• To anyone looking to acquire commercial radio programming software:

    Please do not make requests for copies of radio programming software which is sold (or was sold) by the manufacturer for any monetary value. All requests will be deleted and a forum infraction issued. Making a request such as this is attempting to engage in software piracy and this forum cannot be involved or associated with this activity. The same goes for any private transaction via Private Message. Even if you attempt to engage in this activity in PM's we will still enforce the forum rules. Your PM's are not private and the administration has the right to read them if there's a hint to criminal activity.

    If you are having trouble legally obtaining software please state so. We do not want any hurt feelings when your vague post is mistaken for a free request. It is YOUR responsibility to properly word your request.

    To obtain Motorola software see the Sticky in the Motorola forum.

    The various other vendors often permit their dealers to sell the software online (i.e., Kenwood). Please use Google or some other search engine to find a dealer that sells the software. Typically each series or individual radio requires its own software package. Often the Kenwood software is less than $100 so don't be a cheapskate; just purchase it.

    For M/A Com/Harris/GE, etc: there are two software packages that program all current and past radios. One package is for conventional programming and the other for trunked programming. The trunked package is in upwards of $2,500. The conventional package is more reasonable though is still several hundred dollars. The benefit is you do not need multiple versions for each radio (unlike Motorola).

    This is a large and very visible forum. We cannot jeopardize the ability to provide the RadioReference services by allowing this activity to occur. Please respect this.

Features confusions.

Status
Not open for further replies.

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
Say I have an M-RK II system, works fine. P25 conventional system with AEGIS. It works.
Now the features list does not include anything digital. I understand why this works, but what software/firmware files are needed to enable or disable features. Is there an RCP file ? Anything that edits RCP ?
The optional DES needs a keyloader for encryption, I have the software but not the UDC cable.(soon)
Same issues with an Orion so guessing I solve one, the other falls in place.
73s
 

TDR-94

Member
Joined
Mar 30, 2014
Messages
1,333
Since when does the MRK support P25 conventional?And Aegis is not compatible with P25 conventional.
 

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
Since Harris came out with programmer 3. I have the P25 part covered, I just need to know how to enable features in the radios. This includes LPE 200s and Orions. What I see is the top structure of the firmware which is the master, Harris calls it RCP, that determines everything about a radio.
I have an M-RK right here with P25 and a conventional AEGIS system. I tried cloning the firmware and didn't work.
That is why I am looking at the RCP file. One note is this only applies to later hardware versions of radios.
AEGIS is a Harris digital encoding and proprietary. P25 is a global platform that greatly enhances any conventional or trunking system.
 
Last edited:

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
One thing I noted, for all these former police talkies I have, none of them (save for the one) uses P25 or digital.
My guess is earlier radio types.
 

TDR-94

Member
Joined
Mar 30, 2014
Messages
1,333
You can't enable features. Only L3HARRIS TAC can enable features.

Good luck trying lol!
 

wanabe

Member
Premium Subscriber
Joined
Oct 31, 2004
Messages
112
Or the guy from Poland with the Dallas chip clone with features 1-40 for the P7100...lol!!
 

TDR-94

Member
Joined
Mar 30, 2014
Messages
1,333
That's not enabling features, that's just swapping chips. He isn't enabling features in those chips,just cloning a chip that already had those features enabled by L3HARRIS.I have one of the original P7100 engineering models that has all 40 feature enabled by L3HARRIS. Same with the XG-100P. I've had a couple with L3HARRIS demo feature strings with all 80 features available enabled.

BTW, the cloning of chips only works for the older radios. That doesn't work for OMAP radios. L3HARRIS made sure you couldn't do that any longer.
 

wanabe

Member
Premium Subscriber
Joined
Oct 31, 2004
Messages
112
Yep....I agree..I think he charges $40 plus $30 for shipping for a P7100 for features 1-40 , and $30 plus $26 for shipping for the 1-40 feature self-install chip. I guess he leaves 3 pins intact (pins you solder in yourself) and clips the other pins so you can’t copy it.
 

