The Official Thread: Live audio feeds, scanners, and... wait for it.. ENCRYPTION!

[mmckenna]

I recently had found an FBI.gov web site (now can't find it) that does allow the sharing of PII/CHRI over the two-way (CLR) as long as Officer Safety is invovled and there is no need to READ the entire RAP sheet, brevity was stressed

Right, there usually is wording to that effect. It doesn't negate the need to protect CJI/PII, but does allow it in the clear in certain cases.

Not a loophole, however.

 

[ki4hyf]

It does specifically call out LMR

Data terminals, yes. Voice, not from what I read. I didn't read the 300+ pages, but what I saw was about data (computer network). I did read all of Section 5.10.1.2.1, and the sections before and after, but saw nothing about voice. I'd love to see the requirement to AES encrypt NCIC records. I don't know of any state or local agencies that use AES, but I'm not saying there isn't any, just none that I've seen. Plenty of ADP and BP, though. I'm not trying to start anything, I'd just like to see proof.

 

[mmckenna]

Data terminals, yes. Voice, not from what I read. I didn't read the 300+ pages, but what I saw was about data (computer network). I did read all of Section 5.10.1.2.1, and the sections before and after, but saw nothing about voice. I'd love to see the requirement to AES encrypt NCIC records.

5.13 section.

I don't know of any state or local agencies that use AES, but I'm not saying there isn't any, just none that I've seen. Plenty of ADP and BP, though. I'm not trying to start anything, I'd just like to see proof.

5.10.1.2.1 Encryption for CJI in Transit ​

​

​

When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via encryption. When encryption is employed, the cryptographic module used shall be FIPS 140-2 certified and use a symmetric cipher key strength of at least 128 bit strength to protect CJI.​

The requirement is that encryption must meet FIPS 140-2. AES-256 meets that requirement. There are others...

ADP does not meet FIPS-140-2.

 

[ki4hyf]

5.13 section.

5.10.1.2.1 Encryption for CJI in Transit ​

​

​

When CJI is transmitted outside the boundary of the physically secure location, the data shall be immediately protected via encryption. When encryption is employed, the cryptographic module used shall be FIPS 140-2 certified and use a symmetric cipher key strength of at least 128 bit strength to protect CJI.​

The requirement is that encryption must meet FIPS 140-2. AES-256 meets that requirement. There are others...

ADP does not meet FIPS-140-2.

LOL! You had me going for a bit. Nothing, and I mean NOTHING requires PII (non-restricted NCIC info) over voice LMR to be encrypted. Period. I thought it made no sense...

 

[mmckenna]

LOL! You had me going for a bit. Nothing, and I mean NOTHING requires PII (non-restricted NCIC info) over voice LMR to be encrypted. Period. I thought it made no sense...

Depends on where you are. Here, PII and CJI are required to be protected.

 

[ki4hyf]

Depends on where you are. Here, PII and CJI are required to be protected.

Ok, understandable. I thought you meant federally. I can say with fair certainty that Tennessee doesn't require encryption. Thank you for clearing that up.

 

[mmckenna]

Ok, understandable. I thought you meant federally. I can say with fair certainty that Tennessee doesn't require encryption. Thank you for clearing that up.

Right, the state may not require encryption for CJI that originates from within the state. If they are pulling anything from the Feds, or data from other states (which transits through the feds), the USDOJ/FBI requirements come into play.

Handling CJI differently based on what state it comes from is a challenge for dispatchers.
Your state DOJ will likely consider this and consider their options.

 

[crazyboy]

Data terminals, yes. Voice, not from what I read. I didn't read the 300+ pages, but what I saw was about data (computer network). I did read all of Section 5.10.1.2.1, and the sections before and after, but saw nothing about voice. I'd love to see the requirement to AES encrypt NCIC records. I don't know of any state or local agencies that use AES, but I'm not saying there isn't any, just none that I've seen. Plenty of ADP and BP, though. I'm not trying to start anything, I'd just like to see proof.

5.13.1 Wireless Communications Technologies


Examples of wireless communication technologies include, but are not limited to: 802.11, cellular, Bluetooth, satellite, microwave, and land mobile radio (LMR). Wireless technologies require at least the minimum security applied to wired technology and, based upon the specific technology or implementation, wireless technologies may require additional security controls as described below.

 

[ish675]

It's funny reading these posts now, I was one of the first people criminally charged with use of a police scanner in commission of a felony. My specific case was actually used in arguments for encryption of police departments.

I wasn't even currently using the app, it was just installed on my phone. This was back when phones first started having internet capability, and you could listen to live streams.

In case you're wondering, all of the charges were dropped due to them being BS.

 

[crunch62]

I heard that Fremont County, Colorado encrypted all their main dispatch talkgroups because they didn't want to be "live fed" on the internet. Looks like it worked...

I'm sure there are others...

They fully encrypted all agencies in Dakota County, MN on Sept 23, 2023. The official press release uses the words transparency in doing this. They should have contacted Star Trek and they would have said use the word cloaked. Now when I am out of town, I can no longer Team View my scanner on my home computer or go to Radio Reference to see what might be transpiring from a tripping of our security system or alerts from the security cameras. The 536 has gone silent at home also. My local police have just lost a set of eyes and ears for my neck of the woods and as Sgt Schultz used to say I hear nothing and I see nothing. However MN passed a law sighed by the Gov at that time in the 1980's allowing certain federally licensed individuals to monitor police calls in their vehicles with in the confines of the MN borders. Encryptions by police agencies because of the FBI mandate, have stepped around this law.

