Encryption made for police and military radios may be easily cracked

https://www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/

36•mikece•2h ago

Comments

tptacek•1h ago

The funny thing about this is that my municipality just recently started encrypting their radios at all. And it was controversial! Residents liked being able to listen in to the scanners.

ronsor•57m ago

And now they're going to be unencrypted again, but not by choice!

tptacek•32m ago

No, this story is about TETRA radios, which are used in Europe; I'm in Chicago, on Motorola's STARCOM (P25), which is ostensibly AES (it wouldn't be shocking to find vulnerabilities; in fact shocking not to, but it won't be as crazy as TETRA, which freelanced its entire encryption stack).

colmmacc•26m ago

I listened to your great podcast and the remark along the lines of "unencrypted police comms let the robbers know when the police are getting close" made me wonder if anyone has built a simple signal intensity detector for the encrypted radios. You don't need to hear the contents to know that the radios are closing in on you. I can't imagine police forces practice RF silence like special forces do.

It really would be better to hide in the noise of 5G.

buildbot•12m ago

I’ve long wanted to do this with an SDR and maybe some simple ML, build a dataset by driving by cars/things with frequencies of interest.

Now I wonder if you can fingerprint antennas…

mystraline•9m ago

I have a BT scanner app for my phone. "BLE Radar".

I have a detection on there for the MAC address "00:25:DF:*". That's the MAC OUI prefix for Taser International.

I keep it on while driving, because the badgecams and hardware in cop cars spurts this out regularly. So even unmarked cars show themselves.

nonameiguess•20m ago

I'll never forget 8 years ago someone managed to set off every tornado siren in Dallas for an entire Friday night, apparently because they're controlled by radio and the control signal was not encrypted, so the "hacker" just recorded it during a real alert and then played it back to attack the system.

dist-epoch•58m ago

Is it still illegal in Europe to buy radios with 128 bit encryption?

GauntletWizard•56m ago

It's still illegal to point out that the emperor has no clothes

mystraline•2m ago

Its also illegal to report hospitals that post PHI (protected health information) over POCSAG or FLEX - pager networks. Of course, theres no encryption or anything. The encoding is plain text.

Yes, it is also illegal to post PHI over pagers, due to HIPAA addendum in 2016.

But 1986 ECPA law forbids decoding pager messages unless they were intended for you.

cluckindan•52m ago

As in TETRA? Probably not, as SDRs are widely available anyway, as are scanners capable of decrypting TETRA traffic.

You do need authorization to buy a transmitter though, at least where I live.

dist-epoch•48m ago

I meant like hand-held walkie talkies. But with 128 bit encryption.

Weird it's regulated, given you can use mobile phones like that (sure, you need coverage).

drewnick•52m ago

Note this affects TETRA which is not used in North America. Most US systems use P25 which is not mentioned in the article.

kotaKat•46m ago

Not like there’s not enough problems with P25… until the day they can deploy LLE (link-layer encryption) across all P25 systems, there will always be a way to gather some kind of intelligence about the system and its radio traffic.

(And the fact that it’s taking so long to implement link layer authorization, barely a scratch in the security dent…)

eitland•29m ago

> You’ve read your last free article.

Haven't read a Wired article in months :-|

And thanks to poster for adding archive link.

robterrell•24m ago

Wired is killing it with great reporting this year. Worth subscribing and supporting.

drumhead•12m ago

I mean, in this day and age is it such a bad thing that police and military radio is crackable?

tonetegeatinst•2m ago

I believe TETRA was already vulnerable to being broken based of some research that a group did into the protocol. They showed a proof video but didn't release any technical info or poc due to security fear.

Global fight over who governs communications satellites heats up

Ancient Europeans resisted inequality for 5000 years – Science – AAAS

Not enough sleep? Too much sleep? Does any of this make sense?

Trump demands Intel CEO resignation

Stepanov's biggest blunder in the C++ STL

Politics Aside, Intel Owes Us Answers About Its CEO

Show HN: Subagent Registry for Claude Code

I Built a Free Alternative to ElevenLabs, Now over 10k People Are Using It

Consumers' attitudes toward 3D food printing: A South African context

The Medley Interlisp Project

Asimov, Musk and the replacement of humans by robots

Sandia Develops Time-Free Two-Factor Authentication

NASA shakes up program for ISS replacement

The joy of building a bytecode VM from scratch

AI, Healthcare, and Labubu Became the American Economy

Writing Your Own Simple Tab-Completions for Bash and Zsh

We moved off Nginx to our own product to front our services

Back End FinOps: Engineering Cost-Efficient Microservices in the Cloud – InfoQ

My Journey from macOS to Arch Linux with Omarchy

Interesting to see Cursor on GPT5 release

Why OpenAI open-sourced models?

After using ChatGPT, man swaps his salt for sodium bromide–and suffers psychosis

Ask HN: Wywd with a 256gb/40c 300tb/month server?

Show HN: Remotext.co – a minimalist, text-only remote jobs board

What makes Israel's starvation of Gaza stand apart

Quantifying the algorithmic improvement from reasoning models

Show HN: LogSentinelAI: Declarative LLM-Based AI Log Analyzer

Show HN: Built an AI companion with persistent memory and mood model

Show HN: I made a Chrome extension for doing LeetCode with spaced repetition