I get a seriously bittersweet feeling reading her blog since some of the things she's doing are eerily similar to little "just for the hell of it" projects I did in college many, many moons ago. (Transmitting data with IR LEDs driven by my sound card, using audio tapes to store data, playing with signal processing using audio from FM radio stations captured with my WinTV card, writing everything in Perl [5.005], ...)
I wish I still had the desire to just play around with such things again... :-\
Getting back into a hobby to get away from another frustration doesn't always work, cause then your heart's not in it. That's just escapism.
Sometimes the desire is just a matter of achieving momentum. I've let my hobby desk collect dust (figuratively speaking; my OCD wouldn't allow it) until I come across something that piques my interest and I plug in Ye Olde soldering iron and fiddle around. Might do that a few days, fall into a lull and then suddenly pick up and follow through.
You may want to look in other areas. I was "collecting" watches[1] for years before I realized that I wanted to make watches. Because there was a 'purpose', I found myself with a desire to do more electronics projects to support my hobby.
My knowledge in that area (and software) gives me the leverage to make cheap-but-adequate tools that would cost $15-50k or more from watchmaker tooling companies.
[1] Basically, using my annual watch "budget" to buy a watch that had some unique or unusual attribute, not really collecting in the traditional sense.
I've been trying to get her to submit to 44CON[1] for over a month. I get the impression she might not feel like she can fill 45 minutes from the comments but I'd still want to try and get her over. Her blog is absolutely amazing though, one of the best I've seen in a long time.
I wonder what her lead time on each post is. Is she really productive, or does she have a lot of projects in a pipeline and we see the built up list of results? Either way, I feel unproductive just reading it.
The frequency shifting of the stereo signal must be doing exactly that, shifting everything down and not filtering
RDS at 57k she says? Stereo signal (or better, the L-R information) is at 38k (double band suppressed carrier, so the carrier would be at 38k). So 57 - 38 = 19k!
decoded from intermodulation distortion in the radio's Line Out audio
I wonder if this is a fairly common side channel attack? The most common in the domain of digital crypto is time (e.g. all password inputs must take equal time to check vs a given password, otherwise you leak info about the password) but distortion seems an obvious attack vector against analog crypto. Though I don't know if it's merely obvious in hindsight, as are most things.
No, she used the distortion to decode the specific subcarrier that holds the RDS information. This had nothing to do with the decryption, as the data decoded at this step would include regular RDS/RDBS data along with the _encrypted_ TMS data.
The decryption is performed in a second step. The reason she had to do it this way is because most radios do not provide a convenient way to get at the subcarrier data.
I believe the parent comment is referring specifically to the part about sniffing one stream of information using only the observed it has on another stream (as opposed to the part where the radio is connected to a sound card and digitized).
As simple of an operation as this is, I wonder how hard it would be to brute force this without knowing the location. If you assume that the location values must all be within some distance of each other, I suspect you could iterate though all 65k keys fairly quickly and find the tightest group of them and it would likely be the right one. This makes me want to get some kind of thing going to decode them and try it myself.
http://www.phrack.org/issues.html?issue=64&id=5 is another hacker going at it as well, from 2007. It includes a little more information about the protocol, but doesn't touch on listening to encrypted versions.
That is a bit misunderstood. Norway does indeed have a maximum prison sentence of 21 years, which is called "life in prison", but preventive detention can be used to effectively keep convicts incarcerated for the rest of their lives if deemed necessary for the safety of the public.
That part's true; Finland does have relatively short prison sentences and heavy use of parole and prison alternatives, in line with the rest of the Nordic countries.
Super cool post. I'm glad there are people in the world working on these things, at least in a hobby capacity and sharing with the rest of us. I worry that doing something like this might get one in all kinds of stupid trouble with somebody in a hot minute (especially in the US). Can't say my fears are well-founded, if only so through the various hyped up horror stories you hear about hackers getting in legal trouble for unforeseen reasons.
No doubt about it, that is awesome. I wish I had the time... correction I probably always have the time, but none of the patience to do something like this alone on the side. I'll definitely bookmark her blog.
Or people did not know, and were indifferent to, her gender and used the male pronoun because that is the correct grammatical structure when the gender is unknown.
I certainly never pay the slightest bit of attention to the gender of people I read. Does it make any difference?
On someone's personal blog, if you're going to comment, and the person's name and photo is right there, it's about the same as addressing a female in person as "Sir" (or in this case, "dude")
"Dude" works for women. How else are you going to call a female person in her late twenties? "Woman" is way too formal for many settings, "girl" can imply that you think she's not mature, and "gal" is just... no.
If anyone has a better alternative, do tell. I'm not too pleased with "dude" either.
Either be more specific (you, hacker, engineer, etc) or less specific (person, or leave off the pronoun?)? I mean, I don't think any of this is that important, and saying things like "the elevator has a 10 man capacity" is fine, but there is no reason not to try to be accurate when it costs little.
I assumed the same. Then when I scrolled up to see who the author was I was pleasantly surprised that it's a woman who writes about this. (You usually only get to read meta-social-stuff posts from women.)
The bigger surprise was that she was self taught. (The surprise would be just as big if the author was a man.)
Making reasonable assumptions about that customized prompt:
Her host is named Pentti. Her username is windy. Her files are in ~/koodi/redsea (koodi = code).
(I usually have "ryan" as a username on unix hosts, so rather than putting my username in the prompt on every line, I just put a % if it's that, or a # for root, or ! for something nonstandard (like a role account, or one of the systems where I don't have my normal username.))
