Making a Case for Non-encryption in Gwinnett County

[RadioPatriots]

Was just curious. When did Gwinnett County Police go encrypted? Was there any debate, conversation, or concern brought up by Gwinnett Citizens at any commission meetings?

Can anyone point to an instance where citizens convinced their local government to un-encrypt, at a minimum, the dispatch channels?

If one were to speak at a commission meeting for non-encryption what would be some good reasons to present for not encrypting?

Thanks in advance for any information.

-Cory

Here are a few reasons, for starters. Organize or word them to your liking.

• A security system (encrypted radio) is only as strong as it’s weakest link. A crypto radio system has many that analog or standard P25 do not have.
  
• Numerous dead zones, more so than analog or straight P25.
  
• Higher probability of single radio or total system failure.
  
• Large scale key administration is difficult, has vulnerabilities, and is susceptible to error.
  
• A crypto radio system is not fully secure because it can be still be overheard by bystanders and or criminals in the vicinity.
  
• Dirty or money-desperate cops who compromise and give out cryptographic keys or entire radios, such as in exchange for money or to organized crime.
  
• Police error. Transmitting in the clear when they believe they are encrypted.
  
• False sense of security. Any system can always be hacked or compromised. Since the information going over an encrypted system will be of a more sensitive nature, it can greatly compromise the privacy and safety of average citizens.
  
• Encrypting the radios is likely to increase the already festering mistrust of police officers by average citizens.
  
• Lack of real-time awareness of police operations is the introduction of more corruption into the police department. Cover-ups, framing, bribes, police brutality etc.
  
• It's easier for police departments to hide errors in procedures or operational deficiencies.
  
• In extreme situations, real time information is absolutely crucial in saving lives. Police and fire scanners are very important for obtaining real time information in situations when hostile threats, mass crime sprees (shootings), hazardous materials, flooding, power outages and storm damage and other threats needs to be known immediately.
  
• So-called "terrorists" could quickly and easily learn to take advantage of vulnerabilities created by encrypted public safety radio systems with their lack of real-time awareness of media and the public, putting the public at much greater risk.
  
• Encrypted radios cutoff assistance from citizens and off-duty public safety personnel.

 

[procopper7005]

I have successfully obtained recordings of Gwinnett PD traffic, Gwinnett MDT messages, and emails from Gwinnett PD email accounts.

Its very easy and only required a written open records request. They promptly responded and I think I paid $7 for almost an entire days worth of recording on GCPD westside radio.

Encryption doesn't violate open records since they are recording almost all talk groups and those are easily available to the public with a simple request.

I also obtained several days worth of MDT traffic from Chatcomm for one of the agencies they provide comms to. Again, very easy. The only thing they redacted was vehicle registration addresses.

Nothing in the GA open records act requires live radio traffic to be not encrypted. Georgia actually has a very good open records law and its easy to obtain most anything if you know how and what to ask for.

If any RR member would like help drafting a specific request I would be happy to write it for you.

 

[RadioPatriots]

I have successfully obtained recordings of Gwinnett PD traffic, Gwinnett MDT messages, and emails from Gwinnett PD email accounts.

Its very easy and only required a written open records request. They promptly responded and I think I paid $7 for almost an entire days worth of recording on GCPD westside radio.

Encryption doesn't violate open records since they are recording almost all talk groups and those are easily available to the public with a simple request.

I also obtained several days worth of MDT traffic from Chatcomm for one of the agencies they provide comms to. Again, very easy. The only thing they redacted was vehicle registration addresses.

Nothing in the GA open records act requires live radio traffic to be not encrypted. Georgia actually has a very good open records law and its easy to obtain most anything if you know how and what to ask for.

If any RR member would like help drafting a specific request I would be happy to write it for you.

Well, let's be direct about this, Procopper. You may be able to obtain recordings based on some FOIA request; and with respect to some of the points given above, what good does that do someone 24 or 48 hours (or however long it is) later?

Knowing, for instance, that a shooter is on the rampage in your neighborhood, or that some disaster is taking place, does little good if you or your neighborhood watch community finds this information out 24 hours later. The damage is already long done.

