Virginia Beach Police Want Encrypted Radios

This article says that the Virginia Beach police are looking to buy encrypted radios.

Virginia Beach police believe encryption will prevent criminals from listening to police communications. They said officer safety would increase and citizens would be better protected.

Someone should ask them if they want those radios to have a backdoor.

Posted on May 9, 2018 at 9:42 AM • 40 Comments

Comments

Aaron VanAlstineMay 9, 2018 9:50 AM

Some jurisdictions encrypt their radio traffic and shortly thereafter rebroadcast the traffic in the clear. The intent (obviously) is to thwart scanner-toting criminals while alleviating civil liberties concerns.

Species5618May 9, 2018 9:59 AM

UK police have been using encrypted tetra for 10 year or so, and are moving to an IP based PTT LTE solution VERY soon

ad;lkshasdi7615May 9, 2018 10:02 AM

Sure, they can have encrypted radio traffic. As long as it has a backdoor.

Z.LozinskiMay 9, 2018 10:57 AM

Why are they not just moving to FirstNet, instead of spending money on an obsolete radio technology (and possibly old crypto)?

The US historically seems to use a variety of quite basic radios for emergency services (police, fire, ambulance). FirstNet is based on 4G/LTE as the underlying wireless technology, with specialised applications, and the US Government has spent USD 7B to build out the network.

https://www.firstnet.gov/network/lmr

Encryption is standard for public mobile radio for the emergency services outside the USA (and has been for 10-15 years). TETRA (which is public mobile radio based on 2G wireless technology) has been deployed in over 100 countries. Since public safety (police, fire, ambulance) is one of the main uses for TETRA, encryption was included from the start. TETRA also allows user-specified crypto for countries or agencies that require the use of sovereign crypto algorithms.

@Species5618,

The UK Emergency Services Mobile Communications Programme (ESCMP) is currently building a new Emergency Services Network (ESN) based on LTE/4G. (Similar concept to FirstNet). Police, fire, ambulance, coast-guard, HMRC ...) Two reasons why the UK has been planning ESCMP since 2014: TETRA didn't include mobile data, and the UK Treasury wanted to reduce the cost of the Airwave contract to run the TETRA network by moving to COTS technology. The rest of the world is watching the UK with interest, as it will likely shape what many TETRA users do. There have been some teething problems (see the UK House of Commons Public Accounts Committee hearings and reports from 2017 and 2018). Even so, I expect to see ESN in service within the next 2 years.

TimHMay 9, 2018 11:04 AM

"officer safety would increase and citizens would be better protected
Looks like the police really do regard themselves as non-citizens, i.e. armed services.

AdMajoraMay 9, 2018 11:09 AM

Today with a very cheap equipment, a $10 SDR (Software Defined Radio) anyone can intercept radio traffic from 20Mhz to 1400Mhz with open-source tool like Gqrx.

Police's radio communications were supposed to be secure decades ago when radio equipment able to listen these were expensive and thus not secured by design.

It's like SS7 protocol.

I've developed a tool for recording radio communications using a SDR and Gqrx:

https://github.com/cybernova/SDRecord

Cheers

Nameless CowMay 9, 2018 11:13 AM

> Someone should ask them if they want those radios to have a backdoor.

It depends who can listen in. They probably won't mind if Virginia's state police or emergency management agency want to be able to listen in to their encrypted radio communications.

AnuraMay 9, 2018 11:55 AM

They said officer safety would increase and citizens would be better protected.

That's also their justification for why there shouldn't be consequences for killing unarmed black people, because it might make them hesitate to shoot black people in the future, which could be unsafe for the officers.

Less transparency for a group of people that does everything it can to cover up wrong-doing by police, including torturing suspects to death, smearing victims of police violence, planting evidence, and instructing officers to keep toy guns in case they need to justify a shooting after the fact is only going to lead to more corruption.

SteveMay 9, 2018 12:49 PM

> Someone should ask them if they want those radios to have a backdoor.

