Civilian Defense Force

Since the word “militia” has acquired a bit of a negative connotation in some of america, There is a group of patriots trying to respond to the violence that we are facing within, without the baggage of being a militia.

Go check out: /https://civiliandefenseforce.org/

Sign up, and help the movement… they need all types, fighters, lawyers, doctors, logistics, commo, intelligence, and anyone willing to help

Burner Phones

Phone
Nextel Cell Phone

While a staple of modern thriller and spy movies, burn phones are a “work around” to the SIGINT threats that cell phones pose against advanced and professional capable threats.

The concept is simple. Use burn phones between members that can not be tied to those people if analysis is performed.

The execution is hardly simple.

Most burn phones are “pay as you go” meaning there is a phone card, or the phone gets “topped up” on usage minutes so no checking or credit card account has to be used. Many pay as you go phones need a one time credit card payment to activate the account or top up, so a pre-paid Visa gift card or something similar is the tool of choice.

Because prepaid phones and gift cards are often sold at stores that record surveillance footage, so care must be taken when acquiring them. Also, if one phone becomes flagged other phones from that same store, or gift cards from the same store will also be watched, so best practice is to get a prepaid gift card from one store, Wait several weeks, then get a phone from another store.

Remember proximity analysis! If your “normal” cell phone was in close proximity to where either the burn phone, or the gift card were bought, it will be scrutinized more. Likewise, if a burn phone was ever in close proximity to your home, work, or any place you frequent, you will receive more scrutiny.

Remember link analysis! If you use the burn phone to call home, or friends or co-workers, or team mates, they will all be looked at more closely. A burn phone should only be used to call other burn phones, or call decoy numbers that can not be associated with you.

Remember pattern analysis! Your “normal” phone needs an alibi, or to be in its normal pattern. While inconvenient, start leaving your “normal” phone at home one day a week, or on weekends, etc, this creates patterns, that once established, are less likely to raise red flags.

New communications book for the library

The “Multinational Capability Development Campaign” is a follow-on to the Multinational Experiment (MNE) series initiated by United States Joint Forces Command in 2001. It is designed to develop and introduce new capabilities to enhance the coalition force’s operational effectiveness in joint, interagency, multinational, and coalition operations. While it maintains the foundational blocks that made the MNE series successful, MCDC incorporates significant changes in scope, mission, and governance that improve responsiveness, agility, and relevance. 

Their handbook :”Military Strategic Communications in Coalition Operations” gives insight into strategic communications at the Joint Taskforce level.    While the material is a bit bureaucratic for the small team, the information in it is useful for understanding communications organizations at the high level.

From the handbook:

This handbook is intended for use by commanders and their staff at the operational Joint Task Force
(JTF) level, but could be used at any level as a reference. The purpose of the publication is to describe
the fundamental operational aspects of Strategic Communication (StratCom) in the military, and
propose guidance for the implementation of StratCom in support of a deployed JTF.
The primary audience of this handbook comprises the JTF Command Group and HQ Special Staff; the
members of the StratCom staff element(s); the Intelligence staff; the Operations staff; the Plans staff;
the Information Operations (Info Ops) staff and Public Affairs Officers (PAOs) at all levels.
Additional audiences include: personnel involved in the UN Integrated Missions Planning Process or
similar processes at the inter-governmental or strategic-political level; decision-makers, planners and
analysts at the military-strategic level; the operational-level Civil-Military Cooperation (CIMIC) staff;
staff members involved in liaison and Joint Military Commission (JMC) activities; and related staff and
commanders at the Component Command (CC) level.
Chapter 7 – Military Strategic Communication in a Nutshell – is intended to provide a concise first
overview of the subject for anyone not (yet) familiar with or not directly involved in the execution of
StratCom tasks.2
It should also be read by the StratCom staff to derive incentives for discussions with,
and education and training of non-StratCom personnel, as required.

Updated version of DRYAD generator

A “Bombe” early computer, used to break the German Enigma code

After I released the DRYAD generator, I received  few reports that it would generate the same output every time.    This is not good, even for training.   Work, family, and life put my programming efforts on the back burner for a while.   When I finally got back to it, I discovered that I committed an amateur programming mistake. 

I forgot to seed the random generator

Computers are “deterministic” machines.   That means that every action has a predictable action, or that the actions are “determined” by the programming.   That is a good thing because computers would not be very useful if their output changed at random.   However for generating cryptographic materials you need good randomness.   In order to create the appearance of randomness computers use a “Pseudo Random Number Generator” (PRNG).   A PRNG basically takes a number as input called the “seed”, and then runs it through a complicated series of mathematical equations that gives you a result that seems random, with no correlation to the input seed.   For example, a seed of “1” might yield a result of “72542” while a seed of “2” might result in “17”.

My DRYAD bug

I forgot to add a line defining a seed, so most likely it would default to “0”
Every
Single
Time
resulting in the same DRYAD page being generated every time the program was run.

