You are here

Video stream security

14 posts / 0 new
Last post
KD7MG
KD7MG's picture
Video stream security

Our local mesh team may have an opportunity to provide live video feeds for the Air Force Security Forces and Anti-Terrorist group at an upcoming air show. A question was raised as to how secure the video feeds were from eavesdropping. We will probably be on 2.4 GHz ch -2 and possibly on 3.4 GHz as well.

I understand it would be highly unlikely that the video feeds would be sniffed out, but really, if a tech savvy person was bent on eavesdropping, how hard would it be for them to do that without any prior knowledge of our setup?

KG6JEI
Part 97 prohibits encryption
Part 97 prohibits encryption so there is no way to prevent ease dropping, quite the opposite the laws on scanners are that deciding the data is completely legal as ham radio is exempt from the laws that were used to prosecute Google for recording wifi.

All you need is an SDR with significantly wide range (6-12MHz) and software to decode the algorithm (have to imagine this exists) and it be very easy to see the signals coming from the hardware, the frequency, the modulation, etc.

A stock PC won't be able to see or decode the data but any tech savvy source once they find out what frequency you are on will be able to decode. 

You may get some advantage in that they may think that it's in the Part 15 band but if they have the gear (I'm considering that a part of tech savvy) to look at broad spectrums (there's a wide band handheld spectrum analyzer for less than 600$) 

So basically steps to ease drop not knowing your setup:
Determine your frequency
Determine the width of the signal
Determine the modulation
Determine the encoding/framing  (802.11n)
Decode Data with known encoding (make a reasonable assumption since its 802.11 that it's an IP network and points it as a wifi network and just tcpdump raw)
Watch video stream

That said I'm aware of a local event that uses cameras for big public event to keep an eye on what is going on and they didn't raise a concern but they also were not the USAF. 
 
kj6dzb
kj6dzb's picture
It can be done... enough said
It can be done... enough said. 

Plausible but not Probable, encryption would slow THEM! down. 
WL7COO
WL7COO's picture
Warning, Slippery Slope Ahead !!!

If a served agency chooses to use 256 AES or similar for traffic they send over SSIDs AREDN provides, so long as all  SSIDs and Node Names using Amateur Frequencies are properly conforming, for both Emcomm and Public Service events such as described here, we're not violating Part 97. 

Recommend those in doubt review what ARRL's HSMM Working Group and FCC have said on the subject.  

Anyone with the knowledge, equipment & inclination to do so, will indeed be able to see both the SSIDs and node names of every link we provide and proceed to do or not do whatever they would wrt to that Agency's encryption, which we're doing nothing to obfuscate. eh?  

If there is any doubt, it should be about whether we should feel an obligation to ensure Served Agencies are aware of this.    

No I couldn't in good conscience deprive you of the pleasure and reward of researching this yourself.

TIA for all knowledgeable feedback -  so long as it is appropriate in a publicly accessible forum.
(armchair lawyers please do the research and then don't reply <g>) 
73
...dan wl7coo​

AE6XE
AE6XE's picture
Dan,   This looks like a
Dan,   This looks like a related, but different scenario than the original idea in this post.   In this thread, we're talking about services and traffic that the ham's of the mesh network own, create at the source, and deliver to a served agency (on a video screen).     Can you confirm that I understand your post correctly? -- that the ARRL hsmm working group and FCC have said:

On a part 97 data network operated by a licensed radio operator, all (some?)  traffic that a served agency rides over the top of it, does not have to meet part 97 rules?   A hospital network could send encrypted documents of sensitive patient names and medical information over an AREDN Network?   The RED Cross could conduct business and use a credit card to buy 1000 blankets from Amazon over an AREDN network?

Is there any specific references that folks may follow up on to increase all our understandings--to avoid everyone looking for needles in the haystack?  

Joe AE6XE

 
KI6GVW
Your scenario is a very
Your scenario is a very realistic one we would likely encounter. Right now most local government agencies in SoCal lack capabilities AREDN could offer. If lifesaving needs could be meet in a crises by encrypted communications and there were no other options. I would not hesitate to allow it. Then I would write Trump and beg for clemency, who knows maybe he would grant me a pardon.

Aside from part 97, so far my understanding is the purpose of AREDN is to be open to all, encryption would hinder this.
,
K6AH
K6AH's picture
The AREDN team encourages...
The AREDN team encourages all licensed operators to comply with the FCC Part 97 rules.  It is up to the operator to ensure that they are in compliance.
KD7MG
KD7MG's picture
Thanks all

Thanks all, this has been educational. I see it's doable, but not very likely, especially since there are probably much bigger targets to go after than a rather obscure video feed.

KI6GVW
If they are concerned about
If they are concerned about security you could set up a non AREDN network and use regular WiFi frequencies and encrypt away. 
WL7COO
WL7COO's picture
Joe, clearly, we as Amateurs are not to apply Encryption or

otherwise obfuscate our communications.  

We also know we may not engage in any activity on Amateur Frequencies for which we receive any kind of remuneration.

