is the CCP Baofeng spying ??

[KAF6045]

1 hour ago, Lscott said:

Well in a way I don’t agree in the general sense. A lot of people own various Chinese manufactured digital radios. I have a D878 and  a D578. Who can guarantee there isn’t some secret back door code to disable the radios or bypass the built in encryption feature?

Unless the radio is connected to the internet (WiFi?) the only way for mainland China to disable the radio is via... radio. And what, other than maybe GPS positioning, are these radios carrying that is going to be of interest to China. At least for Amateur, MURS, and GMRS, encryption is not an option. For those entities for which encryption is legal, they likely are using Kenwood/Motorola class radios (and for business entities, again are unlikely to be using internet links, local company repeater at best if not ~2W job-site HTs only -- a statewide government trunked system may be using internet, but unlikely to be using low-cost Chinese radios).

The 878 (and many DMR, if not DMR/P25/NXDN) already has a means to disable radios -- the only needed backdoor is for that option to be "on" for some specific (unknown) radio ID regardless of the status in Optional Setting: Digital Functions: Digital Remote Stun&Kill Normally that requires code(s) to be preset for stun and kill on each radio, and a private call to the radio ID. Again, this is an over-the-air function, so anyone trying to kill the radios has to be within range of the units being killed. Okay, that signals intelligence balloon might have enough transmit power to cover a wide-area with one kill burst. But does such a kill survive a radio technician with the programming software for the radio? Especially if they can flush and reload both the firmware and programming.

Laptops, tablets, cellphones, and maybe desktops are the big prizes for "phone home" schemes. They have things like user accounts, documents, etc. that may contain proprietary (at least, if not actual classified information -- though my 25 years on a "black" program would make "phone home" futile; our desktops had NO connection to the internet, only to an internal LAN, even the unclassified telephones had to be some 4-5 feet from the computer to avoid picking up RF, cellphones [this was some 15 years ago] had to have batteries removed before bringing into the facility [that was after the Loma Prieta earthquake... when they finally acknowledged that cellphones were going to non-removable batteries, they changed to "complete power-off, not just standby, and black tape over the camera lens(es)], and calculators with programmable features were not permitted... Laptops&tablets? Didn't exist as far as that facility was concerned).

 

[Lscott]

The radios can be manipulated by a satellite signal. Doesn’t have to be WiFi. A signal of sufficient strength can be transmitted to do the job. I remember AO-40 when it was in low earth orbit the 2M engineering beacon was coming in at S9 on my FT-847 at the time.  That Ham sat had some powerful transmitters on board.

https://www.eham.net/article/1543

The kill/stun feature can be disabled by the programed. However if there is another back door that is not accessible through the radio programming software then there is a problem. Since the manufacturers don’t publish the firmware source we have no way to figure out what’s in it. In fact most, if not all, manufacturers encrypt their firmware updates to prevent it from being reversed engineered.

Concerns about back door op codes on modern CPU’s are around. Most current CPU’s are hot patched during boot up by the BIOS before the OS is started to load. The BIOS has a very special bock with new CPU microcode the processor reads into its writable control store. The CPU detects the special code block and loads it using it own internal loader. This can alter how some instructions on the CPU work. This is why flashing a new mother board BIOS is recommended at times to fix certain CPU bugs. If this code is corrupted by malicious people no antivirus, virtual machine fencing etc. can stop it. You’re just plainly screwed.

[tcp2525]

On 4/7/2023 at 12:07 PM, WRKC935 said:

Time to sit and do some critical thinking.  Consider what the gain vs cost would be with this.  The CCR are a lot of things, but they ain't dummies.  What conversation would be worth putting additional stuff in a hobby radio that would 'war drive' to hack an open wireless network and pass on information.  What would that information be?  Would it be worth the cost of doing it?  And more importantly would it be worth the cost of getting caught doing?

