The Official Thread: Live audio feeds, scanners, and... wait for it.. ENCRYPTION!

[BinaryMode]

Any modern processor has an AES engine built in. Microprocessors are EXTREMLY efficient at handling AES256. It isn't a matter of an agency choosing "NSA level TOP SECRET", it's a matter of the industry choosing an encryption methodology that is widely supported, and has been scrutinized by experts in the field to not be vulnerable. Could an agency get by with weaker encryption? Sure, probably. But why? There's no benefit to choosing ARC4 or DES over AES, nothing but downsides.

I'm referring to the encryption notion, not the method chosen.

I'm fully aware of CPU architecture. I use FDE on ALL my computers now. Good luck getting in... And no, CPUs are not "extremely" efficient at handling AES despite the instruction set. I've seen the Stas involving FDE and CPUs utilizing the AES instruction set. It all depends on how it's used.

There is transparency. If the Police do something that doesn't pass the "sniff test", all of their comms are recorded and subject to subpoena. Just because it isn't available to anyone who wants to hear it, doesn't mean there's no transparency. I don't know CPD's rationale for offering a delayed feed, but that is a department by department decision and they have -zero- obligation to provide it to anyone.

Yeah, transparency in that I had to pay X amount of dollars for a FOIA request. When I contacted my local PD they said I didn't even need to do a FOIA request, but it would still cost me money depending on how far back they had to go and all this crap.

With a delayed feed like Chicago et al I don't have to do that. Then again, I don't necessary trust the feed won't be edited or taken down at any time.

It's not BS. It's in the latest version of the FBI CJIS Security Policy. It requires that CJI must be encrypted in transmission and at rest. At least 128-bit encryption must be used, but agencies are encouraged to use stronger algorithms such as AES 256.
It does not provide a limited definition of "transmission", so it is interpreted to include radio transmission.

I could provide you the link, but feel free to search it on your own and see for yourself that it's for real. They've told us that it will be audited starting this fall. Any LE agency that likes having their NCIC terminal is gonna have to toe the line.
(And when you see how many pages make up that document, you'll see that there is so much more to this than just the radio that it is mind-boggling. Glad I'm retiring next month.) 😁

No, it is BS. Not until now has it been a NCIC issue. I was monitoring my PD for some 25 years even before the transition to digital. Many others have listened longer than I have. It was only when digital voice hit the scene that the Nazi-like mandate of full on encryption rose its ugly head. In my opinion (and I'm probably right) it's become a matter of because you can they will. Yet there are other police departments and fire departments that don't use encryption. Besides that, since when is a fire department in the sticks and wheat of North Dakota and else where required to use encryption! I compiled some statistics in my state of hobos and potheads Colorado and most of the fire departments in the southern portion of the state are encrypted. They can't even allow dispatch?! Again, massive Nazi-like mentality. And it's become a "because we can" attitude and where the government thinks they're better than the citizen in this fedeul system of Serfs and Peasants as we have seen constantly. It's so bad the police have military gear and the EPA has guns and night vision!

If a lawyer and his campaign can push pot and mushrooms on all the state ballots, I can do the same thing in the name of transparency and the press' right to know the truth.

If NCIC is such a massive issue, what's wrong with an encrypted Tac channel for data? What's wrong with the tax payer funded laptop (MDT)? Again, it's BS.

We have seen this same government run a muck crap since the Pharisees (men knowledgeable about Jewish law and tradition), Caiaphas and Pilate.

I find it two-faced hypocritical how governments don't want the citizen to use encryption but the very government can. Look at the UK and Apple... India is the same way as well as other places.

And TLS (HTTPS)? That's a marvelous joke. I'm sure Snowden knows...

 

[paulears]

When i sell business radios, the buyers have often seen various ads for gear, and they say ”what is this encryption thing?” I tell them that when i program them i have an option to turn it on and then nobody can listen in on a scanner or computer. They ALL say yes please. Some actually say “what? People can listen in?”. The minute you say yes, they can, but they're only hobby people, they want encryption. Last week i supplied some encrypted radios to a firm who empty septic tanks. Who on earth would listen to chat about poo! People expect privacy. Finding they do not have it for many is scary. Hee in the UK, we are also getting a bit paranoid about security of data, and that too is driving schools, hospitals and even councils towards comms security. One group wants to listen, but those people dont want it to happen. It is after all, one single tick box and a pre-populated code. Not a difficult thing to do. Finding out your private business is on an internet feed is never a good thing.

 

[Ubbe]

It's the same thing where I live, most digital systems are encrypted, not because they need it but only as it can be done without any additional cost or issues, as long as it doesn't reduce the audio quality. It's also a safety matter as with encryption it's no risk that anyone with a radio on the frequency can produce false messages and create other types of havoc to its users.