Well, it is a "broadcast" so anyone in range or at the end of a repeater can listen.

Andy FletcherMay 9, 2018 1:05 PM

TETRA systems for public safety and security agencies (PSSA) are almost always encrypted using TEA2 (Europe) and TEA3 (elsewhere). However the networks have recording systems which hold some or all call sessions for periods often exceeding 3 months. These recordings can be archived for longer periods if there is some question about the activities during the recorded period.

Encryption of official communications is essential when dealing with criminal or emergency service activities as it is all too easy to tune into police/fire/ambulance communications with a scanning receiver and listen to all sorts of sensitive information. In the past I've known people use cellphones rather than their VHF radios because of confidentiality reasons.

Sensitive information isn't always related to criminal activities, it can include personal data such as diseases, home addresses, alarm system security codes and other such information. I think the impending enforcement of the GDPR will mandate secure handling of personal information and therefore use of encrypted communications throughout the EU.

To those who have expressed a distrust of the police and their use of secure communications I suggest they are attacking the issue from the wrong end. It would be better controlling the people who manage the recordings and network data than trying to listen to raw radio traffic.

Andy

JimMay 9, 2018 1:18 PM

"Someone should ask them if they want those radios to have a backdoor."

If they don't put a backdoor in the radios, how will all the hobbyists listen to the police radios with their scanners? :)

Jesse ThompsonMay 9, 2018 2:00 PM

Yeah, "backdoor" implies that there must exist a minimum of 3 parties at play: intended receiver (front door), second intended receiver (backdoor), and potential eavesdroppers (they get the wall).

Since traditional backdoors are supposed to be for government or law enforcement, and in this case those parties are already using the front door, who would the back door be intended for? It can't be "Everyone else" because then you'd have nobody to face a wall towards.

JakeMay 9, 2018 2:48 PM

It's closing in on 30 years later but there's only one thing that comes to mind when I think of Virginia Beach police, and that's the complete and total debacle that was the 1989 Greekfest.

Back to the Terrordome I guess.

justinacolmenaMay 9, 2018 4:14 PM

They're idiots. You really think a bunch of cops in the field can keep track of their encryption keys, and who is supposed to know what some cop is shouting out over the radio, and who isn't supposed to be listening in? The fire department? EMTs, ambulance crew?

Now they need to do an audit, and inventory their radios and other computer equipment, because they are suffering a loss rate just like every other department of a big city.

Meanwhile they sell decrypting police radio scanners at the hobbyist shop down the street. It's all "proprietary," isn't it? Not quite "classified" — not by any stretch, but that's right, they do make radar detectors illegal in some of those log-cabin brotherhood states out east, now that I think about it.

PeaceHeadMay 9, 2018 5:12 PM

I think it's a good idea for them to have their transmissions encrypted.

I used to live with a guy who turned out to be (unbeknownst to me) a potential criminal.
He used to listen to police broadcasts regularly while playing video games.
He was a pretty nice guy to me, but it turned out that he might have been dangerously nasty to others.
I moved out after he got arrested.

I just worry about other parts of the country where police brutality might be an issue.
I think some transparency is preferred. So Aaron's comments seems the most decent; (the rebroadcasting after the fact).

Matt NYMay 9, 2018 7:02 PM

Most police and fire departments have been moving to digital systems as their analog fm radios have gotten old. Of necessity, all digital systems have to have an unencrypted mode to talk to other agencies during emergencies. These will be able to be received by digital scanners - bearcat, whistler, etc.

Whether their main traffic channels are encrypted is basically up to them and their radio techs. A local PD for a large town went to P25 APCO encoding - they thought they were un-interceptable, until bearcat came out with a scanner that could receive P25. Now they have 2 unencrypted channels for routine stuff - traffic stops, cat in tree, etc, and one TAC (tactical) channel that is encrypted. Even with a P25 capable scanner, you cannot listen in on that TAC channel. This is the way to go. Some departments just buy whatever the latest scanners cannot hear and upgrade again when they can receive them. My local town just calls on their cell phones when they want confidentiality.