 

Look at it this way, a  Nigerian scammer sends out thousands of e-mails a day knowing that he will get a small percentage of bites from suckers. Same way with the Chinese, very little outlay with cheap labor and Americans happily buying cheap goods making the ROI very high. Flood the market with millions of these information gathering devices that phone home to a server that has the right algorithm to find what they want. Of course, a small percentage of these devices will find their way into an information rich environment. Time and the odds are on their side.

I'm with you on the astronomically small chance that a Baofeng will be phoning home. Below is an example of cheap Chinese CCTV cameras that were phoning home. And yes, this company manufactures and  rebrands the cameras.

https://www.theverge.com/2022/11/25/23478132/fcc-china-huawei-zte-hikvision-camera-telecom-authorization-ban

[kmcdonaugh]

Wait until you find out how much your cell phone is spying on you

[WRUE951]

58 minutes ago, kmcdonaugh said:

Wait until you find out how much your cell phone is spying on you

Yup, I’ve often wondered if turning ‘location services’ off actually does what they claim.   I generally turn off location services only to find laterit turned on, and  not by me…. Hmmm

[Luish19779]

If my Baofeng spying me, only going to hear is my fart all day and is not anything compromises on that.

[Lscott]

6 hours ago, Luish19779 said:

If my Baofeng spying me, only going to hear is my fart all day and is not anything compromises on that.

Don't keep it in your back pocket. Also make sure you have the VOX feature disabled if you do.

[Photoman5k]

On 4/8/2023 at 8:56 AM, WRKC935 said:

military grade radios  like the XTS /XTL Motorola's with full AES (government level) encryption) and the required keyloader, all of which are available on ebay, for their personal comm's. 

More info please and thank you. 

[WRKC935]

On 5/5/2023 at 11:21 PM, Photoman5k said:

More info please and thank you. 

Google is your friend here.  If you have specific questions then feel free to ask, but I really don't want to get into a ground up discussion on here about it.

 

[Lscott]

3 minutes ago, WRKC935 said:

Google is your friend here.  If you have specific questions then feel free to ask, but I really don't want to get into a ground up discussion on here about it.

 

It’s not legal on GMRS anyway so no practical application on the service. 

From a purely academic perspective it’s an interesting topic. Might be the subject for another thread.

[OffRoaderX]

On 5/5/2023 at 8:21 PM, Photoman5k said:

More info please and thank you. 

Motorola XTS and XTL radios are LMR type radios used by many (if not most) government agencies from the mid-2000's or so up until 2015 or so (not exact dates, but thats the general range).. Out of the box they are cable of light encryption but are also capable of AES256 encryption as WRKC935 mentioned. They come in UHF and VHF versions and the UHF versions are fully capable of use on GMRS and many (many, MANY) people use these radios on GMRS.

They are no longer manufactured but are sold used on ebay and many places sell refurbished units. The XTS is a handheld and the XTL is the high-powered (up to 110W) mobile version.

Since those in this thread avoiding the conversion often take other threads off the rails without hesitation, I will be happy to answer any questions you have on this off-topic question.

[WRQG930]

On 4/10/2023 at 11:46 PM, kmcdonaugh said:

Wait until you find out how much your cell phone is spying on you

 

I'm gonna pull on this thread.

The prepper guys (probably all of us, to some extent) who awaken from their dream of cheap radios and go buy super-hot encrypted sexiness DID NOT (emphases placed out of a personal need to be annoying) walk into a store front and buy with cash.

The bank spies on you. Stores spy on you. Every purchase you make is documented. So it doesn't make a lot of sense to build up your high-speed-operator kit at all.
 

When SHTF the PTB will go looking for radios. They suspended ham radio during ww2. They'll suspend the internet as well.*
So the el-cheapo throwaway radio is nice to have because you can hide coupla dozen in a hole somewhere. And instead of using encryption algorithms- use one-time pads and call out like a numbers station.

Depending on whizbang gofast tech is the opposite of good. Especially when the procurement of said tech is tracked and catalogued**.

 

* Its easier to do than you think.

** If you think you aren't being watched: you're correct. But everything you do is stored away on a server. Every government does this to every connected citizen on the planet.

[Lscott]

2 hours ago, WRQG930 said:

walk into a store front and buy with cash

Happens all the time at various flea markets where it's primarily cash and carry. 

https://hamvention.org/2022-hamvention-attendance-announced/

https://swling.com/blog/2019/05/2019-hamvention-photos-friday-flea-market/

https://www.make-it.ca/hamvention2023-outdoor/

https://www.make-it.ca/hamvention2023-indoor/

[Blaise]

5 hours ago, WRQG930 said:

walk into a store front and buy with cash.  The bank spies on you. Stores spy on you.

I buy all my radios on the dark web with crypto.  Does that count?

[WRXB215]

[Lscott]

20 hours ago, Blaise said:

I buy all my radios on the dark web with crypto.  Does that count?

That's OK, but UPS, USPS, FedEx etc. will report the delivery to every three letter government agency in the Washington DC telephone book.

[jsneezy]

On 5/9/2023 at 9:09 AM, Lscott said:

That's OK, but UPS, USPS, FedEx etc. will report the delivery to every three letter government agency in the Washington DC telephone book.

You mean you're not choosing the cartel mule shipping option? 

 

Nevermind, they also report directly to several 3 letter agencies.

[JoCoBrian]

uno taco quatro frijole des...Mother Goose, this is the filthy beast....do you copy?   I'm a sad ham that thinks whatever radio I spend my money on, is the best one I can have at that time.  If CCR is in the budget but the Batt Phone ain't, well a licensee has to make a fiscal call.  I realize others play radio differently than I do, at times, and it bothers me not in the least.  

[AdmiralCochrane]

On 5/11/2023 at 5:48 PM, JoCoBrian said:

uno taco quatro frijole des...Mother Goose, this is the filthy beast....do you copy?   I'm a sad ham that thinks whatever radio I spend my money on, is the best one I can have at that time.  If CCR is in the budget but the Batt Phone ain't, well a licensee has to make a fiscal call.  I realize others play radio differently than I do, at times, and it bothers me not in the least.  

I always liked code like this famous open text telegraph message between generals in India during one of the colonial uprisings:  "Peccavi in Deum", literally "I have committed and offense against God".  The encrypted message was the siege of the city of Sindha was complete. 

Watching Cal Ripken Sr give encoded hand sign messages to base runners was always fun.  He mixed the real message with jibberish.  Sometimes the play-by-play commentators would know a coach's signals, but pre-arrainged changes could throw everyone off. I recall one humorous comment about Cal Sr's signing "It's in there somewhere, but I have no idea what it is" 

[AdmiralCochrane]

On 5/8/2023 at 10:11 AM, WRQG930 said:

 

 

** If you think you aren't being watched: you're correct. But everything you do is stored away on a server. Every government does this to every connected citizen on the planet.

Depends on what the defintion of is is.  

[JoCoBrian]

I have some ghost radios....I built them from parts I foraged from the local trash days...no serial numbers...Uh oh...here they come...Mother Goose, this is the filthy beast, the chair is by the door, the cookies are in the truck, John is the Walrus....over and out. 

[propwash]

On 4/10/2023 at 11:48 PM, WRUE951 said:

Yup, I’ve often wondered if turning ‘location services’ off actually does what they claim.   I generally turn off location services only to find laterit turned on, and  not by me…. Hmmm

I'll pull on this thread, if we're talking about Android.  All apps and services on an Android phone are not created equally. If you're writing apps as a non-Google employee, you're using the public Android SDK. Google employees write apps using both the public SDK as well as having access to private calls made to Google Play Services, which you could think of as a root-level service running in the background. If you turn off location services, non-Google apps won't see your location. Google Play Services will still have access to location services and other Google apps can request these data through Google Play Services. The way to avoid this is by using a Google-free version of AOSP or using GrapheneOS, which sandboxes Google Play Services and allows you to truly turn off location services to all apps and services running on your phone.