A local towing company had an analog channel for many years with great coverage and never said anything that needed it to be a secret. They switched to a DMR channel, a sales person probably told them that they could send text messages and the audio would be superior not having any background noise, but it didn't had the same coverage, but also used encryption that seems to be a thing they didn't really need, but as it was already there in the radio they enabled it, as well as its RAS feature.

Our subway and bus transport system use Tetra and the security guards working in the system to remove disorderly and drunk people could be monitored for many years and they just got job orders and reported back and sometimes ask the dispatcher to call for police to come and collect a person, nothing more than that. But recently those security guards went encrypted on their talk groups. I have no idea what the reason could be for doing that.

/Ubbe

 

[n1chu]

I’m wondering if encryption is being implemented (in some cases) solely to eliminate those calls that flood the dispatch centers of larger depts, while well meaning, do more to swamp the dispatchers with mostly erroneous information? As each call is fielded, a question or two arises that must be checked out. To do less could be considered a failing to do their “due diligence”. So, manpower is dispatched. And as is the case, most well meaning calls turn out to be “good intent” calls that only tie up that manpower, both dispatchers and officers. Encryption can eliminate much of that. But should it? There are good arguments for both sides… where do you draw the line? I’ve seen it both ways. A citizen’s call may satisfy an incident immediately or in very short order. Or, it can cause confusion that takes time to sort out. Just one example; police are dispatched to an incorrect address, and overheard by a scanner enthusiast who is familiar with the area, who calls to correct the erroneous dispatch. If encryption was in play the scanner enthusiast would never be the wiser and no call to correct would have been made. I won’t give an example favoring the other side of the coin as there are plenty… as we all can imagine.

 

[exkalibur]

Yeah, transparency in that I had to pay X amount of dollars for a FOIA request. When I contacted my local PD they said I didn't even need to do a FOIA request, but it would still cost me money depending on how far back they had to go and all this crap.

You (or I, or anyone) doesn't have a right to that information which is why we have to make a FOIA request. There are costs involved and I see nothing wrong with charging them. That isn't an encryption specific thing, that's how it works for ANY records.

 

[exkalibur]

Last week i supplied some encrypted radios to a firm who empty septic tanks.

Any responsible radio dealer should make it known to their customers that their comms can be intercepted, recorded and streamed online unless they opt for encryption. These days there is no good reason to NOT encrypt. It is no longer a technological or financial constraint.

 

[kc2asb]

. These days there is no good reason to NOT encrypt. It is no longer a technological or financial constraint.

If there is no longer a steep premium to pay for encryption, sure, why not encrypt? It's a no-brainer: secure comms vs being monitored by anyone with the requisite radio equipment. It's surely been repeated uncounted times now on this forum, but that does not bode well for the hobby we enjoy. As public safety departments inevitably upgrade older equipment, nearly all will go encrypted. The market for scanners will continue to shrink, and even Uniden will throw in the towel eventually.

Thankfully, I have no interest in monitoring septic tank companies.

 

[kc2asb]

Just one example; police are dispatched to an incorrect address, and overheard by a scanner enthusiast who is familiar with the area, who calls to correct the erroneous dispatch. If encryption was in play the scanner enthusiast would never be the wiser and no call to correct would have been made. I won’t give an example favoring the other side of the coin as there are plenty… as we all can imagine.

Interesting thoughts. Some years back in the next town over from me, the FD was dispatched to a report of a fire. The address was incorrectly given by the dispatcher (don't remember the exact street names): XXX Oak Avenue vs XXX Oak Street. Well, that town had both an "Oak Ave" and an "Oak St". The FD responded to Oak Ave and you can probably fill in the rest.

Interestingly, this town's FD went encrypted some years ago, but the PD on the same system is in the clear.

 

[gmclam]

Thankfully, I have no interest in monitoring septic tank companies.

Yeah. What a waste!

 

[BinaryMode]

You (or I, or anyone) doesn't have a right to that information which is why we have to make a FOIA request. There are costs involved and I see nothing wrong with charging them. That isn't an encryption specific thing, that's how it works for ANY records.

Ah, yeah... They have to look the stuff up which costs money. If it's an active case you can forget about it. Your point?

If there was a delayed dispatch only feed (as I talked about with Chicago) this wouldn't be an issue. And again, the encryption pile on like fleas on a dog's back is so bad that fire departments are doing the same thing. The fire department!

Any responsible radio dealer should make it known to their customers that their comms can be intercepted, recorded and streamed online unless they opt for encryption. These days there is no good reason to NOT encrypt. It is no longer a technological or financial constraint.

Because the BS is so rank that even those who suck the actual crap from a tank need full on TOP SECRET Comms.

