Slashdot Mirror
The Numbers Stations Analyzed, Discussed
GMontag wrote to mention a Washington Post article about the always-intriguing 'number' radio broadcasts. The numbers stations, as they are known, are 'hiding in plain sight' spycraft. Random digits broadcast at little-used frequencies are known to be intelligence agencies broadcasting their secrets in encrypted form. The Post article gives a nice run-down on the truth behind the transmissions, and touches a bit on the odd community that has grown fascinated by them. From the article: "On 6840 kHz, you may hear a voice reading groups of letters. That's a station nicknamed 'E10,' thought to be Israel's Mossad intelligence. Chris Smolinski runs SpyNumbers.com and the 'Spooks' e-mail list, where 'number stations' hobbyists log hundreds of shortwave messages transmitted every month. 'It's like a puzzle. They're mystery stations,' explained Smolinski, who has tracked the spy broadcasts for 30 years."
This article made me recall a great All Things Considered story from a few years back about Akin Fernandez's 'Numbers' CD, a CD compilation of some of the most interesting strings of randomly read numbers reaching out across the airwaves.
1258965
1258965
1258965
"Da ist ein Technölüst in mein Unterpanten!"
It was discussed on slash previously in the following article:
Numbers Stations Move From Shortwave To VoIP.
liqbase
If you have a cheap short wave radio, even a "radio shack" one, you can pick up voice audio coded messages to spies that the CIA sends to agents. You will only find them by pure chance, but I have managed to find them and record them but I would say that for every 6 or 8 months of listening to short wave radio I will hear only 1 of these broadcasts. It's usually the same female voice. It's great fun when you find one, you feel like you hit the lottery.
There was a BBC radio programme about this a few months ago:
e -poacher/
http://jamesholden.net/2005/04/23/the-lincolnshir
Like tinyurl, but one letter less! http://qurl.co.uk/
Actually no, it's spies reading the content of a suspicious #chatzone IRC log file, only they don't quite get it. See for example this transcript:
C0016UY: 1337641: 69?
1337641: 637 1057!
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
So the little voices I been hearing is from the spooks instead of the green little men. Maybe I been watching too much X-Files.
As an avid Shortwave fan, there are less and less clear stations broadcasting to NA, as more and more world service broadcasts move to the Internet. (YEAH I'm talking about you BBC) I wonder how long until the only people who own shortwave radios are spies? Although propaganda stations are well worth the price of the radio. Listen to Cuba's hour loop of things we blame on the US today, and keep a straight face, I dare you.
The "numbers" stations only exist to confuse people. On Wednesdays, we have "beer" day, where you are entitled to a beer from the cooler if the number 12725 comes out.
So we had one day, last year, where somebody (I think it was the Chinese) hacked our main server, and made it broadcast 12725 continuously all day. So there we were, plastered out of our mind, when 270 Lbs of fissionable material was stolen from our floor. The investigation is due to be completed sometime around 2021 - we don't talk about that very much.
Anyway, here's the source code: Information wants to be free!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
I remember when I was 12 or so and heard one of these for the first time. A woman reading numbers in Spanish. Damned if I didn't feel like James Bond sitting there listening to it. I still have that radio, too. Too bad it doesn't pick up anything besides evangelical stations now. Yes, technology has advanced and the world has moved on. So have I. I accept that. But there was a certain thrill of finding that clandestine guerrilla propaganda station that just can't be replaced with web surfing.
With these stations becoming so popular, isn't it time to sell ads? After all, spy agencies can always use the extra cash, and the people who listen to these things probably constitute a solid geek demographic.
... why do I feel like I've missed a step there?
Or worse:
1) Create personal numbers station with especially intriguing sequences to draw audience
2) Sell ads on your personal number station
3) Profit!
four eight fifteen sixteen twentythree fortytwo
Search your logs like the web: splunk!
You can download the mp3's for free: http://irdial.hyperreal.org/the%20conet%20project/
It's quite likely they're broadcasting from here Google Satellite
That's Ayios Nikolaos. Supposedly part of the Echelon network. If you look to the north of the building, there's a large mast that might easily be a short-wave antenna.