There is also the very real potential for tampering with the recording ... deleting select portions of the recording or somehow mysteriously "losing" certain recordings. If we haven't learned that by now, I don't know when we ever will.

The point that encryption "doesn't violate open records" is a moot one. Just because thing 'A' doesn't violate thing 'B' on some level, doesn't make thing 'A' automatically correct or right.

You will also note that it is forbidden for citizens, even HAMs, to encrypt their RF traffic. Hmmm. Quite the disparity of power.

 

[RRR]

You will also note that it is forbidden for citizens, even HAMs, to encrypt their RF traffic. Hmmm. Quite the disparity of power.

Hams, yes, but with a business/commercial FCC license you can encrypt

 

[RadioPatriots]

Point taken, and it does leave me wondering; if transmitting on a legal frequency (and legal power), why is the average citizen not allowed to encrypt? Some may consider it a minor point, granted, but I'd think their right to privacy/confidentiality would be as relevant and earnest as anyone else's. Why should it be relegated to a to a strictly commercial activity that then requires government/FCC oversight and regulation?

And for the record, aside from military operations and special tactical operations (which does not include general Public Safety transmissions), I don't think anyone should encrypt. In the context of this conversation, police department going to encryption seem to be saying, "do as we say, not as we do," and that has a very familiar ring.

 

[RRR]

If you mean "average citizen" to be a HAM radio operator, then I can't answer that, other than open, free communications is a requirement for HAMs to communicate on HAM frequencies.

Otherwise, if an average citizen was to obtain an FCC license (outside FRS and similar) then I don't know of anything that would prevent the licensee from encrypting.

 

[MTS2000des]

Point taken, and it does leave me wondering; if transmitting on a legal frequency (and legal power), why is the average citizen not allowed to encrypt? Some may consider it a minor point, granted, but I'd think their right to privacy/confidentiality would be as relevant and earnest as anyone else's. Why should it be relegated to a to a strictly commercial activity that then requires government/FCC oversight and regulation?

Public safety radio systems are licensed under FCC part 90. Specifically 47 CFR part 90.553. Note the text:


§ 90.553 Encryption. (a) Encryption is permitted on all but the two nationwide Interoperability calling channels. Radios employing encryption must have a readily accessible switch or other readily accessible control that permits the radio user to disable encryption.
(b) If Encryption is employed then the following encryption protocol must be used: Project 25 DES Encryption Protocol, approved January 23, 2001, Telecommunications Industry Association, ANSI/TIA/EIA-102.AAAA-A-2001.
Now, here is the interesting discussion to be had. According to sub section B, the only type of "encryption protocol" specifically authorized for P25 emissions is DES.

DES is now outdated and outmoded, and replaced by AES. Furthermore, Gwinnett county uses inferior (from a security standpoint) software encryption known as ADP. ADP is proprietary to Motorola Astro 25 systems. It's weak 40 bit RC4 stuff that uses a software generated key. It's the LMR equivalent of WEP on WiFi network.

That being said, according to FCC part 90.553, if you are using encryption it has to be DES if your emission designator is P25. See the actual text here:

http://www.gpo.gov/fdsys/pkg/CFR-2011-title47-vol5/pdf/CFR-2011-title47-vol5-sec90-553.pdf

So..... who's gonna make a complaint to the FCC regarding Gwinnett county's use of non-DES encryption? Anyone? Bueller? Anyone?

 

[ecps92]

Average Citizens and Businesses Can and DO Encrypt

Prohibited are Amateur and GMRS

Point taken, and it does leave me wondering; if transmitting on a legal frequency (and legal power), why is the average citizen not allowed to encrypt? Some may consider it a minor point, granted, but I'd think their right to privacy/confidentiality would be as relevant and earnest as anyone else's. Why should it be relegated to a to a strictly commercial activity that then requires government/FCC oversight and regulation?

