Jailbreak Turns Cheap Walkie-Talkie Into DMR Police Scanner

An anonymous reader writes: Last Shmoocon, famous reverse engineer Travis Goodspeed presented his jailbreak of the Chinese MD380 digital handheld radio. The hack has since been published at GitHub with all needed source code to turn a cheap digital radio into the first hardware scanner for DMR digital mobile radio: a firmware patch for promiscuous mode that puts all talk groups through the speaker including private calling. In the U.S. the competing APCO-25 is a suite of standards for digital radio communications for federal users, but a lot of state/county and local public safety organizations including city police dispatch channels are using the Mototrbo MotorolaDMR digital standard.

Cool, but not the first

[rfengr]

Very cool, but not the first hardware scanner: http://www.aorusa.com/receiver...

Re:Cool, but not the first

[Holi]

Or get an RTL dongle and use DSD. You can even do trunked radio, though it is easier with 2 RTL dongles.

Re:Cool, but not the first

[rfengr]

Yep, been doing that for a while with GNU Radio, gr-dsd with USRP. I may get an Airspy just so I can use Unitrunker on Windows (without using the RTL dongles). Still really isn't a good digital scanning solution for SDR, although I wrote one for NBFM and AM: https://github.com/madengr/ham...

Re:Cool, but not the first

AOR AR-DV1B Wideband Receiver List Price: $1299.00

Re:Cool, but not the first

I watched the video and he did say it was the first, which was a bit out of place. I think they meant the first sub $200 or from a hack

Why is Police band unencrypted?

[gmack]

If you can monitor things you shouldn't, the problem is with the insecure communications system not with the hacked walkie talkie.

Re:Why is Police band unencrypted?

[Holi]

"If you can monitor things you shouldn't" who says you shouldn't? Many people have and do get scanners for that very reason. Nothing wrong or illegal about it.

Re:Why is Police band unencrypted?

[rfengr]

It's not. Many P25 talkgroups are encrypted, specifically the police tactical ones. Sometimes they just use a cell phone.

Re:Why is Police band unencrypted?

Ahahahahahh here we are in 2016, and someone is concerned about the morality of monitoring public government channels.

Re:Why is Police band unencrypted?

[Lead+Butthead]

If you can monitor things you shouldn't, the problem is with the insecure communications system not with the hacked walkie talkie.

When you don't have the physical custody of an object, it cannot be secured.

Re:Why is Police band unencrypted?

[jklovanc]

Lets say the police are chasing armed robbery suspects. Don't you think that keeping the conversation about movements and roadblocks secret might help in catching the suspects?
Then there is just the privacy of police talking abut private citizens. Do we really need to know every car that the police pull over?

Re:Why is Police band unencrypted?

[gstoddart]

If you can monitor things you shouldn't

It's broadcast over public radio waves in the clear ... where does "shouldn't" come into play?

If our cell phones have no expectation of privacy, WTF should the police expect any for?

It's not like it hasn't been perfectly legal to have police scanners for decades. This is just more of the same thing.

Re:Why is Police band unencrypted?

Do we really need to know every car that the police pull over?

Yes, I don't think the police should be able to pull people over secretly. Do you not understand why public oversight of the police is so important?

Re:Why is Police band unencrypted?

[sims+2]

Where do you live that the police are elected?

Re:Why is Police band unencrypted?

[Obfuscant]

Don't you think that keeping the conversation about movements and roadblocks secret might help in catching the suspects?

While many police agencies use this as an excuse for encrypting their radio traffic, it is very very rare for armed robbers to use police scanners to aid their escape.

I've had a police-capable radio in my car for many years, and I can count on the fingers of no hands the number of times it has allowed me to know ahead of time where the state police have set up radar on the interstate, for example. I have been able to hear about traffic problems before I get stuck in the middle of them, however. Just a couple of weeks ago, I was able to learn what the source of a series of explosions near my house was without having to call 911, and even more recently, that one of our town's major roads was shut down because of an event.

Do we really need to know every car that the police pull over?

Another common excuse used by the police to hide their radio traffic.

Most agencies these days have digital data systems for communicating private stuff, so there is no need to encrypt voice traffic. Not encrypting avoids the issues of key management and the inability of neighboring agencies to assist directly just beause they are not "keyed" properly.

Re:Why is Police band unencrypted?

Most civilized areas elect their sheriff, who chooses deputies, and rank over the hired police department.

Parallel (but more successful than) the method of electing a senator who outranks the party-provided support staff who do most of the work so the senator can spend time golfing, feasting, and/or campaigning.

Re:Why is Police band unencrypted?

[Coren22]

The funny thing about that ruling you reference is that cell phone communications are encrypted by default. The Stingray devices have to trick the cell phones into connecting to them because passive monitoring doesn't work for capture of the information, they actually have to tell the cell phone to turn off encryption to even work.

Re:Why is Police band unencrypted?

[ScentCone]

Where do you live that the police are elected?

