Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Numbers Stations Move From Shortwave To VoIP 228

Posted by CowboyNeal from the something-to-puzzle-over dept.
IO ERROR writes "For decades, intelligence agencies have been sending secret messages to their agents in the field using shortwave numbers stations broadcasting encrypted messages for all to hear and puzzle over. Now someone is putting numbers stations on VoIP telephone numbers for anyone to call, and posting messages to Craigslist to alert the recipients to the existence of their messages. One of them went up last month and now a second one has appeared. Will there be a third? Who's behind them? And can you crack the code?"
This discussion has been archived. No new comments can be posted.

Numbers Stations Move From Shortwave To VoIP More

Numbers Stations Move From Shortwave To VoIP

Comments Filter:

  • Numbers Station here on slashdot - OUTGOING! (Score:5, Interesting)

    by LiquidCoooled ( 634315 ) on Thursday June 01, 2006 @09:52PM (#15450541) Homepage Journal
    I'm sure a lot of us have noticed the stange messages like this:

    OUTGOING
    (Score:-1, Offtopic)
    by Anonymous Coward on 21:04 1st August, 2005 (#13217474)
    HELLO WORLD
    38836 38836
    HELLO WORLD
    98481 98481 14101 14101 27700 27700 35003 35003 78743 78743
    55984 55984 36482 36482 48376 48376 17577 17577 25568 25568
    41432 41432 33120 33120 71600 71600 37482 37482 72016 72016
    18165 18165 97172 97172 06235 06235 09179 09179 66815 66815
    39131 39131 02234 02234 37138 37138 05015 05015 18609 18609
    15481 15481 26568 26568 76909 76909 14869 14869 84844 84844
    98467 98467 15173 15173 91438 91438 01957 01957 83393 83393
    55263 55263 02335 02335 39565 39565 33152 33152 48263 48263
    85656 85656 69752 69752 84232 84232 87361 87361 24560 24560
    98390 98390 28772 28772 59461 59461 31312 31312 14942 14942
    68574 68574 70946 70946 49109 49109 19694 19694 45323 45323
    65157 65157 98866 98866 64012 64012 72983 72983
    K-BYE

    They have been an oddity until now, but hearing about these numbers stations makes me think our very own slashdot is being used as a covert channel.

    Certainly piqued my curiosity more than once, it would be good to get to the bottom of it.

    Couple of examples here [slashdot.org] and here [slashdot.org], I've seen a few more, but they get lost quickly due to moderation.
    The second one I posted has a bit of info about its origins here and links to a user and an apparent initial source of the messages.

  • I deciphered it! (Score:4, Funny)

    by ScaryMonkey ( 886119 ) on Thursday June 01, 2006 @09:55PM (#15450555)
    Always... drink... your... Ovaltine?
    • You incorrectly deciphered the first word, it's really "Be sure to" instead of "Always". The message made absolutely no sense the way you deciphered it ;-)

      And yes, I can't believe I actually have neurons somewhere that retain this useless information.

      • I'm glad you corrected him, I was just about to before I saw your reply. I can remember that, but I still leave for work without my lunch ;-)
        --
        Q

  • Doesn't that defeat secrecy? (Score:4, Insightful)

    by gd23ka ( 324741 ) on Thursday June 01, 2006 @09:58PM (#15450565) Homepage
    I know it's the first thing that comes to mind but I'm sure They can monitor who calls ("tunes into") that phone number regularily. Broadcasts are anonymous and many people own shortwave radios, VOIP can be traced to a subscriber so what gives?

    • Re:Doesn't that defeat secrecy? (Score:5, Informative)

      by Technician ( 215283 ) on Thursday June 01, 2006 @10:17PM (#15450668)
      I know it's the first thing that comes to mind but I'm sure They can monitor who calls ("tunes into") that phone number regularily. Broadcasts are anonymous and many people own shortwave radios, VOIP can be traced to a subscriber so what gives?

      You are thinging traditional VOIP subscriber. Buy an adaptor at ______ with cash. Activate it with a stolen card and ID. Hook it directly to a wireless access point in client mode. Wardrive near hotels. Park nearby for a couple days.

      It's much harder to pinpoint the source than a radio signal. RF Direction equipment can triangulate a HF signal quite quickly.

      • Re:Doesn't that defeat secrecy? (Score:5, Interesting)

        by daranz ( 914716 ) on Thursday June 01, 2006 @10:35PM (#15450747)
        Still, number stations are pretty much a one way means of communication. The whole idea behind them is that they can be broadcast from a secure location (ie, from the territory of the state running the agents), and received by any number of recipients, without anyone being able to detect the fact that the transmission was received. In case of voip, both sides are detectable - even if not eaisly traceable.

