Tait gear approved for use on GRN

[ivahri]

I'm sorry but it is not smoke & mirrors. Any form of security has limits. An ASK and authentication are intended to limit the ability of certain people to program stolen radios and use them to access the network. My agency's radios cannot be programmed, they can't even be read without an ASK & a password- which I know has not leaked. So the existing security does that, so it is not smoke & mirrors. Is it an absolute defence against any form of network hacking? Of course it isn't and no-one claims that, but given that the simplest form of illegal access is via stolen radios it does address this. You might think you are a genius & the rest of the world are idiots, but I've got news for you mate- you are deluding yourself.

Cheers,


Richard

[SKEYGEN]

I'm sorry but it is not smoke & mirrors.

Yes, it is.

Any form of security has limits. An ASK and authentication are intended to limit the ability of certain people to program stolen radios and use them to access the network. My agency's radios cannot be programmed, they can't even be read without an ASK & a password- which I know has not leaked.

And I bet license keys and hardware dongles have stopped software piracy in its tracks, too?

Same technology, different application, and just as ineffective in both cases. ASK is there to help customers who buy expensive radio systems sleep to better at night and keep the only the most unsophisticated adversary, who's not smart enough to buy himself an Icom instead, away. It doesn't actually keep unauthorised users with more than a rudimentary level of technical capability off those systems.

That's what proper authentication by the network is for. It moves the critical security controls to an environment where they can be trusted.

The key doesn't need to be leaked. When you control the hardware on which a piece of software runs, you own it. If the hardware can't be trusted, the software can't be trusted. It's a basic and fundamental principle of secure system design.

So the existing security does that, so it is not smoke & mirrors.

No, it doesn't. I bet system_tech probably found more than a few pirates in this time, that should be evidence enough of this.

Is it an absolute defence against any form of network hacking? Of course it isn't and no-one claims that, but given that the simplest form of illegal access is via stolen radios it does address this. You might think you are a genius & the rest of the world are idiots, but I've got news for you mate- you are deluding yourself.

Richard, take a cup of tea, a Bex, and a long lie down. There are a bunch of very smart people on this board with similar interests to my own, that's why I'm here. If you're the type of person who interprets anyone questioning your opinion and wishing to engage in intelligent debate as an attack, and instead resorts to character assassination, I've got no time for you.

[ivahri]

I'm sorry Skeygen but you are dead wrong, and for someone who has been here 5 minutes you really have tickets on yourself.

From reading your comments I bet you never lock your house or car? What would be the point- they don't keep thieves out? So I guess you would live in a house with a Long Bay like brick wall & a moat full of crocs...

That is the analogy... nothing will keep every crook out but if it reduces the numbers & ease then you do it. Everything is a trade off- and it does work based on data we have. Are there unauthorised radios out there? Of course there are- I don't need Mal to tell me that given I get data on a daily basis on the issue. But we have ways... and I'm not discussing that with an anonymous person on a public forum.

Cheers,


Richard

[vk2vkg]

Any form of security has limits. An ASK and authentication are intended to limit the ability of certain people to program stolen radios and use them to access the network. My agency's radios cannot be programmed, they can't even be read without an ASK & a password- which I know has not leaked.

Are you sure about that, have a look at some other boards and they say, all you need is a copy of Depot 7.0 which seems to be around the net.

[BerryV]

Any form of security has limits. An ASK and authentication are intended to limit the ability of certain people to program stolen radios and use them to access the network. My agency's radios cannot be programmed, they can't even be read without an ASK & a password- which I know has not leaked.

Are you sure about that, have a look at some other boards and they say, all you need is a copy of Depot 7.0 which seems to be around the net.

Depot 7 was old news 3 years ago. if you know the feature difference since then you would think they are different radios. r15 is the latest.

[SKEYGEN]

Any form of security has limits. An ASK and authentication are intended to limit the ability of certain people to program stolen radios and use them to access the network. My agency's radios cannot be programmed, they can't even be read without an ASK & a password- which I know has not leaked.

Are you sure about that, have a look at some other boards and they say, all you need is a copy of Depot 7.0 which seems to be around the net.

Yep.

And in any case bypassing ASK in the public Motorola CPS requires a change to exactly one instruction in the CPS executable. One particular jne becomes a nop, and you're in business.

[SKEYGEN]

From reading your comments I bet you never lock your house or car? What would be the point- they don't keep thieves out? So I guess you would live in a house with a Long Bay like brick wall & a moat full of crocs...

