20160124 - Digital Radio reverse engineering

Here at NewsWest we've been made aware that there is currently a discussion within the amateur community in VK6. No doubt it's also happening elsewhere, but here we're talking about digital voice and one idea is to adopt one particular manufacturer's approach to ensure compatibility across all users, Yaesu System Fusion.

It appears that this may be a little premature.

During Shmoocon, January 15 to 17, an annual hacker convention, hell-bent on demonstrating technology exploitation, inventive software and hardware solutions and open discussions of critical infosec issues a presentation was made by Travis KK4VCZ, showing the reverse engineering of the Tyterra MD380, a cheap DMR hand-held radio. We'll include appropriate links on the vk6.net website for deep detail.

• https://www.youtube.com/watch?v=QSq_bVX2to8

This is significant because underneath most of the digital modes is the same technology, wrapped up in a different wrapper by the various manufacturers, Motorola Motobro, ICOM D-star and yes, Yeasu System Fusion.

Now that the cat is out of the bag, there is likely to be further development on this front, in fact, Travis has already presented a software update to the radio to make the first hardware scanner, allowing it to receive audio from unknown talk-groups.

The whole process is fully documented, showing some reverse engineering at its finest.

• http://www.va3xpr.net/hams-hack-110-dmr-radio-allow-support-d-star-p25-system-fusion/

• http://hackaday.com/2016/01/19/shmoocon-2016-reverse-engineering-cheap-chinese-radio-firmware/

• https://hackadaycom.files.wordpress.com/2016/01/pocorgtfo10.pdf (See pages 76 - 87)

• http://shmoocon.org/

• http://rtlsdrblog.rtlsdrblog.netdna-cdn.com/running-rtl_tcp-on-an-android-phone/