Update: Dallas tornado alarm hack was a 'phreak' occurrence
Razer
g2s at riseup.net
Wed Apr 12 20:43:04 PDT 2017
Phone Phreaks!
> DTMF replay phreaked out the Dallas tornado alarm, say researchers
>
> Strap yourself into the DeLorean: researchers from Duo reckon the
> Dallas tornado alarm incident was a case of old-style DMTF phreaking.
>
> On Friday night, someone figured out how to activate all 156 of
> the city's sirens in a stunt hack.
>
> It turns out the sirens, from Federal Signal, use one of the
> oldest signalling techniques around: Dual Tone Multiple
> Frequencies, or DTMF, originating back in the analogue telephony
> era. The earliest phreaking attacks exploited the tones used to
> route phone calls to make free long-distance and international calls.
>
> For those who've never noticed the beeps that happen when you
> press buttons on a fixed-line phone, DMTF represents its symbols
> with pairs of beeps in this layout:
>
> [Image: DMTF tone chart from Wikipedia]
>
> Telephone network have long been secured against phreaking, but
> apparently not the Federal Signal sirens in Dallas. It looks like
> the system was set off by a simple replay attack: record the
> signal sent during a system test, and play it back.
>
> Duo's blog post notes that the DMTF signals, carried over 450 MHz
> radio carriers, aren't encrypted, so an attacker wouldn't even
> need to try and interpret the symbols.
>
> The other big compromise, according to Duo, was that someone got
> access to the computers that control how long the sirens would
> sound when they were activated. That compromise also made it
> harder for city officials to shut the system down. ®
>
> Bootnote: Duo is surprised that the attacker was able to work out
> the radio frequency in use, which sits oddly with the author's
> theory that a disgruntled insider is the most likely attacker.
>
> The Register notes that an insider would probably know what
> frequency the system used, and 450 MHz is in a band familiar with
> UHF hobbyists. If the sirens' radio used licenced bands, the FCC
> has the database online.
>
> Even for the 700 MHz band, reserved for public safety in the USA,
> it's easy enough to buy suitable transmitters.
https://www.theregister.co.uk/2017/04/13/dtmf_replay_phreaked_out_the_dallas_tornado_alarm_say_researchers/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 3166 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20170412/f2c1720a/attachment.txt>
More information about the cypherpunks
mailing list