No, but I'd at least take the keys with me and turn the alarm on, rather than leaving the key in a pot plant out the front as Motorola are doing, and then then telling their customers that it makes their house as secure as Fort Knox.

Instead, they should've heeded the hard lessons of the GSM and AMPS mobile phone networks while driving the development of P25, as the designers of the technically superior TETRA did.

[ivahri]

Wow you are loose with the truth... actually Moto have REPEATEDLY warned agencies & the network owner of the security implications of moving to an open standard. Been there when the warnings were made and these warnings are being heeded.

I don't mind people like Citabria as he makes constructive comments but you on the other hand are just coming across as an ill informed smart-arse with no actual constructive solutions to the issues. There is nothing worse than someone who just has to tell the world how clever he is and how stupid & incompetent everyone else while not offering any practical way to improve things. OK... so NSW, Victoria, and South Australia all scrap their millions of dollars invested in networks that, though this point probably is beyond you, broadly meets the users needs to replace with what? 4G? NBN? Tetra? Given the money isn't there, and the networks aren't there, and more importantly the technology is NOT there, we all go back to analogue PMRs? Hello? Am I the only one who thinks that you are just a stirrer without substance?


Richard

[SKEYGEN]

Wow you are loose with the truth... actually Moto have REPEATEDLY warned agencies & the network owner of the security implications of moving to an open standard. Been there when the warnings were made and these warnings are being heeded.

That's another furphy on their part, as citabria pointed out.

The only negative implications of open standards are the impact on Motorola's revenue, now that they're not the only game in town for subscriber equipment etc.

I don't mind people like Citabria as he makes constructive comments but you on the other hand are just coming across as an ill informed smart-arse with no actual constructive solutions to the issues. There is nothing worse than someone who just has to tell the world how clever he is and how stupid & incompetent everyone else while not offering any practical way to improve things. OK... so NSW, Victoria, and South Australia all scrap their millions of dollars invested in networks that, though this point probably is beyond you, broadly meets the users needs to replace with what? 4G? NBN? Tetra?

No, they need become informed customers. Information that you've provided in this and P25 security thread suggest that NSW is not, given that there seems to be a genuine believe that ASK style technologies actually provide something resembling security, and that it was apparently a requirement for Tait's equipment to get the rubber stamp to be used on NSWGRN.

There's a problem with security understanding in NSW generally as far as I can tell; NSWPF's COMSEC doctrine, if it even has one is rubbish, and GRN users think an iButton is going to keep people off their network. I doubt a proper vulnerability or threat assessment has ever been done against any Australian trunked radio network.

I get paid to find problems with people's "secure" communication systems and products. That's why I'm rather passionate about this.

The network owners need to call Motorola out publicly and say, "we spent a ton of money on this network of yours, it's not up to scratch security wise, so fix it." Then Motorola can go and implement the mutual authentication features already provided for in TIA-102.AACE-A, Project 25 – Digital Land Mobile Radio – Link Layer Authentication, which make P25 significantly more secure than SmartZone. The technology is indeed there to provide proper security; it'll prevent unauthorised users from associating with the network, and it'll prevent an attacker from impersonating a GRN base station.

[ivahri]

You really don't get it... the customers are happy. The network IS functioning as designed. You can carry on like a turkey here but all you will give yourself is an ulcer!

In the past 20 years I've heard so much garbage about the Big M... look, I've dealt with them for nigh on 30 years & I will always call them the Chicago Mafia (I say worse things about Telstra) but like the Mafia they provide a service that many are very satisfied with. They have their moments when they cock things up, just as Tait & Simoco and I bet every other supplier does. At the end of the day they ARE the undisputed leaders in large, government, first responder grade communications networks & terminal equipment in all regions bar Europe. I've heard every bit of rubbish about how they have bought people off, how they have an unfair advantage, yada yada yada, but almost everytime a contract comes out they offer a better solution than their competitors. I would love to see a company like Tait step up & give them real competition but I seriously doubt they have the scale to take on a network the size of the NSW GRN... who knows what might happen in the future but for now they are it & you can choose to get over your anti-M issues or head straight for the nearest padded cell. Based on your recent comments that might not be far off.

And no it is NOT a furphy on THEIR part. What I wrote happened- a first hand account from me. They were totally upfront about the implications of moving to an open standard & what they warned of has happened. It is being "managed" by them and people like me. Again. I'm not discussing how with you on a public forum.

Richard