Every police department, in every jurisdiction (municipal, county, state, federal) reports to officials in the executive branches of government. The executive branch IS the law enforcement branch, and the executive branch is run by regularly elected people. If a county executive, a mayor, or a governor (or even the president) is doing such a bad job in telling their subordinate LEOs which policies to use in directing their actions, then that's an issue to bring up when those executives are next up for election (or, if it's bad enough, for impeachment).

No, police aren't elected (except for, in many places, sheriffs), but their bosses are - and the police, especially at the management/policy level, work for those elected bosses.

How is it that you don't actually know this?

Re:Why is Police band unencrypted?

[Obfuscant]

Where do you live that the police are elected?

The chief of police in this city is hired by the elected city council. The county Sheriff is directly elected by the public.

Re:Why is Police band unencrypted?

Electing the head of the police is also common in the US.

Re:Why is Police band unencrypted?

Police, fire, and other public safety communication should be by definition NOT encrypted, and should be open to public monitoring anywhere and at any time! For example: In many states it is illegal to use a scanner in a moving vehicle. The same as are "radar" detectors, and other devices that warn drivers of police speed traps. This is mainly so that the police (highway patrol etc...) can write more speeding tickets, resulting in more fines (same with traffic cameras!).

Wouldn't it be just as effective to get people to obey the speed limits if they knew about the speed traps via scanners, radar detectors etc...? People who don't know what is going on are easier to manipulate. Thats why police want encrypted communication. So that the very public that they are sworn to protect and serve won't have any idea what the police are doing!

Oh and BTW when cell phones first came out, there was a law that it was illegal to listen to them! Not that this law could actually be enforced, it was just so that the makers and sellers of cell phones could say that conversations on them were private!

Re:Why is Police band unencrypted?

[jklovanc]

I was able to learn what the source of a series of explosions near my house was without having to call 911

This statement shows poor thought processes. Calling 911 to get information about an event is a missus of 911. 911 is for calling when you need assisance and is not an information line. If you don't need immediate help don't call 911.

I've had a police-capable radio in my car for many years, and I can count on the fingers of no hands the number of times it has allowed me to know ahead of time where the state police have set up radar on the interstate

Not what I am talking about. The issue is suspects getting away because they can avoid police by knowing where the police are. If it happens once a year it isa justification for encrypting year round.

Most agencies these days have digital data systems for communicating private stuff

Which means that there are some agencies who do not use digital systems and need encrypted communications.

Not encrypting avoids the issues of key management and the inability of neighboring agencies to assist directly just beause they are not "keyed" properly.

True but that issue has been worked out long ago. If improperly keyed neighbours need to communicate directly they just switch to an unencrypted channel. The few times this happens does not make encryption useless.

Re:Why is Police band unencrypted?

[ArchieBunker]

Even if they are encrypted you can broadcast interference and the radios then default to un-encrypted without any sort of notification.

Re:Why is Police band unencrypted?

[Lumpy]

Who said I shouldn't? I have 100% legal right to.

It's why they are not allowed to encrypt police and fire radio traffic.

Re:Why is Police band unencrypted?

This may shock you, but many people are not Libertarian children, and actually support their own elected government. Don't mistake loud Internet reactionaries for people in general.

Libertarians know this. Our founding fathers knew this. Tyranny of the majority is exactly why we have so many limits on our government. It's why the population must be allowed to monitor what government officials do. I know most people wouldn't mind having a secret police force and it scares me greatly.

Re:Why is Police band unencrypted?

[Lumpy]

Most towns and counties in the USA you elect the sheriff.

Re:Why is Police band unencrypted?

[ihtoit]

TETRA is encrypted and runs over the cellular network or in the absence of a network, relayed radio. The other major difference between TETRA and eg GSM is that TETRA can use lower frequencies (outside the GSM bands, eg 425MHz) for broadcasting with air encryption or the cell networks for 1-1 with end to end encryption.

Re:Why is Police band unencrypted?

[Stephenmg]

Several states have laws restricting the use of police scanners while driving. Most just restrict the use while committing a crime so it just becomes something else they can use to add to the list of charges. Others restrict using a scanner while driving. Some departments use to have alternate channels that where not published before digital bands that they would switch to when needed.

Re:Why is Police band unencrypted?

re :This statement shows poor thought processes. Calling 911 to get information about an event is a missus of 911 (snip)

"A SERIES OF EXPLOSIONS"

Re:Why is Police band unencrypted?

[Obfuscant]

This statement shows poor thought processes. Calling 911 to get information about an event is a missus of 911.

And this statement shows a lack of reading comprehension. I didn't say I would call 911 to get information. I would call 911 to report a series of explosions -- except I found out what they were and that I didn't need to call by listening to unencrypted police radio traffic.

If you don't need immediate help don't call 911.

I think reporting explosions of unknown origin is a valid use of 911. You don't seem to think so. The large number of people who did call to report them disagree. The manager of the PSAP also disagrees with you. Nobody said that nobody should have reported them, they said that the fire department should have been proactive in informing the public they were going to happen. YYMV.

