
A radio station that no one claims to run (2017) - bookofjoe
http://www.bbc.com/future/story/20170801-the-ghostly-radio-station-that-no-one-claims-to-run
======
segfaultbuserr
Related: North Korea has a secret diplomacy network which transmits messages
from Pyongyang to North Korea embassies worldwide. Radio hobbyists have
successfully reverse-engineered its modem and protocol. This is quite unusual,
we don't know the internal workings of any similar systems used by other
governments, so reading about the North Korean system can give us a idea about
what a typical, sophisticated shortwave digital communication system used by a
government might look like.

Another fascinating fact is the system sometimes transmits cleartext messages!
The system allows two types of messages to be sent. The first type is fully
encrypted normal messages, but one can also send "chat" messages, which allows
the operators of two systems to communicate about their working schedule,
system maintenance, etc, and they are unencrypted plaintext, which revealed a
lot of about the internal of this system. Opsec failure? They should really
just use a hardcoded symmetric key for this purpose...

Network Structure:

* The North Korean diplomatic shortwave network follows a forwarding tree structure, as they limit contacts between their stations to hops of usually no more than 5000 kilometers. Pyongyang sits at the root at the tree structure, as ultimate origin or recipient of all messages between it and embassies. Messages from Pyongyang are transmitted and relayed by North Korean embassies across the world, hop by hop along each branch of the distribution tree, until they are received by their final recipients. Messages from embassies are relayed and forwarded back to Pyongyang in the reverse way.

[http://priyom.org/diplomatic-stations/north-
korea/network](http://priyom.org/diplomatic-stations/north-korea/network)

Protocol:

* North Korean diplomatic communications utilize a proprietary ARQ modem of unknown name, unofficially known as DPRK-ARQ. The modem is based on BFSK bursts transmitted in lower sideband mode. There are two possible waveforms: 600Bd/600Hz as the default, and 1200Bd/600Hz as an option.

A complete protocol analysis is given by: [http://priyom.org/diplomatic-
stations/north-korea/dprk-arq-p...](http://priyom.org/diplomatic-
stations/north-korea/dprk-arq-protocol)

Message Format:

[http://priyom.org/diplomatic-stations/north-korea/message-
fo...](http://priyom.org/diplomatic-stations/north-korea/message-format)

------
Jonnax
According to the Wikipedia article some urban explorers found this logbook
from one of its previous transmission sites.

[http://www.numbers-stations.com/media/sample-
uvb76-logbook.p...](http://www.numbers-stations.com/media/sample-
uvb76-logbook.pdf)

------
tgsovlerkhgsel
Because the article never mentions it, many people probably know this as
"UVB-76".

More info:

[https://en.wikipedia.org/wiki/UVB-76](https://en.wikipedia.org/wiki/UVB-76)

[https://www.sigidwiki.com/wiki/The_Buzzer_(ZhUOZ_MDZhB_UZB76...](https://www.sigidwiki.com/wiki/The_Buzzer_\(ZhUOZ_MDZhB_UZB76\))

~~~
mopsi
The second link leads to [http://priyom.org/military-stations/russia/message-
format](http://priyom.org/military-stations/russia/message-format), which
reveals a fairly simple format that relies on one-time pads. Each military
unit has envelopes with unique word grids, e.g.
[https://i.imgur.com/ItpKnNy.png](https://i.imgur.com/ItpKnNy.png) The radio
station transmits messages as envelope identifiers and line/column numbers of
those grids, and recipients piece them together.

Simple and impossible to break unless envelope contents leak. Given how rarely
the system is used, it probably serves as a low-tech backup for high-tech
radio systems.

------
bnchdrff
[https://en.wikipedia.org/wiki/The_Conet_Project](https://en.wikipedia.org/wiki/The_Conet_Project)
is a great compliation of numbers station samples

------
teamonkey
Here's a BBC radio documentary from 2005 on the Lincolnshire Poacher

[https://youtu.be/Wvr6o7fBcTY](https://youtu.be/Wvr6o7fBcTY)

------
dang
Discussed at the time:
[https://news.ycombinator.com/item?id=14988362](https://news.ycombinator.com/item?id=14988362)

------
monkpit
[http://priyom.org/](http://priyom.org/)

------
diebir
Ha-ha I had to check whether this was the place where I served in 87-88. No,
my unit work location was about 10 miles south along the same road. Also a
bunch truck based radio stations, buildings, huge antenna fields, etc. We did
radio surveillance on NATO countries in northern Europe, Unit 75752. Our
transmitters were yet a few miles south of that location (you normally want to
separate the transmitting and receiving as far as practical).

~~~
asutekku
Any theory what this one might’ve been?

------
drdeadringer
Number Stations (and similar like the station described in the article here)
have a place in my heart. One of the items on my "hobby projects list" is to
make a small version of one -- nothing the FCC would knock on my door about,
clearly -- since the topic fascinates me so.

------
jonnydubowsky
COMMAND 135 ISSUED

~~~
markbnj
If that command really were used as the article suggests then you'd think it
would be followed by a bunch of other sigint derived from an increase in
activity by the units that received the command.

~~~
gmueckl
Maybe that is how they arrived at the suggested of the command? The article is
short on attributions for these claims though.

------
grueblur
deadman snitch.