I actually don't care if companies go encrypted. I do have a problem with tax funded public safety going encrypted and not at least providing a delayed dispatch only feed. Note: the line stops at the federal level. For that I send in a FOIA request and hope for the best. But I shouldn't have to go through that same hassle with my town's or another town's department in the state.

 

[kc2asb]

I actually don't care if companies go encrypted. I do have a problem with tax funded public safety going encrypted and not at least providing a delayed dispatch only feed.

Many in the hobby and the press have a problem with it. I do miss hearing my local department and feel cutoff when the sirens wail. Friends, relatives, neighbors would often ask what I had heard on the radio if they heard sirens in their part of town. There is zero chance of a delayed feed in my town. Surrounding areas are mostly encrypted now too, including the NYPD and Newark, NJ.

Delayed dispatch-only feeds make sense, but Chicago and Baltimore may actually end up being the exception rather than the norm. So far, the NYPD is not on board with this idea. No other surrounding towns in my area have put up delayed feeds either.

 

[drdispatch]

...And again, the encryption pile on like fleas on a dog's back is so bad that fire departments are doing the same thing. The fire department!

My local zoo went from analog to digital encryption. Wouldn't want anyone being able to glean intelligence from their radio traffic, like the red pandas' feeding schedule, giraffe poop clean up, or the restroom needing TP. 🙄

 

[kc2asb]

And again, the encryption pile on like fleas on a dog's back is so bad that fire departments are doing the same thing. The fire department!

Playing devil's advocate here - as previously mentioned the technology is becoming cheaper, why would they say no to secure comms? Also, in the case of an injured FF's name being said over the air, encryption would prevent the news from breaking before the family was notified.

My local zoo went from analog to digital encryption. Wouldn't want anyone being able to glean intelligence from their radio traffic, like the red pandas' feeding schedule, giraffe poop clean up, or the restroom needing TP. 🙄

Haha! Well, their radio salesman did his/her job well.

 

[krokus]

You (or I, or anyone) doesn't have a right to that information which is why we have to make a FOIA request. There are costs involved and I see nothing wrong with charging them. That isn't an encryption specific thing, that's how it works for ANY records.

Actually, we do have the right to that information, but not for free. The requestor can be required to cover the administrative costs of getting the information to them. That avoids people burying the agencies involved in requests, at no cost to themselves, and becoming a hardship on the applicable agencies.

I do wish Lindsay was more open to delays on feeds, done on the feed provider's equipment. Applying a 10 or 15 minute delay should cover the vast majority of officer safety concerns, as the crooks would not be (near) real-time tracking, yet maintain transparency.

This has been "discussed" many times, and Lindsay states that there are things he is aware of, that we users are not aware of. Since it is his business venture, I would hope he keeps a good tab on things, but I have had concerns about possible myopia. (That can be applied in many ways, to almost all inolved.) I don't want encryption shutting the hobby we all enjoy, like in the UK. That would also be a big dent in Lindsay's cyber empire.

 

[mmckenna]

Playing devil's advocate here - as previously mentioned the technology is becoming cheaper, why would they say no to secure comms? Also, in the case of an injured FF's name being said over the air, encryption would prevent the news from breaking before the family was notified.

You don't have to play devil's advocate here.
Similar thing happened locally. Fire department sent on a call. Turned into a fatality.
Someone with a scanner and a social media account blabbered the name/address of the deceased person. Family found out before appropriate notification could be done. Not the way a family needs to find this out.
Now fire department is seriously looking at encrypting their traffic.

Like it or not, there are things that come way before hobbies. And a 30 minute delay isn't going to fix it.

1. People with scanners need to keep their damn traps shut and stop sharing what they hear on social media.
2. No hobby should involve causing harm to others, physically or mentally.
3. People have a right to privacy, even if it interferes with one's chosen form of entertainment.
4. Turn the scanner off, go outside and get some fresh air.

 

[AB4BF]

My local zoo went from analog to digital encryption. Wouldn't want anyone being able to glean intelligence from their radio traffic, like the red pandas' feeding schedule, giraffe poop clean up, or the restroom needing TP. 🙄

The county next to mine had to have their animal control talk group encrypted. PETA people would listen to dispatches of traps the animal control had set and would rush over to the aforementioned trap and release the animal regardless of condition or species. I think when they released a rabid fox, that set the encryption in motion.

 

[kc2asb]

You don't have to play devil's advocate here.
Similar thing happened locally. Fire department sent on a call. Turned into a fatality.
Someone with a scanner and a social media account blabbered the name/address of the deceased person. Family found out before appropriate notification could be done. Not the way a family needs to find this out.
Now fire department is seriously looking at encrypting their traffic.