 

[AK9R]

So Dakota County's decision to go encrypted had nothing to do with live streaming.

 

[ki4hyf]

Encryptions by police agencies because of the FBI mandate

I've heard of the feds withholding funding for radio systems that don't use AES, but I've never heard of a FBI mandate for police agencies to use radio voice encryption. Don't mistake radio comms for computer (CJI) data.

 

[mmckenna]

I've heard of the feds withholding funding for radio systems that don't use AES

The federal grants require that if encryption is purchased, it must support AES256.

, but I've never heard of a FBI mandate for police agencies to use radio voice encryption. Don't mistake radio comms for computer (CJI) data.

There is no mandate that they must encrypt radio traffic.

There is a requirement that any CJI that comes from the FBI is protected at all times, including when being transmitted in the RF spectrum. That includes cellular, WiFi and LMR. FBI/USDOJ is exceedingly clear that CJI must be protected at all times, while at rest and while in motion.

Any CJI that comes from out of state passes through the FBI, so that would require encryption is transmitted over the radio. Any federal CJI would require that also.

An agency can just decide to not send it over LMR, and use other means (cellular) instead. If an agency does that, there's no requirement to encrypt the CJI. But relying on cellular isn't a foolproof solution. And most agencies don't want to have to switch channels or devices anytime they want to share such info.

 

[JRsTheMAN]

Was listening to some action this morning in Stone County Missouri over a robbery and the officer found the involved vehicle. After the officer talked to the suspects, they noticed the suspect had the Broadcastify app going and then they went radio sensitive. These apps need to either delayed by 2 hours or completly removed. More and more are going encrypt because of it. I fork out thousands of dollars to receive when others can just download a free app. That app is slowly killing this hobby.

 

[steve9570]

You seem to misunderstand. I CAN currently monitor PD & FD, I can also monitor PD, FD & EMS of every member community of the Homeland Security Region on my department portable. I can also monitor them on the VX3 that I carry in my pocket while working, and on my HT1550XLS. I used all three at a 5 alarm fire the other night.

The person I was replying to is a supporter of encryption for PD, and doesn't believe that encryption hinders interoperability. I know that the PD would never give out their encryption keys if they were to implement them, and that person also believes that a talkgroup should be designated for the incident so that everyone is on the same channel. They don't seem to appreciate that in a city of over 600,000, with 100,000+ EMS calls and 800,000+ PD calls annually, that it just isn't going to happen. They also don't seem to understand that each individual agency has it's own licensed frequencies, and their own system managers. We don't have talkgroups, we have channels. The system works fine as is, and I'm not saying it's broken-the person who's feedback I'm requesting is.

As far as getting the cops to go to their calls, that's a whole different story.

City Wide I do agree!! As a retired Boston PD I know your pain. I listen to Boston EMS
on my scanner daily and still amazed at the number of call they get PER HOUR!
Steve

 

[AB5ID]

Was listening to some action this morning in Stone County Missouri over a robbery and the officer found the involved vehicle. After the officer talked to the suspects, they noticed the suspect had the Broadcastify app going and then they went radio sensitive. These apps need to either delayed by 2 hours or completly removed. More and more are going encrypt because of it. I fork out thousands of dollars to receive when others can just download a free app. That app is slowly killing this hobby.

It's too late. Might as well drive until the wheels fall off at this point.

 

[JRsTheMAN]

It's too late. Might as well drive until the wheels fall off at this point.

I agree Brother. Its sad. Been in this hobby since 1982.

 

[rcid1971]

Was listening to some action this morning in Stone County Missouri over a robbery and the officer found the involved vehicle. After the officer talked to the suspects, they noticed the suspect had the Broadcastify app going and then they went radio sensitive. These apps need to either delayed by 2 hours or completly removed. More and more are going encrypt because of it. I fork out thousands of dollars to receive when others can just download a free app. That app is slowly killing this hobby.

That's a knee-jerk reaction to a specific criminal violation.

Two hours of delay seems ridiculously out of proportion, especially for the many times that we see the general public HELP law enforcement when their radios are in the clear.

My local PD caught a violator driving at 121mph, using a gas pedal, should the knee jerk reaction be engine governors on all vehicles?

 

[frazpo]

Was listening to some action this morning in Stone County Missouri over a robbery and the officer found the involved vehicle. After the officer talked to the suspects, they noticed the suspect had the Broadcastify app going and then they went radio sensitive. These apps need to either delayed by 2 hours or completly removed. More and more are going encrypt because of it. I fork out thousands of dollars to receive when others can just download a free app. That app is slowly killing this hobby.

No doubt that it is. However its pretty stupid to rely on the app being it is delayed somewhat and the perps don't know what they aren't hearing. I'm in Joplin and they've been encrypted since before smartphones or feeds. Dying hobby for sure.

 

[JRsTheMAN]

Guarantee there are more scanner owners that help law enforcement than app listeners. The app people wait to hear sirens or commit a crime. Scanner listeners have them on all the time. Delaying the app is just a suggestion. If it was up to me, I say delete the entire app since its used more for crime than anything else