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
Well, that is what I am talking about. Now the folks at TAC were not very friendly nor helpful.
The fact they can do it means I will find a way to do it.
Like my modding years back of a Delta SX. TAC said 'you can't do that, it is impossible' not having the heart to tell them, I already had done it
 

ElroyJetson

Getting tired of all the stupidity.
Joined
Sep 8, 2002
Messages
3,885
Location
Somewhere between the Scylla and Charybdis
The feature encryption system is...obviously...ENCRYPTED. Your options are to find a Harris dealer to get the feature string upgrades done for you, which may be a trick....or just forget it. To the best of my knowledge nobody has cracked the feature encryption system and not for any lack of trying! As Spongebob says, "Well, good luck with that!!!" . Someone who could do that would (A) be in heavy demand, and (B) had best keep a low profile because he'd be on Harris' Most Wanted List immediately.

Harris won't help you directly if you aren't in a customer relationship with them and that involves a signed contract with a goods and services value that may be assumed to be in six figures or more. They're very anti-individual.

A DS2401 chip and FES (feature encryption string) swap with another similar radio (in a different band, or else why do the swap at all?) may be possible, if you can find a donor radio with the appropriate feature set. That's work to be done by a qualified technician who knows his business in both hardware service and also radio programming and maintenance.
 

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
The feature encryption system is...obviously...ENCRYPTED. Your options are to find a Harris dealer to get the feature string upgrades done for you, which may be a trick....or just forget it. To the best of my knowledge nobody has cracked the feature encryption system and not for any lack of trying! As Spongebob says, "Well, good luck with that!!!" . Someone who could do that would (A) be in heavy demand, and (B) had best keep a low profile because he'd be on Harris' Most Wanted List immediately.

Harris won't help you directly if you aren't in a customer relationship with them and that involves a signed contract with a goods and services value that may be assumed to be in six figures or more. They're very anti-individual.

A DS2401 chip and FES (feature encryption string) swap with another similar radio (in a different band, or else why do the swap at all?) may be possible, if you can find a donor radio with the appropriate feature set. That's work to be done by a qualified technician who knows his business in both hardware service and also radio programming and maintenance.
The feature encryption system is...obviously...ENCRYPTED. Your options are to find a Harris dealer to get the feature string upgrades done for you, which may be a trick....or just forget it. To the best of my knowledge nobody has cracked the feature encryption system and not for any lack of trying! As Spongebob says, "Well, good luck with that!!!" . Someone who could do that would (A) be in heavy demand, and (B) had best keep a low profile because he'd be on Harris' Most Wanted List immediately.

Harris won't help you directly if you aren't in a customer relationship with them and that involves a signed contract with a goods and services value that may be assumed to be in six figures or more. They're very anti-individual.

A DS2401 chip and FES (feature encryption string) swap with another similar radio (in a different band, or else why do the swap at all?) may be possible, if you can find a donor radio with the appropriate feature set. That's work to be done by a qualified technician who knows his business in both hardware service and also radio programming and maintenance.
Well, I have an incredibly strong background with embedded control and slowly getting the gist of the brains in Harris radios. I got the feature encryption down, that is like trying to break down the front door. the side window is wide open and that will give me access to anything inside. Embedded control is just not that complicated. Mentioned that Harris TAC can change features, that means it can be done and I will find out HOW it is done, with or without the blessing of Harris.
You said "A DS2401 chip and FES (feature encryption string) swap with another similar radio (in a different band, or else why do the swap at all?) may be possible, if you can find a donor radio with the appropriate feature set. That's work to be done by a qualified technician who knows his business in both hardware service and also radio programming and maintenance."
I sort have been there and done that,,the easy part.
73s
 

TDR-94

Member
Joined
Mar 30, 2014
Messages
1,333
Yeah,ok merlin.
Just like you wrote your own software to replace programmer and RPM,but ending up buying the actual software. Then saying you will make your own keyloader and own the radios,but once again are using their keyloader.