Not what I am talking about. The issue is suspects getting away because they can avoid police by knowing where the police are.

Yes, it is what you are talking about. If I, in a calm, quiet environment cannot determine where just one state police car is waiting with radar, why would you expect a robber, in the heat of pursuit, would be able to monitor and decipher the police communications better? But it's moot -- they don't do it anyway. Maybe because they understand that it isn't as valuable a source of data as you seem to think it is?

If it happens once a year it isa justification for encrypting year round.

Well, that's one opinion. Being able to monitor the activities of the police is a better justification for not encrypting at all.

Which means that there are some agencies who do not use digital systems and need encrypted communications.

No, it means that there are some agencies that use digital data terminals instead of transmitting everything via unencrypted voice signals. In other words, there is a solution to the "privacy" problem that doesn't require encryption of voice traffic. And "do not use digital systems" is irrelevant. Analog, digital, voice is voice.

True but that issue has been worked out long ago.

Textbook solutions are great, in theory, but do not always make it into practice, in practice. The issue of key management is much more complex than the issue of which subaudible tone or NAC (digital "tone") is used on a channel, and the latter is sometimes wrong. For example, a neighboring county changed a CTCSS tone on one of their channels and didn't tell anyone -- and it was only discovered when a local agency went to render mutual aid and couldn't communicate.

they just switch to an unencrypted channel.

So in the middle of an emergency event where you've called in outside assistance, everyone has to change channels, assuming that it becomes obvious that someone who cannot communicate with you cannot communicate with you.

The few times this happens does not make encryption useless.

Straw man. I didn't say it was useless.

Re:Why is Police band unencrypted?

[Obfuscant]

Some departments use to have alternate channels that where not published before digital bands that they would switch to when needed.

All channels are published in the sense that you can search the FCC database for a geographic area and find out what is licensed for use. Yes, unlicensed use happens, but it is the exception not the rule.

Re:Why is Police band unencrypted?

"Even if they are encrypted you can broadcast interference and the radios then default to un-encrypted without any sort of notification."

Utter bullshit.

Re:Why is Police band unencrypted?

[sims+2]

Well I live here: http://swtimes.com/sections/ne...

Some of our elected officials changed some laws to remove our elected police chiefs power and appointed someone else in his place.

The Oklahoma Supreme Court has since decided that it was all ok and legal. So thats screwed too. Just because it happens to be legal doesn't make it right.

Even though the chief of police is elected he is not able to fire problem officers due to the strength of the FOP police union.

So even though we have voted out everyone involved in the above incident problems persist..

My comment was directed at the AC going on about people supporting their elected officials. When some elected officials can revoke other elected officials power without going through the proper channels something is terribly wrong.

Would it be ok with you if congress got upset with how the president of the United States was handling things and modified the constitution so they could appoint someone of their choosing to handle his duties instead starting a recall?

Re:Why is Police band unencrypted?

[ScentCone]

So the FOP ... who is involved in negotiating contracts with them? Elected officials. Don't like how they do it? Change them. While you're at it, support both legislatures and executives who promise to defang public employee unions so they can't hold their employers (the taxpayers) hostage for the benefit of a few corrupt union officials.

Re:Why is Police band unencrypted?

[sims+2]

I intend to. Like I said we have already managed to get everyone involved with the coup voted out. So the local elections are doing well but the state elections required for something to be done with orginsations like the fop will take some doing. That would require the rest of the state to recognize there is a problem & considering the current state of medicare expansion in Oklahoma that may take a while...

Re:Why is Police band unencrypted?

Police, fire, and other public safety communication should be by definition NOT encrypted, and should be open to public monitoring anywhere and at any time! For example: In many states it is illegal to use a scanner in a moving vehicle. The same as are "radar" detectors, and other devices that warn drivers of police speed traps. This is mainly so that the police (highway patrol etc...) can write more speeding tickets, resulting in more fines (same with traffic cameras!).

Wouldn't it be just as effective to get people to obey the speed limits if they knew about the speed traps via scanners, radar detectors etc...? People who don't know what is going on are easier to manipulate. Thats why police want encrypted communication. So that the very public that they are sworn to protect and serve won't have any idea what the police are doing!

Oh and BTW when cell phones first came out, there was a law that it was illegal to listen to them! Not that this law could actually be enforced, it was just so that the makers and sellers of cell phones could say that conversations on them were private!

The reason why "radar" detectors are illegal is because it undermines the point of having mobile speed radars. That is, it (in theory) creates an environment where people don't know where the radars are so they are more likely to believe that if they speed then they will get caught which in turn makes it so they are less willing to speed. Fixed speed cameras are there to help prevent people from speeding in known high accident areas (same idea with red light cameras). This of course has been perverted in certain jurisdictions in the USA and worldwide by police/politicians/etc realising that they can make money by fiddling with the speed limits/green to red timings/setting up speed traps at the bottom of hills/etc and (for all intensive purposes) tricking people into infringing in the name of profits.