Does this mean we may not transport, as third party traffic, sensitive data that a Served Governmental Agency may have very good reason to encrypt vs secure and they do so prior to handing the data (in a metaphorical locked briefcase) to us?   The served agencies,  in preparing their traffic might be intentionally obfuscating the content, meaning, actual source or final destination,  all in the National Interest or on behalf of common sense or privacy considerations.

Depending on the nature of the encryption and whether the encoding/decoding requires information not publicly available it certainly could be considered intentionally obfuscated traffic.
  
How are Amateurs  not in full compliance with any portion of Part 97 by virtue of identifying and utilizing every best practice and specification available in order to ensure security, reliability of delivery and non-repudiation of this traffic while doing nothing to further obfuscate this traffic in the locked briefcases, or the SSIDs & authorized callsigns of each and every RF link we use to deliver the traffic to it's intended destination ? 

It should be possible to point to specific passages in Part 97 that say we may not forward secured information streams from served governmental agencies.  I try every so often and have yet to succeed.

Is AREDN doing something with encrypted data streams I'm not aware of or do not understand?

May I please reply to your question with a very sincere questions of my own?  
Does AREDN at any time, under any circumstances, not correctly identify the SSIDs and Node Names associated with every packet on every link?

Why don't we all agree to re-read Part 97 from first to last word and every word in between as a New Years Resolution exercise every year?
This is probably more time efficient than wading through the last 10+ years of written communications on this topic.

I promise one and all if I ever see something I've missed in Part 97 that negates this bit of sophistry, I'll own the mistake.

QED

73, ...dan wl7coo

Postscript, Short version;  it isn't a haystack it's Part 97 and actually quite readable.

KG6JEI
FCC Report and Order on Encryption

I can provide you citations from part 97 that I believe disagree with you, and I have done so on other threads here on the forum but would be glad to provide as such again.

However I would instead this time like to first try by providing the FCC's plain language wording from Report and Order RM-11699 regarding request for rule making to permit encryption.  http://transition.fcc.gov/Daily_Releases/Daily_Business/2013/db0918/DA-13-1918A1.pdf

"Based on our review of the record, we are not persuaded that the petition discloses sufficient reasons in support of the action requested. First, we conclude that the record does not support Mr. Rolph’s assertion that the prohibition on encrypted amateur communications is impairing the ability of the amateur radio community to provide effective support to public safety agencies during emergencies. As the report to Congress concluded,"

"As the Commission has noted, Section 97.113 is intended to help maintain the non- commercial character of the amateur radio service by prohibiting certain types of transmissions.18 The primary protection against exploitation of the amateur service and the enforcement mechanism in the amateur service is its self-regulating character.19"

"Therefore, we agree with the comments that say, in various ways, that amending the rules to allow encryption to obscure the meaning of messages transmitted during emergency services operations and related training exercises would not improve or enhance the operation of amateur service stations or otherwise be in the public interest.24 Accordingly, we dismiss the petition."

Again I'll be glad to provide citation more in depth on the rules of you so desire but I think the FCC's plain language words say a lot on this matter without directly reading each law. I will ask to rember that no matter who passes the information to the node operator, the originating node is indeed the message originator and is responsible for that content, it's up to that individual to make sure no information passed will violate his or her license. If the information is obscured when that operator receives it that operator needs to be mindful that if they transmit it they are still transmitting obscured content, it doesn't matter
if you obscured it yourself or received it pre obscured it is still obscured for the purpose of hiding it's meaning.





 

kg9dw
kg9dw's picture
It's a real limitation
This is becoming a real problem for me in the use of AREDN on amateur frequencies. But there is nothing to prevent me from using AREDN on Part 15 channels, as long as I stay within the power/gain limitations. What does prevent me from using Part 15 is the crowding by other users.

Here's an example...just yesterday our local EMA team joined up with the NWSChat (think MeshChat on steriods, used by storm spotters, the media, and emergency management teams). It's all web based, nice javascript interface, multiple windows and multiple simultaneous conferences. Guess what? It's all https. Well, no NWSChat over the mesh I guess. We had planned to access the app from our EOC across the mesh, as the mesh has redundant links and redundant power (and soon redundant internet gateways).

If the encryption rule interpretation were just a bit more modern, maybe you could justify this by saying hey, I'm connecting via https to nwschat.noaa.gov; I'm clearly not doing anything commercial or using Part 97 frequencies for personal gain. 

To each his own, YMMV, I'm not a lawyer, blah blah blah.
MB

 
K7OPA
K7OPA's picture
So we have link between a
So we have link between a hospital. And a clinic via an intermediate node. If using Air OS they can send what they want, how they want, with link into internet. In emergency, with internet down, we could reconfigure nodes and they could send whatever is needed, right? Lots of effort to provide a dual use system. 
k1ky
k1ky's picture
How would this be any different from Digital Modes D-STAR, Etc.
How would this be different from our digital formats used by D-STAR, System Fusion, P-25 and DMR - not to mention WINLINK using B2F encryption ?  Aren't these modes suing some sort of encrypted (using the term loosely) coding schemes?  As long as the methods are published?  HTTP is pretty common these days.

 

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer