Earlier today US President Donald Trump tweeted out the theory that One America News Network had that a 75 year old man was approaching police attempting to scan communications in order to black out their equipment before being shoved and falling, cracking his head open and bleeding out of his ear on the ground.
This got me wondering about the current state of scanners, jammers, and potentially blacking out equipment.
You can clearly see in the video in his right hand is an iPhone (or an Android with a silver back) and in his left is a riot helmet he was attempting to return.
So, what is a scanner that would work on that particular device? Broadcastify is a good one. This, when not in emergency situations allows the public to listen in to police, fire, and medical chatter through various streams.
Police generally are required to communicate on certain channels but reserve a couple that are not publicly available in order to do things such as call in identifiable information. iPhones and Androids can’t simply sniff other device signals without some major mods to the OS and potentially chip firmware so you’re probably limited to software.
The streams you can listen to on a phone generally are provided and encoded at a central location and broadcast for the public and you grab them from a server.
The equipment an officer carries uses tech similar to cell phones in that the communication between officer equipment and base units. They’re effectively suped up cell phones these days dual channel for TX/RX with end to end encryption. Throw in repeaters, portable base stations, and some other stuff and it’s not a system that you can simply hack into with a handheld device.
Basically if you could simply listen in to encrypted chatter, every crime boss, car thief, drug lord on the planet would.
But, given enough time and signal capturing you theoretically could break the police department encryption. So this is where I’d start looking – how long would you need to break the encryption key, how close would you have to be?
It looks like it’s theorized once we have quantum computers this could be an 8-hour long operation to break the encryption, however the current timeframe is supposedly about 25 years.
You could float the theory that all these bitcoin miners are making a rainbow table that can be used to reverse engineer that encryption? If so it appears someone could intercept communication to and from perhaps one radio based on the Motorola pamphlet. As a note, I can’t find actual data on how long it takes to break FIPS 140-2 Level 3 hardware encryption, but you can read about how it’s set up here.
But that would leave why, with the police radios having a range of two miles anyone would have to be remotely nearby. You don’t have to be anywhere near to pick up police radio. So let’s look at jammers.
So looks like FIPS and ASTRO 25 authentication would need to be broken and I don’t see that happening from a cell phone.
From what I can locate, police radios operate in the 700-800mhz bands with multiple channels for backup. This is a signal jammer that handles police bands:
They’re generally used to steal cars, disable home security systems, LTE, 3G, and believe it or not to disable 2010’s network poster child WiMax. The range of blocking is generally listed on various sites as being about 45 meters or 147.5 feet with giant freaking antennas.
What you can actually expect is about Bluetooth range. These run for about an hour, cost about $800 for a decent one, and really can only be trusted within 30-50 feet.
Blacking out the equipment
Blacking out the equipment was an interesting OANN claim… what would that look like? Evidently that is possible if the radio got cloned unsuccessfully. For that to happen it appears that they would have to break the encryption first so about 25 years from now.