It does get expensive - the latest bearcat with all the digital modes upgrades is over $700! A lot of money to listen to license plates.

Michael DwyerMay 9, 2018 9:31 PM

Hey, while we're here, could we possibly repeal the now-pointless ban on the 800MHz band? There hasn't been telephony in the clear for more than a decade, and software defined radio makes a mockery of this whole idea anyway. Maybe it is about time to stop forcing manufacturers to only sell receivers that are cellular blocked.

justinacolmenaMay 9, 2018 9:51 PM

Only slightly off topic, but I'm not sure where else to go with it, since it's the middle of the week.

Those Russian Realitors® do appear to be stealing cars at the shopping centers. Grand larceny. Organized petty theft on a grand scale, too. They also dig into your bank account and check your balance whenever you use any kind of bank card, try to run you over with some kind of fraudulent transaction if they can. Cash isn't practical either, because the security guards rob you.

@Michael Dwyer

Hey, while we're here, could we possibly repeal the now-pointless ban on the 800MHz band? There hasn't been telephony in the clear for more than a decade, and software defined radio makes a mockery of this whole idea anyway. Maybe it is about time to stop forcing manufacturers to only sell receivers that are cellular blocked.

You don't think anything like that is really going to happen, do you? You do realize that RF spectrum is Realestate® subject to the aforementioned terms, conditions, covenants, and restrictions, don't you?

MarcoMay 10, 2018 12:47 AM

Wow, here ins switzerland not only Police but most Emegency Services (Ambulances and Firefighters) use Encrypted communications...
But to be honest, especially firefighters are not entirely happy with the used system.
The speech quality is really bad (worse than the old analogue systems), penetration of buildings is bad (we have to take the devices off of network mode and put them in a direct communication mode to be able to communicate) and a channel change takes at least 7 key presses (one long one) on a way too small keypad to use with heat resistant gloves..

Clive RobinsonMay 10, 2018 2:03 AM

@ Species5618,

UK police have been using encrypted tetra for 10 year or so, and are moving to an IP based PTT LTE solution VERY soon

Tetra was sold on a lie, and the proposed replacment has likrwise been pushed on similar coverage and interoperability argumunts, that are already causing problems.

It's now quite normal to see police officers with three mobile phones and a Tetra unit that is turned off, due to the stupidity of the design.

As for the "encryption" asspect of Tetra, it has caused more problems than it has solved. Especially when joint operations have been involved.

I suspect that not much will change and police officers will carry on finding their own working solutions.

The thing is that there are some criminals out there who are more informed about the weakness of these "high tech" radio systems and know how to turn that to an advantage...

One reason for the shift that is not being talked about is why the UK Gov is so keen on moving emergancy service radio communications.

It was not so long ago that the UK Ham radio allocation got a chunk chopped out, that the UK Gov then made about 1billion out of by licencing fees. That is the radio spectrum is in such short supply that there is a lot of money for Gov's to make out of it.

What they tend to forget in their hast to grab the cash is that there is a very good reason to give emergency services their own spectrum allocation and not a shared spectrum. When things go wrong almost the first thing people want to do is "talk" thus shared spectrum gets swallowed up and becomes congested to the point of being unusable. Clever protocols can only work sofar to stop this congestion, humans being what they are will find ways to break things in the most interesting of ways that "clever people" would never think of....

As any experienced engineer will tell you "The problem with fool proof systems is that fools lack imagination".

Clive RobinsonMay 10, 2018 2:21 AM

@ Bruce,

Someone should ask them if they want those radios to have a backdoor.

All transmitters and quite a few receivers come with a built in "backdoor", due to the way they operate.

During WWII the British came up with the notion of "traffic analysis" and turned it into a very powerful tool. The German radio service likewise developed techniques to find radio receivers based on the frequency they were tuned to. This latter technique was used by MI5 during the cold war to track Russian counter counter intelligence operatives following MI5 and other UK Intel organisations operatives.

