Yes, it is also illegal to post PHI over pagers, due to HIPAA addendum in 2016.
But 1986 ECPA law forbids decoding pager messages unless they were intended for you.
You do need authorization to buy a transmitter though, at least where I live.
Weird it's regulated, given you can use mobile phones like that (sure, you need coverage).
(And the fact that it’s taking so long to implement link layer authorization, barely a scratch in the security dent…)
The audio quality on the analogue signal is a lot better than the P25 version, which is often harder to understand.
The analog repeater is likely getting a high quality feed from the digital system, and then that's being broadcast at decent power from a tall antenna. It's starting with the best audio the system has to offer, has advantages in how it's broadcast, and degrades more gracefully.
I capture a lot of the P25 traffic in my area and there are times I can understand the dispatcher side of a conversation fine but the other end is too far away / too weak a signal and is unintelligible. The dispatcher's signal is coming from a fixed tower transmitting at higher power than a portable radio can manage.
Haven't read a Wired article in months :-|
And thanks to poster for adding archive link.
Got what they asked for.
And on a related note, for anyone who is interested in listening in on any local P25 transmissions, you can do so in a fairly inexpensive manner, using an RTL-SDR dongle and the Open Source op25[3] software package. No listening to encrypted traffic, but IME, many (maybe most) public safety agencies keep most of their traffic in the clear. More so for fire/ems traffic. Law enforcement is more likely to be encrypted, but even then, I find that many jurisdictions only encrypt a small number of channels, like maybe a dedicated vice/narc squad channel, SWAT team channel, etc. General LE dispatch and tac channels are still in the clear in many areas.
[1]: https://en.wikipedia.org/wiki/Project_25
[2]: https://www.reddit.com/r/tacticalgear/comments/1f4d5dr/psa_p...
And note that since it is an active attack that requires the attacker to transmit, it opens up the possibility of the attacker giving up their own location in turn.
My take is that it's fun to think about, but largely lacking in real world applicability in most situations.
Aaaand now we're all on yet another watch list!
First you need to make darn triple check extra sure that when you deploy it, you won't change it. It is a one-shot switch and whoever gets to your site is stuck with the configuration for days, weeeks, months. And you cannot tell them "my bad, try again".
Then if you have a sensible setup, you would redirect immediately to HTTPS anyway.
Sure, it protects you from some marginal risks (such as you not setting your cookies to secure mode) but then you have other problems and HSTS will bite you when you prod the security settings without a good plan.
its an interesting domain but hard to get solid info on unless you are working on these types of projects or for some MoD somewhere. most info out there on the net is about old tech.
as far as i know preshared keys are common. hard to rekey ofc in case of compromise so likely they have some tricks up their sleeves to make sure if for instance a unit is overtaken by enemy not all coms are compromised by this key in the device. (guesswork here ofc..) dont think much of this stuff uses priv/pub keys and https or vpn like auth schemes etc.
To put it very simply, radios communicate with a central Key Management Facility (KMF) using a special key (UKEK, Unique Key Encryption Key) to securely transport the new key material. There's more to it than that, of course, but these features are heavily used by the feds and also by larger state and local systems -- because manually re-keying each radio is a huge pain.
Allow me to speculate massively. Hiss sounds more like weak signal acquisition. Perhaps in this case, Mitnick was interfering but not defeating encryption.
If there is a clear pattern to it, then that’s either unencrypted framing, or bad encryption. (Think 90’s cable TV ‘scrambling’).
Also a more proper explanation: https://www.youtube.com/watch?v=V4V2bpZlqx8
Of course, P25 systems are still sometimes set up without trunking so in some situations it might work.
Thinking out loud... an RTL-SDR dongle costs like $35.00 or so (well maybe more now due to tariffs, I haven't bought one in a while), plenty of relevant software is open source (GNURadio etc.), drones are cheap, small solar panels are fairly inexpensive. Hmm... I almost think a motivated individual (or small group of individuals) could piece together a rather capable "distributed monitoring/alert" system.
Not that I'm encouraging anyone to do such a thing, of course.
If anything, it's the most basic of "wireless site survey" applications.
FuzzyDunlop has graduated to HissyMarconi in The Wire season 12 :)
Why EU saw fit to buy very expensive proprietary software encryption, when there are open source standards, some of them designed in the EU itself is beyond me. Of course, you still someone to build the hardware and so on.
A5/1 had a similar issue in which the weakness was deliberately added. I have some notes and references on it. Super interesting
https://github.com/alexander-hanel/asm-examples/tree/master/...
tptacek•6mo ago
ronsor•6mo ago
tptacek•6mo ago
colmmacc•6mo ago
It really would be better to hide in the noise of 5G.
buildbot•6mo ago
Now I wonder if you can fingerprint antennas…
dumah•6mo ago
Antennas would be much more difficult and likely moot.
https://arxiv.org/html/2402.06250v1
mindcrime•6mo ago
mystraline•6mo ago
I have a detection on there for the MAC address "00:25:DF:*". That's the MAC OUI prefix for Taser International.
I keep it on while driving, because the badgecams and hardware in cop cars spurts this out regularly. So even unmarked cars show themselves.
Forbo•6mo ago
jasonjayr•6mo ago
For about $700, you can get some pre-made kit to use SDR to do Radio direction finding. IIRC this device uses the same chips as a RTL-SDR, but it uses 4-5 of them, all synchronized and has a signal emitter for calibration, and a nice web ui to report the data.
(I have not used it, but I've been learning about all sorts of neat radio products as I'm dabling and learning about SDR)
nullc•6mo ago
I have one and have found it to be quite easy to hunt down ham repeaters that you can get to transmit more or less non-stop... but relatively hard to use for intermittent transmitters.
I need to see if I can figure out how to plub in my GNSS compass output because inferring orientation from motion requires an awful lot of moving around and is less reliable than I'd like.
genewitch•6mo ago
also the "kraken" may be $700, but there was kerberosdr/hydrasdr which was much cheaper. Furthermore, trunking is usually done within the bandwidth of a typical SDR so it doesn't really obfuscate it as much as one would think. Also i bought one; not to find repeaters, but to find trolls who were using repeaters. I'd monitor the input frequency to the repeater, apparently the same as mitnick would.
there were trunking scanners in the late 90s / early 2000s, as well. my neighbor had one.
nullc•6mo ago
Criminals sophisticated enough to do that are usually not going to get caught regardless, encryption or no and are generally savvy enough to not make themselves a serious threat to public comfort and order.
I don't think its a long reach to say that the public may be better off with more ability to monitor police activity at a cost of being weaker against that kind of criminal.
tptacek•6mo ago
(Having said all that, our muni voted against encrypting radios; we lost 2-1 in a vote with the 2 other munis we share dispatch with).
Unless you're talking about criminals doing traffic analytic RF attacks, in which case, I agree, who cares?
raggi•6mo ago
Both of the systems are crap, when we were evaluating them for nationwide purchase we chose TETRA because of systemic safety features (like local DMO handover modes for public safety use in noisy environments), but when I read their crypto choices I made screwy faces constantly, I wasn't in the slightest bit surprised when this research came out.
I remember at the time some ex signals military folks trying to tell me that the encryption barely matters as the channel selection rate is so high you'd need multi-site intercepts to even make heads of tails of it, sadly they didn't really seem to understand how far SDR and compute has come. The whole experience to this day flavors a lot how I think about military and telco thinking around the whole space, everything touching that boundary feels infected with oldthink.
fc417fc802•6mo ago
I'd guess that's due to the expense of the equipment and all the regulations coupled with the lack of immediate usefulness to a casual hobbyist. Without the sort of vibrant wild west ecosystem that FOSS provides innovation happens much more slowly and most of the participants will be entrenched.
nonameiguess•6mo ago
andrewflnr•6mo ago
bilegeek•6mo ago
https://docs.fcc.gov/public/attachments/DA-19-758A1.pdf
lazide•6mo ago
Now you can’t. For better or worse, eh?
tptacek•6mo ago
The City of Chicago makes decrypted audio available, just on a 30 minute delay. That's a sane compromise, I think.
stevage•6mo ago
jMyles•6mo ago
A 30-minute delay crushes that.
