data. The obvious case is GPS jamming, which civilians notice because their phones and cars lose signal. But what are the other ways OSINT operatives detect electronic warfare? What clues can you pull from open signals about the outbreak of war or specific tactics being used? There's a lot to unpack here.
There really is. And the starting point has to be that electronic warfare is not one thing. It's a whole family of techniques, and different techniques leave different fingerprints in open source data. GPS jamming is the one everyone knows because it affects civilian life directly — your ride share app glitches, your smart watch loses track, flights get rerouted. But that's just the tip of the iceberg.
The tip of the jamming iceberg. Which I assume is a very angry, very lost iceberg.
So let's start with what most people don't realize — GPS jamming is almost never just GPS jamming. When a military force is jamming GPS, they're typically operating across a broader electromagnetic spectrum. And those emissions leak into adjacent frequency bands, create harmonics, show up as noise where noise shouldn't be. The OSINT community has gotten very good at spotting these secondary effects.
You're not looking at the jammed signal itself. You're looking at what else breaks.
During the Iran-Israel exchanges, OSINT analysts noticed that amateur radio operators across the eastern Mediterranean were reporting unusual interference on bands that should have been quiet — the four hundred megahertz range, the one point two gigahertz range. They correlated those interference patterns with known military movements. That's not GPS, that's just electromagnetic noise. But it's noise with a signature.
Noise with a signature. Sounds like my approach to music.
You don't play music.
Which makes all of it noise with a signature. But go on.
Alright, so beyond incidental interference, there's a much more direct method OSINT trackers use called ADS-B — Automatic Dependent Surveillance-Broadcast. Every commercial aircraft and most military aircraft, when they're not trying to hide, broadcast their position, altitude, speed, and heading on ten ninety megahertz. It's unencrypted. Anyone with a thirty dollar receiver can pick it up. Sites like Flightradar24 and ADS-B Exchange aggregate this data.
This is the flight tracking the prompt is talking about.
But here's where electronic warfare gets interesting. When an aircraft enters an area with active jamming, its ADS-B transmissions can go haywire — aircraft suddenly jumping positions, teleporting across the map, broadcasting impossible flight paths. Sometimes the aircraft disappears entirely for a few minutes and then reappears somewhere it couldn't physically be.
The absence of data becomes data.
That's the whole game. If a region that normally has dense civilian air traffic suddenly goes dark on all tracking platforms simultaneously, and there's no weather event or technical outage announcement, that's a signal. Something is broadcasting enough power in that frequency range to overwhelm civilian receivers. And you can map the edges of the jamming zone by watching where aircraft pop back onto tracking — you get a contour map of the effective radius. During the early phases of the Russia-Ukraine war, OSINT accounts were doing exactly this, mapping boundaries and cross-referencing with known electronic warfare units to build a real-time picture of where ground-based jamming systems were active.
The prompt also asks about clues you can determine about the outbreak of war. If you see jamming contours suddenly expanding or shifting toward a border, that's not a drill.
Right, and it's even more specific than that. Different electronic warfare systems have different signatures. A Russian Krasukha system operates differently from a Borisoglebsk system — different frequency ranges, power levels, modulation patterns. Experienced analysts can sometimes identify the specific system by how it affects surrounding signals. It's like identifying a car by its exhaust note.
Identifying a jammer by what it breaks. The automotive equivalent of diagnosing a transmission problem by what's leaking onto your driveway.
That's a perfect analogy. And it gets more sophisticated. There's a technique called signals intelligence — SIGINT — that used to be purely the domain of government agencies with billion dollar budgets. But the barrier to entry has dropped dramatically. You can buy a software-defined radio for a few hundred dollars, connect it to a laptop, and run open source analysis software. The community shares techniques on forums and Discord servers.
What are they actually looking at on those waterfall displays?
First, power spectral density — is there a spike where there shouldn't be one? Second, modulation characteristics — is the signal using frequency hopping spread spectrum, a hallmark of military communications and jamming? Third, timing patterns — some jammers pulse in specific rhythms that correspond to known systems. Fourth, direction finding — if you have multiple receivers in different locations, you can triangulate the source.
The OSINT community is doing this with multiple receivers?
There are distributed networks of volunteers who host receivers and share data — a crowdsourced version of what the NSA does. The KiwiSDR network lets anyone tune into a receiver hosted somewhere else in the world. During the Iran-Israel conflict, people in Europe were tuning into receivers in Cyprus and Turkey, spotting unusual signals, and posting findings in real time.
We've got GPS jamming, ADS-B anomalies, radio spectrum analysis. What about the other direction — not what's being jammed, but what's being listened to?
That's the flip side, and it's equally important. Electronic warfare includes electronic support measures — ESM — which is basically listening to the enemy's emissions. Every radar system has a fingerprint: the pulse repetition frequency, the carrier frequency, the modulation type, the scan pattern. When a ground-based air defense radar activates, it broadcasts. And those broadcasts can be picked up by satellites, by aircraft, and increasingly by civilian hobbyists with the right equipment.
If you see a particular radar signature light up that hasn't been active before, that's a clue.
A massive clue. During the lead-up to the Iran-Israel strikes, OSINT analysts detected the activation of specific Iranian air defense radars that had been dormant. The radar type tells you what kind of threat they're expecting. A long-range early warning radar activating suggests they're anticipating incoming aircraft or missiles. A fire control radar activating suggests they're preparing to engage a specific target.
The radar itself is saying, essentially, I am a specific model built by a specific country, deployed in a specific location, and I am now awake.
And here's where it gets really interesting for detecting the outbreak of war. There's a concept called electronic order of battle — the map of who has what emitters, where they are, and what their normal activity patterns look like. When that pattern changes — when emitters go silent, when new emitters appear, when frequencies change — that's often the earliest warning of impending action.
Because you can camouflage a tank. You can't camouflage a radar transmission.
You can try, but it's extremely difficult. Low probability of intercept radar exists, but it's more like whispering instead of shouting. A good analyst with a sensitive receiver can still hear the whisper.
Let's talk about satellites. The prompt mentions flight radar and websites, but some of the most interesting OSINT work on electronic warfare comes from above, doesn't it?
Synthetic aperture radar satellites are a game changer. SAR can see through clouds, through smoke, and at night. What's relevant to electronic warfare is that SAR satellites are essentially flying radar receivers. Some can detect ground-based radar emissions. And the data from commercial SAR satellites is increasingly available to the public.
Meaning anyone with a credit card can buy imagery that used to require a spy agency.
Not just imagery. Some providers sell raw signal data. Capella Space, ICEYE, Umbra — these companies operate constellations of SAR satellites, and their products have been used extensively by OSINT analysts. During the Iran-Israel war, analysts were purchasing SAR imagery over Iranian military facilities within hours of strikes, looking for evidence of electronic warfare systems that had been moved or activated.
The resolution on these commercial satellites now?
Capella's latest satellites can do twenty-five centimeter resolution in spotlight mode. That's detailed enough to identify specific vehicle types. You can see a jamming truck parked next to a radar installation, whether the antenna is deployed or stowed, scorch marks from a strike.
Twenty-five centimeters from space, sold commercially. The world has changed.
It really has. And SAR has another use — it can detect changes in the physical environment caused by electronic warfare effects. If GPS jamming forces aircraft to fly different routes, you see new flight patterns in ADS-B data. If communications jamming forces units to use different tactics, you might see changes in their physical deployment patterns in SAR imagery.
You're looking at knock-on effect again. Not the jamming itself, but what the jamming forces the other side to do.
This is where OSINT becomes almost like detective work. You're building a theory based on indirect evidence. The aircraft that suddenly changed course. The radar that went silent. The satellite phone call that got dropped. The ship that turned off its transponder. None of these alone proves anything. Together, they paint a picture.
Speaking of ships — the maritime side of this is enormous and I don't think most people think about it.
It's huge. The automatic identification system — AIS — is the maritime equivalent of ADS-B. Ships broadcast their identity, position, course, speed, and destination. It's required for most commercial vessels and visible to anyone with a receiver or a subscription to a tracking service.
Just like ADS-B, it can be spoofed, jammed, or turned off.
And the OSINT community watches all three. When ships go dark, sometimes it's legitimate, like avoiding piracy. Sometimes it's sanctions evasion. And sometimes it's military activity. During the Iran-Israel conflict, vessels associated with Iranian oil exports went dark in the Persian Gulf, then reappeared days later with different cargo. But electronic warfare can also target AIS directly. AIS spoofing is a known technique — you can broadcast false signals that create phantom ships or make real ships appear to be somewhere they aren't. In twenty nineteen, ships in the Black Sea appeared to be sailing in circles, which turned out to be GPS spoofing affecting their navigation systems, which then fed bad position data into their AIS transmitters.
Electronic warfare creating literal ghosts on the tracking screens.
It's been used in actual conflicts. During the Russia-Ukraine war, there were instances of AIS spoofing around the Black Sea that created phantom vessels near critical infrastructure, likely to create confusion or test response times.
You've got GPS jamming, ADS-B anomalies, radio spectrum monitoring, radar emission tracking, satellite imagery, and maritime AIS analysis. Are there other domains?
Communications interception is a big one. When a military force is preparing for operations, their communications patterns change — the volume of transmissions increases, encrypted traffic spikes. Even if you can't decrypt the content, the metadata — the who, when, where, and how much — is enormously revealing. During the lead-up to major operations, you often see a communications spike — a sudden surge in encrypted traffic followed by radio silence. That pattern has preceded military action in conflict after conflict.
Radio silence itself being a signal.
The absence of signal is a signal. It's one of the oldest principles in signals intelligence. When an entire military district goes quiet — no radar emissions, no radio traffic — that's not a technical fault. That's someone turning everything off for a reason.
Let's go deeper on something the prompt specifically asks about — clues about the outbreak of war. What does the electronic warfare prelude to conflict actually look like in open source data?
There's a pattern observed in multiple conflicts now. Phase one is testing. You see brief, localized GPS disruptions lasting minutes or hours. They might be attributed to technical issues or weather, but OSINT analysts notice they're happening near military facilities or borders, not randomly.
Testing the jammers. Making sure they work.
Phase two is what's sometimes called shaping operations. You start seeing more persistent jamming along specific axes. ADS-B tracking gaps become larger and longer lasting. Civilian communications experience unexplained interference. Satellite phone calls drop more frequently. This can go on for days or weeks.
Phase three is the full-spectrum activation that typically happens in the hours immediately before kinetic operations begin. Every jammer comes online. Radar emissions spike as air defense systems go to full readiness. Communications shift to wartime modes. The electromagnetic environment completely transforms, and it's visible across dozens of open source data feeds simultaneously.
Has the OSINT community gotten good at spotting the transition from phase two to phase three?
There are now automated systems that monitor multiple data feeds and flag anomalies. The challenge is that phase two can last a long time, and not every phase two leads to phase three. You get false alarms. But the track record is improving.
False alarms meaning you think war is about to break out and it doesn't.
Or a specific operation is imminent and it gets delayed or canceled. Electronic warfare preparation doesn't always mean kinetic action follows. It could be an exercise, a feint, a deterrence signal. The raw data tells you something is happening. It doesn't tell you why.
Which is where the human analyst comes in — the OSINT operative who understands the political context, the military doctrine, the historical patterns.
The best OSINT analysts are not just technically proficient. They're subject matter experts. They know that a particular Russian electronic warfare brigade only deploys in a certain configuration before offensive operations. They know that Iranian air defense radars follow a specific activation sequence when preparing for a real engagement versus an exercise. That contextual knowledge is what separates signal from noise.
Let's talk about some less well-known techniques. What about communications jamming that targets specific systems?
Satellite communications jamming is a big one. Military forces increasingly rely on commercial satellite communications — Starlink, Inmarsat, Iridium. When those signals are jammed, it can be detected. Starlink terminals report signal quality data back to the constellation. That data isn't fully public, but outages and degradation in specific geographic areas sometimes become visible through user reports and network monitoring.
During the Iran-Israel war, were there Starlink disruptions?
There were reports of degraded service in certain areas, though specifics were often murky. What was more visible was the effect on civilian satellite communications more broadly. Satellite phone networks experienced unusual congestion and dropped calls in patterns suggesting localized jamming rather than network overload. OSINT analysts correlated these with known military movements.
What about cellular networks? Everyone's walking around with a phone that's essentially a radio receiver.
Cellular jamming is definitely part of the toolkit, and it's visible in interesting ways. Network monitoring tools like OpenSignal and Ookla's Speedtest aggregate data from millions of phones. When a geographic area shows a sudden, simultaneous degradation across all carriers that can't be explained by a tower outage, that's suspicious. During the early days of the Russia-Ukraine war, you could see cellular service dropping in specific areas of eastern Ukraine hours before ground forces moved in.
Your phone's speed test becomes an unintentional electronic warfare sensor.
The OSINT community calls this crowdsourced SIGINT, and it's genuinely transformative. Billions of sensors walking around in people's pockets, constantly measuring signal strength, latency, packet loss. When aggregated and analyzed, it produces a real-time map of the electromagnetic environment that no government agency could replicate on its own.
Though I imagine governments are quite interested in that data.
There was a Reuters report about intelligence agencies purchasing access to commercial cellular network data for exactly this purpose. Why build your own sensor network when the entire global population is already carrying one?
The panopticon, but make it convenient.
That's the twenty-first century in four words.
Alright, let's pivot to something the prompt hints at but doesn't state directly — the countermeasures. If electronic warfare is visible in all these ways, what are militaries doing to hide it?
This is the cat and mouse game that defines modern electronic warfare. On the hiding side, you've got low probability of intercept techniques — spreading signals across wide frequency bands, using very low power, hopping frequencies thousands of times per second. You've got decoys and simulators that create false emitters to confuse analysts. You've got emissions control, where forces simply don't radiate until the last possible moment.
On the detection side?
Machine learning is changing everything. The volume of data from all these open sources is far too large for humans to monitor manually. Automated systems can watch thousands of data feeds simultaneously, flag anomalies, and correlate across different sources. An ADS-B gap plus a cellular disruption plus a satellite phone outage in the same geographic area at the same time — a human might miss the connection. A machine doesn't.
Are there open source machine learning tools for this?
The OSINT community has developed a variety of tools for anomaly detection in ADS-B data, AIS data, and radio spectrum recordings. Some are published on GitHub. It's an arms race — as detection gets better, evasion gets better, and detection has to improve again.
The electronic warfare equivalent of ad blocking and ad blocking detection.
And it plays out in real time during conflicts. When a new jamming technique appears, the OSINT community works to characterize it and develop detection methods. The cycle time is now measured in days, not years.
Let's get concrete about the Iran-Israel conflict, since that's what the prompt references. What specific electronic warfare signatures did OSINT analysts observe?
One was widespread GPS disruption across the Middle East that affected civilian aviation. Flight tracking data showed aircraft experiencing navigation system degradation along specific corridors. The disruption was attributed to Israeli electronic warfare operations, though attribution in this space is always somewhat uncertain.
Because you're seeing the effect, not the source.
You know jamming is happening. You don't necessarily know who's doing it. Multiple actors in the region have sophisticated capabilities — Israel, Iran, Russia, the United States. Attribution requires correlating jamming patterns with known system signatures and other intelligence.
What else did they see?
There was a significant increase in radar emissions from Iranian air defense systems in the days leading up to Israeli strikes. OSINT analysts monitoring satellite data and ground-based receivers detected the activation of Russian-made S three hundred and indigenous Iranian systems. The pattern suggested Iran was preparing for a multi-axis air defense operation.
That was visible to anyone paying attention.
To anyone with the right tools and knowledge. The raw data was public. The interpretation required expertise. But the barrier to entry for the raw data is astonishingly low. A motivated hobbyist with a few hundred dollars of equipment can detect and track military radar emissions. That would have been science fiction thirty years ago.
Thirty years ago it would have been a career at the NSA.
Now it's a weekend project. Which raises interesting questions about the democratization of intelligence. On one hand, more transparency about military activity is probably good for accountability and conflict prevention. On the other hand, you now have thousands of amateur analysts publishing real-time intelligence about military operations, sometimes getting things wrong, sometimes revealing information that could affect ongoing operations.
The prompt's author works in AI and tech comms — I suspect he's thinking about this tension. The open source community provides incredible situational awareness, but it also creates noise and potential misinformation.
And electronic warfare is particularly susceptible to misinterpretation because most of what you're seeing is indirect effects. You see the GPS disruption, but you don't see the jammer. You see the radar emission, but you don't know if it's a real system or a decoy. You see the communications spike, but you don't know what's being communicated. The gap between observation and conclusion is wide, and it's easy to fall into it.
Let's talk about decoys specifically. That's a fascinating subcategory.
Electronic decoys are a huge part of modern electronic warfare. A decoy emitter broadcasts signals that mimic a real radar or communications system to confuse the enemy's electronic order of battle. During the Iran-Israel conflict, there were OSINT observations of what appeared to be decoy radar emissions — signals that looked like real air defense radars but were operating from locations that didn't match known military installations.
How do you tell a decoy from the real thing?
It's hard. Sometimes you can't. Analysts look for subtle inconsistencies — slightly wrong modulation parameters, transmitter locations that don't make tactical sense, signals that appear and disappear without the normal operational patterns of a real system. But good decoys are designed to be indistinguishable. It's an area where OSINT has real limitations.
Because you're trying to analyze a deception operation using only the signals the deceiver wants you to see.
It's the OSINT equivalent of trying to spot a magician's trick from the audience. You know you're being deceived, but you can't quite see how.
What about the space domain? We talked about SAR satellites, but what about electronic warfare directed at satellites themselves?
Satellite jamming and spoofing is a growing concern. Uplink jamming targets the satellite's receivers, preventing it from receiving commands. Downlink jamming targets the satellite's transmitters, preventing ground stations from receiving signals. Both leave traces. Satellite operators notice anomalous noise levels, loss of telemetry, signal degradation. Some of this becomes public through operator statements, regulatory filings, or industry reports. The OSINT community monitors these channels.
GPS satellites themselves — we've talked about GPS jamming on the ground, but what about attacks on the space segment?
Jamming GPS satellites directly from the ground is difficult because the satellites are far away and the signals are relatively weak by the time they reach Earth. It's much easier to jam GPS receivers on the ground. But spoofing is a different story. GPS spoofing involves broadcasting fake GPS signals stronger than the real ones, tricking receivers into calculating incorrect positions. This has been observed extensively in open source data.
The classic case being ships in the Black Sea appearing to be at airports.
That was the twenty seventeen case. Ships near the Russian Black Sea coast were showing their positions as being at Gelendzhik Airport, about thirty-two kilometers inland. The spoofing was so powerful it affected multiple vessels simultaneously. OSINT analysts mapped the spoofing zone and correlated it with known Russian electronic warfare facilities.
This is visible to anyone with access to AIS data.
Or anyone with a GPS receiver in the affected area. Reports came from civilian sailors, commercial pilots, people on the ground. The aggregation of those reports by the OSINT community created a detailed map of where and when the spoofing was occurring.
Let's go back to something you mentioned earlier — the electronic order of battle. How does an OSINT analyst actually build that picture?
It's a painstaking process. You start with open source imagery — satellite photos, social media posts, news reports — to identify military installations and the equipment present. Then you monitor radio spectrum for emissions that match known systems. You cross-reference with ADS-B and AIS data to track associated aircraft and ships. You monitor procurement databases, defense industry publications, government budget documents. Over time, you build a database of who has what, where it is, and what its normal activity pattern looks like.
It's not just signal analysis. It's document research, image analysis, pattern recognition.
OSINT is fundamentally a multidisciplinary discipline. The best practitioners combine technical skills with research skills and subject matter expertise. And the community is remarkably collaborative. People specialize — one person is an expert on Russian air defense radars, another on Chinese naval communications, another on Iranian drone guidance systems. They share findings and build on each other's work.
It sounds like an academic discipline that accidentally became crucial to national security.
That's not far off. And it's created some interesting tensions. Governments are ambivalent about the OSINT community. On one hand, open source analysis often supports official narratives and provides useful intelligence. On the other hand, it sometimes contradicts official narratives or reveals information that governments would prefer to keep quiet.
Has there been pushback? Attempts to restrict OSINT work?