Like it or not, there are things that come way before hobbies. And a 30 minute delay isn't going to fix it.

1. People with scanners need to keep their damn traps shut and stop sharing what they hear on social media.
2. No hobby should involve causing harm to others, physically or mentally.
3. People have a right to privacy, even if it interferes with one's chosen form of entertainment.
4. Turn the scanner off, go outside and get some fresh air.

Very well said. That is infuriating. Who could blame the FD now for wanting to go encrypted? This does not occur in a vacuum either - other FD's are taking notes and it will undoubtedly make the choice of whether to encrypt a lot easier. The social media hack would certainly cry foul if the roles were reversed.

Monitoring public safety communications should never be looked to as a form of entertainment, but that is what it has become in practice. These are real people risking everything; it's not Starsky and Hutch.

 

[kc2asb]

I don't want encryption shutting the hobby we all enjoy, like in the UK.

I don't either, but the technology exists and I think it is inevitable. Adding delays to feeds would probably do very little, IMHO. I estimate that about 70% of the public safety comms I regularly monitored have gone encrypted. It is what it is.

 

[mmckenna]

Adding delays to feeds would probably do very little, IMHO.

It does precisely zero to meet the requirements set forth by the USDOJ and the FBI regarding protection of PII and CJI.

If any agency wants to route such traffic through a separate encrypted records channel, then delaying dispatch reduces some (not all) of the risk with officer safety. But that's not real high on the list of concerns for many agencies. There are much better ways to get information to the general public, and not relying on a small group of scanner listeners.

 

[BinaryMode]

Playing devil's advocate here - as previously mentioned the technology is becoming cheaper, why would they say no to secure comms? Also, in the case of an injured FF's name being said over the air, encryption would prevent the news from breaking before the family was notified.

Wasn't an issue before, and I've never heard personal names over the air. Maybe a first name, but not first and last. That's just silly.

You don't have to play devil's advocate here.
Similar thing happened locally. Fire department sent on a call. Turned into a fatality.
Someone with a scanner and a social media account blabbered the name/address of the deceased person. Family found out before appropriate notification could be done. Not the way a family needs to find this out.
Now fire department is seriously looking at encrypting their traffic.

Like it or not, there are things that come way before hobbies. And a 30 minute delay isn't going to fix it.

1. People with scanners need to keep their damn traps shut and stop sharing what they hear on social media.
2. No hobby should involve causing harm to others, physically or mentally.
3. People have a right to privacy, even if it interferes with one's chosen form of entertainment.
4. Turn the scanner off, go outside and get some fresh air.

What if I told you it isn't a scanner problem or a user problem but a ToS problem with said social media? Perhaps their ToS needs to be updated that no one should divulge any personal information from public safety radio communications online. Then again, this might juxtapose with online feeds. But social media is a different platform all in of its self. The two are very different.

And I highly doubt said user knew the full name. They probably posted that such and such fire fighter was injured or killed. This is why I'm in favor of dispatch being open but not TAC channels. But that too would be a real shame, as it helps TREMENDOUSLY during a natural disaster like a hurricane, flood, tornado, earthquake, dam break, mass health issue, etc. I know it's helped me and I'm sure hundreds if not thousands of other scanner hobbyists can share their stories as well.

Heck, even being able to hear the state's department of transportation is very helpful while travailing down the highway. You can exit and take the frontage road or avoid that particular highway altogether.

The bad apples need to be negated in a commonsense sensible way using a scalpel, not a sword.

The county next to mine had to have their animal control talk group encrypted. PETA people would listen to dispatches of traps the animal control had set and would rush over to the aforementioned trap and release the animal regardless of condition or species. I think when they released a rabid fox, that set the encryption in motion.

Good grief. PETA is a very odd organization that REALLY doesn't care about the natural habit, and humanity of animals. They're a radical bunch.

It does precisely zero to meet the requirements set forth by the USDOJ and the FBI regarding protection of PII and CJI.

If any agency wants to route such traffic through a separate encrypted records channel, then delaying dispatch reduces some (not all) of the risk with officer safety. But that's not real high on the list of concerns for many agencies. There are much better ways to get information to the general public, and not relying on a small group of scanner listeners.

There are many departments that run data via MDT (laptop) in the car... what a concept... I mean, so much so that some scanner listens hardly hear a peep out of said agencies radio that IS unencrypted.

Again, the approach can be a sensible commonsense one. And TAC channels can remain encrypted. So if MDT is down the officer can run the information over the encrypted TAC channel. In this sense a delayed dispatch only feed or delayed talkgroup would work as it applies to DOJ crap. Yes, crap... it's never been an issue when I stared as a scanner hobbyist circa '96.