Ah, Rob Braxman refers to this vulnerability as "client-side scanning." The encryption of a message doesn't matter if it's intercepted by a bugged app after decryption of course. Better to keep radios and smartphones as discreet technologies.
Absolutely a problem and a threat. I’d argue that even though it’s a threat, and many higher level agencies should opt for radios without android embedded, the human vector is still the one often exploited. Be it laziness/complacency, blackmail, or bribery, the janitor, equipment manager, or your partner is also a threat that should be reviewed.
It's a double edge sword, since they can remotely receive software update, patches can quickly be deployed but it also leaves devices vulnerable to hacking from the very same remote connection.
This all depends fairly heavily upon how the radio and the android side of things are actually interfaced. From the way the radio boots (ie fully functional as a radio well before android is usable) I'm inclined to say that they're architecturally distinct and its most likely that the radio-side of things probably wouldn't be compromised by a vulnerability in Android. Motorola employs some incredibly smart and forward-thinking engineers, and I do not believe this radio would be getting bought in the numbers it now is had they not addressed this proactively.
If it's wireless, it can be hacked. If it's on the Internet, it can be hacked. If a network isn't decentralized like a mesh network, it's vulnerable to widespread disruption through an attack on the main trunk or server.
everyone here has made good points about trade offs and attack surfaces... from my perspective, I still haven't really seen the benefits of this extra functionality for my group so until that happens it's easy for me to make the conservative choice and stay with traditional radio units, will be curious to see when/if that changes
I'll add my two cents: yeah, any connection you're going to add is going to increase the "attack surface" of a device. If your device now has WiFi, it can now be attacked over WiFi. However, most of those connections make the device more useful: it's a tradeoff. The perfectly secure radio has no receiver of any kind and, well.....that's not a useful radio. And it's just not the device, you have to be thinking about the network and your supply chain too. We put mitigating measures in place: endpoint security, vetted app stores, forced updates, etc. I would not allow any end-user to install Flappy Bird on their APX Next. Android has mitigating measures in place too: it's really hard to impossible to interact directly with other apps on the same device, except for the defined 'intents' systems (that's your universal share button), memory encryption, memory tagging, etc. etc. Now, "is it worth it?": it depends. Regular police work, probably fine. Deep undercover, probably not but you wouldn't bring an APX anyway. Counter-terror? Probably fine even. Key question: what is your threat model, or more specifically: who are you trying to keep out? Regular criminals? Organized crime? Or nation-state actors?
Well a similar argument applies to all the statewide trunked radio systems and how dependent those are on internet connectivity. A lot of the new APX radios can even access those systems using Wave over cellular when in a dead zone. That’s another aspect that exposes some vulnerability.
None of the statewide systems are dependent on the internet though. They may have some interfacing that allows for internet connectivity at some level (i.e. SmartConnect/BeON gateway, Critical Connect interface via ISSI, etc) but they are all 100% capable of operating without internet infrastructure. Now, many of them do use leased circuits to an extent (.i.e. T1/T3 which have either been or are in the process of being phased out for MPLS Ethernet circuits) but that isn't reliant on internet. Most of them also have a complete microwave overlay as well in the event of a failure of said leased circuits or have a hybrid setup where best path is provided via LTE/Satelite and the robust backup is provided by microwave.
It is totally possible for someone to write an android app that could do nefarious things. It would require someone having access to the preprogrammed radio and knowledge of the Motorola system and android system but it is not impossible and some bad actors with deep pockets could make this happen. It’s easier for someone to steal a radio that’s unattended somewhere.
It depends on if the Android device within has a microphone to listen, or a speaker to make into a microphone. If so it's possible to hack anything. Thing is, the path of least resistance is almost always taken. It is probably easier to take advantage of the situation, especially in an emergency high stress scenario to plant a device to listen in a squad car, on an officer, or to target the officer's own smart device. Why hack the radio when there are much easier ways to listen?
@AdventureCruiser did the link go through? I'd love to hear your thoughts after you read the article. It's certainly an eye opener. Kinda pisses me off with the other stuff that happend recently as well with tmobile, ATT, and Verizon keeping it a secret for over a year that their SMS was compromised by China
Motorola take great pride in there software security encryption updates so it can't be hacked it's is designed for that particular Motorola public safety radio with high level encryption module in its circuitry too in ensure encrypted and secure communications for first responders the radio is programmed that way former Motorola affiliate service shop technician now work independent
Ah, Rob Braxman refers to this vulnerability as "client-side scanning." The encryption of a message doesn't matter if it's intercepted by a bugged app after decryption of course. Better to keep radios and smartphones as discreet technologies.
Absolutely a problem and a threat.
I’d argue that even though it’s a threat, and many higher level agencies should opt for radios without android embedded, the human vector is still the one often exploited. Be it laziness/complacency, blackmail, or bribery, the janitor, equipment manager, or your partner is also a threat that should be reviewed.
Interesting. Things can be sideloaded on the NEXT such as ATAK maps, etc.
ATAK sided load would be very powerfull!