And for the record, aside from military operations and special tactical operations (which does not include general Public Safety transmissions), I don't think anyone should encrypt. In the context of this conversation, police department going to encryption seem to be saying, "do as we say, not as we do," and that has a very familiar ring.

 

[RadioPatriots]

Public safety radio systems are licensed under FCC part 90. Specifically 47 CFR part 90.553. Note the text:


§ 90.553 Encryption. (a) Encryption is permitted on all but the two nationwide Interoperability calling channels. Radios employing encryption must have a readily accessible switch or other readily accessible control that permits the radio user to disable encryption.
(b) If Encryption is employed then the following encryption protocol must be used: Project 25 DES Encryption Protocol, approved January 23, 2001, Telecommunications Industry Association, ANSI/TIA/EIA-102.AAAA-A-2001.
Now, here is the interesting discussion to be had. According to sub section B, the only type of "encryption protocol" specifically authorized for P25 emissions is DES.

DES is now outdated and outmoded, and replaced by AES. Furthermore, Gwinnett county uses inferior (from a security standpoint) software encryption known as ADP. ADP is proprietary to Motorola Astro 25 systems. It's weak 40 bit RC4 stuff that uses a software generated key. It's the LMR equivalent of WEP on WiFi network.

That being said, according to FCC part 90.553, if you are using encryption it has to be DES if your emission designator is P25. See the actual text here:

http://www.gpo.gov/fdsys/pkg/CFR-2011-title47-vol5/pdf/CFR-2011-title47-vol5-sec90-553.pdf

So..... who's gonna make a complaint to the FCC regarding Gwinnett county's use of non-DES encryption? Anyone? Bueller? Anyone?

Very interesting find, MTS. As a corollary to this, my older Sabers encrypt using DES yet not under the P25 protocol. Is it still legal? And I'll second your query. Who's going to complain?

ADP is, for lack of a better expression, quite a joke. Your WEP analogy is fitting. 40 bit is roughly one-trillion possible keys. One souped-up i7 will extract that key in about a day or two using a purely brute force attack. Apparently Gwinnett County doesn't have any technical advisers on their payroll.

 

[RadioPatriots]

Average Citizens and Businesses Can and DO Encrypt

Prohibited are Amateur and GMRS

Since open to the "general public" (with licensing for GMRS) are bands such as CB/FRS/GMRS/MURS, all of which you cannot encrypt on, would it be fair to say then that the average citizen cannot encrypt? I think the misnomer was within the term "average citizen." With that term I meant someone who can, without a license, buy a set of radios at, say, Radio Scrap (i.e FRS/CB) and encrypt their transmissions. If you must be licensed, you are no longer "average."

 

[RRR]

Well then, ok. If someone is not required to be licensed, then they should not be able to encrypt, because there would be less chance of accountability if they are using excessive power, abusing the allocated frequencies, etc.

Government agencies such as Gwinnett county are required to be licensed, therefore they can encrypt their transmissions, just like a person or private entity that obtains an FCC license.

I don't really see a conflicting issue as far as that point goes.

 

[RadioPatriots]

I don't see an issue either. It was a disparity between ideas and semantics.

Personally I don't think anyone should encrypt voice comm, especially not with regards to Public Safety communications, aside from the obvious and understandable things such as tactical operations (SWAT) and similar. General call and dispatch channels should never be encrypted.





I think Brian Mulheren did a good job, or at least did his best, of arguing against encryption to the Miami City council (closer to where I live). However, He didn't have good talking points and realistic facts (such as those outlined in the list several posts above) to make his case strongly and convincingly. Mostly it was about the "red button" issue, and the rest was simply explained in a way too vague or insipid for the layperson to really understand. So in the end, the cop of course convinced them that encryption was absolutely "vital" to officer safety because nowadays everyone has cell phones. B******t. I wonder how so many officers have made it this long.

However, I think there might be something promising here. You can tell by the demeanor of this council that they would have been persuaded had he (Mulheren) made a strong case with real facts, with perhaps several other knowledgeable people to back him up. I think the same would hold true in Gwinnett County and elsewhere, but more people have to be willing to go in and bring the issue up.

