this post was submitted on 30 Jun 2025
367 points (99.5% liked)

Technology

76361 readers
1558 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] captain_aggravated@sh.itjust.works 1 points 3 months ago (1 children)

Oh the legal system is pretty good at deciding intent, I mean what's the difference between manslaughter and murder?

Thing is, it's not like there's radio police that are going to pull you over for encrypting. Other hams might turn you in if you're being annoying. If you send an encrypted email over Hamlink once, or say something like "Beefy Burrito this is Enchilada, the tamales are in the basket" on 33cm once, probably nobody's gonna notice.

There's only ~3.7MHz worth of bandwith on the HF bands, another 4MHz on 6m. There's a lot of attention on the bands that propagate. If you want to secretly communicate with people, use Reddit, or the Fediverse.

You know r/kitty? One of a trillion cat subreddits that had a gimmick that the only written word allowed was "kitty." All post titles and comments had to consist only of "Kitty." Arrange with the leaders of the other terrorist cells you're working for that if u/chudmuffin posts a picture of an orange cat, we attack at dawn, and if he posts a picture of a grey cat, lay low they're onto us.

Encryption is legal and standard on the internet, where there's many orders of magnitude more traffic than on the ham bands. I can't send an encrypted email over Hamlink with a license, but I can host a Tor site without one.

[–] MangoCats@feddit.it 1 points 3 months ago (1 children)

Oh the legal system is pretty good at deciding intent

I wouldn't say it's good at determining actual intent, just good at deciding what intent is going to be assigned by the system.

If you send an encrypted email over Hamlink once, or say something like “Beefy Burrito this is Enchilada, the tamales are in the basket” on 33cm once, probably nobody’s gonna notice.

I've always wondered how much steganography is in practice - if it's being practiced well, nobody knows. Setup a HAM station that snaps a photo at sunset and a couple of other random times per day. Transmit the photo in a standard, open digital mode, but hide your message in the noisy lower bits of the 3 color channels 0-255 R G and B, you can easily modify 6 bits per pixel without visually distorting the image, drop that to 1 bit per pixel and nobody who doesn't know your scheme could ever find it. To the local hams, it's three chirps a day, with a reliable pretty picture of the sunset and a couple of more varied times. As a utility channel, that's three opportunities per day to secretly communicate something to a listener that nobody can identify. If the picture is just 2MP, that's 250kBytes of bandwidth per image.

If you want to secretly communicate with people, use Reddit, or the Fediverse.

Absolutely, though the "listeners" there are more readily identified, even via Tor.

[–] captain_aggravated@sh.itjust.works 1 points 3 months ago (1 children)

Well on some popular image board like one of the hundreds of cat subs on Reddit, how do you identify a "listener" who is looking for a particular user to upload a picture of an orange cat? Thousands of people will view that post perfectly innocently.

[–] MangoCats@feddit.it 1 points 3 months ago (1 children)

The point is: IP addresses that download the content are traceable (and spoofable, but that leaves trails too...) Yeah, you might be one of thousands, but every day you log in you increase your odds of being spotted.

Listening to longwave radio? Yeah, basically anybody anywhere on the planet with a receiver. Even local broadcasts it is nigh impossible to know who is listening where within the broadcast radius and the average person walks around with several radio receivers on them all the time now.

[–] captain_aggravated@sh.itjust.works 1 points 3 months ago (1 children)

So...let's actually set up a pretend scenario here. Pretend. We are pretend red teaming here; any resemblance to actual terrorist plots living or dead is purely coincidental.

Let's pretend our terrorist cell is going to spit up, travel to 10 places around the United States, and we're going to do a coordinated strike on 10 government buildings. Probably the smartest thing to do is just...do it at a planned time and not communicate after we split up. But for some convoluted Ocean's Umpteen reason we need to communicate and coordinate. I see 3 possible scenarios here:

  1. Leader just needs to say GO to the rest of the team, expecting no reply. So one, very brief, one-way communique.
  2. Leader needs to send several detailed instructions over a long period of time, expecting no reply. Repeated, large, one-way communiques.
  3. The team is going to gather some intelligence and report back, and based on all their observations the leader will say go. Full on two-way communication.

In all three cases, the internet is the better tool for this.