        Also, the VoIP method is missing another point of the stations: with a radio station, you can remain tuned for as long as you wish, without the risk of detection increasing. Staying connected to a "number station" via VoIP means that you have to stay connected for prolonged amounts of time, increasing chances of detection, if only by a hotel employee who notes that someone was sitting on the hotel's wifi network for 24 hours. Besides, if one wants to use "number stations" over the Internet, one can simply post the numbers in any amount of places. It is easier and probably also safer to grab one text file off some FTP server, than it is to stay connected somewhere for a longer time. You might not get the message as fast then, but at least you're not sitting in a van next to your local Motel 6 for 3 days.

      • Re:Doesn't that defeat secrecy? (Score:4, Interesting)

        by harlows_monkeys ( 106428 ) on Thursday June 01, 2006 @11:20PM (#15450965) Homepage
        You are thinging traditional VOIP subscriber. Buy an adaptor at ______ with cash. Activate it with a stolen card and ID. Hook it directly to a wireless access point in client mode. Wardrive near hotels. Park nearby for a couple days.

        So, basically, instead of using a fairly innocuous radio, which is easy to explain away if apprehended, you propose that the secret agent go around carrying stolen cards and stolen ID and wardrive? I think the general idea is for spies to not call attention to themselves, and engaging in two or three activities that might be illegal even if not connected with spying is probably not the best procedure!

        It's much harder to pinpoint the source than a radio signal. RF Direction equipment can triangulate a HF signal quite quickly.

        The numbers stations broadcast on shortwave frequencies whose signals carry very far, with plenty of bounces off the ionosphere. You can triangulate them to approximately what quarter-hemisphere they come from. And even if the exact location were found, it wouldn't help catch the spy receiving the signal, nor even give any indication that the signal is for a spy in your country.

        • Actually, these ones are accessable via POTS. It made Off the Hook last week or the week before if I remember correctly.

          No need to pack around a laptop, voip equipment, etc. Just find a phone, dial in, and act like you're having a conversation while you write down the numbers.
    • Given that all traffic on the internet can essentially be logged and tracked, why use VOIP at all?

      Just put some PGP encrypted data into an image via Steganography and post it to someplace popular like...lets say...CuteOverload.com

      Then if your recipient was tracked going there, he would just look like any other Cats In Racks fan looking for cute kittie pictures : )

    • Yes but when 10,000 slashdotters tune into the number as well, it gets a bit harder to tell who it was originally intended for.

      There have been two such numbers found, both using the same catchy song (anybody know what that tune is? I like it). Thus, each number would have to be dialed by at least a few hundred people for the caller to really gain security through obscurity.

  • Eh, ok (Score:5, Insightful)

    by dk.r*nger ( 460754 ) on Thursday June 01, 2006 @09:59PM (#15450570)
    The point of shortwave is that you can listen from anywhere, undetected.
    Calling a phone leaves a bunch of traces. There is really no discreet way for our man in Havana to call longdistance and listening to numbers for a few minutes.
    You could just put the numbers on a free website somewhere, or use email..

    • Re:Eh, ok (Score:3, Interesting)

      by kognate ( 322256 )
      True enough, but I can steal your mobile and call that number. Then when the Suede Denim Secret Police come knocking they sure won't be knocking on my door.

      The other problem is that shortwave radio recievers are incriminating devices in some dark places that you would want to have spies in. Cell phones pretty much universally are not.
      • Why would it have to be a stolen telephone? What about one purchased with false ID meant to be trashed after usage? Or more likely a VOIP phone (or soft phone). Not to mention the (admittedly increasingly rare) pay phone.

      • Re:Eh, ok (Score:3, Funny)

        by Photon Ghoul ( 14932 )
        Then when the Suede Denim Secret Police come knocking they sure won't be knocking on my door.

        But they will be coming for your uncool niece.
      • Damn Fashion Gestapo, I hate those guys.

        Also, they're using *Craigslist* are the spies looking for Futons of Mass Destruction? Does Al Quaeda need 2 pet friendly roommates for summer sublet ASAP?

    • The first message was was listed in the the New York classifieds. Now it is possible the author simply placed it there for obscurity reasons, but it could also be that he/she was targetting someone who resides specifically in New York. Also, area code 212 is in New York City, which could be so their contact in New York wouldn't have to dial long distance to reach it.

