(more -- lots more -- inline)
> Simple, I use multiple spectrum analyzers. I dedicate each unit to a
> specific chunk of the spectrum, and then adjust the analyzer setting
> so that I have the fastest sweep possible to catch anything that
> appears. Some of these utilize a real time FFT based software defined
> front end so that even when the SA is not right on the frequency of
> interest I can still capture things that appear around it. This
> allows even the most covert of signals to be captured.
>
> I also dedicate a series of ultra sensitive receivers which are set
> up to tune whatever the spectrum analyzers detect, these are called
> hand-off receivers.
>
> On top of this I use additional receivers which I set up to scan high
> threat bands, and to dump the detected video and receiver settings to
> a laptop. These are my scanning receivers, and are more sensitive
> then the SA's. These scan within a give band so that if any thing
> pops up or drifts around a bit these things lock on to it and follows
> the signal.
How many (non-hostile) signals does this set up usually pick up? I can't
claim to have tried using your rig, but spectrum analyzers and even
scanners always seem to give me thousands (or tens of thousands) of
signals to examine.
Even assuming you had a truly enormous bank of spectrum analyzers (or a
really sophisticated, high-bandwidth software defined radio) you still
have to record the signals and go through them later. (or are you
looking at them individually? doesn't that miss burst transmissions, or
does that not apply in the previously-stated threat model?) If you're
looking for video or digitally encoded audio, you probably need a
decently high-bandwidth recording system... how do you do it?
Of those recorded signals, I feel safe in guessing that about half will
not be immediately intelligible audio or video. This suggests that
you're doing some kind of additional filtering-- using your knowledge of
the area (or taking a pre-sweep day to set the rig up far away from the
target area) to rule out known-legit signals? going by the spectrum
analyzer printouts to eliminate signals that 'look' legit? more advanced
computer-based pattern-matching based on a proprietary database?
> These are all SDR on the back end so that there is almost
> zero chance of missing something within a known band.
SDR? Software Defined Radio? Are you actually dumping the full-bandwidth
incoming signal and then processing it to look for hostile signals
later, or are you using software to pick out interesting signals more
quickly than a normal digital tuner could?
> To take this one step further I dedicate a specific frequency to a
> dedicated receiver, with extremely tight filters and ultra-low noise
> LNA's.
LNA = low noise amplifier?
> I can (via computer control) park these on a known threat and
> just sit and listen. This is of greatest value in monitoring known
> threats used by spies, and for targeting common hose frequencies.
Hose frequencies?
> I
> have several ODFM receivers, and several receivers dedicated to
> various types of scrambled "covert" signals, and various types of
> digital receivers
Okay, so you're using proprietary (or at least
not-available-to-the-public?) hardware to help with some of the signal
identification...
> To tie thing up neatly I have also developed a receiver that uses
> reverse spread spectrum techniques where I assume to know the timing
> frequencies of a signal, and use the timing to obtain process gain on
> a signal.
Based on a quick read of Wikipedia -- isn't that basically what a GPS
receiver does, only adapted to TSCM?
Also, does this apply to audio, video, or both? Your next paragraph
seems to imply video.
> Since the signals tend to be very wide band (the wider the
> better), and we have three fixed and known timing signals (be still
> my heart) I can extract video signals from deep inside the noise
> floor so that even ultra low level transmitters can be detected at
> significant distances.
>
> This gives me five different overlapping methods and equipment sets
> that I can use to monitor anything that appears of the spectrum. If I
> run all of these systems at the same time and anything transmits even
> the slightest amount of energy I capture the signal.
>
[...]
>> * By checking them manually with a receiver? (there's a lot of e.g.
>> digital signals floating around already)
>
>
> I love digital signals, especially "covert" ones.
Because they're easy to detect? How do you differentiate between hostile
digital signals and legit-but-unfamilar ones? Or do you have enough
experience that there aren't a lot of legit-but-unfamilar signals out there?
>> then I will generate the
>>> "ALL ON" commands
>> ALL ON commands? You blanket the room with a strobe light?
>
>
> No, "ALL ON" refers to passing a digital command on well know
> frequencies to turn on a device that has been remotely turned off.
> Very often even extraordinarily sophisticated eavesdropping devices
> can get tickled into revealing tier location because the spy forgot
> that the remote control was left on the original factory command codes.
Oops...! Does this apply only to off-the-shelf eavesdropping devices or
are there a lot of 'custom' jobs that use off-the-shelf sub-assemblies
for this stuff?
> If you get lucky you can even detect the receiver inside the
> transmitted listening for the eavesdropper to issue remote commands.
Nice trick.
> Yes, in a way.
>
> I use several Astro-Med chart recorders with high channel counts to
> divide up the spectrum into neat blocks. Each channel has a dedicated
> bad filter,
Is 'bad filter' a typo or a term I'm not familiar with?
> and a diode detector, and a shared antenna (I use
> multiple antennas do this, but each antenna gets broken out into
> multiple channels which then get pre-amped, filtered, and detected.
> The goal being to capture anything this might pop up too fast for
> other sysems to snag. It provides close, real time supervision of the
> spectrum and while a precise frequency can not be determine, band
> activity can be document, and the timing of the emission can be
> determined as these systems are often left in place for week at a
> time (prior to a sweep), or used as part of my long term in-place
> monitoring system.
Wow, that's _really_ clever.
Happy New Year,
Eric Schmiedl
p.s. something you might be interested in-- secrecy-related propaganda
posters.
http://www.cafepress.com/propagandawall
Received on Sat Mar 02 2024 - 00:57:21 CST