parnass@ihu1h.UUCP (Bob Parnass, AJ9S) (11/23/85)
x
PRANKSTER DISRUPTS RADIO BROADCASTS
Bob Parnass, AJ9S
CHICAGO - A pirate broadcaster has been treating Chi-
cago area radio listeners to some unscheduled program-
ming by transmitting on the microwave studio-to-
transmitter links of area AM radio stations.
The last incident, on November 21, involved the 'tap-
ping' of WMAQ-AM facilities. Listeners were assailed
with a barrage of cursing, and were treated to an old
Bob Dylan tune, 'Don't Think Twice'.
WMAQ-AM is the third Chicago station to report an
intrusion.
--
===============================================================================
Bob Parnass, Bell Telephone Laboratories - ihnp4!ihu1h!parnass - (312)979-5414acardenas.ES@Xerox.ARPA (12/03/85)
Hello, Bob! Here is the test message you requested. It was very good speaking to you today! Thanks! Tony Cardenas Xerox, El Segundo, Ca.
die@hydra.UUCP (Dave Emery) (12/07/85)
In article <701@ihu1h.UUCP> parnass@ihu1h.UUCP (Bob Parnass, AJ9S) writes: > CHICAGO - A pirate broadcaster has been treating Chi- > cago area radio listeners to some unscheduled program- > ming by transmitting on the microwave studio-to- > transmitter links of area AM radio stations. It is surprising that this sort of thing hasn't happened sooner. There are so many links out there, most of which use very low power (a watt or two) that it is a testament to the basic civility and sense of order in our society that this electronic vandalism hasn't happened more often. In any case my heart goes out to the chief engineers at the stations involved. A surprising number of both AM and FM stations have unattended transmitters controlled from the studio via the STL link. There are shutoff circuits to shut the transmitter down if the link is lost but essentially no protection whatsoever against someone simulating the signal. And I suspect in at least some cases, there is only limited backup capability to shutdown the transmitter by phone lines so a spoofer might have several minutes of air-time before the transmitter could be manually shut down. Years ago I used to wonder why radicals (yes, I'm from that generation but not of that political persuasion) didn't try to take over the microwave TV relay backbone routes used until recently to distribute network programming to local affiliates to run 15 or 30 second anti-establishment commercials during some major TV event. Parking near a hilltop At&T site with a VCR, a 4 Ghz TWT power amplifier (available as surplus) and small dish would be as effective a means of getting media attention as blowing up a building. And as far as I know some care in simulating the real longlines video format would probably suffice to ensure that automatic protection channel switchovers didn't take one off the air. Today taking over a TV network feed would require generating enough RF EIRP to be a couple of db's above the network's uplink transmitter at the satellite. This would involve hundreds of watts and a moderately large dish. It would, however, require the resources of the defense department to find such a bogus uplink with no more indication of it's location then that it was somewhere in or near the continental US or Canada or Mexico. I doubt if the required special resources are set up to handle a random and unexpected 15 second uplink during say the Superbowl. And of course, if one happens to live near the ground sites (mostly Long Island, and LA) that uplink the network feeds, it might be possible to take over a local microwave link feeding the uplink. And of course if the ambitions of the group involved were less than national even a toy source of 3.7-4.2 or 12 ghz (NBC) rf would do quite nicely if located near the satellite dish that served a local TV station as satcom signals are so very weak. I suspect the local oscillator out of a TVRO would do the trick. But more sinister than the few seconds of direct media access such a caper might gain, is the implications for other more critical things that are controlled by RF links. For example, in the area where I live the power companies use microwave links to monitor and control their distribution network. I suspect a clever and somewhat more sophisticated spoofer could issue commands to remote switching stations that would cause a great deal of havoc. Doing so would require some cleverness since the RF links are mostly multichannel fm-fdm-ssb, but since the equipment is quite possibly only equiped with loss of carrier and pilot alarms, it might be possible to spoof with simple enough systems to be within the reaches of a terrorist organization. In any case all of this ought to make those of us who design systems think in terms of how we might make them less vulnerable. One method that works remarkably well in controlling vulnerability to spoofing is to transmit the information digitially and encipher the resultant bit stream. A spoofer would have to know the code to transmit anything meaningful. It is not even necessary to encode the information just as long as there is some form of data integrity checking that involves a secret key that the spoofer cannot obtain by monitoring the channel. A method that would work for radio and TV links is transmission of a validation bit stream on a subcarrier. I suspect this could be accomplished with a $50-100 dollar microprocessor and VCO. I doubt that anyone could argue that something that cheap wasn't worth considering ... David I. Emery Charles River Data Systems 617-626-1102 983 Concord St., Framingham, MA 01701. uucp: decvax!frog!die
karn@petrus.UUCP (Phil R. Karn) (12/09/85)
Just recently (Thanksgiving weekend) I saw an AP wire story reporting that one of the satellite uplink operators had filed a formal complaint with the FCC alleging that deliberate interference (several hours of unmodulated carrier) had occurred to one of their signals. They went on to suggest that the interference might have been an attempt to retaliate against the use of video encryption devices. However, the FCC seemed unconvinced that the possibility of accidental interference caused by a sloppy operator at another legitimate uplink site had really been ruled out. I guess the day you see HBO's signal pre-empted by a crude B&W slide that says (in true ransom-note fashion): ThiS StAYs oN uNTil tHe SCRamBleR GoES oFF! you will know for sure that deliberate jamming has begun. The only practical way to find such a jammer (who could be anywhere in the CONUS, Cuba, northern Mexico or southern Canada) would be with a low earth orbiting ELINT (electronic intelligence) satellite, and if the DoD has such a beast they are unlikely to "compromise intelligence sources and methods" by using it to solve a mere civilian problem (except perhaps by phoning an anonymous tip into the FCC...) Phil
lauren@vortex.UUCP (Lauren Weinstein) (12/09/85)
First of all, the person who suggested that digital subcarriers might prevent persons from "taking over" STL's and uplinks is correct-- they could stop people from actually transmitting their material through the main broadcast facilities. However, such systems would not prevent jammers from simply disrupting communications by interfering with or capturing out the feed channels, even if they couldn't get their material "on the air" in a "big" way. --- Locating illicit uplinks would indeed be tricky. I suspect that if the broadcasters went to DoD and pointed out that what happened to them could happen to portions of telephone service, etc., DoD might be forced by public opinion to help in the search. Another possibility is that the broadcasters might get together and launch their OWN low orbit "tracker" satellite just to deal with such situations when they pop up. My guess is that the current problems aren't intentional jamming, but are rather inept ground crews: "Oh, gee, you said one three FIVE degrees; sorry about that!" But this doesn't mean that the real jamming won't come along eventually. --Lauren--