• To anyone looking to acquire commercial radio programming software:

    Please do not make requests for copies of radio programming software which is sold (or was sold) by the manufacturer for any monetary value. All requests will be deleted and a forum infraction issued. Making a request such as this is attempting to engage in software piracy and this forum cannot be involved or associated with this activity. The same goes for any private transaction via Private Message. Even if you attempt to engage in this activity in PM's we will still enforce the forum rules. Your PM's are not private and the administration has the right to read them if there's a hint to criminal activity.

    If you are having trouble legally obtaining software please state so. We do not want any hurt feelings when your vague post is mistaken for a free request. It is YOUR responsibility to properly word your request.

    To obtain Motorola software see the Sticky in the Motorola forum.

    The various other vendors often permit their dealers to sell the software online (i.e., Kenwood). Please use Google or some other search engine to find a dealer that sells the software. Typically each series or individual radio requires its own software package. Often the Kenwood software is less than $100 so don't be a cheapskate; just purchase it.

    For M/A Com/Harris/GE, etc: there are two software packages that program all current and past radios. One package is for conventional programming and the other for trunked programming. The trunked package is in upwards of $2,500. The conventional package is more reasonable though is still several hundred dollars. The benefit is you do not need multiple versions for each radio (unlike Motorola).

    This is a large and very visible forum. We cannot jeopardize the ability to provide the RadioReference services by allowing this activity to occur. Please respect this.

Enhanced Privacy + Login

Status
Not open for further replies.

jesseschulman

Newbie
Joined
Nov 28, 2007
Messages
13
Anyone tried to use the login feature (with a server) while on a channel that has enhanced privacy? I can't seem to get that to work. Login works fine on a channel without privacy.

Mototrbo Capacity Plus single site, XPR 7550e radios, SLR8000 repeaters, TRBOnet Plus
 

Tech21

Member
Joined
Oct 16, 2018
Messages
288
Question is why do you even have enhanced privacy enabled? Color codes are enough to keep out 99 percent of unwanted traffic.
 

jesseschulman

Newbie
Joined
Nov 28, 2007
Messages
13
Question is why do you even have enhanced privacy enabled? Color codes are enough to keep out 99 percent of unwanted traffic.
Highly confidential, trade secret communications. It's a multi-billion dollar pharma facility. We have actually had radios stolen from employees cars sometimes even. So management wants to do more to keep the system secure. We track the location of all radios and record all communications indefinitely as well, and use many other advanced features of the radios. Have roughly 200 iBeacons to track indoor locations around very hazardous chemicals. So we are not your typical user.
 

Tech21

Member
Joined
Oct 16, 2018
Messages
288
Highly confidential, trade secret communications. It's a multi-billion dollar pharma facility. We have actually had radios stolen from employees cars sometimes even. So management wants to do more to keep the system secure. We track the location of all radios and record all communications indefinitely as well, and use many other advanced features of the radios. Have roughly 200 iBeacons to track indoor locations around very hazardous chemicals. So we are not your typical user.
When you say enhanced privacy, you mean the setting under security is set to enhanced and not have it mixed up with enhanced channel access, right?
 

Firebuff880

Member
Joined
Aug 28, 2006
Messages
478
Location
Boynton Beach, FL
Anyone tried to use the login feature (with a server) while on a channel that has enhanced privacy? I can't seem to get that to work. Login works fine on a channel without privacy.
By "Login Feature" are you referring to the Sign On / Sign Off process where the subscriber prompts for an Access code / Pin and sends that over the air to a "server" for verification and gets and Ack or Nack back ?? If so this might not be related to the "channel" at all as the process is part of the ARS stream, and really should be on the Data Revert repeaters not the Voice Channels.. This identifies the user / subscriber to the data application server but is not a two factor user / password process so you should be careful in what you are attempting to accomplish here. Specifically if you have issues with subscriber hardware walking away ..

Otherwise, please be more explicated as to what you are attempting to ask us all..

Highly confidential, trade secret communications. It's a multi-billion dollar pharma facility.
Also, if you are this concerned about security you might want to look at your choice of software services and where you go for support of the products..
 

jesseschulman

Newbie
Joined
Nov 28, 2007
Messages
13
By "Login Feature" are you referring to the Sign On / Sign Off process where the subscriber prompts for an Access code / Pin and sends that over the air to a "server" for verification and gets and Ack or Nack back ?? If so this might not be related to the "channel" at all as the process is part of the ARS stream, and really should be on the Data Revert repeaters not the Voice Channels.. This identifies the user / subscriber to the data application server but is not a two factor user / password process so you should be careful in what you are attempting to accomplish here. Specifically if you have issues with subscriber hardware walking away ..

Otherwise, please be more explicated as to what you are attempting to ask us all..