tptacek•6mo ago
mulmen•6mo ago
tptacek•6mo ago
I don't care one way or another, but it's silly to say there's no actual concern there, I think.
mulmen•6mo ago
I'm not saying there's no concern. I'm just not sure if this 30 min delay is as effective as it sounds at first glance. My gut reaction has been wrong enough times in my life that I have gotten in the habit of challenging my own assumptions.
lazide•6mo ago
twojacobtwo•6mo ago
They're not all morons hopped on something. Some are cleverer than you would ever want to know about.
lazide•6mo ago
tptacek•6mo ago
lazide•6mo ago
Notably, when I did a ride along once, the burglary call we responded too, the officer got a call from his Sergeant and they didn’t put anything over the radio until they already cleared the place.
As to if the perps had cleared out already due to some SDR MAC address magic (good call!) I guess we’ll never know. Everyone just assumed it was a false alarm. /s
jMyles•6mo ago
themafia•6mo ago
That's ridiculous. I've seen one police chief give this testimony but I've seen no evidence anywhere or charges levied anywhere showing it has actually occurred and I can't actually parse out the criminal model.
You have to assume that they _absolutely will always_ broadcast the location of burglaries on the radio. They could just not do that. Perhaps they coordinate the arrest using cellphones which is something that happens all the time already. Then your listening in has cost you a person who could otherwise be stealing things and may end up being a highly unreliable indicator of imminent capture. Then you have to be sure you leave early enough and carefully enough that no one, not even a neighbors ring camera, sees you leave the scene or tracks your travel after the crime.
That's not to say I haven't seen "criminals" use them. Street takeovers will monitor traffic to frustrate responding officers. Cannonball run players will monitor traffic to avoid speed traps. I've also used them for skip tracing when trying to find an officer who is also a debtor, ironically, they often think themselves above civil law enforcement and are notoriously hard to collect on.
Anyways, it really seems like a weak dodge from police departments that would rather not be accountable to the public. Chicago is no exception. Delays of communications put control solely in their hands. I can't imagine a worse outcome. It should be a third party non-aligned agency that performs that task and it should take a call from the governor to prevent them from doing it.
lazide•6mo ago
jMyles•6mo ago
Some criminals will (and have, and do), use whatever technology they can to stay ahead of the police. It seems that every time a chop shop is uncovered, regardless of the laundered items, the press feigns amazement at how sophisticated it was.
Sure, plenty of street crime is committed by desperate addicts, but they are often only one link away from a dealer who has access to all the necessary tools to get all the advantage possible.
But...
Is that even really the question?
At some point, the deeper topic for deliberation needs to be:
* Is any society likely to significant stem property (and other!) crime when it has deputized a tiny sliver of itself as being the portion responsible for public safety and law enforcement?
Given the ubiquity of cameras, comms devices, and (at least in the USA), firearms, it seems more practical to conceive a future where we all share this responsibility instead of delegating to a SPOF, and then acting surprised when the Chicago cops are running liquor or the LAPD are dealing crack, and are not at all focused on actual crimes occurring in the community.
boston_clone•6mo ago
Anti-police activists rightly recognize that property is typically insured and easily replaceable, whereas people's lives are not. There is a deluge of evidence to support the notion that random encounters with police can be fatal for black men with no provocation. There is also overwhelming evidence to support the assertion that a disproportionate percentage of cops have abusive and / or racist tendencies.
I'll leave with a poignant quote from the author Jermaine Lamarr Cole - "I came fast like 9-1-1 in White neighborhoods".
tptacek•6mo ago
boston_clone•6mo ago
jMyles•6mo ago
jMyles•6mo ago
I'm not sure there are aggregated data available on this very specific piece of the puzzle, but my anecdata are different than yours (and FWIW, I'm a resident of a historically and currently Black neighborhood).
tptacek•6mo ago
boston_clone•6mo ago
https://naacp.org/issues/race-justice
Remember that Dunning-Kruger cuts both ways.
twojacobtwo•6mo ago
eru•6mo ago
It sounds sane! Though I wonder if like body cams the decrypted channel will have mysterious malfunctions every so often when anything interesting happens?
