I'm instantly in love with the International Journal of PoC||GTFO. How did I not know about this before? It feels like the old Apple ][ hack/phreak days again.
>>Technical Note: The polyglot file pocorgtfo10.pdf is valid as a PDF, as a ZIP file, and as an LSMV
recording of a Tool Assisted Speedrun (TAS) that exploits Pok´emon Red in a Super GameBoy on a Super
NES. The result of the exploit is a chat room that plays the text of PoCkGTFO 10:3.
Run it in LSNES with the Gambatte plugin, the Japanese version of the Super Game Boy ROM and the
USA/Europe version of Pok´emon Red.
Then there's the articles by Natalie Silvanovich, who's specialised in hacking different versions of Tamagotchis. I mean... they're Tamagotchis, for crying out loud. A tiny plastic box with a 16x32 pixel monochrome screen, a speaker and three buttons. But this awesome hacker goes out of her way to pwn that 6502 and run her own code on it...
I've only found out about it a couple of weeks ago too via some infosec dudes i follow on twitter. It's hugely technical and full of awesome shit and easter eggs like the microdots in this version.
Lots of places are still unencrypted -- e.g. in NYC the PD & FD dispatch are unencrypted UHF. Looking at a huge waterfall of Brooklyn NYPD on a $20 SDR dongle -> https://imgur.com/VukYvB6
Depends on the city/county. Most in the US are on P25, which has been listenable by clued members of the populace, but many (most?) are now encrypting traffic (usually w/ AES, iirc).
Unencrypted transmissions are easily received by scanners (note, though, that older scanners can't pick up P25) -- they aren't cheap, though (I think mine was ~$450 USD). In my area, one local police department is the only agency that has chosen to encrypt their communications.
It is, supposedly, also possible to pick up P25 using RTL-SDRs, though I've never tried so I can't say for certain.
Oh yes. Also, cell phone conversations, the radio trunk lines used by private dispatchers (taxi cabs, delivery and construction trucking firms), public utility fleets, you name it. Even into the late 90s you could buy a cheap Radio Shack scanner, dyke-out some diodes (put there to lock out certain frequency ranges, per some FCC rules) on the motherboard and listen in to all kinds of things.
> When police use encrypted radio channels, they can't interoperate with EMS, other agencies or in disaster zones. So becomes a problem.
Depends on the system. TETRA (used in europe) can be optionally encrypted, so the police can have radios with encryption for their talk groups, but still do unencrypted communications with the medical or fire services.
Around here, they run it with encryption off though, because apparently the key management is a pain in the ass and I guess the criminals they mostly interact with aren't the types to sit around with RTL-SDR dongles capturing their voice comms.
What might potentially come from this ground-level work? How wide ranging could hacks for this radio support custom software, custom audio and data encoding/decoding, custom modulation, etc etc?
http://www.sultanik.com/pocorgtfo/