Hacker News new | past | comments | ask | show | jobs | submit login
Pentagon is investigating compromise in Air Force communications: Report (csoonline.com)
21 points by emreb on Aug 7, 2023 | hide | past | favorite | 6 comments



FTA:

he had possession of a USB containing "administrative passwords and electronic system keys" for the AETC radio network." Also retrieved from flash drives were "local law enforcement radio programming files,"

It's not clear but that could be both frequency hopset and crypto keys.


The picture painted in my head by this article: pimply-faced bachelor took his SDR hobby too far, using radio equipment from work to monitor encrypted comms at home.

This making headlines because airman Teixeira's discord posts have reserved white collar mindspace


This is not even close to what is characterized in the article.

The individual stole equipment, software, and account credentials in order to eavesdrop on Air Force, a Tennessee Agency (they don't specify which), and possibly FBI radio communications that are typically encrypted and probably run something along the lines of HAVEQUICK [0].

This isn't trivial or only in the news due to the other case; this is a pretty serious breach.

0: https://en.wikipedia.org/wiki/Have_Quick


Once upon a time, a receiver would actually need to hop. But I wonder if one can build a decent receiver for a scheme like this using SDR (e.g. a direct RF sampling receiver and some DSP. (The Xilinx RFSoC series looks like it could do this without coming close to breaking a sweat.). In the absence of jamming, I wouldn’t be surprised if a system like HAVEQUICK could be decoded without the key.

(In the presence of jamming, the dynamic range of the receiver could matter.)


Decoding HAVE QUICK doesn't help you when the transmissions are still encrypted though.


It can get you the operating spectrum recording, but given the noisy environments HQ operates in, and the fact that secondary and tertiary transmissions are part of the obfuscation… it get very hard to get at the encrypted signal to even start decrypting it.

Source: Worked with HQ as an operator and technician in the military, and tried exactly what you describe using a commercial SDR on signals from my base.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: