At least, the rack is accessible and more in order.
To be done:
Power
Antennas
Internet for linking the 70cm analog repeater.
The Sepura in the box is an SRG3900 #TETRA radio programmed to our 70cm TMO base station, which is connected to the #tetrapack network.
The idea is to offer better indoor coverage with the TMO-DMO gateway.
The Nokia RD58 based analog 70cm repeater is planed to return to service as an experimental internet linked club repeater on R.Net2.
📡 European Telecom Body to Open-Source Radio Encryption System
➥ inforisktoday.com
「 The proprietary algorithm has been kept a secret since 1990 and distributed under a nondisclosure agreement in defiance of a widely accepted cryptographic principle holding that obscurity is detrimental to security 」
So, our communications equipment for critical infrastructure and emergency operations is so insecure, a laptop can often crack the key in about a minute. But that weak algorithm is still kept secret. However, that might soon change, such that its users are aware of that intentional weakness. Hopefully, they can demand an upgrade from their vendors… #ETSI previous #Tetra behavior is so 1990s 😵💫.
h/t @nohillside
Edit: secure->secret 🤦 https://www.zetter-zeroday.com/p/standards-body-considers-uncloaking
Poliisin ja Puolustusvoimien käyttämästä Virve-verkosta on paljastunut viisi haavoittuvuutta, joista osa on mahdollistanut kaiken viestiliikenteen salakuuntelun - yli 20 vuoden ajan.
Virve pohjautuu TETRA-verkkoon ja samaa verkkoa käyttävät viranomaiset yli 100 eri maassa ympäri maailmaa. TETRA on yksityinen yritys, jonka salausalgoritmit ovat olleet salaisia - eli yhtiö ei ole luovuttanut niitä edes tutkijoiden käyttöön testausta varten. Kyseistä metodia kutsutaan "security through obscurity" -metodiksi ja .. noh.. se ei toimi.
"Conviene ricordarsi tutto questo la prossima volta che qualcuno ci propone un prodotto di sicurezza, anche al di fuori del campo informatico, e ci racconta che non può discutere i dettagli di come funziona perché quei dettagli sono e devono restare segreti, altrimenti addio sicurezza"
The only thing more concerning about this TETRA (TErrestrial Trunked RAdio) vulnerability is the possibility that it's an intentional back door to allow eavesdropping on encrypted communications.
@hackaday@revk AFAIK all UK #Tetra usage by emergency services has used TEA2 for a very long time so shouldn’t be a problem for Home Office / Ofcom to be worried about.
I am sure I am not the first to point out that a vendor-controlled backdoor is exactly what governments around the world are asking for (whether they realise it or not) in consumer E2E-encrypted messaging services. But when it’s in #TETRA and the users are the police, it’s a problem? https://www.wired.com/story/tetra-radio-encryption-backdoor/
❗️Algoritmus používaný v komerční verzi radiové sítě TETRA spoléhá na slabý šifrovací klíč, který lze snadno prolomit. V 🇨🇿 přitom komunikují skrze systémy hlavně městské organizace jako dopravní podniky a městské policie.
"Despite being widely used and relying on secret cryptography, #TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy. […] Midnight Blue managed to reverse-engineer and publicly analyze the TAA1 and TEA algorithms for the first time, and as a result discovered the TETRA:BURST vulnerabilities."
„Despite being widely used and relying on secret cryptography, TETRA had never been subjected to in-depth public security research in its 20+ year history as a result of this secrecy.“
But then again noone pays me to fix it, so it's not my problem.
Spoiler: The proper fix is to abolish all #proprietary shit and demand a fully #OpenSource'd communications system, since everything else violates #KerckhoffsPrinciple and is thus inherently and unfixably insecure by design!
Also like any #cellular#radio system, #TETRA devices constantly transmit data, making it trivial to locate and track any radio through passive #SIGINT.
The same way LEAs track peoples' mobile phones.
Likewise this is systemic per design and thus unfixable!
So basically the #OpSec, #InfoSec, #ComSec and thanks to #Windows the #ITsec of LEAs are f**ked and the correct fix is in between "impossible" and "painful to implement over more than a year"...
Three Dutch researchers have discovered vulnerabilities in TETRA - a radio technology used worldwide to control vital infrastructure like energy networks, gas pipelines, and railway safety systems. Malicious hackers could relatively easily use the vulnerabilities to cause massive damage, researchers Job Wetzels, Carlo Meijer,...
For decades police/military/intel agencies/critical infrastructure in 120 nations relied on #TETRA#radio standard to #secure#critical#comms. But #Dutch researchers examined #secret#algorithms used in TETRA and found something startling - an intentional backdoor.
This and other problems the researchers found with TETRA would allow malicious actors to decrypt communications and also, in some cases, send malicious commands to critical infrastructure or send fake messages to police/military radios to disrupt their operations
TETRA uses 80-bit keys in its encryption algorithms, but the researchers found that one of these algorithms has a secret reduction feature that reduces the key to 32 bits - which the researchers were able to crack in less than 1 minute using standard laptop and just 4 ciphertexts
Radio tech used in vital infrastructure worldwide vulnerable to hackers: Dutch research (nltimes.nl)
Three Dutch researchers have discovered vulnerabilities in TETRA - a radio technology used worldwide to control vital infrastructure like energy networks, gas pipelines, and railway safety systems. Malicious hackers could relatively easily use the vulnerabilities to cause massive damage, researchers Job Wetzels, Carlo Meijer,...