> Many navigational and meteorological satellites carry a search and rescue (SAR) repeater which is intended to receive UHF emergency locator beacons and rebroadcast them in the L-band or higher. However the repeaters appear to be picking up all sorts of other signals from the ground, including voice transmissions.
As mentioned in the video; that would be inadvisable. Not only is it illegal and constantly monitored, but it’s almost trivial to triangulate the source of the transmissions.
You could probably get away with sending a couple messages while pretending to be someone doing it accidentally, but you’d be holding up a “pick me” sign visible to any type of scrutiny.
Unless someone has proof otherwise, I'd bet that they've never been used for that purpose. Every major government is listening to this SARSAT downlink so it's probably better to use something less visible.
> Considering how much progress that has been made in encrypting internet traffic radio seems painfully slow in evolving to be more secure.
An important reason that I see is because (at least in Germany, I guess worldwide) ham radio operators are not allowed to encrypt their traffic. Commercial companies are a lot more conservative concerning encryption than "hacker people".
That rule is pretty much universal, not just Germany.
I guess it's because it would eliminate the possibility of collaboration and also enable using it for commercial purposes without anyone being able to check.
There's an exception for command and control systems like satellite control.
That’s because there isn’t a point. In order for encryption to work, you need to exchange keys at some point. Doing that half a world away is rather pointless. Doing it over the air, how do I know Alice won’t intercept and broadcast her keys louder than me? Or just interfere and prevent me from sending keys?
As we all learned in WWII, a code is better than encryption when you need complex PKI to achieve encryption. It’s more flexible, and can even convey nuances not intended. Ah, sorry I mean a language, not a code. But still, code words and phrases are still a thing.
I watched some documentary where the US were monitoring enemy communications but didn't know what a specific code word was referring to. If I recall correctly, the US staged a fake transmission that one of their islands had some issue or other... and suddenly they picked up enemy broadcast with the code word in question. So then the US knew what the code word referred to.
You still need to exchange keys. You can't get around that. Otherwise, how do I know the public key you sent me over the radio is YOUR public key and not someone else with a more powerful radio?
Sure, but then you need the central command's public key in order to verify that signature. How do you get that?
Ultimately it boils down to you needing to bootstrap your web/chain of trust somehow. In a military it might be easier; radios would be distributed to field troops with the needed trusted keys already present.
But more "public" radio? We don't have a sort of "radio CA", and there are no radios that know how to deal with such a thing. I suppose we could reuse the TLS CAs, though, and build SDRs to use it, which wouldn't rely on any particular hardware. But the point is that this just isn't set up at all.
You are ignoring HTTPS allows people half a world awaywo exchange keys with a server and prevents other people follow interfering other than DoS attacks.
>As we all learned in WWII, a code is better than encryption when you need complex PKI to achieve encryption
I was never in WWII and I'm not sure what you mean by code as typically that's just encryption but less formalized.
Https works because there is a destination address that goes to a physical network card. Over the air, there is no 'routing'. Alice can intercept my transmission, then literally, just use a more powerful radio to 'talk over me' with her keys. Ergo, MITM. I worked with guys in the military who did this for a living...
Radio is like being able to packet sniff (and modify) packets from anywhere.
Yes, once you form the connection it is secure. The handshake is the part that isn't secure on open airwaves. This is how 'evil middle boxes' mitm connections from corporate networks.
Edit to add: yes, there are CA's to sign the bits on a network. There is no CA for the radio, only proprietary ones. These can be reverse engineered, subpoenaed, or bought by state actors. Chances are, if you're broadcasting loud enough to be heard by them, they're going to start listening.
I think there is some confusion here. HTTPS is secure. Even with MITM attacks.
This is because the MITM will not have a valid certificate to provide authenticity for the public key returned.
The reason why middle boxes in corp networks can MITM is because the the corp owns the device and has installed their own domain trust to the device. This means the MITM can return a cert and public key that your device will trust. This is because the cert returned will be signed by the installed domain trust.
Another way to think about why HTTPS is secure over radio: HTTPS is at the highest level of the OSI networking model. You could do HTTPS with pen and paper and the mail if you wanted. Think about starlink! The internet today is literally going over radio waves.