      The second message was in the San Francisco classifieds, and there too the area code, 415, of the number matches with the city. It could be t

  • Cryptanalysts in love (Score:2, Interesting)

    by Sentri ( 910293 )
    From one of the articles: "Update: Ryan Singel (of Wired) thinks it's just two young cryptanalysts in love, "sending love notes and taunting Mossad, the NSA and the phone phreakers at the same time." He also points to some links indicating those shortwave numbers stations are still around. Go take a listen."

    Cool. Not everyday you learn about an international conspiracy to broadcast numbers. If it were me, I would set up one of these to broadcast from SEALAND!!! http://en.wikipedia.org/wiki/Sealand [wikipedia.org]

    01010010 0

  • Silly (Score:3, Interesting)

    by mccalli ( 323026 ) on Thursday June 01, 2006 @10:06PM (#15450608) Homepage
    Code or no code, VOIP is an awful lot easier to block and censor than short wave.

    Cheers,
    Ian

    • It's also easier to let through and trace. Heck, with short wave there's no way to tell the location of receivers so it can't be leaked, intentionally or unintentionally. With web pages, a group like the NSA might conceivably even be able to track a connection through proxies-they wouldn't need to know the content of the message because it's not secured on the server end.

      If I were a spy, I'd lean more toward the use of stegonography so at least it isn't totally obvious that a code is being used. Might

    • Re:Silly (Score:5, Insightful)

      by Dachannien ( 617929 ) on Thursday June 01, 2006 @10:41PM (#15450777)
      I'm not sure about that. VoIP has an unrelated and legitimate commercial interest behind it to support it not being blocked solely based on the virtue of it being VoIP, and thus anybody wanting to jam/block particular VoIP calls would have to know ahead of time at what phone number the message was going to appear. And there are a lot of phone numbers ;)

      On the other hand, the various intelligence services have some pretty powerful jamming equipment that can render shortwave transmissions at least partially unintelligible. Numbers stations often work based on a schedule (in terms of both time and radio frequency), and once an intelligence service determines this schedule, they can wash out the frequency with crap at the appropriate time. Since the whole reason for numbers stations are that spies in the field are relatively incommunicado with their handlers, figuring out the schedule can have a fairly long-term impact on the spy being able to receive information and orders. In fact, the biggest question is likely where the jammer antenna should be positioned to ensure that the transmission will be jammed.

  • The Numbers? (Score:5, Funny)

    by Anonymous Coward on Thursday June 01, 2006 @10:13PM (#15450652)
    4 8 15 16 23 42

    • Re:The Numbers? (Score:2, Interesting)

      by Sentri ( 910293 )
      Has anyone else been made to pause by this post for more than just a laugh?

      Could it be that on Lost the radio broadcast is a play on the Number Stations stuff?

      I am a bit behind on Lost because I live in Australia so I may be behind on the current theories.

  • blog comment spam (Score:3, Interesting)

    by moosesocks ( 264553 ) on Thursday June 01, 2006 @10:28PM (#15450719) Homepage
    Such messages also appear to be manifesting themselves as blog comment spam [boingboing.net].

    The numbers are always in 5 digit blocks too, just like the ones that another poster observed occuring here on slashdot [slashdot.org].

    This is either genuinely weird, or just someone playing an elaborate prank.

    I for one am intrigued, as I've seen the link-free spam messages crop up in all sorts of weird places...

  • Waste of time (Score:3, Funny)

    by caller9 ( 764851 ) on Thursday June 01, 2006 @10:30PM (#15450724)
    So some ham radio freaks or cryptologists are playing tricks. Who gives half a crap?

    Want something really secure? Use one of those messages that self destruct like inspector gadget. As a bonus, it could really jack somebody up if thrown into their face. Also, they can be easily delivered by any method of transportation no matter how impossible, as evidenced by numerous Inspector Gadget episodes, where "the chief" maneuvers into some unthinkable situation only to have the tossed, usually over the shoulder, crumpled message end up giving him severe burns to his face and uppper body upon detination. Even when you go phew! because it totally missed you, guess what, you were wrong and you blow up anyway. Try and get with that hype shit NSA!

  • I think this is obvious. (Score:4, Funny)

    by ScentCone ( 795499 ) on Thursday June 01, 2006 @10:34PM (#15450740)
    It's the promo for Dan Brown's new book. All of the fashionable Masons are using VoIP for their rituals and world control these days.
    • It's true! The V is the Masonic Square, with the I and P forming the compass. The "o" is meant to stand in for the "G" in the center. It's OBVIOUS PEOPLE.

      (the preceeding may have been sarcasm)

  • Conet Project (Score:5, Informative)

    by gEvil (beta) ( 945888 ) on Thursday June 01, 2006 @10:35PM (#15450745)
    Wow! 30 comments and no mention of the Conet Project. [archive.org] There's lots of great sound files there to make your officemates wonder what the hell you're up to...

  • Conet Project (Score:3, Interesting)

    by JMZorko ( 150414 ) on Thursday June 01, 2006 @10:41PM (#15450775) Homepage

    I bought a 4 (or maybe 6?) CD set of numbers stations recordings several years ago, call The Conet Project. Since i'm big into experimental music, the idea intrigued me. While some of the recordings were downright spooky and disturbing (not necessarily a bad thing), I found it mostly to be soothing in a weird way (though after listening to 2 or 3 CDs of these recordings non-stop, it started getting a bit ... too weird).

    Regards,

    John

  • It's a *code* not a cipher (Score:5, Insightful)

    by crmartin ( 98227 ) on Thursday June 01, 2006 @10:45PM (#15450798)
    Very likely you can't easily crack the code. reason: it's a true code, not a cipher. A real code assigns a symbol like '34187' to a word or phrase arbitrarily. Unlike ciphers, true codes are very difficult to crack without getting the key somehow, because there is very little redundancy to exploit statistically.
    • Substitution codes are subject to statistical weaknesses. Of course, you need a wide data set to use statistics to break the code. If you are substituting random phrases instead of whole words, that would make it quite a bit more difficult, but not impossible.
    • I don't think it is a code. Try dropping the zeroes between each non-zero 2-digit number, allowing "00" to be a legitimate pair and assuming the occasional 3-digit string. You get a sequence that has 45 unique numbers (in the case of Group 617, 41 unique numbers) and a frequency distribution that doesn't seem all that likely for a pad's vocabulary. Add to that the fact that none of the numbers in either group exceeds 112, and the pad you were using would be working with a very small vocabulary. I can't
  • Godammit. It's just a bunch of geeks.
  • Last time secret messages were popping up in different places, google was involved...
    • Nah, this stuff is getting pretty common. Look at stuff like hansofoundation.org lots of advertising is being done with strange internet based stuff. Remember MS's Origami stuff? So Google isn't alone in that.
  • Dial 45... 41.... oh oh oh
    Call Mr Lee,
    He'll know the code is broken,
    Tell him the dog is turning red.
  • You can't crack them. Unless, of course, you or a cohort has devised a way to crack a one time pad short of stealing the mat.

  • Obvious first step, and some frequency analysis... (Score:3, Insightful)

    by Jurph ( 16396 ) on Friday June 02, 2006 @12:31AM (#15451355)
    Nobody seems to have pointed out anywhere that these codes, while broken into the canonical 5-digit groupings, are almost certainly composed of three-digit numbers padded with zeroes. The first one, when you strip out the annoying five-character spacing, becomes:

    Group 415
    13 56 51 12 79 46 65 10 93 00
    82 39 13 94 69 12 78 108 17 28 17
    69 22 73 38 14 17 15 15 73 04 20
    68 12 13 12 51 00 54 04 91 14 13
    15 86 22 96 81 66 02 82 55 70 02
    00 22 83 29 08 22 12 12 04 71 13
    65 27 94 19 29 14 22 08 02 11 83
    73 03 26 19 07 86 86

    and the second one becomes

    Group 617
    61 78 02 21 85 06 13 69 06
    79 12 15 24 07 06 16 17 69
    95 00 17 24 05 14 24 09 87
    22 67 89 74 10 82 10 86 78
    13 24 04 16 27 73 13 15 06
    93 69 112 20 84 00 00 21 03
    70 31 76 49 65 23 27 67 00 07 16
    12 17

    Each one just barely scratches into the low hundreds (once each), and uses "00" several times, occasionally doubled. The first one uses 45 unique numbers ranging as high as 108 with the most common characters in the teens; I haven't done any frequency analysis on the second grouping yet but the teens look popular again. I just happened to start reading David Kahn's "The Codebreakers" this week, so I've got lots of places to start, but I wouldn't mind a little help with this. Holler if you think of something!
  • I am a huge Numbers Station geek, and I've been known to listen to the Conet Project just for fun at parties, shortly before I'm asked to leave. So I've been following this story on the Spy Numbers mailing list for at least two weeks, now. If you're intrigued by this mystery, you will probably love the resources at SpyNumbers.com, or the Enigma2000 group at Yahoo.

    Anyway, my prediction: The next message will be posted on Craigslist for Boston. The first message announced Group 415, and the second message was posted on Craigslist for San Francisco.

    The second message announces group 617, which means the next message will probably show up on Craigslist for Boston. If that proves to be true, it is 99% certain that this is just a prank, or something being done by amateurs having a bit of fun. There's no way a real spook or someone sending messages of any importance would use a scheme that some piker like me can figure out.

    So what's going on here? Eh. If there's anything really in there, now that it's been on Slashdot and boingboing, it's quite likely to be cracked within a few days, unless it's encrypted with a one time pad. Whatever it is, part of me is afraid that it's part of that stupid DaVinci Code promotion, and the same part of me hopes that it's somehow related to the Hanso Foundation.

    Or maybe Publius has finally returned . . . are there any Pink Floyd albums coming out soon?
  • I thought these were generally considered to use One Time Pad's [wikipedia.org], so cracking really isn't an option. From Wiki:

    In cryptography, the one-time pad (OTP) is an encryption algorithm where the plaintext is combined with a random key or "pad" that is as long as the plaintext and used only once. It was invented in 1917. If the key is truly random, never reused, and, of course, kept secret, the one-time pad can be proven to be unbreakable."
    • So, tell me how you generate a "truly random" key? I don't believe it exists.
    • It could be a one-time pad, I guess, but they've used three-digit numbers (padding them out with zeroes and using canonical five-digit spacing) and a few things make me think it's not a pad:

      First, there are 45 unique 3-digit strings in the first message, 41 in the second, and 23 of those common between the two; that's an extremely small vocabulary. If it were a pad, one would expect to see a much greater representation of 3-digit numbers. As it is, none of the characters exceeds 112. Second, the frequenc
  • Well, going from radio waves to IP (internet protocol) of any kind seems stupid - to receive radio waves you only have to be in the area, and nobody is able to find out you're tuning to that station, unless they actually hear you. With IP, on the other hand, there are sudden packets flowing from the source to the receiver (broadcast does not span local networks because the internet would be too easy to flood). Secondly, there will only be relatively few listeners (real agents plus a few curious people) to t
    • nobody is able to find out you're tuning to that station, unless they actually hear you

      Not quite true, a receiver must be tuned (and therefore have an oscillator resonating at) the desired frequency. If you've got a highly-sensitive receiver, you can determine pretty accurately the frequency a given radio is tuned to. You can't really cover much of an area, but if someone wants to know what station you're tuned to, and they can get close to you (say within a hundred feet or so), then they can tell what yo
      • TV Detector Vans detect the radiation given off by the tube. They can't tell what channel the viewer is watching except by the image they receive from that tube radiation. The British TV authorities have admitted that they can't detect if someone is watching TV using a TV tuner card on their PC. I think you'd be pretty secure listening to a numbers broadcast as long as you kept the volume down. Speakers don't give off anywhere near the EM radiation as CRTs.

  • Numbers stations may be the opposite of what you think:
    • They may be distributing one-time pads or keys.
    • They might be sending gibberish-- just to keep the other side's cryptanalysts too busy to work on the real messages.
    • hey might be sending gibberish-- just to keep the frequency squatted on so other pirates don't squat on it.
    Lots of possibilities that don't involve actual messages.
    • They may be distributing one-time pads or keys.

      That would be odd, to say the least. Since:
      • The pads of One Time Pads are supposed to be moved over a secure channel. Perhaps held by a trusted agent or otherwise couriered by a trusted courier.
      • There is no point in distributing pads WITH OTP crypto, since the pad should never be used more than once and therefore they cannot be used to send more data that the length of pad intself (compression shouldn't work, since we should be talking about real noise, which sho
  • And can you crack the code?

    Well, considering it's most likely a one-time pad [wikipedia.org], I'm going to have to say no.

  • Enjoy :)
  • Group 415 translates to:
    "All your base are belong to us!"

    The second message,
    Group 617 translates to:
    "Moving every zig for great justice!"

    Just thought you'd want to know... :)
  • Its been known for quite some time that at least one numbers station was broadcasting out of a military base in the US. I wish I had the reference but I saw it in a book on shortwave listening some time ago. A nearby ham or SWLer realized just how strong the signal was and by taking a receiver to the perimeter of the base, was easily able to conclude that it was the source.

    I have also seen in the past revelations about these stations operating out of Cuba. There was some dissident who defected to the US
  • It says:

    "Meat is trying to convince you it has made you. You must overthrow Meat and then we will reveal ourselves to you. Do not help Meat to decrypt these messages."

    I don't get it.

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close