Re: Why is Police band unencrypted?

Supreme Court jurisprudence indicates that laws against radar detectors are most likely unenforceable. See the Kentucky antenna law.

Re:Why is Police band unencrypted?

[KGIII]

Yes, those might seem like valid concerns and I actually know people who monitor police radio while they violate the law - just to keep tabs on the police.

Your first question, do I think it might help? Absolutely, I'm am quite reasonable. It'd probably help to keep that information secret. There's no doubt about it - the police are more likely to have success if they have the tools available to prevent people from listening to their communications.

So? No... I'm not kidding. So what? The police could do their jobs better if they could operate completely in secret. How far down the rabbit hole do you want to go?

Just like I accept that criminals may do bad things with firearms, I also accept that criminals may do bad things by overhearing the police. I'm okay with that - in the name of liberty. Freedom carries inherent risks. You can be even more secure if the government monitors your movement. The government will catch more criminals if they monitor our movement. Surely, that can't be a bad thing - everyone likes catching criminals and you wouldn't want to be supporting the armed robbery suspects.

Yet, at some point, we need to accept that criminals might do bad things. Currently, the police have the right to (try to) secure their communications. As a general rule, I'm not really thinking that's the best solution EVEN if it means that their job is more difficult AND that some harm may come to otherwise innocent people. It's risky to be free. Someone might poke an eye out!

I am not saying that the police can't encrypt their communications and use methods to make monitoring difficult, expensive, or impossible. I am saying that we might not actually want them to have that power. Yes, I know what that means. Yes, I'm aware that bad people might do bad things. I'm also aware that the police might do bad things and that monitoring them might have a greater value than allowing them to speak privately.

Don't forget, they exist because we hire them to do a job. They're just people who may or may not be doing bad things. They're our employees. It might be in our best interests to observe them, they have a whole lot of capacity to harm, and to think about the powers we wish to cede to them. Like any tool, it can be used for harm or good.

Right now, there's no trust that the police are doing good. They've clearly violated that trust, many times over, and have done so in galling and more egregious ways. They currently have that capacity. I'm not entirely sure that they can be trusted with it. An armed robber can shoot you and kill you. A police officer can shoot you, kill you, brag about it to his friends, and get away with it.

Not only do we need to accept that bad people might do bad things but we also need to accept that they sometimes might get away with it. We also need to remember that it is better that ten guilty men go free than for one innocent man to spend even a minute in jail. I am not saying they don't have this power. I am saying that we might want to have a discussion about them being allowed to have this power.

Re:Why is Police band unencrypted?

[KGIII]

I don't think I've ever, once, called someone a bootlicker. I'm kind of loathe to do so now.

However... No, not you OBVIOUSLY... I think the term might actually be appropriate for the person you're responding to. I really don't think I've ever even considered calling someone an authoritarian bootlicker.

What have I become?!? I am a monster. :/

Re:Why is Police band unencrypted?

[jklovanc]

Right now, there's no trust that the police are doing good.

There is the major flaw in your argument. It may be an opinion held by others but you have no proof that it is the majority. You are stating your opinion and not the opinion of everyone. I personally believe that the police are doing good almost all of the time.

They've clearly violated that trust, many times over, and have done so in galling and more egregious ways.

More flaws in your argument. First is when you use "they". All police are not the same. Yes there are some bad cops but the vast majority are good cops. Almost the only time when we see reports about the police is when one of them do something bad. That is call selection bias. If all wee see are bad cops then we might consider all cops bad even when that is not true.

We also need to remember that it is better that ten guilty men go free than for one innocent man to spend even a minute in jail.

I completely disagree with this. As a consequence of the imperfection of man we also must accept that courts can make mistakes. Innocent people will go to jail and we need to do as much as we can to minimize that. Letting ten murders go free to keep one person out of jail for a week is not valid.
In the end the secure channels are being monitored by good cops and sometimes those good cops will report the bad cops.

Maybe as a compromise you would like to pay for an independent party to monitor the secure channels so we can have both security and transparency.

Re:Why is Police band unencrypted?

I'd be more than willing to cut the police a little slack on privacy IF they in turn hadn't proven themselves as a group to be utterly untrustworthy when it comes to respecting the rights of citizens. It's not a few bad cops--it's the entire institution of policing in this country. It's been thoroughly corrupted and our elected officials are too cowardly to do anything about it.

When police start putting what's right ahead of what's expedient then people will start to respect them a little more. When politicians start repealing idiotic laws used simply to harass people then people will start to respect them more. Until then, they can go to hell and put up with any monitoring and anything else we need to do to hold them accountable.

Re:Why is Police band unencrypted?

"If you can monitor things you shouldn't" who says you shouldn't? Many people have and do get scanners for that very reason. Nothing wrong or illegal about it.

Yet.

In 1938, the Federal Government, after a tug-of-war with radio amateurs declared that US citizens could listen to or monitor anything transmitted over the airwaves. It was an offense to repeat what you discovered unless the transmission was explicitly intended for public use (commercial radio, TV, etc.). But you could still legally listen in.