This is likely why there isn't progress on encrypting old fashion radios! There is no need to encrypt old fashioned radios -- you'll just use internet over radio instead if you wanted encryption.
You bring a good point through. Since it's radio, anyone can jam your transmissions, but, they won't be able to spoof your intended friend if you are using https via radio.
HTTPS is only as secure as the CA that signs the certificate. My point is, at some point you have to bootstrap the trust. That is the single most vulnerable point (and why becoming a trusted CA is quite complex and easy to lose if you mess it up)! Without the CA, HTTPS is insecure (try self-signed certs and you'll see your browser agree with me). If you try and bootstrap a CA over the radio, it is vulnerable to MITM attacks.
There is absolutely nothing inherently secure about HTTPS without a secure CA.
Even after adjusting this statement three times it‘s still wrong. Certificate transparency has severely limited what CAs can do without being found out.
No, https works because we already agreed upon on one authority and one protocol and it’s called ICANN and DNS respectively.
This could be done with radio too but we don’t because a typical website transfers hundreds of megabytes and the traffic involved in negotiating an encrypted connection is a drop in the bucket, whereas with most radio traffic, it would comprise a much higher percentage of all your radio traffic.
Plus your average radio equipment has a tiny CPU (although this is changing) whereas your phone or desktop computer has hundreds of gigaflops to do all the encryption and decryption math that you want and then still draw a gif.
https works because you have previously agreed on a key. The key of the Certificate Authority that signs certificates.
Https (or IP for that matter) does not use the physical card to authenticate. That wouldn't make sense, except for very local networks. And since IP relies on ARP for the physical network addreess, even local IP networks can suffer MITM, by way of ARP spoofing.
A radio "hears" only the loudest signal (due to necessary filters). A packet is directed via routes; a network interface only picks up packets on that physical route. It's the equivalent of using a directional antennae ... kinda.
At the beginning of the connection, you must establish some sort of "trust" between your radio and the other radio (if you want to use encryption). Your wifi does this with a Pre-Shared Secret (PSK). Your https connection does this with CA certificates.
This 'baseline trust' allows you to know the other end is who you expect it to be. With traditional radios, there's not much of that. There's just:
If you don't squint that hard, that's the basis of any kind of authentication. Thus we have that covered. So, I can "authorize" myself as my person. Then I can send my keys over the air so we can have a private conversation.
Here's the issue, as soon as I broadcast my keys, someone with a "louder" (technically, brighter) radio broadcasts my voice with different keys. Next, they do the same thing when you broadcast your keys. Bam, we've been MITM'd without even realizing it.
So, ok, you say. Maybe we'll snail mail our keys to each other. Sure, that'll work. Yet still, even then, we'd only be able to talk to each other. At that point, why not just pick up a phone or start up a telegram chat?
The weakest link in any kind of encryption is always during the key exchange. Always. Mostly because we are human... we click through warnings, get our mail stolen, misstype things, and all kinds of dumb things.
My other point about code: we can agree on a dictionary. It's virtually uncrackable and fluent to have a coded conversation. For example, there's 0% chance you'd have any idea what this actual phrase from Afganistan means:
"the dust is blowing in, so we'll need about 5 mins to pick up my sister and head home"
spoiler:
"the americans are here, so we'll need about 5 mins to set up the guns and be the rendezvous."
Code is always better than encryption. Always. The issue is the "dictionary" and the fact that it can be leaked. Encryption gives better guarantees in that regard. But when you already have 'authentication and authorization' via the things I mentioned above, code does quite well...
"Encrypted" is too strong a word. But the code talkers needed a way to represent English that didn't have a natural Navajo equivalent.
So they developed a vocabulary of 411 Navajo words to stand for common military terms. E.g., BESH-LO, which is Navajo for "iron fish", meant "submarine".
The vocabulary included a phonetic alphabet to represent the 26 English letters. E.g., the three Navajo words MOASI, TLA-GIN, and BA-GOSHI all represent English words beginning with C (cat, coal, cow). So, they could spell out arbitrary English words not in their vocabulary.