You are correct in that it is difficult or impossible to remotely detect radio receivers, no matter what the BBC tells you. There's no machinery making a log of who accesses what over analog radio. But the realities of radio equipment and propagation are going to eat into that advantage somewhat.

If we're talking truly coast-to-coast, you're going to need HF. MF/longwave won't reach far enough, you need skywave propagation, and you get that on HF...mostly at night mostly during favorable sunspot activity.

I bet you're imagining most of the team using one of those handheld commodity shortwave receivers that does AM/FM and shortwave, about the size of a pencil case with one of those telescoping whip antennas. That might do for 1 and 2, people hear hams on those sometimes.

The bosses transmitter would need to be a reasonably serious bit of kit. At the very least something like an Icom 706 mobile HF rig plus power supply and at least a two element yagi for 20 or 40m. This is an antenna that's 30 to 60 feet wide. Hams do routinely make do with less, but when you're talking to someone with those crappy little antennas, probably inside a building, I'd want to focus my beam at least a bit. A wire in a tree ain't gonna do.

Oh, and, let's say Boss is in Washington DC. It's possible he can make himself heard in Los Angeles but not Wichita, because the "optics" of the ionosphere doesn't bounce his signal down to the ground in the middle of the continent.

One communique of "Baker this is Oven: Preheat complete, insert the bread. Repeat: Insert the bread." might not be noticed. Or some ham somewhere will hear it and go "What the hell, who's horsing around?" If you don't transmit again, you're probably not going to be direction found. But that big radio tower you've got is a weird thing to have.

If you need to make routine transmissions, well now you're going to have to try some steganography crap. They did recently relax the baud restrictions on HF, but you're still talking about 2.8kHz of analog bandwidth that MIGHT get through. It's gonna look really weird if you're repeatedly sending digital pictures to...no one in particular on a regular basis. Now, to blend in, you'll need some genuine callsigns, because the FCC amateur radio license database is a matter of public record. You use a bogus callsign and you'll be found out. If you're transmitting a lot, people will find you, possibly out of curiosity.

Especially if you're talking about everyone in the terrorist cell communicating, well now EVERYONE has to have an amateur radio license from the government, and fairly large, fairly conspicuous radio hardware. There have been spies caught with shortwave radio equipment, and said equipment was used as evidence against them. Entering the US with a smart phone and laptop is utterly normal, entering the US with a shortwave radio is weird.

OR

Get accounts on Reddit, and post cat memes. Compared to sitting around listening to static on an HF set, that looks way more normal these days. Yes, there probably is a log of what IP addresses sent and received what, but it's really easy to make two-way secret communications look like perfectly legitimate traffic. The equipment required doesn't draw as much attention. Keep the steganography subtle or a matter of "which picture I post" and not doctor them at all, well now it's 100% indistinguishable from people having casual fun. Some guy posts a picture of an orange cat, it gets 30,000 views 975 likes and 75 comments, and ten IRS buildings explode. Do you think the authorities make the connection to the cat meme in the first place?

[–] MangoCats@feddit.it 1 points 3 months ago* (last edited 3 months ago)

Sure, the internet is more practical, and the odds of being caught in the time required to execute a decent strike plan, even one as vague as: "we're going to Amerika and we're going to hit 50 high profile targets on July 4th, one in every state" (Dear NSA analyst, this is entirely hypothetical) so your agents spread to the field and start assessing from the ground the highest impact targets attainable with their resources, extensive back and forth from the field to central command daily for 90 days of prep, but it's being carried out on 270 different active social media channels as innocuous looking photo exchanges with 540 pre-arranged algorithms hiding the messages in the noise of the image bits. Chances of security agencies picking this up from the communication itself? About 100x less than them noticing 50 teams of activists deployed to 50 states at roughly the same time, even if they never communicate anything.

HF (more often called shortwave) is well suited for the numbers game. A deep cover agent lying in wait, potentially for years. Only "tell" is their odd habit of listening to the radio most nights. All they're waiting for is a binary message: if you hear the sequence 3 17 22 you are to make contact for further instructions. That message may come at any time, or may not come for a decade. These days, you would make your contact for further instructions via internet, and sure, it would be more practical to hide the "make contact" signal in the internet too, but shortwave is a longstanding tech with known operating parameters.