Let us know when you break down again and end up purchasing a radio with the features you need or swap feature chips instead.

I still can't find anything that supports your claim that the M-RK II has P25 conventional capability either.
 
Last edited:

N4VGW

Member
Joined
Dec 19, 2002
Messages
36
Location
Rustburg, Virginia
The MRK line of radios were NEVER capable of P25 operation. I worked At Ericsson-(Here In Lynchburg, VA) in the 90's and early 2000's with PRS. The DSP was capable of AEGIS Clear, Digital, and VGE/DES Operation - and you need the older IDA hardware based Key loader/Cable to key load. The VGE keyloader used version 3.0 firmware. The DES keyloader used Version 4.0 firmware. The First P25 radio that was introduced was the J725m-(Conventional P25)-Then came along the P7100. KRD and RU series. The KRD-(Like the J725m) did only conventional. The RU series Did trunking. The MRK line of radios were very popular with the HAM community because of their ruggedness. I still have dozens of them. The features-(FEC)- of a Harris radio is a propriety Encryption scheme.
 
Last edited:

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
If I can attach a file here, it does explain a lot.
 

Attachments

  • 140sp044 MRK secureity policy.pdf
    55.4 KB · Views: 60

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
Yeah,ok merlin.
Just like you wrote your own software to replace programmer and RPM,but ending up buying the actual software. Then saying you will make your own keyloader and own the radios,but once again are using their keyloader.

Let us know when you break down again and end up purchasing a radio with the features you need or swap feature chips instead.

I still can't find anything that supports your claim that the M-RK II has P25 conventional capability either.
You are almost funny, as if I have a magic hat to code software, and the parts to build my own keyloader are on the way, but not express overnight. 'RIGHT', you try to find a feature loaded M-RK and see how many decades that takes.
Your last statement, try reading Harris documentation, it is sure to enlighten you.
You overlook I am an old man going blind, so just hobby seeing just what I can do with these junk worthless radios.
I have a big box full of them. Meanwhile, I am working on a serious preselector for my HF gear. that hard to find roll-a-ductor, and it will get completed.
 

ElroyJetson

Getting tired of all the stupidity.
Joined
Sep 8, 2002
Messages
3,885
Location
Somewhere between the Scylla and Charybdis
What'd really be appreciated, if you can swing it, would be to break the feature encryption system on the more modern radios with feature options up to 80. The feature encryption system apparently has three versions: One that supports up to option no. 32, for the oldest legacy radios, one that supports up to option no. 40, and the current version that supports up to option 80.

I wish you the best of luck. But if you succeed, keep it under your hat.
 

merlin

Active Member
Joined
Jul 3, 2003
Messages
3,120
Location
DN32su
What'd really be appreciated, if you can swing it, would be to break the feature encryption system on the more modern radios with feature options up to 80. The feature encryption system apparently has three versions: One that supports up to option no. 32, for the oldest legacy radios, one that supports up to option no. 40, and the current version that supports up to option 80.

I wish you the best of luck. But if you succeed, keep it under your hat.
The feature encryption is is part of the firmware stored both in rom and flash, I am going after the entire firmware so that will come along with the ride. It will still be encrypted mind you, but something to work with. As mentioned, just updating firmware has so far failed, and I have reason to believe you install a file that lets you modify features, much like the test app. The UDC uses some 16-17 resistances for certain things, programming, keyload, hand mic, and a few are 'reserved' but do something. Until I can analyze the top layer RCP, I am only guessing one may dig into the FEC.
I am looking at microwire to get the entire memory space from radios, but this is MIPS core processors and my dissassembler for MIPS is not very good. It has always been like GE/Harris to permutate bites and words in code making disassembly difficult. The Delta with Intel brain was easy compared to the newer MIPS core CPUs.
Yea, I do get this cracked, Harris will be the last to know.
 
Last edited:
Status
Not open for further replies.
Top