It was secure against an enemy that lacked Navajos and probably didn't even know what language was being spoken or if they were intercepting some weird form of audio scrambling. But, if the Japanese had been able to translate the messages to English, the code would probably not have survived cryptanalysis for long.
It's not really secure as such. It's a simple replacement cipher theoretically speaking. An adversary with enough time will easily be able to figure out what each word means by association of known plaintext.
However it sounds like they were mainly used in heavy combat conditions where the enemy didn't have recording equipment for later analysis. So in that scenario specifically (but in that alone) it was pretty secure.
Yes, for the parts that needed to be distinctly translated from English, it was a cipher. However, it IS a language, with it's own grammar and vocabulary. They could have an entire conversation with none of the cipher bits...
If you've ever gone to a foreign country, you know you will have zero idea what anyone is saying for quite a long time. They knew as long as they kept the messages short enough, nobody was going to learn it from immersion.
There are still ancient languages that nobody have deciphered, despite having copious samples to choose from. I don't think it's as simple as you're making it out to be.
That‘s an arbitrary distinction, since encryption uses a key just like „code“ uses a dictionary. In a one time pad where your key is long, how is it different from a dictionary? And in a trivial cipher the key may still encode a dictionary.
Basically you are taking a subset of encryption using only substitution and calling that a code.
Encryption: combining math + ciphers (sometimes code too!) to hide a message.
Codes are great for real people having fluent conversations, not so great for computers. We actually use "codes" all the time, but when they're used in large groups (and not a 'secret'), we call it "jargon."
"Push it to main, and I'll pull it in to my buggy branch to see if that works" will make almost no sense to anyone but a programmer who works with git and even then, only someone who's used git since everyone renamed the 'master' branch to 'main.'
I'd take it easy with the name calling. Your replies in this thread have shown a pretty fundamental misunderstanding of the OSI model, PKI, and encryption in general.
> Your replies in this thread have shown a pretty fundamental misunderstanding of the OSI model, PKI, and encryption in general.
Hmmm. Yes, I'll take my 20 years of experience in this field and see myself out the door... I'm really sucking at explaining this to strangers on the internet.
The amateur radio service is not permitted to encrypt our traffic. That doesn’t mean we can’t. Theoretically (not legally tested) you could post the AES256 keys for your DMR radio to the public over the internet and then do it since you disclosed the necessary tools to decode your traffic.
Modern radios sync their keys when they are within range of wifi at HQ.
In the UK, it's illegal to encrypt for the purposes of obscuring communication. There was a lot of noise about G3RUH modems in the olden days when 9600bps packet was starting out, because they used a "scrambler" to whiten the spectrum of the data being sent, and people assumed that meant it was using a secret key to encrypt traffic.
I mean, in a sense it was - you're trying to make thing with long runs of patterns look as much like noise as possible, which is the goal of encryption - but in order for it to work as a modem both ends have to have the same "key" which was a very short LFSR that would pull into sync during the training burst.
In practice, at least in the UK, you can more-or-less do what you like as long as you're not making a nuisance of yourself. You literally cannot pay Ofcom to investigate anything on the amateur bands, although you might get a lot of grumbling from daft old bastards.
I wouldn't have thought so, since most DMR products are certified for use in the US by the FCC and include fairly strong encryption.
Also, do bear in mind that most people don't need to care what the FCC says, or stick to their rules. I'm currently operating equipment that quite thoroughly violates FCC rules, and there's not a thing anyone can do about it :-D
Does 5G finally use some sort of viable cryptosystem? 3G and below are hopeless and IIUC LTE is theoretically possible to secure but in practice the implementations suck.
IIRC, LTE is mutually verified encryption. The SIM contains a private key for the subscriber and a public key for the network. I'd expect 5G to also have that.
My father is a radio lover, a DXer, and sometimes nearly contemplated a ham license. So I grew up with him listening to shortwave and other bands, he explained all the concepts, WWV would be on for two hours at a time (you could literally count every minute). Another fixture was the police/fire scanner that would be on most evenings, especially when we heard sirens. Dad put up a nice rotary Yagi VHF/UHF tower for the television set, so we would play with the rotary control to dial in better reception, whatever channel we watched.
