Regarding people being able to eavesdrop on baby monitors and cordless
phones... I'm sure this is true for the baby monitors and older phones.
But aren't the newer digital and spread-spectrum cordless phones at least
much harder, if not impossible, to eavesdrop on? I'm sure with the right
amount of knowledge, computer equipment, and decoders it could be done,
but your average scanner junkie isn't going to go to that much trouble.
Am I wrong?

Jay

N0TIB
-----

JayV wrote:

Regarding people being able to eavesdrop on baby monitors and cordless
phones... I'm sure this is true for the baby monitors and older phones.
But aren't the newer digital and spread-spectrum cordless phones at least
much harder, if not impossible, to eavesdrop on? I'm sure with the right
amount of knowledge, computer equipment, and decoders it could be done,
but your average scanner junkie isn't going to go to that much trouble.
Am I wrong?

For interception and decoding of spread spectrum signals, you need to
know the method (FH, direct sequence, etc.), the hop pattern or
spreading polynomial, the current point in the hop or spreading
sequence, and so on. None of this is trivial, but enough patience
will yield some or all of it.

The hardest part, of course, is determining _how_ the freq. hopping or
the spreading is being done, i.e., the pattern or polynomial and the
current point. It's really a problem in modern cryptography, which can
be made easier if the system (e.g., phone manufacturer) is known,
since you can buy one and scope out the interesting stuff, like
the FH pattern or spreading sequence.

If the spreading sequence is generated by an LFSR and you have more
than 2*length_of_LFSR consecutive bits of the spreading sequence, it
is a "trivial" exercise in linear algebra to recover the tap sequence
of the LFSR and build a simulator. From there you try to determine
how the LFSR is initialized for a phone call, and once you have that
you're home free.

--
Mike Andrews

Tired old sysadmin

JayV wrote:

Regarding people being able to eavesdrop on baby monitors and cordless
phones... I'm sure this is true for the baby monitors and older phones.
But aren't the newer digital and spread-spectrum cordless phones at least
much harder, if not impossible, to eavesdrop on? I'm sure with the right
amount of knowledge, computer equipment, and decoders it could be done,
but your average scanner junkie isn't going to go to that much trouble.
Am I wrong?

For interception and decoding of spread spectrum signals, you need to
know the method (FH, direct sequence, etc.), the hop pattern or
spreading polynomial, the current point in the hop or spreading
sequence, and so on. None of this is trivial, but enough patience
will yield some or all of it.

The hardest part, of course, is determining _how_ the freq. hopping or
the spreading is being done, i.e., the pattern or polynomial and the
current point. It's really a problem in modern cryptography, which can
be made easier if the system (e.g., phone manufacturer) is known,
since you can buy one and scope out the interesting stuff, like
the FH pattern or spreading sequence.

If the spreading sequence is generated by an LFSR and you have more
than 2*length_of_LFSR consecutive bits of the spreading sequence, it
is a "trivial" exercise in linear algebra to recover the tap sequence
of the LFSR and build a simulator. From there you try to determine
how the LFSR is initialized for a phone call, and once you have that
you're home free.

--
Mike Andrews

Tired old sysadmin