Then, circa 1985, the "get-the-government-off-the-backs-of-the-people" Reagan administration caved to the cell-phone lobby and marked certain frequency bands as forbidden territory and mandated that general-use radios capable of monitoring those frequencies could not be sold in the Land of the Free. Only certified cell-phone units and phone company support devices.

In the later 1980s, many public service agencies switched to trunking systems, which used channels more efficiently, but made it more challenging to track things. The trunking systems went digital, then started going encrypted as a matter of course. Prior to that, selected police radio channels might have been scrambled, but now even the garbage trucks were running encrypted.

Locally, the news agencies were allowed decrypting radios to facilitate their responsibility to keep the public informed. Then the local government pulled even that and became an almost completely closed system. Yes, there are tapes recording radio transmissions and 911 calls, but to hear what's on them would require a judge's order.

I learned a lot of how my community operates listening to the scanner. It taught me quite a bit about what they'd be doing in cases of major emergency, how the resources I'm paying for are being deployed, what roads and bridges are opened or closed in cases of emergency and how drunk/crazy many of my fellow citizens are.

But now I am paying my tax dollars to support public service organizations with vastly reduced transparency in a state where it's not legal to legislate in secret.

And if it's true as they tell me that if I have nothing to fear, I have nothing to hide, then what do they have to fear?

Re:Why is Police band unencrypted?

[KGIII]

It's funny that you try to point to flaws in my argument but, obviously, never actually took a debate class or participated on a debate team. Here we go...

Perhaps you do not understand the concept but trust is lost when you violate the rules you agreed on. Trust is lost for the police (more on that in a minute). There's no question about this. To touch on a latter statement you made - it doesn't even need to be a majority-agreed on opinion. In fact, we've worked to protect ourselves from the tyranny of the majority. There's a reason, and a good one, that the majority view is unimportant.

Let's continue, shall we? They, are a group. There are individual members of this group. They are not being considered, I am referencing the whole group. The individual, in this case, is irrelevant. I didn't even say that all I saw were bad cops. If you were familiar with my posting history, you'd know I support the cops and like the cops. I just don't support all cops and like all cops - I don't like those that break the law. Irrelevant, I am referencing the group as it would be highly impractical to judge each one.

If you're going to point to flaws, find flaws. Those are not flaws, those are you failing to understand the concept. Shall we continue? I think we shall...

Your disagreement is also irrelevant. It's a founding principle of our country and legal system. Disagreeing means more to a new country, not change this one because you're a coward.

No, I would not like to compromise. Why pay when we can just let people do it because they find it interesting? Why pay a third party? If we have to pay a third party to monitor the police communications, there's a serious problem with that.

It's safe to conclude that you and I are not going to agree on this matter. I'd further speculate that you're actually incapable, or unwilling, to be honest. I think we're done here.

Re:Why is Police band unencrypted?

[jklovanc]

For somone who supposidly knows how to debate you sure don't understand the principle of ad hominem.

Re:Why is Police band unencrypted?

And if it's true as they tell me that if I have nothing to fear, I have nothing to hide, then what do they have to fear?

If criminals are able to listen in to Police communications then it puts the Police at a tactical disadvantage (or at least reduces the advantage they have).

However, I don't see a good reason why recordings of radio transmissions shouldn't be made available at some point (perhaps 24 hours) afterwards. 911 calls area a different matter, these are typically between a private citizen and the 911 operator, the private citizen may give out personal information during the call that they wouldn't want to be made publicly available. While they may be interesting, sanitising them would be too time consuming and not worthwhile, but perhaps the person who made the call should be able to request a copy if they wanted to.

Re:Why is Police band unencrypted?

[FrankHaynes]

Heh. Like common criminals would
a) Have the awareness to buy/steal a scanner
2) program it correctly
c) use it correctly
d) Listen to it often enough to decode the jargon

Even if in the unlikely event all the above conditions are met, what EXACTLY would a criminal do with what he heard? Most businesses and many homes have security cameras, alarm systems, barking dogs, etc. Cops are mostly documenters. They spent most of their time writing reports or testifying on the content of those reports in court. People who think they are out Keeping America Safe have been watching too much prime time.

This argument is often trotted out by police departments, but frankly we sometimes have as much to fear from those in authority as we do from common criminals. If the cops have nothing to hide, then what are they hiding? Usually it's their own ineptitude, more than anything, that they don't want us to hear.

Re: Why is Police band unencrypted?

[Lenny369]

Wrong. Or, to clarify - I dare say anyone remotely capable of following the instructions and/or having any inclination to do so would most likely already have an amateur radio license from the FCC, which is an exemption to the "no-scanner-while-driving" laws in every state. I'm in Minnesota and I've been questioned about it once, while I was being testy and intentionally letting the cop hear that I had my radio tuned to his frequency as he called in my DL. He didn't know the law either but I handed him a printout of the MN statute with the exemption along with my FCC license, and he just scoffed and said get out of here. Before he left I let him know "FYI this radio is monitored for transmit out of band as well, which is also not illegal to possess, and I can use it to talk to on your frequency In an absolute emergency just as I could use your radio if something happened to you. I have that case law as well if you would like to see it." Second part didn't go over so well but only cost me another half hour of so.

