textfiles/magazines/DFS/dfs038.txt

                        DDDDD     FFFFFFFFF   SSSSSS
                         D   D      FF       S
                         D    D     FFFFF    S
                         D    D     FF        SSSSSS
                         D   D      FF              S
                        DDDDD      FFFF      SSSSSSS
                                             (ASCii By AD!)

                            Damned Fucking Shit

                                Issue #38
                     Title: Radio Data
                     Date: 7/13/94
                     By: Jeeb
------------------------------------------------------------------------------

Radio Data by Jeeb

     Computers used to be tools available only to rich companies and
individuals. Today, you see beggars post ads on BBSes (sysops). My point
is, the computer is the greatest invention since the radio, and that's why
people like to combine them. There's one vital flaw in this, however. Radio
signals are often easy to intercept and computers often depend on security.
The goal of this text file is to explain how you can (ab)use this flaw for
your personal enjoyment.
     There are many types of data signals that you will find on the radio.
Radio faxes, pagers, Mobile Data Terminals, and remote controls are just a
few. Before you get bored with this, let me explain what these are used
for. Radio faxes are used to transfer weather maps, AP news photos, and
even some newspapers. Pagers are somewhat boring to watch but can be fun to
hack. Mobile Data Terminals are often used by police for communicating
information about cars and people. Remote controls are stupidly used on car
alarms, house alarms, garage door openers, etc.
     Now I know you're staring at your Optima 28.8 and thinking "hmm how do
I rig this thing up to my scanner?" Don't. Telephone modems handshake too
slowly for them to decode data transmissions. You might be able to get a
few messages but the best way is to build your own. No, this won't take you
$300 and two years. Most data transmissions under 800 MHz are under 2400
baud. This means that there are many easy ways to build an interface. IC
modems are now available that are capable of 300 and 1200 baud. For slower
speeds (yes, you will encounter SLOWER speeds), you can build your own
modem by simply using an op-amp filter and a 567 decoder IC. I'm not going
to go into the details of this though, check with your electronic parts
supplier (no, not Radio Shack!) for part info. The soundblaster card is
capable of decoding audio data transmissions, but I haven't seen any decent
software for it yet. Maybe I'll write some, but don't hold your breath.
     There are a few things you need to be aware of when you receive a
signal. First is the baud rate. Sometimes you can figure this out by ear,
other times you have to guess. Common baud rates are 55,110,300,1200, and
2400 baud. Next is the frequency shift. Most data transmissions consist of
a low tone, indicating a binary 0, and a high tone, indicating a binary 1.
High speed data transmissions are different, but right now we're not
worrying about them. The frequency shift is the difference between high
tone and low tone. You will find that some transmissions are standard
frequency shift and others are unique. Your biggest enemy is encryption.
Data transmissions are much easier to encrypt than voice transmissions.
Nevertheless, several data transmissions are unencrypted. Remote controls
aren't as much of a problem though. There may be 30 trillion possible
codes, but if you get a high quality sample of the transmission, you can
just duplicate it and break into the car or house or whatever. Cars that
automatically unlock when you press the transmitter are great fun,
especially when they leave the keys in the car. If you can't hack a
transmission by careful examination and simple translate tables, you might
want to consider moving on to another transmission. Remember, excessive
crap might mean that you're not tuned in right, not necessarily that it is
encrypted.
     Another thing worth mentioning are accidental transmissions. The Van
Eck syndrome. Most computer equipment emits radio waves (that's why they
all have that FCC part 15 compliance thing). It takes an indepth study, but
you can learn what a computer is doing just by its RF leakage. On a side
note, its always good to find some strong leakage frequencies for your
laptop, so if your brother stole it and is using it in the next room, you
can tune it in and go beat the crap outta him. Be smart though, because
most leakage doesn't contain any useable data.
     Well this is the part where I list things you can try listening to.
Unfortunately I don't have much reference material with me but this should
be enough to get you started. All signals are FM unless otherwise
indicated.
     144.91-145.09 MHz            Amateur Packet Radio, usually 1200 baud AFSK
     152-153,158-159 MHz,         Digital pagers. Shift varies.
       929-932 MHz
If you're serious about this stuff, then I recommend buying a frequency
counter. If you're near the transmitting antenna it will tell you the
frequency so you won't have to search forever.
     If you're really elite you might want to get a transmitter to play
with. Watch out for CRC checks and time stamps or your transmissions won't
work. Also remember that they can and sometimes do track down repeat
abusers. If there's one frequency you really want to attack, do it from
different locations for a short period of time, or use a directional
antenna pointed in different directions. It is illegal for a mortal to
transmit almost any type of data via radio waves using homemade equipment.
It is also illegal to decrypt any encrypted transmission. (These are FCC
laws in the US.)
     Finally, let me know what you think. Did you like the file? Hate it?
Need to know more? I'd also like to hear what you've tried and how it went.
Until August 8th you can contact me any of the following ways: (in order of
preference)
              rmitra@iastate.edu
              1-800-298-MAIL box 3504
              +1 515 296 0600 voice
and, of course, I'll always be Jeeb on Paradise Lost.
     <Hey, Access Denied, I didn't type "ok" once in this entire file!>

                     Find DFS On These Fine Systems
==========================================================================
| Paradise Lost                +1.414.476.3181        DFS World HQ       |
| Temporary Insanity           +1.ITS.NOW.DOWN        DFS Affiliate HQ   |
| Plan 9 Information Archives  +1.716.881.FONE (3663) DFS Southern HQ    |
| Arrested Development         +31.77.547477          DFS European HQ    |
| Under World Element          +1.203.740.9571        DFS Eastern HQ     |
| 7th Heaven                   +1.216.464.6789        DFS Ohio HQ        |
| Lucifer's Exile              +1.513.459.1278        DFS Midwest HQ     |
| Twilight Of The Idols        +1.613.226.3386        DFS Canada HQ      |
|                                                                        |
| AE - Plan 9 Information Archives - Login: DFS                          |
| FTP - etext.archive.umich.edu - /pub/Zines/DFS                         |
| IRC - #DFS (Whenever Access Denied or Incarnate is on)                 |
| VMB - 1.800.298.6245 x3508                                             |
|                                                                        |
| To submit, call Paradise Lost and log on as DFS.  The password is:     |
|                           JINGLE JINGLE                                |
==========================================================================