This is not "secret knowledge" thus there are those around who know how to do this. Especially with lots of "squadies" getting taught the techniques to use them against various non governmental forces in the middle east.

It is known that some ex-military get involved with crime thus it's safe to assume that some criminals know how to use these techniques to their advantage.

vas pupMay 10, 2018 9:11 AM

Tag -law enforcement, police
MASS SHOOTINGS AND MENTAL ILLNESS:
http://www.bbc.com/future/story/20180509-is-there-a-link-between-mass-shooting-and-mental-illness

“It’s difficult to psychologically profile mass shooters because they often commit suicide or are killed during their attack. But what doctors and scientists do know is that the perpetrators of such events are frequently angry young men, who feel they have been mistreated by society and therefore seek to extract revenge.
Predicting who could turn into a mass killer is virtually impossible, Swanson says. Some mass killers had even visited psychiatrists for behavioral problems prior to their attacks, but had no diagnosis of a specific mental illness. “Most of the people who commit mass shootings don’t want treatment and don’t meet the criteria for treatment,” Binder points out. Nor can individuals be committed to a mental hospital just for being angry.”

BobMay 10, 2018 9:33 AM

@TimH

>Looks like the police really do regard themselves as non-citizens, i.e. armed services.

Great! Then they shouldn't mind being held to the UCMJ!

albertMay 10, 2018 10:09 AM

@Bob,
"...Then they shouldn't mind being held to the UCMJ...".
:)
In some countries, the military -are- the police.
. .. . .. --- ....

TõnisMay 10, 2018 1:42 PM

"Someone should ask them if they want those radios to have a backdoor."

I'll bet they're not opposed to using Stingrays either.

copycatMay 10, 2018 5:07 PM

"Someone should ask them if they want those radios to have a backdoor."

The question is absurd. The government is the source of law and justice.

Now, my above comment could be seen as sarcasm, but in reality that is *exactly* what the likes of schneier or any other establishment talking head think about their governments.

So, schneier trying to play the skeptic and asking a snarky question is just involuntary self-parody.

justinacolmenaMay 10, 2018 5:40 PM

@vas pup

Yes.

... angry young men ...

That's like the "roaming" indicator on your cell phone, which I call the "young man" indicator.

"You're roaming, young man!"

That would make young men angry. That's the little ® that shows up on the status bar of your cell phone screen.

... no diagnosis of a specific mental illness ... don't want treatment ... don't meet the criteria for treatment ...

That's interesting, because none of that ever stopped a shrink from offering involuntary treatment, or a judge from ordering it.

TRXMay 10, 2018 5:57 PM

> The US historically seems to use a variety of quite basic radios for emergency services (police, fire, ambulance).

Yes. There are dozens of Federal agencies, each with their own systems. Various incompatble military systems. 50 states and half a dozen territories, 3100-odd county-level polities, somewhere around 20,000 cities and towns, and most, but not all, have their own police, fire, ambulance, or other services. Each one funded and authorized independently of every other. Sometimes a state or county will negotiate interoperation with smaller polities, but that doesn't always last.

If you were in County Cork, would you expect seamless interoperation between any random organization like the Bulgarian National Police Service, a private ambulance company in Paris, or RAILPOL?

echoMay 10, 2018 9:34 PM

@TRX

My sense is some of the biggest proponents of Brexit look at the American model through the simplifying lens of television and forget the US isn't just a country but a continent. (Russian and almost down to Syria are technically within the European continent.) It has its overbearing federal government and complexities and low income states as much as anywhere else. It isn't all bad though likewise the EU. The history and context of GPRS and GPS are stories in their own right, as is 5G and Gallileo et al.

Not many people rememebr Ptarmigan. From what I recall it was the "white heat"of battlefield communciations systems but never fulfilled its promise and was abandoned. Cormnorant and Falcon are the much more upgraded and relevant technologies.