Full story on Miami Dade encryption issue.

 

[rapidcharger]

I think the same would hold true in Gwinnett County and elsewhere, but more people have to be willing to go in and bring the issue up.

And therein lies the problem.

Nobody around here will get off their duff to go to a meeting. About anything.

The real reason we have encryption isn't because of some insecurity that the cops have or the crooked county bubbas wanting to hide stuff, although I'm sure that's part of it. The real reason is because nobody gives a ****.

 

[RadioPatriots]

And therein lies the problem.

Nobody around here will get off their duff to go to a meeting. About anything.

The real reason we have encryption isn't because of some insecurity that the cops have or the crooked county bubbas wanting to hide stuff, although I'm sure that's part of it. The real reason is because nobody gives a ****.

You're absolutely right, RC, very few people care, which is extremely puzzling to me. It is even more puzzling to me considering that this is a Radio Communications forum.

One thing I will say.

You have to remember how currently terrified people are of their government. The government is supposed to be afraid of its people. People are not supposed to be afraid of their government. That has been a fundamental axiom of this country (the U.S.) since its inception. However, this fear creates a lot of complacency and excuses. You see it a lot here.

Moreover, the Police State first says, "we're going to hide out public communications from you," and then follow up with, "and we've made sure there are laws in place which will prevent you from listening to us. And if you do listen to us, we will have the right to throw you in prison." Again, a massive disparity in power between the citizens and their supposed public guardians, whom the citizens are paying for and have every right to, with a few exceptions, observe and monitor in the normal function of their public duty for the citizens.

The Fool's Argument:

The fool says there is nothing in the rules which prevent cops from using Public Safety communications hiding and secrecy if they want to. There's also nothing in the rules that says two or more cops can't, say, talk to each other using speech inverters, in the presence of a suspect or other citizens, so that you can't understand what they're saying about you, or saying about things in general. There are many things (you can think of a lot) that are not in the rules, but to do them now would be too blatant and too obvious, so they start with the easy things that they'll be able to get people to easily swallow without much question, such as communications hiding and secrecy.

Many folks here say they're tired of hearing about communications hiding and secrecy on the part of the police, and the destruction of non-transparency (encryption). They say it's an old argument and that it's just beating a dead horse. But this is just an excuse. What they're really saying is that they A. Have no intelligent response to the matter, and B. Are too complacent and apathetic to help do anything to change it. And it absolutely can be change, if numbers of people will stand up, armed with sound technical, ethical and Constitutional Reasoning arguments, and speak with one voice. If the people say it, and say it where it matters, they will change.

 

[rapidcharger]

Where are you from, RadioPatriots?

 

[ResQguy]

The FD, not being able to communicate with Hall, DeKalb, Forsyth, and Fulton on inter-ops, went 'in the clear'.

Larry

Was this documented publicly anywhere you can share?

 

[RadioPatriots]

Where are you from, RadioPatriots?

Florida, just across the way from the Miami-Dade area.

Let me add that I think Public Safety communications hiding and secrecy is a universal disease, which does not discriminate based on location.

 

[N8IAA]

Was this documented publicly anywhere you can share?

10/2008, the encrypted system went online. Once they couldn't do any river rescue ops, combined freeway accident ops, etc.. They went in the clear. They still have encrypted TG's for talking to the hospitals.
Larry

 

[RadioPatriots]

It's interesting. Just today in my neck of the woods we experienced an exceptionally strong electrical/thunderstorm with torrential rain and high winds ... bad enough to bring down power lines, trees, and start a few houses on fire. We were able to warn our neighbors to secure their outdoor belongings and "hunker down" exactly because we could listen to the Public Safety channels, and be informed of the local, immediate and continuously developing situation in real time.

With Public Safety Communications hiding in effect, naturally we wouldn't have been able to do that.

Public Safety Communications hiding for officer safety? F that. What about CITIZEN safety?

 

[rapidcharger]

Florida, just across the way from the Miami-Dade area.
.

I'm from there too. I lived in dade for 20+ years. But I meant before there. Are you from somewhere else?