Encryption made for police and military radios may be easily cracked

Original Article ↗ Hacker News Discussion ↗

Scope: TETRA vs. U.S. Systems

  • Thread clarifies the Wired piece is about European TETRA; U.S. public safety mostly uses P25 (STARCOM, etc.).
  • Commenters note P25 has its own issues (slow rollout of link-layer encryption, key management, active-tracking vulnerabilities), but is not “as crazy” as TETRA’s proprietary stack.
  • Some regions run P25 with encryption mostly off, plus analog repeaters, partly for compatibility and simpler key handling; analog audio is often easier to understand at the edge of coverage.

Transparency vs. Operational Security

  • Many residents value open scanners as real‑time oversight of police, seeing encryption as creating “secret police.”
  • Others argue real‑time openness can help criminals evade police and that delayed public feeds (e.g., 30‑minute lag on decrypted audio) are a reasonable compromise.
  • There’s disagreement on how often criminals practically use scanners; some see it as largely a police talking point, others think sophisticated actors absolutely will exploit any available tech.
  • Strong undercurrent: in U.S. contexts with abusive or corrupt departments, people fear encryption primarily protects misbehaving officers, not the public.

RF Tracking, SDR, and Side Channels

  • Several comments explore using SDR, ML, and direction-finding (e.g., KrakenRF-style arrays) to:
    • Detect police presence via signal strength, trunked radio control traffic, or device beacons.
    • Fingerprint individual transmitters or Bluetooth / body-cam MAC addresses.
  • Examples include:
    • Detecting police taser/bodycam OUIs via BLE scanners to spot unmarked cars.
    • Using Wi‑Fi/Bluetooth MACs from in-car laptops or printers to detect nearby enforcement.
  • Consensus: even with strong encryption, traffic analysis and RF emissions still leak useful information.

Security Design Failures & “Oldthink”

  • Commenters criticize:
    • Proprietary, secret crypto (ETSI blocking scrutiny for decades).
    • Effective 56‑bit keying in 2020s‑era systems, which GPU clusters can brute-force cheaply.
    • Treating encryption as a checkbox rather than a core requirement.
  • Some note this reflects legacy military/telco mindset that assumed interception was hard, underestimating modern SDR and compute.

Related Vulnerabilities & Human Factors

  • Replay and signaling issues: unencrypted or poorly protected control signals (e.g., tornado sirens, EAS tones) can be recorded and replayed; even encryption won’t help without anti‑replay.
  • Historical anecdote: jamming or degrading encrypted radio can push operators to switch to clear mode, showing how procedures can defeat technical protections.
  • Several point out that security isn’t just algorithms; behavior, key rotation, and deployment practices matter as much.