So then I found channel 70-83 on the TV, and discovered that AMPS cell phone conversations would drift in and out on those channels if I just let them sit for long enough. So Dad strictly enjoined me not to reveal what I learned from those conversations. And I lost interest, because not much interesting was being said, and the broadcasts were partial, probably because the typical use of AMPS was for car phones, not people walking by on the sidewalk.
I guess you're in the UK? The UK has this really weird law where it's legal to listen to anything but you may not repeat what you heard. I don't know of any other country that has that stipulation.
In most of Europe you can listen all you want and talk about it. I think in the US some frequencies were forbidden to listen to and to this day these are blocked on scanners. Not sure why as analog cellphones are long obsolete.
Even listening is in a grey area in the UK; it’s a separate offence to “use wireless telegraphy apparatus with intent to obtain information as to the contents, sender or addressee of any message” where you aren’t an intended recipient. But the intent bit is probably hard to prove in practice.
Of course listening to ham radio bands is allowed since they are meant to be public. But unlike in other countries the UK does mind if you speak about what you heard on the bands. I've heard several people getting berated for this on the bands.
I suppose for stuff that's actually meant to be prive it's even illegal to intercept it, I don't know. Personally I think such laws are just theater. Just like the cell band blocking on scanners in the US. Spend 2 minutes on mods.dk and a soldering iron and problem solved.
It's text and not video. Just speaking personally I wouldn't have clicked on or commented on a youtube video link. rtl-sdr.com is pretty decent aggregator as far as hobby SDR goes despite their bias in promoting their custom rtl-sdr dongle.
Yeah, I understand the preference for text, and I’m not against the site itself for posting it (I don’t have enough knowledge to comment on its quality), but I think we should give credit where credit (and ad revenue) is due, and link to the original creator’s work where possible.
In the vast majority of cases I prefer text, but in this specific case the video is actually useful for all the little details about what he’s doing that aren’t in this article or the words he’s using.
If anyone is interested in satellites, check out your options for amateur radio licensing in your country. The ISS has a repeater that even the most basic license holder is able to use. It's using VHF/UHF frequencies, and a low power 5W radio is enough to work it.
Occasionally the astronauts will get on the radio as well and chat with you! I haven't been lucky enough to do that yet. But I have heard them talking when passing overhead.
Yes the repeater has several modes by the way. Amsat shows which is active. There's also APRS and sometimes SSTV. When the astronauts are on air there's a strict protocol, they will generally call for people in a certain area. Of course the ISS has a pretty huge footprint so radio discipline is very important.
Yes, lots! Depends on what you want to do. For satellites, any dual band VHF/UHF radio will work. A cheap Baofeng from aliexpress can get you started: https://www.aliexpress.com/item/1005004895672032.html. You'd likely want to get a programming cable for it as well. They also can use Resource Road frequencies if you're going anywhere with radio controlled roads.
Ideally a radio for satellites is full duplex (you can hear simultaneously while transmitting). Those radios cost much more though. Many people just use two radios.
For shortwave radio, you could use something like the trusdx: https://dl2man.de/
Note that in both of these cases, to transmit, you'll need a license... and if you want to talk to someone specific it may be hard to do. Talking to random amateur radio operators is much easier.
The options I posted are cheap - you can easily spend tens of thousands of dollars on radios, antennas, amplifiers, towers, etc.
Some of those voices sound like Chinese... and I wouldn't be surprised if cheap walkie-talkies and the like are used over there, which are either actually using a frequency that gets picked up by these satelllites, or have poor/nonexistent filtering that their signal harmonics are.
And possibly intentional misuse for criminal and perhaps non-criminal activity too.
121.5 and 243 MHz are no longer officially monitored for voice distress signals, but I wonder if they're still being gathered on the fleet.
Perhaps the best mitigation, I suppose a reduced set of these signals are monitored for voice distress calls. The satellites should support geofenced/location-selective rejection of signals on 406 MHz and 1544.2 MHz identified as non-emergency traffic to prevent misuse by pirates, drugs dealers, and warlords coordinating attacks.