You're a spy. You're sent in to infiltrate a terrorist organization in some self sustaining desert town full of impoverished potential recruits for the terrorist organization. Shortwave is a common technology amongst these kinds of towns. Radios have been around for over 100 years now I believe (if not almost 100 years). Your laptop, PDA, or other fancy high tech equipment is going to give you away.
I'm god, but it's a bit of a drag really...
Great, now we have to post this every 108 minutes.
shouldn't it be fairly straightforward to locate the origin of these transmissions?
Yes. Automatic radio direction finding is common and was often used in the cold war. The spectrum is constantly monitored and when a new broadcast pops up, it is automaticaly DF'ed and logged. When several DF sites pickup the same broadcast, triangulation to the source is a simple task.
Here is what a typical DF site looks like. Both the US and Russia have them.
http://www1.shore.net/~mfoster/FLA_Wullen.htm
The truth shall set you free!
If you are in the US military and go to the language school in Monterey, a big portion of your "lab" training is learning how to transcribe groups of numbers read in your target language. It's a big part of your "grade" in your coursework.
Now, it's hard to say if the US transmits numbers, but it's pretty clear that there appears to be some intelligence value in teaching the electronic warfare people how to listen to streams of numbers in other languages.
It's probably a great way to send one-way messages to the field. A simple AM radio can be modified work in different frequencies. With that and a normal-looking one-time-pad code book can go a long way to providing secure communication that is inconspicuous.
So, the CIA might not do it, but other countries and services probably do.
For those of you who like this sort of thing, check out 202-386-6909 and http://code-cracker.cerbumi.org. This is a test project that I developed for Cerbumi.org, a new and entirely non-commercial (no ads, fees, etc) website designed to help with real-world problem solving. (Think of it as a "Sourceforge.net" for projects like the "Open Prosthetics Project.") The first person to solve the puzzle and post the answer to the code-breaker project can choose where the Cerbumi.org team will make a $100 donation on their behalf.
:)
If this sounds like fun, please consider signing up for the Cerbumi.org site at http://public.cerbumi.org/goons (a "secret back door for a site that normally requires registration) and try to crack the code. Also, please consider checking out the main planning project at http://cerbumi.cerbumi.org and our Flash-based demo at http://cerbumi.org/flash. I'd love to hear your thoughts, too... just reply.
the main reason they still use short wave is the that some of "short wave" isn't so short... the frequencies that they use are the ones that carry long distances so that the origin of broadcast can be very far away from the agent. Also, the devices required to listen to particular frequencies can be made very small so that agents in difficult places can hide the devices. Finally and most importantly, the broadcast voice of the coded messages is distinctly American. Maybe another country could use the voice with an American accent but I don't see why it would be necessary. I think that the agency has faith in the quality of the method used to code the message. Voice messages were used throughout WWII without any enemy getting anywhere near breaking the codes.
Computer data requires equipment to receive and decode, even if it just a laptop. Short wave requires only a receiver that can be made almost arbitrarily small and can therefore be ditched or hidden in an emergency.
A quantum computer is useless against a message encrypted with a properly constructed one-time pad.
Mea navis aericumbens anguillis abundat
Yankee
Hotel
Foxtrot
No.
Decrypting one-time pads isn't hard because there isn't enough compute power to throw at it. It's hard because it can't be broken, no matter what you do to it. Given a message to decrypt, the best an enemy cryptanalyst can do is random chance. There are better ways of compromising secrets.
This is a well-established result in encryption and there is no point in arguing about it. The only time one-time pad encryption has ever been broken was when the agents misused their one-time pads. The Venona decrypts are a good example of this.
(Wow! First time I've ever linked to the NSA!)
...laura
You're correct, but just in the interests of preventing confusion, the idea of what was a "long wave" in the early 20th century was very different from what an electrical engineer might think of today. What are today rather low frequencies for radio communication were at the time rather high, hence the term 'short waves.' The preferred frequencies for communication at the time are now barely used by anyone, with the possible exception of naval communication with submarines and the like. Their data-carrying capacity is just too low, and the antennas they require are obnoxiously large.
Of course, by calling things in the 1-30 MHz range "high frequency," those engineers forced us to use such terms as "very high frequency," and "ultra high frequency" when equipment finally became capable of transmitting at those wavelengths.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
A translation for the weak of leet:
A fine, upstanding gentleman: Dearest, skilled lady... wouldst thou join me in mine bedchambers for some chaste frolicking?
Skilled lady: Alas! No, I must not! For thou art neither truly updstanding, nor the gentleman thou claim'st to be. Now, leav'st me be posthaste!
That green slime had it coming.
>This is a well-established result in encryption and there is no point in arguing about it. The only time one-time
> pad encryption has ever been broken was when the agents misused their one-time pads. The Venona decrypts are a good example of this.
Yep, that's the more fascinating part - who is generating the pads, HOW are they being generated and distributed? This has been going on for soooo long it's hard to believe that someone hasn't broken it from that end.
Al
1 in 4 Maine children in struggle with hunger.
That's actually spammer's trying to mess with any bayesian filtering you have so that more of their viagra ads get through.
I've seen an article on it, here or on digg.
-Interesting.
John Walsh once found me while looking for some other kid. He was not amused.
You can find more at Wikipedia's article on hardware random number generators:
The World Wide Web is dying. Soon, we shall have only the Internet.
I am a habitual NPR listener, but everyone I know finds it slow, uninteresting, easily dismissed radio. I try to expose them to intriguing news material that's delivered spin free and very palatable, but have not yet impressed a single person. It's times like these that I just shake my head and sigh.
"a great All Things Considered story from a few years back about Akin Fernandez's 'Numbers' CD, a CD compilation of some of the most interesting strings of randomly read numbers"
Interesting... random numbers... Ok, so my friends were right.
You want your one-time pads to be very, very secret; that's why you can spread the actual cryptotext anywhere and not have to worry about a thing. If it were as simple as comparing one numbers station to another, any intelligence agency with a few computers to throw at the problem could check the numbers against each other and look for meaningful messages. While you might think that's oh-so-slightly unlikely, is it something you're willing to bet your security as an intelligence agency on?
The World Wide Web is dying. Soon, we shall have only the Internet.
Er, afford a one-time pad? All you need to do is cat /dev/random, or if you're without a computer, spend an hour or two rolling polyhedral dice. Make two copies of your set of random numbers.
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
I listened to some of those recordings and they were clearly the leaders transmitted by commercial stations, to indicate where the real transmission is. Over the course of the day, shortwave stations move to different frequencies, that are better propagated by the ionosphere.
When a station moves to a new frequency, they continue to play a unique identifier tune and read out the frequencies where the station may be received better. For example, 39715 would be 39MHz715.
Others may simply be a station transmitting automated junk, in order to 'occupy' the channel, so that someone cannot apply to the IETF to use the unused channel. Since they all have these number voice systems to announce their frequencies, it is logical to use that system to occupy the channel with random junk.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Shouldn't it be possible to use a directional antenna or some similar technology, from several points around the globe to locate the source of the transmissions with a reasonably high degree of precision?
:)
I don't have any shortwave equipment myself, but it seems that would be a very interesting project.
It would be quite exciting, say, to discover signals originating from a mountain in Wyoming
This is pretty sweet. It's a very interesting strategy. Shortwave receivers are easy to come by, do not arouse suspicion, and no one can detect that you are listening in.
You definitely can, it's (as you stated) usually called "moonbounce" or EME, for Earth-Moon-Earth. I'm not sure that it's really a particularly useful form of communication, but that doesn't stop hams from doing it just for the hell of it. (Though I've wondered if there are some 'Mad Max' style disaster scenarios where EME would conceivably be useful...)
To do it right you need a very directional beam antenna. There are particular regions of VHF that are known to be good for EME, because of the way they penetrate the Earth's atmo/iono/magnetospheres. However, people have done it on virtually all bands, from 6m into the microwave. (There is a neat page on 6m EME here, he claims that as of 2002 only 30 or 40 people have ever had successful QSOs, so if you want to be on the bleeding edge of amateur radio, that's where you go.)
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Lest you think all these secret stations are foreign, here's the story of Yosemite Sam, a station that transmitted "I'm a gonna get you, you varmint!" followed by a quick digital BRAP sound, and how it was traced by enterprising hams to a US military-industrial facility.
OK, what if the sequences are one time pad keys or other crypto keys? Then there would be nothing to crack, there is no message. The end user and the transmitter agree on a protocol, e.g., only use the sequence generated at 1620 UTC. Then after each day that sequence is discarded.
The info is then sent by email, ground mail, radio, etc. encrypted with that key.
So not only would there be nothing to crack, but the vast majority of the numbers would just be noise.
putting the 'B' in LGBTQ+
Because you have something sensitive to say later.
But why not just use the same secure channel later?
No, there has to be another reason. I mentioned the most common reason -- that the secure channel is too slow. There can be others, of course, such as that the secure channel is only temporarily available, or that it can only be used a limited amount, or that it is one-way, etc..
A secure channel is required to be able to use an OTP, but it must be deficient in some way (other than its security) or it doesn't make any sense to bother with an OTP.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
The ionosphere bounce is most often like a flat mirror in the sky much like seeing the sky reflected on a hot road in the desert (looks like water on the road). Even though the direction of the wave appears to be from a few degrees above the horizon, the azmith is not skewed much most of the time. Most of the CDAA antennas have the delays set to focus not on signals from the horizon, but from a few degrees above the horizon. The more antennas you have which are spread out increases the antenna apature and much of the drift gets averaged out providing a reasonably accurate line of bearing. The sky wave is dynamic. The longer a signal is present, the more samples can be integrated also increasing the accuracy. With many coordinated stations, the circle you get on the map that may contain the source of the transmission becomes quite small.
I have done some HF amature radio hidden transmitter hunts in the 28 MHZ range. The bearing you get as you get close is pretty good. A couple guys working together sharing information can locate the final area very quickly. It is a lot of fun to see how many people you can beat to the hidden transmitter.
The truth shall set you free!
Years ago, some friends of mine used to find sport listening to "Numbers Stations". One in particular, during the Soviet era, used to identify itself as "The Moscow Radiotelephone Station." They would get on the air and proclaim "This data is for Testing Purposes Only, from the Moscow Radio Telephone Station, Book xx, Page yy, Group zz..." and then proceed with five letter cipher groups in perfect english phonetics. (Substitute xx, yy, and zz with whatever numbers of book, page and group they were sending at the time).
They were once reputed to have closed their broadcast on New Year's Eve with "and greetings to our friends in the CIA." Who says spies have no sense of humor?
Nearly fifty percent of all graduates come from the bottom half of the class!
>I'll just add to my previous comment that it was once widely believed that long wave radio signals propagate the longest distance, then for a while that idea was less well believed....
Terms such as "short wave" and "long wave" have largely passed into disuse, replaced by High Frequency (roughly short wave) and Medium Frequency (roughly long wave), and then for mostly point-point communications, VHF, UHF, and above.
Except for the exotic moonbounce and tropospheric ducting mentioned, all long distance radio communications on this planet uses various layers of the ionosphere, and depends on ionosphereic reflection and refraction, and is thus dependent on the state of the Sun, which has an 11-year up-down cycle. We're going to reach rock bottom in 2007, and then things will start looking up again.
If you want to see what frequency is best for reliable communications around the globe, check out this site and look at the map closest to you. These maps are compiled using ionosondes, and represent hourly experiments. They will tell you what frequency in the HF has the best chance of bouncing off the ionosphere and reach the destination. The NVIS map at the top is for transmitting straight up and having your signal come down in a ~250 mile radius. The maps below that, centered on cities around the world (San Francisco, Sydney, etc.) will show you what you need to do to get a signal to or from those cities. There's no quality info, but if you want current solar conditions, see the Propfire plugin, which will tell you.