BT (former nationalised telecoms) has begun the process of decommissioning POTS.

Morpheus is the new big idea for militarytactical communciations systems. The basic premise is the system is interoperable and componentised.

https://en.wikipedia.org/wiki/British_Armed_Forces_communications_and_information_systems#Ptarmigan_(obsolete)

https://www.gov.uk/guidance/morpheus-project-next-generation-tactical-communication-information-systems-for-defence

Clive RobinsonMay 11, 2018 4:47 AM

@ vas pup,

If you consider that one of the highest groups for suicide is young males, it would not be difficult to say that mental illness in that group would be considerably higher than in other groups.

Depending on who you listen too mental illness is now the number one reason for "lost productivity" and between one in six and one in three people have chronic depression in Western Societies...

Thus I would guess that the odds are quite high that "mass shooting" etc perpetrators do have a recognised mental illness.

Perhaps we should be asking what it is about our current societies that are in effect causing such mental illness. I don't think it would be difficult to find "pressures" that were not there just a few generations back. Let's put it this way, I'm at the other end of the working age, and even I can see that most trying to get started do not have a snowball's chance in hell of being successful to the point of attaining what would once have been considered "middle class" status of owning a home having two or three children and one or two cars etc, or even attaining "working class" status with regular food on the table...

One of the first things I would change would be to get rid of "zero hours contracts" and "waiting time" "unpaid overtime" etc clauses for those on an hourly rate less than five times the national average income hourly rate. As for "internships" they should be made illegal as their primary but unspoken purpose is to stop social mobility and encorage nepotism etc.

echoMay 11, 2018 6:06 AM

@Clive @vas pup

A number of private schools in the UK are reported as giving up charitable status. The reason given or many suspect is to avoid scrutiny. I'm not sure King Henry VI's charity school for poor boys (a.k.a Eton college) will be too keen to leave money on the table plus they are the go-to school for the establishment.

Discrimination is a thing and rife in UK healthcare across the board. Local government has its issues too ditto the cops.

I am very unpopular believing Dunblane was an accident waiting to happen. The same was true for people suffering from extreme mental illness, although not so much now. Reports have very very very quitely been published indicating a behind the scenes crackdown on slack standards of care beginning after the last very high profile incidents. The last time I checked there has been a substantial improvement but there is a way to go. The police are notable from resisting prosecuting anyone who has anything to do with failures of healthcare standards due to the embarassment factor and backscratching their chums.

Very recently a judges hands were tied after a young black man suffering from mental illness was convicted of manslaughter. The judge claimed to feel extreme regret that a young man through no fault of his own had to be given a custodial sentence for a crime which he was provoked into.

Women suffer equally within the system. There are doctors who not to put too fine a point on it should not be allowed anywhere near women. While not necessarily guilty of sexual assualt they reek of malpractice and using their medical position to abuse women. This kind of medical malware is very difficult to prove if for no other reason nobody is looking very hard.

On the issue of internships I have to agree they should be banned insofar as they tip into abusive work practices and discrimination.

Rehabilitation does need to become the chief priority and also quality of life and recuperative therapies. They were all the rage once upon a time and you hardly hearthe words now.

VinnyGMay 11, 2018 7:42 AM

@justinacolmena re: radar detectors - to the best of my knowledge, the only state that currently prohibits detectors by law is (wait for it) Virginia. Connecticut formerly did so, but dropped the law a decade or more ago. It's possible that DC still has a restriction. With current radar detector technolgies (e.g. anti-anti-detection) it's unlikely that the Virginia law gets much exercise. Mike Valentine solved that issue years ago, and other manufacturers quickly copied him.

vas pupMay 11, 2018 9:10 AM

@Clive: mental illness is spectrum disorder, and I agree that mass shooters have some kind of personality disorder which doe snot qualify them to be found not guilty for reason of insanity.
I guess mental illness and violence are kind of different axes of personality meaning you may have 4 combinations: MI with no V; MI with V; no MI with V; and no MI and no V. Yes, I agree that violence is kind of social problem first rather than mental illness by itself, but when MI exists as preexisting condition threshold of violence manifestation due to social issues is substantially less.