@@EmhanceResponderDevelopment ATAK is an official Motorola option on the NEXT.
@safety86 wow! Thanks for letting me know! This is why I got to youtube and watch random videos!
It's a double edge sword, since they can remotely receive software update, patches can quickly be deployed but it also leaves devices vulnerable to hacking from the very same remote connection.
This all depends fairly heavily upon how the radio and the android side of things are actually interfaced. From the way the radio boots (ie fully functional as a radio well before android is usable) I'm inclined to say that they're architecturally distinct and its most likely that the radio-side of things probably wouldn't be compromised by a vulnerability in Android. Motorola employs some incredibly smart and forward-thinking engineers, and I do not believe this radio would be getting bought in the numbers it now is had they not addressed this proactively.
If it's wireless, it can be hacked. If it's on the Internet, it can be hacked. If a network isn't decentralized like a mesh network, it's vulnerable to widespread disruption through an attack on the main trunk or server.
the problem is old android versions on poc radio`s, even my expensive Hytera has Android 12, not 14
everyone here has made good points about trade offs and attack surfaces... from my perspective, I still haven't really seen the benefits of this extra functionality for my group so until that happens it's easy for me to make the conservative choice and stay with traditional radio units, will be curious to see when/if that changes
What's your opinion on the tyt md UV 390 plus for a encrypted radio
@@Felix-w7k I have no experience with it, sorry.
I'll add my two cents: yeah, any connection you're going to add is going to increase the "attack surface" of a device. If your device now has WiFi, it can now be attacked over WiFi. However, most of those connections make the device more useful: it's a tradeoff. The perfectly secure radio has no receiver of any kind and, well.....that's not a useful radio. And it's just not the device, you have to be thinking about the network and your supply chain too.
We put mitigating measures in place: endpoint security, vetted app stores, forced updates, etc. I would not allow any end-user to install Flappy Bird on their APX Next. Android has mitigating measures in place too: it's really hard to impossible to interact directly with other apps on the same device, except for the defined 'intents' systems (that's your universal share button), memory encryption, memory tagging, etc. etc.
Now, "is it worth it?": it depends. Regular police work, probably fine. Deep undercover, probably not but you wouldn't bring an APX anyway. Counter-terror? Probably fine even. Key question: what is your threat model, or more specifically: who are you trying to keep out? Regular criminals? Organized crime? Or nation-state actors?
Get a Navajo, speak in code, hide in plain sight…
Well a similar argument applies to all the statewide trunked radio systems and how dependent those are on internet connectivity. A lot of the new APX radios can even access those systems using Wave over cellular when in a dead zone. That’s another aspect that exposes some vulnerability.
None of the statewide systems are dependent on the internet though. They may have some interfacing that allows for internet connectivity at some level (i.e. SmartConnect/BeON gateway, Critical Connect interface via ISSI, etc) but they are all 100% capable of operating without internet infrastructure. Now, many of them do use leased circuits to an extent (.i.e. T1/T3 which have either been or are in the process of being phased out for MPLS Ethernet circuits) but that isn't reliant on internet. Most of them also have a complete microwave overlay as well in the event of a failure of said leased circuits or have a hybrid setup where best path is provided via LTE/Satelite and the robust backup is provided by microwave.
It is totally possible for someone to write an android app that could do nefarious things. It would require someone having access to the preprogrammed radio and knowledge of the Motorola system and android system but it is not impossible and some bad actors with deep pockets could make this happen. It’s easier for someone to steal a radio that’s unattended somewhere.
Most local pd/fire use third party companies to program their radios... would be very easy on a local level
@ yes they do as I know who does quite a few of our local agencies radios.
It depends on if the Android device within has a microphone to listen, or a speaker to make into a microphone. If so it's possible to hack anything. Thing is, the path of least resistance is almost always taken. It is probably easier to take advantage of the situation, especially in an emergency high stress scenario to plant a device to listen in a squad car, on an officer, or to target the officer's own smart device. Why hack the radio when there are much easier ways to listen?
Someone breaking the encryption on our radios would be my last concern. If someone is doing that, chances are you'd already be dead.
From my understanding Motorola has safe guards in place to prevent hacking .
Possibly other governments could crack it not an Joe or even above average
Look at what happened with tetra radios in Europe, shit can happen
@@johnkeo358 what happened?
@AdventureCruiser someone found a way to backdoor the radios and get the encryption keys pretty much
@ no way, any chance you can send me any links to references for that? That sounds like it’s worth exploring.
@AdventureCruiser did the link go through? I'd love to hear your thoughts after you read the article. It's certainly an eye opener.
Kinda pisses me off with the other stuff that happend recently as well with tmobile, ATT, and Verizon keeping it a secret for over a year that their SMS was compromised by China
@AdventureCruiser are my replies going through??
Motorola take great pride in there software security encryption updates so it can't be hacked it's is designed for that particular Motorola public safety radio with high level encryption module in its circuitry too in ensure encrypted and secure communications for first responders the radio is programmed that way former Motorola affiliate service shop technician now work independent
What country did you perform your motorola work in?
Yes
Interesting..