Emergency Sirens Set Off Across the DFW Metroplex
- Thread starter Motoballa
- Start date
- Status
A few small rural towns in New Mexico/Arizona still utilize these boxes and broadcast the siren across the towns. Some linked from various town owned locations. I'm told tradition is why it is kept. You can tell who is a tourist or not familiar with those areas. They look up in the sky for tornados or ww3. Anytime a 2 tone drops sirens go off.
Not to off track but in California I recall a deputy had got into a shoot out with a suspect some years back and called in he was in a fire fight and has been hit. Nearby a fire department was toned out and the siren alert system went off. The suspect retreated after hearing it. Just this reminded me of that incident with siren going off. Unfortunately he passed on some while after getting to the emergency room.
With it being on a clear night shortly after Trump had fired missiles at another country I'm sure plenty of people thought the US had been fired upon expecting incoming.
So one must wonder is this system setup linked together? Or multiple sites requiring independent dtmf or 2 tone drops independent of the others? If so this would mean way more then one person involved if it wasn't a repeated channel to drop the signal to each tower box.
Given the timing I really wonder if the person or persons responsible did it on purpose just for that purpose or for giggles unrelating. Times have changed and now days secure systems are the way to go unfortunately.
I doubt they're linked. Most likely someone just had enough power and a high enough location to hit them all. Definitely not done by a handheld.
That's my thinking as well. The monthly test was this past Wednesday, so someone well could have monitored the triggering transmission, then used that as a guide to create their own command. Coming right after the Tomahawk launches into Syria, that would suggest some sort of connection. But there was no traffic on any of the local channels that indicated any sort of alert or emergency. I pulled up Twitter & started seeing local news reporters posting about the sirens, and later, comments from city officials (OEM, PD, & FD) that there was no real emergency.
I don't believe there is a link between the sirens as such. But they are set up in sectors so that sirens can be set off both city wide, or alternatively, for a specific quadrant.
For the old sirens, at fire stations, there was a control that could be used to manually set off that one specific siren. That was the setup at the station closest to me. However, when they built a new, larger, station, and shuffled equipment to utilize all four bays, the siren there was removed, and the closest one now is farther away from me, and at the low point of the backside of a hill, so it's almost inaudible unless I'm outside or have a door or window open.
It's easy for us high-tech people to verify via FB, Twitter, etc. It's the low tech people with no internet or smart phone I worry about. Did local TV and FM stations break in to let these people know? When you don't have internet the first instinct is to turn on the TV...
I did not have the TV on when that started. I suspect that as soon as they got reports of what was happening, the local stations checked their sources, and as soon as they had a handle on the situation, they probably ran a crawl on the screen. But I never turned the TV on to verify that. The news departments of the four network affiliated TV stations here are very aggressive in trying trying to get an edge on the competition for breaking stories.
However, I had four separate scanners on in my home office, and nothing out of the order was on any of them. No activation of my weather radio either.
I then checked Twitter. All of the local stations post breaking news in tweets as do a number of their reporters. When Twitter opened, I saw posts from several of the senior reporters for various stations, and then shortly after, posts from both the local stations, as well as various City of Dallas related posts started to come in confirming the unintentional activation.
RFI-EMI-GUY
Member
- Joined
- Dec 22, 2013
- Messages
- 6,954
If they use DTMF, Quick Call or even FSK,, it would not be hard to record and replay the test sequence. Unfortunately all this will accomplish is panic at DHS, more money spent and clamp down on innocent hobbyists and hackers
Sent from my SM-T350 using Tapatalk
Anything one-way can be recording during testing then played back. The only way to prevent this in a one-way system is to set up some kind of one time use key/code system kinda like the PayPal/Ebay/Verisign security key that gives you a one time use code.
Weird you didnt hear anything on your scanners. I was playing GTA 5 online and heard them and thought they were coming from the game. Few minutes later Cockrell HIll PD asked if they had a fire or knew why sirens were going off. Then Love field PD unit asked if something was going on in CH 5 due to sirens, then DPD 1 had an officer or two asking. Then deployment central started talking about it.
My dumb butt still thought the sounds were coming from the game until the second or third mention on the radio.
I never heard DFR talk about it.
k0aa
Member
My former employer purchased a much smaller version of the system acquired by Dallas. The system was acquired a year before the Dallas system was installed.
There are some points I want to share with you.
First, I believe it would be easier to gain entry into the system's "controller" via the Internet than by activation of 156 sites via radio control. Activation by radio would require knowledge of the radio channel monitored by the receiver in each siren's cabinet as well as the ability to duplicate the precise coding sequence to activate the system.
I'm not saying that access via radio communications didn't occur. I'm only saying I wouldn't expect this to have occurred.
Second, these systems are tested by using proprietary software. The same software activates the systems, polls the system for status updates (AC power, back-up battery, radio link status, cabinet security, etc.), and produces a map with siren sites identified by color code indicating individual site status. Polling can be done at any desired interval. It can be done manually or automatically.
The system my former employer purchased could be accessed remotely by technicians. This process is done via internet access. Of course, anyone who somehow figured out the IP address to even see a login script should be buying lottery tickets. Then, a person seeing a login screen would need to know the information for each required entry on the screen. I cannot imagine anyone unfamiliar with the system being able to access it through "good guessing" or by chance.
My opinion is the system most likely was activated repeatedly. Our system was configured to have a designated period of activation in order to not deplete the battery banks. Otherwise, the sirens could be needed for a subsequent warning for a second incident occurring during a period when AC power has been interrupted and be unable to alert due to depleted batteries.
Unless an unimaginable system error occurred to activate the sirens, I would expect a "hacker" to have been someone able to hear when the system stopped and then activate it again ... and again ... and again. The incident suggests to me that someone in Dallas knows exactly what happened.
As a footnote, please remember these systems are only intended for use as OUTDOOR warning devices. The fact that some people hear them inside homes and buildings is an unplanned advantage due to their proximity to a siren and the ability of the sound to be heard inside the structure.
I have extremely high regard for the manufacturer, their warning system products and the company personnel who installed our system and the much larger Dallas system.
For system security reasons, my comments do not provide specifics about other parameters or features.
I hope this information is beneficial to you.
I had most of the deployment TGID's off, as well as Love Field. I did have Cockrell Hill on, but must have missed their comment. While I have my 'home' DPD Patrol area (Southwest/Ch 4) active, as well as Ch 9/Traffic & Tactical Ch 8, I only have a few others unlocked, and those are on my BR330T at low volume. A few deployment ID's, including Southwest, are on the same scanner.
While I did not hear anything when the incident first started, (and then checked Twitter for comments), as it continued, I started to hear comments. DPS Dallas mentioned it, as well as some of the suburbs and DPD. I believe, some minutes into the incident, that DFR did an announcement on Ch 6 about the sirens, but nothing on the main dispatch channels. I would think that they sent an MM to all units and stations, but that's just a guess.
We already know it was done by radio not internet because the FCC is involved, if it had been internet it would be the FBI.
What I'd like to know, is why does the City of Dallas think that the FCC can track the source of a transmission made a few days ago.
Track a current transmission, sure. But one that was made last Friday night?
RFI-EMI-GUY
Member
- Joined
- Dec 22, 2013
- Messages
- 6,954
I don't have any information to suggest this is being done, but the technology exists with software defined radio (SDR) to record an entire block of spectrum for an extended period of time. Obviously, like a video system, you would need to write over old data or have infinite recording capacity.
Southwest Research Institute (SWRi) (coincidentally located in Texas) designed such a system years ago which uses several receivers and GPS time stamping, so it would be possible to post process recorded data and get a triangulation (TDOA) of an interferer.
I contacted them some years back about potentially renting or buying such a system for a project that I was developing.
I suspect the FCC may have this capability and may have used it in NYC to catch a jammer last year.
While I don't know the particulars of this siren system, it apparently has some advanced diagnostics and is Internet connected, so if it has an event log, and the event log has coherent timing or can have the timing aligned in post processing from a test alert. The data may show the time of arrival of the signals that tripped the receivers. With 156 receivers, that is a lot off corroborating data. If it can be resolved to the microsecond level, it may be possible to determine within some circle of error, the origin of those transmissions.
Last edited:
RFI,
The city's statement, released to the press, specifically said they had asked the FCC to assist. I've also seen an additional statement that the FBI was also contacted.
They have also stated, several times, that they believe whoever did this was local, not an out of state or foreign hacker.
The city's statement, released to the press, specifically said they had asked the FCC to assist. I've also seen an additional statement that the FBI was also contacted.
They have also stated, several times, that they believe whoever did this was local, not an out of state or foreign hacker.
RFI-EMI-GUY
Member
- Joined
- Dec 22, 2013
- Messages
- 6,954
whoever did this should be very nervous. they would be stupid to make another attempt.
- Status