Clive RobinsonMay 11, 2018 9:13 AM

@ echo,

Morpheus is the new big idea for militarytactical communciations systems. The basic premise is the system is interoperable and componentised.

A funny-peculiar story for you, which shows large quantities of fake reasons to cover up an unmitigated disaster...

You may know that Bowman is the current BritArm tactical and above comms system, with tactical not realy compatable with "above".

Well "Better of with map and nokia" as the squadies christened the disfunctional and dangerous Bowman kit, was due to have been replaced by 2026, with the ill named Morpheus system.

Apparently it's "all changed now" due to Brexit... It appears there is way to much "secondary NATO" involvment by both EU and US companies. And in the same way the US has a downer on Chinese Tech companies, apparently ther is an (un)official downer not just on EU companies but US companies associated or involved with EU companies... Some say this is a premptive backlash against rumblings from ESA and Germany...

Anyway Bowman is an accident not just waiting to happen but that already has happened with soldiers with very real and unplesant RF burns from operating the kit "according to specification". Worse the HF units are bassed on the Harris Corp SINGARS unit that apparently has issues with changes to the way the multifrequency hopping works in the BritArm replacment generator giving rise to overheating and excessive current thus much shortened battery life. The tactical 2.4Ghz "detached/unmounted" patrol system is likewise having issues including interferance from adjacent ISM and Amature Radio usage.

Thus some people are hoping that Brexit will give them the excuse to employ the "Lift, sweep and drop" carpet tactic to bury the not yet fully deployed Bowman early... But as for Morpheus it appears well named as people appear to be "asleep on the job" and 2026 was looking doubtfull let alone the rumored 2022...

The thing is even though the entry points into Morpheus are supposed to be IP RFC compliant such that COTS solutions can be leveraged for flexability / future proofing apparently there are "existing solution interoperability issues". Or to put it more succinctly Morpheus will not replace Bowman. Instead Morpheus EvO (Evolve to Open) will evolve Bowman...

It's already known that when COTS kit gets near Bowman HF kit it goes "Bat Shit Crazy" which apparently some are saying is what the Battlefield And Tactical Communications and Information Systems (BATCIS) delivery team responsible for Morpheus are...

Hence a different supplier of kit has been selected which will no doubt have the usuall "swap riders in a running race" usually has...

In the mean time apparently early --not realy-- Bowman PRR 2.4Ghz tactical radios turned up on the likes of eBay before BritArm got fully equiped...

https://www.arrse.co.uk/community/threads/bowman-prr.85392/

echoMay 11, 2018 10:13 AM

@Clive

This doesn't surprise me! I won't yack on but, oh, this is a very small world at times.

Clive RobinsonMay 11, 2018 10:55 AM

@ Jeremy,

From Matt Blaze et al paper,

    The P25 protocols themselves suffer from some basic weaknesses that make them vulnerable to a range of active and passive attacks. The vulnerabilities we found, which apply even when encryption is properly configured, leak data about the identity of transmitting radios, enable active tracking and direction finding of idle (non-transmitting) users, allow highly efficient (low-energy) malicious jamming and denial of service, and permit injection of unauthenticated traffic into secured channels. These weaknesses violate many of the most basic assurances a secure communication system is expected to provide, and they apply to systems using any of the three standard P25 configuration (called "simplex", "repeater" and "trunked".)

Is some of what I was refering to above. But there are other attacks where the radio users can be made to make mistakes that leak information

So it's not just "Johny who can't encrypt" it's also "Fat Fedy Boy who can't hide his prescence".

the sad thing is some of the techniques as I indicated were developed to a high degree in WWII thus are over seventy years old...

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.