mulmen•6mo ago
lazide•6mo ago
mulmen•5mo ago
cptskippy•6mo ago
LeoPanthera•6mo ago
They're a public service funded by taxpayer dollars. Knowing what they're doing seems reasonable.
tptacek•6mo ago
boston_clone•6mo ago
Please also remember that law enforcement effectively steals billions of dollars from citizens each year - https://ij.org/press-release/new-report-finds-civil-forfeitu...
hypercube33•6mo ago
One evening we are on AIM chatting and he explains what is going on: noise complaint at a house down the block (kids partying)
He looks the address up and calls them to warn them and sits back to see if they do anything.
sounds like they managed to bail before anyone showed up to the address.
baby_souffle•6mo ago
zdragnar•6mo ago
chillingeffect•6mo ago
zdragnar•6mo ago
radicaldreamer•6mo ago
tptacek•6mo ago
radicaldreamer•6mo ago
defrost•6mo ago
This isn't so much directly evading law enforcement but it's effective as it can easily cause police take actions that cause evidence and cases to be thrown out, raise reasonable doubt, etc.
Depleting resources and diversions are also relatively common, creating a 'fake' public threat or hate crime to investigate bleeds police resources away from ongoing investigations, etc.
The tango between gang squads and organized criminal groups is an ongoing escalating battle. The EncroPhone transcripts revealed a lot.
asdffdasy•6mo ago
MSFT_Edging•6mo ago
https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
lukan•6mo ago
In europe when the police comes to a loud party, they come and tell the people to please be more silent. (And if it is just minor kids, ask for a adult) So if the party dispersed in panic before they even arrive .. problem solved fpr them?
Or does the US police busts loud parties gun blazing in general?
sokoloff•6mo ago
SoftTalker•6mo ago
throw-qqqqq•6mo ago
Nah, but lots of these parties have kids below than 21 (or whatever the legal drinking age is). So they get fined or arrested if caught so they leg it.
A friend attended a Chicago-suburb high school for a year (exchange student). Said he had to run from cops at private parties about a handful of times in that year, and that it was pretty normal in his group.
waltbosz•6mo ago
beambot•6mo ago
Leaving the radios unencrypted merely lends advantage to more-sophisticated bad actors.
LeoPanthera•6mo ago
jMyles•6mo ago
Much more likely is that the opacity of encryption lends advantage to the unsophisticated bad actors (ie, the 'official' ones).
I think most of us, at least in the USA, are far more ready to take our chances with these hypothetical sophisticated bad actors than to reduce the real-time transparency of verified ones.
protocolture•6mo ago
mulmen•6mo ago
netsharc•6mo ago
During the Munich 1972 olympics(1), terrorists took some Israeli athletes hostage, and then this happened:
> Meanwhile, the terrorists learned from radio and television broadcasts that the police were approaching and had planned a rescue operation. The authorities had failed to cut off the terrorists' electricity and remove the press from the Olympic Village.
If they did all that and the terrorists were able to listen to their radio, what's next? Is encryption allowed then? If they could enable it then, why not enable it all the time, "just in case"?
1) https://en.wikipedia.org/wiki/Munich_massacre
mulmen•6mo ago
Teargassed a neighborhood, escalating a protest to violence.
Hit and killed a woman with their car then laughed about it.
> "Yeah, just write a check," Auderer says, chuckling. "$11,000. She was 26 anyway, she had limited value."
Threatened to close the precinct in the largest residential neighborhood in the country if their scope of responsibility was reduced.
Committed voter fraud in an attempt to defeat police reformers.
Participated in an insurrection.
Covered up officer involvement in the January 6th insurrection by refusing to name the officers involved.
They’re not a trustworthy bunch.
netsharc•6mo ago
I think police having encryption is not the biggest worry when living in a corrupt regime...
mulmen•6mo ago
Yes.
tptacek•6mo ago
There's a really pernicious tendency among well-off white collar activists to instrumentalize residents of lower-income neighborhoods, activists who themselves rarely experience crime (because they tend not to live in places where it's a major problem), and project onto those residents a preference for property crime over police intervention. In the main, working class people hate crime.
mulmen•5mo ago
Does that make us both well-off white collar activists?
tptacek•5mo ago
throwawayoldie•6mo ago
HexPhantom•6mo ago