City of San Jose CAD Frequencies

[Gilly1]

After 2005 the City integrated the fire and police activities into a unified dispatch system where most of the traffic is broadcast to a mobile computer system in the vehicle. Is it possible to intercept that traffic and display it on a separate monitor? There are some separate tactical frequencies assigned to the City, but there is no way knowing what is in use and a method of decoding the digital data being broadcast. Thank you in advance for any information on this topic.

 

[Sac916]

In theory - yes, if you're a hardcore and talented hacker (illegal activity)

The basic answer is - No

CAD (computer aided dispatch)
There are two common methods for CAD and MDC/MDT communications.
1. Radio Frequency (data channel)
2. Cell Network (AirCard)


Obviously the type of connectivity, complexity of technology, networking and security protocol is wide ranging.

In the last few years DOJ/FBI have established and mandated higher levels of security for law enforcement databases and computer networks.

Technology being technology - nothing is 100% secure

 

[szron]

It's not the 90s anymore. The old Motorola MDTs could have been intercepted with a simple program somebody wrote. You can still find it online somewhere.

Today no agency would have State/NCIC access without meeting FBI network security standards on their equipment. That means encryption.

 

[AZScanner]

It's not the 90s anymore. The old Motorola MDTs could have been intercepted with a simple program somebody wrote. You can still find it online somewhere.

Today no agency would have State/NCIC access without meeting FBI network security standards on their equipment. That means encryption.

Perhaps. Then again, perhaps not.

Many agencies these days have dumped their old RD/LAP systems and are using cellular air cards which to me makes little sense since in a major disaster the cell phone networks either get jammed or fail completely. There's a project out there that, if the government ever figures out how to get out of it's own way and actually BUILD the thing, will provide a "secure" nationwide 4G LTE network for public safety data. I say "secure" because a rudimentary LTE scanner for SDR already exists. Seems to me like only a matter of time before the next "MDT Monitor" is born from code such as this. Someday in the not too far off future, you might not only be able to listen to your local agencies radio system on a cheap RTL dongle, but be able to intercept their computer network traffic with it too. I'm sure that little known fact is already keeping some people in government awake at night...

I've probably said enough (if not too much) already. I don't need a visit from some real life MIB's.

-AZ

 

[szron]

We've all seen GSM man in the middle attacks but as far as I know intercepting UMTS traffic is extremely difficult if not impossible for the "common folk". I can't imagine that LTE technology will be "cracked" so easily.

 

[AZScanner]

We've all seen GSM man in the middle attacks but as far as I know intercepting UMTS traffic is extremely difficult if not impossible for the "common folk". I can't imagine that LTE technology will be "cracked" so easily.

I found this on Google: MARBEN ASN.1 Solutions: 3GPP LTE UMTS CDR TAP3 Automotive Security Intelligent Networks Decoder

Sounds to me like all you need to do is capture the raw data on any ordinary SDR and feed it to one of the products offered on this web page to see what you got. So it's not a matter of "will it be cracked". Looks to me like it already has been. There's even an SDK you can license from these folks. Very interesting stuff.

-AZ

 

[Gilly1]

Thanks to all who responded.

 

[russianspd]

As mentioned, if you ever got caught monitoring that information without the authority to do so I would imagine there would be severe consequences. MDT information if extremely confidential and provides information that doesn't need to be divuled to a radio enthusiast. Also would include p2p messages between dispatchers and officers too.

Information enough hearing people's full names given out over main dispatch channels and even more so when monitoring records channels and hearing people you knew from HS have their warrant checks, that was interesting.