Also, if you are this concerned about security you might want to look at your choice of software services and where you go for support of the products..
You are correct. If there was a way to enforce a user/pass to use the radio, we would be interested. But it doesn't appear there is any way to do that. We have not had an issue using the voice channels for data currently. We have 4 repeaters today, and if things get crowded, we have budget to add 2 more.

I understand your last comment, and for the time being we have determined that it is not a concern. Everything is hosted locally behind secure firewalls. None of the data from that system leaves the site.
 

jesseschulman

Newbie
Joined
Nov 28, 2007
Messages
13
Also, why are employees allowed to take the radios to their car? Why aren't they turned into security at the end of the day and issued out at the beginning of the shift if security is a big concern?
We have multiple sites, sometimes they have to drive between them. Most of our radios are personally assigned, so they don't share them or turn them into anyone. Our site security doesn't do anything besides guard the entrance and make rounds.

Also some employees take their radios home so that they can use them to communicate with people on site. We can't use phones on most of our site due to hazardous chemicals, so radios are the only way to talk to them. We are working on implementing WAVE OnCloud right now actually which should help with that last scenario.
 

MTS2000des

5B2_BEE00 Czar
Premium Subscriber
Joined
Jul 12, 2008
Messages
3,983
Location
Cobb County, GA Stadium Crime Zone
Without AES-256, the joke that is "advanced privacy" is a weak 40-bit cypher that was compromised 15 years ago. If you're so concerned about getting REAL comsec, than good luck getting MSI to sell you AES-256 entitlements for your fleet. Passwords on devices don't do anything to stop bad actors from easily cracking the weak and well known cypher that is "enhanced" privacy that MSI insists on marketing to it's US DMR customers when other DMR vendors offer AES-256.

I understand your last comment, and for the time being we have determined that it is not a concern. Everything is hosted locally behind secure firewalls. None of the data from that system leaves the site.
If your RF coverage footprint leaves your property, which it obviously does as you stated, than the data from the system certainly leaves the site and with weak encryption, it's all there for a determined actor with resources to use as they wish without your I.T. folks even knowing. I would love to know the answer you get from your local dealer when you ask about AES-256 for OTA encryption....
 

Firebuff880

Member
Joined
Aug 28, 2006
Messages
478
Location
Boynton Beach, FL
We have multiple sites, sometimes they have to drive between them. Most of our radios are personally assigned, so they don't share them or turn them into anyone. Our site security doesn't do anything besides guard the entrance and make rounds.
Sorry, but you are not making much sense -- You system description in the original post was Single Site. Now you are talking about multiple sites. Is this a Single site site system covering multiple buildings or a Multi-Site system ?

What is the Gateway, MNIS or Control Station ? With out Data Revert and MNIS you could be running into collisions of data packets. But yes, if you are only using the Voice Paths then all of the RAS and Privacy settings have to be in sync across the system or you will loose / have un usable packets between your subscribers, gateways and the host servers.

[Soap Box On] -- 1.) Wave will make this whole system preform worse not better if you dealer does not know what they are doing. 2.) There are many good Data Partners in NA that will support you better as well Including my firm. [/Soap Box Off].
 

TampaTyron

Member
Joined
Feb 1, 2010
Messages
895
Location
Tampa, FL
What everyone else says above, plus you can have a power on password on the radios where the user has to enter a password in order for the radio to be available to the user. The issue I have seen with this feature is that the buttons get worn after a few months and the password is much easier to guess. TT
 

Firebuff880

Member
Joined
Aug 28, 2006
Messages
478
Location
Boynton Beach, FL
You are correct. If there was a way to enforce a user/pass to use the radio, we would be interested. But it doesn't appear there is any way to do that.
Sorry, I missed this part of your question earlier. The answer is yes, but it has to be done in the subscriber with custom option board code, or as more often the case in the Gateway software or Application software. It is not part of the Licensed MOTOTRBO solution.
 

jesseschulman

Newbie
Joined
Nov 28, 2007
Messages
13
Sorry, but you are not making much sense -- You system description in the original post was Single Site. Now you are talking about multiple sites. Is this a Single site site system covering multiple buildings or a Multi-Site system ?

What is the Gateway, MNIS or Control Station ? With out Data Revert and MNIS you could be running into collisions of data packets. But yes, if you are only using the Voice Paths then all of the RAS and Privacy settings have to be in sync across the system or you will loose / have un usable packets between your subscribers, gateways and the host servers.

[Soap Box On] -- 1.) Wave will make this whole system preform worse not better if you dealer does not know what they are doing. 2.) There are many good Data Partners in NA that will support you better as well Including my firm. [/Soap Box Off].
We have multiple physical locations within reach of our system, so it's single site from the motorola definition but it's really more than one site within a mile or two of each other.

MNIS and DDMS, latest versions.
 
Status
Not open for further replies.
Top