Slashdot Mirror

← Back to Stories (view on slashdot.org)

Jailbreak Turns Cheap Walkie-Talkie Into DMR Police Scanner

Posted by timothy on from the more-than-meets-the-eye dept.

An anonymous reader writes: Last Shmoocon, famous reverse engineer Travis Goodspeed presented his jailbreak of the Chinese MD380 digital handheld radio. The hack has since been published at GitHub with all needed source code to turn a cheap digital radio into the first hardware scanner for DMR digital mobile radio: a firmware patch for promiscuous mode that puts all talk groups through the speaker including private calling. In the U.S. the competing APCO-25 is a suite of standards for digital radio communications for federal users, but a lot of state/county and local public safety organizations including city police dispatch channels are using the Mototrbo MotorolaDMR digital standard.

8 of 82 comments (clear)

  1. Why is Police band unencrypted? by gmack · · Score: 4, Insightful

    If you can monitor things you shouldn't, the problem is with the insecure communications system not with the hacked walkie talkie.

    1. Re:Why is Police band unencrypted? by Holi · · Score: 4, Informative

      "If you can monitor things you shouldn't" who says you shouldn't? Many people have and do get scanners for that very reason. Nothing wrong or illegal about it.

      --
      Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
    2. Re:Why is Police band unencrypted? by rfengr · · Score: 4, Informative

      It's not. Many P25 talkgroups are encrypted, specifically the police tactical ones. Sometimes they just use a cell phone.

    3. Re:Why is Police band unencrypted? by Anonymous Coward · · Score: 5, Funny

      Ahahahahahh here we are in 2016, and someone is concerned about the morality of monitoring public government channels.

    4. Re:Why is Police band unencrypted? by Anonymous Coward · · Score: 5, Insightful

      Do we really need to know every car that the police pull over?

      Yes, I don't think the police should be able to pull people over secretly. Do you not understand why public oversight of the police is so important?

    5. Re:Why is Police band unencrypted? by Coren22 · · Score: 4, Interesting

      The funny thing about that ruling you reference is that cell phone communications are encrypted by default. The Stingray devices have to trick the cell phones into connecting to them because passive monitoring doesn't work for capture of the information, they actually have to tell the cell phone to turn off encryption to even work.

      --
      APK likes to ask for responses to the same things over and over. Maybe he just likes the responses?
  2. Re:Cool, but not the first by rfengr · · Score: 4, Informative

    Yep, been doing that for a while with GNU Radio, gr-dsd with USRP. I may get an Airspy just so I can use Unitrunker on Windows (without using the RTL dongles). Still really isn't a good digital scanning solution for SDR, although I wrote one for NBFM and AM: https://github.com/madengr/ham...

  3. DMR is not a Motorola standard by Anonymous Coward · · Score: 4, Informative

    "Mototrbo Motorola DMR digital standard"

    Is a complete misnomer. DMR is not a Motorola standard, it's a European standard (ETSI) and effectively a digital radio replacement for the MPT1327 standard (a British standard from the Ministry of Post and Telecommunications). Having said that many radio manufacturers would have had input to the standard, including Motorola. The one I worked for did.

    DMR/P25 are similar, in that if you don't want people to listen in on what you're broadcasting, encrypt it! As far I can remember, AES256 was the best encyrption option availble to P25... I can't remember the details for DMR, or even if it supported it.

    DMR standard had/has some weirdness: for instance the vocoder wasn't specified. Everyone seems to have defaulted to the AMBE half rate vocoder from DVSI, the same as what is being used for P25 phase 2.