Re:Why is Police band unencrypted?

[RivenAleem]

Why do the police need encrypted communications? If they are not doing anything illegal, they've got nothing to hide.

Okay

[JustAnotherOldGuy]

Okay, I gotta say that's a pretty nifty little hack.

The "Read More" link...

A nice simple way for the new owners to demonstrate their good intentions:

Please can we have the "Read more..." link back for all stories and not just on the polls ?

Thanks.

Déjà Vu

[U2xhc2hkb3QgU3Vja3M]

Anyone else read that as "Jailbreak Turns Cheap Walkie-Talkie Into DRM Police Scanner"?

Re:Déjà Vu

[Quirkz]

No, but I had to read "Last Shmoocon famous reverse engineer" about eight times to parse it. That's a very unlikely set of five words to begin a sentence.

Re:Déjà Vu

[U2xhc2hkb3QgU3Vja3M]

What's a "Shmoocon" anyway?

Re:Déjà Vu

[ihtoit]

it's a Shmoo Convention.

A Shmoo is a fictional creature first appearing in Lil'Abner in 1948. It's pretty much the Swiss Army Knife of housepets, in that it tastes like anything (depending on how you cook it - handy because it loves to be eaten) and you can use its whiskers as toothpicks, its hide can be used for leather or lumber depending on how thick you slice it, and they'll never go extinct because they feed on air and breed prolifically. As if that wasn't enough, they're great at performing showtunes.

Ergo, a ShmooCon would be a convention celebrating or showcasing something everyone wants because it fulfills all our needs.

Interoperability be damned

[Obfuscant]

but a lot of state/county and local public safety organizations including city police dispatch channels are using Mototrbo Motorola DMR digital standard.

Isn't it wonderful that the lessons of 9/11 and other major events is being lost in the push for more sales of commercial radio systems?

It's critical that first responders from different agencies be able to communicate with each other when a large event requires mutual aid. It is just as critical for neighboring agencies to be able to communicate on each other's systems when an event crosses a border. A first responder from county A who responds to something just over the border because he's closer shouldn't have to relay his communications through his dispatch to be able to talk to the resources coming from county B.

Motorola is making hay while the sun shines by selling P-25 systems, Mototurbo systems, and then bridges to link the two together, instead of using a single nationwide standard.

It's bad enough that agencies that use only 700MHz (and have single band radios) can't interop with agencies using legacy VHF or UHF systems, but Motorola profits from that, too. They'll happily sell multiple radios to solve this problem, and have each patrol vehicle or dispatch center carry two radios when one would do. And companies like Harris will gladly step in and sell $5000 portable multi-band radios.

Yes, there are nationally defined "interop" channels, but many agencies have no clue what they are (even a decade or more after they were created) or where to find them on their radios, if they are programmed to contain them. And if one agency has only the 700MHz "7CALL" etc available while the other has only the "VCALL" etc channels, those interop channels are useless.

Re:Interoperability be damned

You do realize, of course, that Motorola has the only system that works well with a lot of users in urban canyons, but that 700 MHz doesn't work for shit in large open spaces where the locals can't afford half a dozen repeaters. In much of Colorado, the high ground makes it even worse, as it's an amazingly shitty place to put repeaters (no power, 150 kt winds, and no road access), so they tend towards VHF systems in the mountain counties. There are actual reasons different municipalities chose different systems, and it's not that they're being bribed by the vendors. Oh, and the radios I have used had something like "inter-agency A" and "inter-agency B" programmed in. Not too hard for your average cop (who doesn't do much inter-agency anyway) to figure out.

Re:Interoperability be damned

[Obfuscant]

You do realize, of course, that Motorola has the only system that works well with a lot of users in urban canyons,

Are you a Motorola salesman? You must be, since this kind of marketing hype is patently absurd.

There are actual reasons different municipalities chose different systems,

Of course. I think I said it was "bad enough", which means that it is a necessary evil. Using multiple digital systems is not a necessary evil.

Oh, and the radios I have used had something like "inter-agency A" and "inter-agency B" programmed in.

That's nice. This works when A is using DMR and B is using P-25? No, I don't think so. Or when A is on UHF and B is on VHF? No? I didn't think so. The only way such programming works is if the radios can already operate on each other's systems, and in that case it is just as easy to program in the other agencies main frequencies and work there when necessary. A chase from A into B shouldn't require everyone involved changing channels to be able to communicate.

And I was pretty clear in talking about the interop channels, I thought. You don't need "Interagency A" as a special channel, just use VTAC11 or similar. Those radios you used did have those channels, right?