The Seed is the key

In order to get pseudo randomness that does not repeat, many programming classes teach using a value of time as the random seed.   Computers keep time by counting the number of seconds since some predetermined date/time reference (called an “epoch”)
Since real time does not repeat I.E. it will only be 12:01 PM on January the 1st, 2017 once, using it as a seed guarantees that our seed is never repeated.   
This is what I have added to the 1.01 version of the DRYAD generator.
Link HERE!

While it is pseudo random, it is still not good enough

While this is unpredictable enough for video games and entertainment, it sucks for real cryptography.   For a single line on a DRYAD sheet, there are 403,291,461,126,605,635,584,000,000 possible combinations.   That is over 403 Septillion combinations.   However there are only just over 35 million seconds in a year.   If you know the formula a given crypto uses, and you know it uses “time” as the seed, then you can run the formula and simply increment the seed, starting at the earliest possible time the computer was used.   A modern computer can test years of “time” based seed in a few minutes, leaving a searchable database of every possible DRYAD sheet that could be generated in a given year.   Not very secure by a determined adversary.

This is why the current version of the DRYAD generator should be limited to training purposes ONLY!

I hope to have an improved version later that will solve the “seed” problem.
An ideal crypto-secure seed would come from a very large unpredictable source.   Government grade high level crypto use special devices that use an “entropy” source.
“Entropy” is defined as “lack of order or predictability.”  

Imagine a very sensitive thermometer that can accurately read to 1/1000 of a degree.   If that thermometer is in a computer case, it will measure the fluctuations of temperature inside.      The temperature is affected by ambient room temperature, how hard the CPU and graphics cards are running, fan speed, etc.   The temperature can fluctuate by as much as twenty degrees.   twenty degrees doesn’t sound like a lot, a fluctuation between 100.0001 and 100.9999 degrees overs a much larger range of unpredictability. 

Government certified entropy devices have been designed AND tested to insure that they are truly entropic (unpredictable) and evenly distributed. (if they generate a number between 1 and 10, a sample of a million tests should have roughly equal quantities of each value.)   

Because of the value of entropic seeds in generating random numbers for cryptography, most modern computer operating systems now have “entropy pools” to be used in seeding PRNGs.   These entropy pools combine mouse movements, keyboard timings, temperatures, hard drive seek times, and other unpredictable sources to populate the pool.

The next version of the DRYAD generator

I hope to include strong entropy and a better PRNG for the next version of the DRYAD generator.   After that, I hope to add a GUI.   I won’t put a timeframe on it, because if I do, life will guarantee that I won’t make the deadline.

P.S.   The big numbers:

The number of possible combinations on a single DRYAD line:
403,291,461,126,605,635,584,000,000
aka 403.29 Septillion

The number of possible combinations for a full DRYAD sheet:
55,730,725,530,135,062,649,198,161,739,977,709,115,499,393,128,640,929,871,421,008,423,533,724,386,338,878,574,160,341,220,778,225,216,731,660,527,904,329,322,280,362,280,772,040,814,157,865,238,665,297,698,064,960,243,496,240,325,230,914,590,792,168,508,784,599,820,624,250,553,113,284,701,975,927,160,036,290,503,391,161,723,777,948,657,564,970,294,494,230,362,463,039,937,503,817,540,615,316,978,304,413,679,131,193,300,564,494,890,078,044,222,099,073,176,301,173,743,417,188,309,993,750,657,183,175,705,816,024,175,455,037,824,215,922,922,840,889,574,614,720,871,058,686,980,831,704,240,509,476,464,184,648,541,082,363,856,771,908,162,937,920,666,500,337,734,500,441,071,580,223,302,989,222,924,982,121,660,416,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000
I can not count that high.   

Number of seconds in a year: (and possible time based random seeds for a given year)
31,536,000
aka 31.54 Million

Estimated age of the universe:
13.82 Billion years old
Number of Seconds in the universe so far:
About 484,000,000,000,000,000
aka 484 Quadrillion
aka orders of magnitude fewer seconds in the history of the universe, than possible combinations for a single line of a DRYAD sheet!

New HF Direction finding methods from Isreal

The new ELK 7065 from IAI:

From the link:

The ELK-7065 is a state-of-the-art HF COMINT system suitable for the harsh electromagnetic environment characterizing the HF band. The system tags and identifies signals characteristics in a multi-dimensional domain, composed of signal identifiers such as power, center frequency, modulation, geo-location, polarization and more. These techniques enable swift labeling of the received signals, identification and reliable Electronic Order of Battle (EOB) generation. The unique front-end technology allows installation on board compact airborne platforms, such as mission aircraft of all sizes and UAVs.

More info HERE!

And HERE!

And last but not least, a Youtube video:

VIDEO

Hack a TYT MD-380 radio for DMR scanner

Jailbreak firmware now available for cheap digital walkie-talkie allowing DMR scanning

TYT_MD-380

In the last years, DMR and MOTOTRBO (a.k.a. TRBO a Motorola Solutions branded DMR Radios ) has become a very popular digital voice mode on the UHF and VHF bands and the MD380 radio is the latest cheap DMR walkie-talkie to come out of China.

The question is, is it any good? The longer answer is slightly more complicated, and involves discussing the difference in price between this radio and other more expensive, but higher quality, radios. But i can tell you that a group of hams here recently purchased the Beihaidao DMR radio (also sold under brands like Tytera, KERUIER or Retevis) and have been having excellent results with them.

Every once in a great while, a piece of radio gear catches the attention of a prolific hardware guru and is reverse engineered. A few years ago, it was the RTL-SDR, and since then, software defined radios became the next big thing. Last Shmoocon, Travis Goodspeed presented his reverse engineering of the MD380 digital handheld radio.
The rest HERE! <— clickable link

Volume 2 Table of Contents

Work on Volume 2 is well under way.

I have the first several chapters done, and the table of contents created to serve as an outline.

As chapters are completed, It may change how I present some of the later material, so the TOC WILL change.

Here is the TOC.. .If you see something you think should be added, let me know.   Keep in mind, SIGINT and Electronic Warefare will be covered in Volume Three.

Table of Contents

Legal
Preface
I. Introduction
II. Security
A) OPSEC
B) COMSEC
C) TRANSEC
D) Threat SIGINT Capabilities

Part 1: Administration
I. Define standard operating procedures. (SOP’s)
II. Communication Table of Organization and Equipment
.  A) Category of radios:
.  B) Radio Operation Constraints
III. UHF/VHF Radio Types (and High HF)
.  A) FRS/GMRS portable radios:
.  B) GMRS only portable and mobile radios:
.  C) MURS portable radios:
.  D) Citizens Band (CB) portable radios:
.  E) Citizens Band (CB) Mobile radios:
.  F) ISR and SMR band digital frequency hopping voice radios:
.  G) Business Band analog voice portable and mobile radios:
.  H) Business Band analog voice Chineese import radios:
.  I) Business Band digital voice portable and mobile radios:
.  J) UHF/VHF Ham radio fm analog voice portable and mobile radios:
.  K) UHF/VHF Ham radio SSB mobile radios:
.  L) UHF/VHF Ham radio low usage bands portable and mobile radios:
.  M) UHF/VHF Ham radio digital voice portable and mobile radios:
.  N) UHF/VHF Ham radio digital voice with transverter to low usage bands portable and   .    mobile radios:
.  O) UHF/VHF Ham digital data and packet radio:
.  P) 10m Ham portable and mobile radios:
IV. Range Beyond Handheld
.  A) Relay
.  B) Simplex Repeater
.  C) Duplex Repeater
.  D) Cross Band Repeater
.  E) Multipoint links
.  F) Directional Antennas
V. Beyond Line Of Sight (BLOS)
.  A) HF Groundwave
.  B) HF Skywave
.  C) HF NVIS
.  D) mixed band relays
VI. HF Radio Types
.  A) High Frequency (HF) Ham analog voice radios:
.  B) High Frequency (HF) Ham continous wave (CW) morse code radios:
.  C) High Frequency (HF) Ham digital text mode radios:
.  D) High Frequency (HF) Ham graphic mode radios:
.  E) High Frequency (HF) Ham digital voice radios:
F.  ) High Frequency (HF) Ham digital packet and data radios:
VII. BLOS Less Common Methods
.  A) Microwave relay
.  B) Tropo Scatter
.  C) EME/ Moonbounce
.  D) Meteor Scatter
.  E) HM-mesh/VOIP
.  F) HamSat
.  G) Sat Phone
VIII. Other Means of Communications
.  A) POTS
.  B) Field Phones
.  C) VOIP
.  D) Visual Signals
.  E) Sound Signals
.  IX. Cellular Telephones
XI. OPSEC and COMSEC and Sensitive Materials
XII. Codenames and Codewords
XIII. Generating SOI’s
XIV. Generating OTP’s and Dryad Sheets
XV. Generating Codebooks

Part 2: Mission Planning and Opertaions
I. Spectrum Management
II. COMPLANS
III. Physical Setups
.  A) Organization, Links, and OPORD
.  B) Relay/ Repeater site selection
.  C) CP and CP site selection
.  D) LP/OP and site selection
.  E) Vehicle Setups
IV. Handling Traffic
V. Nets
VI. Supporting Joint Operations

Part 3: Training and Discipline
I. Basics of Training
.  A) Crawl, Walk, Run
.  B) Planning lessons and classroom basics
.  C) Field training basics
II. Classroom exercises
.  A) physically using a radio
.  B) Standard Operating Procedures
III. Field Excercises
.  A) Signals specific drills vs Signals as part of other exercises.
.  B) Using equipment in the field
.  C) Equipment performance testing
.  D) Alternates, contingencies and failover
.  E) After Actions
IV. Recruiting
.  A) Creating a program of continuity and shared responsibilities
.  B) Expanding the signals team, and training its new members

Part 4 Conclusion

Part 5 Appendices