• hash@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    11 months ago

    Went down a research rabbit hole wondering about doing security research on these encrypted radios. Looks like you’d have a pretty hard time finding a legal way to do it considering it’s illegal to transmit encrypted per FCC rules. So though you can get the hardware on eBay for 100 bucks, even beginning to test for flaws is already a gray area. Probably have to rig something up to avoid transmitting at all. Plus a faraday cage? Modern solutions use AES256, so a major flaw in crypto implementation on top of a failure to rotate keys is the only likely avenue. Even if you found a vulnerability, reporting seems like it would be highly risky with the legal murkyness and arrest happy authorities.