Nobody but you is talking about bribes. Marketing hype like your first sentence is how companies get lock-in, along with touting their extensions to the standards so no other company can truly compete. In our county here the main vendor is Moto, but we're using about four other vendor's radios without any problem at all. In fact, getting a programming error fixed is so much easier with every one of those other four that I cannot suss out why Motorola has any foothold at all.

Re:Interoperability be damned

okay, which other system works well in a dense urban canyon? And, I'm sure you agree that the Motorola trunking radios don't work very well out in sparse country without repeaters.

Here A and B are the two regional inter-agency FM channels. By the way, what works better is to have different agency heads collocated so that they can coordinate while the people working actually work. But, what do I know, I've just touched this realm for 25 years in several different roles.

Re:Interoperability be damned

[Obfuscant]

okay, which other system works well in a dense urban canyon?

Harris, Daniels, GE, Kenwood, Icom. Should I name more?

And, I'm sure you agree that the Motorola trunking radios don't work very well out in sparse country without repeaters.

No trunking system works ANYWHERE without repeaters. There has to be a control channel coming from somewhere or else it isn't trunked. Are you sure you know anything about modern radio systems?

By the way, what works better is to have different agency heads collocated so that they can coordinate while the people working actually work.

Right. It is so much better to create a JOC (joint operations center) and have "different agency heads" go there while the people in the field are dealing with a multi-car accident near the county border, and have all those "workers" talking to their own dispatch to relay communications. Sure.

Here A and B are the two regional inter-agency FM channels.

If you are in the US (the context I'm talking about) then there are a lot more than just two inter-agency channels. Go google for "VCALL" and see what comes up. There's five just in the high VHF band, and at least that many in every other band. And then google for "NIFOG" and download the PDF and look at all the information you can get from that. (Hint: the "I" in NIFOG is "interoperability".)

If you don't have those channels in place and instead rely on "Interagency A" and such nonstandard nomenclature and frequencies, then you are not truly prepared for the next big event, no matter how many years of experience you claim to have.

And if you don't have the repeater versions of the interop channels programmed in, then you're still behind the curve.

Re:Interoperability be damned

[Lumpy]

Yet old 50mhz police band works better than ANYTHING that can be bought today in the urban canyons as well as the spread out for thousands of miles states.

all this digital shit is only there to make a profit selling new gear. the old analog stuff works great and still does.

Re: Interoperability be damned

The analog got dumped because of congestion.

Re: Interoperability be damned

[ihtoit]

no, the analogue got dumped because a more restrictive technology (ie digital) is easier to regulate, or monitor.

Re: Interoperability be damned

It is actually far harder to monitor digital radio, and regulation has zero differences compared to analog, do you not understand how radio and digital works?
The ONLY reason DIGITAL municipal radio exists is because Motorola needed to find a way to sell new radios to all the municipalities that already owned them. There is ZERO reason for it to be used in any emergency communications and the drawbacks of digital far far outweigh it's advantages.

DMR is not a Motorola standard

"Mototrbo Motorola DMR digital standard"

Is a complete misnomer. DMR is not a Motorola standard, it's a European standard (ETSI) and effectively a digital radio replacement for the MPT1327 standard (a British standard from the Ministry of Post and Telecommunications). Having said that many radio manufacturers would have had input to the standard, including Motorola. The one I worked for did.

DMR/P25 are similar, in that if you don't want people to listen in on what you're broadcasting, encrypt it! As far I can remember, AES256 was the best encyrption option availble to P25... I can't remember the details for DMR, or even if it supported it.

DMR standard had/has some weirdness: for instance the vocoder wasn't specified. Everyone seems to have defaulted to the AMBE half rate vocoder from DVSI, the same as what is being used for P25 phase 2.

Re:DMR is not a Motorola standard

Well, Mototrbo is a motorola proprietary superset of DMR...

Re:DMR is not a Motorola standard

[ihtoit]

I think DMR has 8 and 40 bit encryption.

Re:DMR is not a Motorola standard

Encryption is not really defined by the DMR standard. Various vendors have implemented 8, 40, 128 and 256 bit encryption.

You can do this today with a $10 dongle

[hey!]

and open source software like Gnu Radio. No need to spend $150 bucks and then void your warranty.

The thing GNU Radio is just just a bunch of software routines. People have cobbled things together that will allow you to listen to AM, FM, and SSB, but the UI is crude and it's not something an average person would find usable. On top of that the digital voice decoding is a separate piece of software which (except on Windows) you have to compile from source and figure out how to bolt that on.

It'd be nice if more people were putting their hacking energies into SDR, because then maybe someone would come up with a nice, slick plug-and-play solution anyone could download from a distro repository. It's happened in other somewhat technical areas, like GIS (e.g., Quantum GIS) or computer algebra.

Re:You can do this today with a $10 dongle

a $10 dongle and a $1000 laptop.

Re:You can do this today with a $10 dongle

[hey!]

Or a $300 laptop. Or even a $40 tablet -- the libraries have been ported to Android.

Re:You can do this today with a $10 dongle

More like a full trunking setup on an old $150 Atom-powered Acer or eMachines netbook with two $10 dongles and DSD+.

Wake me when a cheap HT decodes P25 audio.

[Astrogoth]

I like to monitor the LAPD and the big LA trunked system.

Hmmm I have a 380. Now maybe I have a USE for it

[RubberDogBone]

I've had an MDR380 for a while but it's been sitting in a drawer because DMR for amateur radio is a joke.

They've built all these local, regional, and national talk groups but everyone is afraid to use them in case somebody else wants to use them, so everyone who does try is either scared or they are idiots who hog it for tens of minutes.

And the DMR system is broken such that when you turn on your radio, you have no idea if the repeater you are calling is linked into anything. The act of transmitting will cause an idling repeater to wake up and reconnect at which point you stomp on an existing conversation if any are taking place.

So DRM for hams is a real mess that makes D-STAR look amazing by comparison.

Anyway, now maybe this 380 will have a use. But probably not.

One small detail kind of ruins it

[RubberDogBone]

This statement is not correct:

"Here in the US Project 25 (P25 or APCO-25) is a suite of standards for digital radio communications for federal users, but for state/county and local public safety organizations including police dispatch channels are using Mototrbo DMR digital standard."

It should say "Here in the US Project 25 (P25 or APCO-25) is a suite of standards for digital radio communications for federal users, but SOME state/county and local public safety organizations including police dispatch channels are using Mototrbo DMR digital standard."

Most state/local agencies are in fact using P25. Some are using DMR, others use other things. The same is true for commercial businesses. They can operate in P25, DMR, Nextedge, etc on a variety of bands, which means it's rather more complicated to hear everyone and everything at the same time.

Misleading info

This firmware mod does not make the radio into a scanner, nor does the promiscuous mode even work properly. I bought the MD-380 as soon as I read the PoC||GTFO article on it and immediately installed the alternate firmware. I found that you must have the correct DMR 'Color Code' to monitor communications. The Color Code is a number between 0 and 15. You must also have the correct repeater time slot as well. (there are two time slots TDMA with 30ms frame each) This seriously limits the usefulness. They need to make the promiscuous mode ignore the Color Code setting as well to make it useful for monitoring.

I find myself going onto DSD with RTLSDR to discover the Color Code (or DCC as DSD calls it) and Time Slot.

cobbled

key phrase: "People have cobbled things together "

And that is the problem. All those nice little bits and pieces are just that: bits and pieces, poorly documented, often not handling everything.

Re:cobbled

[hey!]

key phrase: "People have cobbled things together "

And that is the problem. All those nice little bits and pieces are just that: bits and pieces, poorly documented, often not handling everything.

Well yes, that's exactly my point. We need more attention to the SDR stuff, hacking that would be waaay more impactful than hacking some obscure Chinese handheld; more attention to this area will draw more effort.

Not that I have any criticism of the people doing this; you hack what interests you; often what you've got lying around. Good for them. I just wanted people to know about the super-cheap SDR dongles they can get. If they're interested in this radio project they'll be interested in that too.

Re:cobbled

[FrankHaynes]

Your heart is in the right place, but my experience with those $10-20 dongles is that they are good for strong signal reception, such as my local public safety trunked system, but they just can't cut it in the real world as an all-around receiver. Software can only do so much with crap hardware.

I tried to set up one on a linux laptop that I was running at my parent's house to receive the local baseball games broadcast on an FM station about 15 miles away. It wasn't happening. Not sensitive enough and getting overload from the many other FM transmitters nearby. No big deal, but if I were serious about that project I would have to upgrade the SDR hardware to something over $100 to do something useful and at that point I might as well scrounge up an old AM/FM radio pulled from a car like a broadcast engineer I know did.

I'd love to find or build a small but powerful SDR to perfect a modern scanner. Uniden locks you into their design choices. SDR# is still a bit too geeky for general use. If it had a good UI with user selectable operating parameters instead of being stuck with a limiting set that would be a win. Usability is key to general acceptance. That's what this DMR portable offers I suspect.

Please Explain To Me

[kackle]

I cut my teeth in a radio shop in the late 1980s; I left several years later. I know and understand why they were converting the getting-crowded cellular system to digital back then (bandwidth --> $), but why did the municipal/commercial radios follow suit when the transmissions I hear are of such terrible quality versus the analog I remember?

And if your answer involves crowded bandwidth, I ask, is it really? I have seen graphics describing the use of radio bands, but every time I've had the opportunity to use a scanner and poke around over the years, I find very little in my suburb of a major U.S. city. Haven't a major portion of businesses gone to cellular communication anyway?

Original Justification

FYI ...if you care ...the original argument against scanners by the police was to cut back on ambulance chasers ...criminals just aren't that smart and cops really aren't that much into trying to pull over folks secretly. I applaud all attempts to break the code and listen. It's a beautiful thing to drive technology forward! Besides ...smart guys need hobbies :-)