What you're proposing is an enormous increase in complexity of equipment, which would have an impact not only on price but also reliability of the space segment. A "bent-pipe" space segment with minimal control logic is a well-established norm in communications satellites for a few reasons, ranging from reliability to making it possible to use existing transponders with future modes. Even still, more and more communications satellites use digital transponders that can authenticate source messages, and so this issue mostly exists with legacy satellites that can't be retrofitted.
Besides, there's not really much motivation to mitigate this problem. First, pirate satellite communications by SARSAT transponders are rare compared to other satellite systems very popular with pirates like legacy US Navy communications satellites. Second, satellite piracy isn't that popular overall. Mitigating the ability of criminal organizations to communicate this way would require taking down a lot of different satellite systems, and then they would just fall back to HF radio, which is already the more popular approach. It's doubtful there would be any major reductions in crime and the type of crime that seems to motivate the most use of satellite piracy---unlicensed fishing near the Phillipines---isn't super high on the list of international priorities.
What is your basis for a claim that 121.5 (guard) is unmonitored?
As a pilot I can say that claim is false - guard is very actively monitored everywhere in the United States. Were you referring to some other locations?
COSPAS-SARSAT no longer monitors 121.5, for various reasons, so no satellite systems regularly monitor 121.5. This means that 121.5-only ELTs are obsolete, and prohibited for installation by the FAA since 2018. Modern ELTs are COSPAS-SARSAT transponders like EPIRBs and PLBs with only minor aviation-specific features.
ATC does still monitor 121.5, but that's with an eye towards voice transmissions, not radio beacon activations. COSPAS-SARSAT has never carried voice traffic on 121.5, the satellites attempted onboard Doppler direction finding of the beacon tone (not very accurate at all, one of the reasons it is obsolete). At the same time, ATC no longer has RDF capability from most (all?) GATRs, so receiving the ELT beacon tone is mostly useless to ATC, and ATC is unlikely to receive it anyway since GATRs have very poor coverage down to ground. ELTs do still transmit on 121.5 for convenience of search aircraft, but it's becoming increasingly irrelevant with high COSPAS-SARSAT coverage (if the ELT activated at all, rescue coordinators already know the location by GPS coordinates) and increasing rarity of direction finding equipment (and pilot experience with RDF) on aircraft.
One way to sum it up is this: 121.5 is monitored for distress calls from aircraft in the air, but it is not monitored for distress calls from aircraft on the ground. The latter is the goal of search and rescue systems, and the use of 121.5 has been replaced by the much more modern COSPAS-SARSAT system originally developed for maritime rescue.
> The International Cospas-Sarsat Programme is a satellite-aided search and rescue (SAR) initiative. It is organized as a treaty-based, nonprofit, intergovernmental, humanitarian cooperative of 45 nations and agencies (see infobox). It is dedicated to detecting and locating emergency locator radio beacons activated by persons, aircraft or vessels in distress, and forwarding this alert information to authorities that can take action for rescue. Member countries operate a constellation of around 66 satellites orbiting the Earth which carry radio receivers capable of locating an emergency beacon anywhere on Earth transmitting on the Cospas-Sarsat frequency of 406 MHz.
It turns out that humans are all mutually interested in the general idea that we should rescue lost people. The reason for the name (half Russian, half English) is that this is an early peaceful purpose programme negotiated between the US and Russia. For a long time the only obvious reason to put things in space was so that you could kill the enemy, but COSPAS SARSAT is a system which needs space and doesn't kill anybody.
Helpful additional data on COSPAS-SARSAT, thank you! I didn't realize ELTs that only output on 121.5 were no longer a thing.
That said, the claim I was responding to was "121.5 and 243 MHz are no longer officially monitored for voice distress signals", which is pretty obviously false.
"People of Earth, your attention, please. This is Prostetnic Vogon Jeltz of the Galactic Hyperspace Planning Council. As you will no doubt be aware, the plans for development of the outlying regions of the Galaxy require the building of a hyperspatial express route through your star system. And regrettably, your planet is one of those scheduled for demolition. The process will take slightly less than two of your Earth minutes. Thank you."
> Many navigational and meteorological satellites carry a search and rescue (SAR) repeater which is intended to receive UHF emergency locator beacons and rebroadcast them in the L-band or higher. However the repeaters appear to be picking up all sorts of other signals from the ground, including voice transmissions.