There have been cases. Some countries have tried to restrict the publication of military flight tracking data. Some platforms have been pressured to remove certain types of imagery. But the genie is out of the bottle. The data sources are too numerous, the community is too distributed, and the tools are too accessible. You can't put this back in the box.
Which brings us to the future. Where is this heading?
A few trends. First, the sensor network is getting denser — more satellites, more ground receivers, more connected devices. The amount of data available for OSINT analysis is growing exponentially. Second, the analysis tools are getting more sophisticated. Machine learning is making it possible to process and correlate data at scales that were previously impossible. Third, electronic warfare itself is becoming more pervasive. It's no longer a niche military specialty — it's a fundamental part of how modern conflicts are fought.
The OSINT community is keeping pace?
The community has shown remarkable adaptability. When a new electronic warfare technique appears, someone figures out how to detect it within days or weeks. When a new data source becomes available, someone builds a tool to monitor it. The pace of innovation rivals anything happening in government intelligence agencies.
Though presumably with fewer resources.
Fewer resources, but also fewer constraints. Government agencies have classification restrictions, bureaucratic processes, legal limitations. The OSINT community has none of that. If someone figures out a new technique on Tuesday, they can publish it on Wednesday, and the whole community can be using it by Friday. That speed is a genuine advantage.
Let's address one more angle from the prompt — what clues can be determined about tactics from observed signals? Can you give a concrete example?
During the early phase of the Russia-Ukraine war, OSINT analysts noticed that Russian electronic warfare units were operating in specific patterns that revealed their tactical doctrine. The jamming would start on certain frequencies, then expand to others. The geographic coverage would shift in predictable ways. By analyzing these patterns, analysts could infer things about Russian command and control structures, about how electronic warfare was integrated with ground operations, about which units were coordinating with which other units.
You're not just seeing that jamming is happening. You're seeing how it's happening, and that tells you something about the organization behind it.
Tactics leave signatures. The sequence in which frequencies are jammed, the timing of jamming pulses, the geographic progression of coverage — all of these reflect decisions made by commanders following specific doctrines. A well-trained analyst can read those signatures like a language.
The grammar of electronic warfare.
That's a beautiful way to put it. And like any language, it has dialects. Russian electronic warfare has different patterns from Chinese, which is different from American or Israeli. Learning those dialects is a big part of what OSINT analysts do.
As we wrap up — if someone wanted to start paying attention to this space, where would they even begin?
ADS-B Exchange is probably the most accessible entry point. It's free, it's real time, and military aircraft are often visible on it. From there, you can branch into radio spectrum monitoring with a software-defined radio, which costs maybe two hundred dollars to get started. There are active communities on platforms like social media and Discord where people share findings and help newcomers learn. The learning curve is steep but not insurmountable.
The prompt's author, working in tech and AI — I suspect he already has the technical foundation.
He probably does. The jump from understanding data pipelines to understanding signal processing is not that large. And the OSINT community is remarkably welcoming to people with technical skills.
Before we close out — Hilbert's daily fun fact.
Now: Hilbert's daily fun fact.
Hilbert: In the eighteen teens, Slovene developed a grammatical feature called the dual number, used specifically for counting exactly two of something. If Madagascar's entire population of roughly thirty million people spoke Slovene and formed pairs, you would need fifteen million dual forms just to describe them all.
The dual number would be the most efficient way to describe a country that doesn't speak the language.
I think that's what he's saying.
To close this out — the thing I keep coming back to is how much the landscape has changed in just a decade. Electronic warfare used to be invisible to the public. Now it's something you can watch unfold in real time from your living room, if you know where to look. The implications for journalism, for accountability, for public understanding of conflict are profound and we're still figuring them out.
The prompt's core question — how is electronic warfare visible beyond GPS — has a clear answer. It's visible in flight tracking gaps, in radar emissions, in radio interference, in satellite imagery, in cellular disruptions, in maritime tracking anomalies. The electromagnetic spectrum is full of fingerprints. You just need to know how to look.
This has been My Weird Prompts. Thanks to our producer Hilbert Flumingtop. If you enjoyed this episode, leave us a review wherever you get your podcasts — it helps. We'll be back soon.
