Our next presentation is one of the people who's helping run the event and has been just doing
key spec. He and Charmander are the ones who figured out how to bypass the slide presentation
snafu and get it working. And that's Giglio. Giglio is going to talk to us about ham radios,
not just for dinosaurs like me, why hackers need an amateur radio license. And I have to agree
with him, despite the fact that I'm aging, I have to agree with him. Harry Biggs, or Giglio,
is a forensics and threat analyst security engineer at MedImpact Healthcare Systems.
Giglio has worked in the staffing, manufacturing, mortgage, and healthcare industries, each
providing unique insights into how critical information needs to be protected. Giglio was
fortunate to be on the team that hosted the 2020 DEFCON Groups VR event and is looking forward to
the 2022 event as well as I am too. So here you go, Giglio, take it away.
Hello, can you hear me okay?
Perfect. Okay. So I gotta make sure I can see my slides without
facing away from everybody. So the purpose of my talk is talk about ham radio. And for a lot of
people, ham radio may conjure up images of, you know, old retired guys sit talking into a
microphone, their buddies across the country, talking about the weather and different things.
That's certainly a component. As time has gone by, it used to be all analog. There's lots of
different frequency ranges and stuff. Also, there are things people are aware of, you know, big
emergencies where things happen, infrastructure collapses. A lot of times ham radio operators
are able to get information in and out of a place that doesn't have another way to do it.
A lot of that's changed nowadays. I mean, we have satellites and satellite phones and that kind of
stuff. So to some extent, there's a certain amount of, you know, legacy, I think, in some people's
related to the ham radio, amateur radio world. You know, that could be valid. There's and I'm
setting you up for where I'm going to take you. So hang in there. Don't get bored and run away
because it isn't as bad as it sounds. There's other things, components of that ARIES. I'm a
member of ARIES. It's the amateur radio emergency service. They coordinate with hospitals and things
in different technology stacks in the event of an emergency. There's a tool called WinLink,
which is a piece of software you run on your laptop. But behind it, there are forms, all kinds
of forms. Think of a hospital, any kind of form they would need to fill out and send to somebody
far away. There's all these forms that exist, different levels of technology. It's over RF,
over the internet, etc. So there's definitely good stuff on the legacy ham radio side,
if you will. But the thing that's really the kicker... now let me get to where I can hit the
button. If I can do that with a microphone on my hand, how do you do that? Let's see.
Okay. So here's the thing. If you're a hacker, and all of us in this room are hackers,
we are usually, like X-Ray said, usually on the bleeding or hemorrhaging end of technology.
The cool thing is, if you think about it, we've talked about people doing shenanigans
with different things, how you want to be limitable, so that you can experiment, you can
do things, you're not playing with things that you shouldn't be playing with, and then are hoping
that nobody catches you in it. Well, if you think about it, if you want to experiment with radio
frequency, and the higher bands there, so hopefully this slide is readable, but there's
there's these different bands over on the right hand side, different gigahertz ranges of things,
you head up into microwaves, there's all kinds of digital communication modes now that didn't
used to be the case. And guess what? All it takes to do it legally is to get your amateur radio
license, make sure you stay in your lane, meaning stay in the bands that are allocated
for amateur radio use, and you're golden. As long as you don't fry your neighbor's TV set
or something, and there are rules and things you learn about maximum effective radiated power,
and how much does it transmit through skin, ionizing versus non-ionizing radiation,
all these kinds of things. And so that you know what's safe, you know, you don't put a 1500 watt
antenna right next to your neighbor's house, that kind of stuff. Most of it is pretty common sense,
tiny bit of math, it's pretty easy. And so then now you have access to all these frequencies.
And now you may say, okay, cool, but you know, what am I going to do there? So the other part
of it is, there are folks, one group is the Open Research Institute. And the person, let me back up
here, because I got there. The person that's the co-founder and CEO of the Open Research Institute
is Michelle Thompson, is also a DC 858 member, also a ham radio operator. And their purpose is
to introduce technology. It's been research, right? One of the challenges, even a newer,
newer, newer technology, let's say for amateur radio, where a lot of it is driven by the vendor,
right? You've got Yesu, you've got Kenwood, you've got all these different manufacturers, they make
it, they build code that goes with it, which is a thing that takes, you know, audio data, let's say,
or digital data and turns it into a stream that you can analog transmit over airwaves. And then
they wrap that into something that you can't use it unless you buy the licensing from them. You have
to use that and go down that road. So what Michelle's Open Research Institute here is a way
to make things open. And so, you know, open source, that kind of a thing. So everybody has access to
the codec, or everybody has access to plans on how to make something, or whatever the project is.
One of the other really cool things, down here on the regulatory tab, it says work
covers ITAR, air debris mitigation, and more. Now, I'm, you know, I'm not the wizard here. But
ITAR, as I understand it, is a international governing body on things that are considered,
through pivotal work that Michelle and the ORI group did, they were able to get
things related to what we're talking about here, classified as non...
Hey, hang on. Hey Giglio, when you turn your head, I think you're trying to wait for your mic.
So I thought as soon as I picked up the mic, I had megaphone for life.
Let me see. I thought you might be pulling it away from your head physically. No,
no, I'm wearing a headset. How's that? Is that any better? I believe you dropped the mic when you
changed the slides earlier. It fell on the floor. Yeah, no, agreed. Hopefully so, but I don't need
to hold the mic, right? Am I still okay? You need to hold the mic. Okay, excellent. So then I
will hold the mic and then try to see if I can go next. So how much did you guys miss with me
talking to the wall there? How far should I back up? We can hear you. It's just difficult to hear.
So we can hear it all. It's not as loud and there is... Okay, it's better now. Open host tools
and the third one down is a megaphone. If you turn the megaphone on, you don't need to hold
the mic. I cannot turn it on for you because you have more permissions than I do. So I can't force
your permissions to do anything. That's fine. I turned it on. So let's see if it stays stuck.
So yeah, the cool thing, they were able to get the work that's being done by the ORI
and specific codecs, like we're talking about the M17 codec, different things.
They were able to get those classified as non-export control, I guess,
which is awesome because that sets the groundwork for going down the road into the future
with various projects and not getting entangled by somebody who's trying to throw a wrench in the
works. So check out openresearch.institute and you can see all the different projects
they got going on. And now I'll bore you with a little bit of ham radio stuff to show you how
straightforward it really is to get a license. Oh, there we go. So depending on how much
everybody knows about... let me see if I can see my own deck here. So some background, what is
radio? What is frequency? And what is spectrum? And radio is using an alternating current to
modulate a signal, sending it into a wire, think of an antenna, which then leaves the antenna as
an electromagnetic wave into space or air, if you will. The frequency, which is how it's measured,
is the number of oscillations per second. And then spectrum is the range of frequencies that
can be allocated. And so you can see on the chart here, which I forget who I stole it from,
it's got everything from, you know, you hear people laughing when they say DC light.
And those, that spectrum, and I'm hearing somebody eating, so I don't know if we can
figure out who's chomping away there. So that's that. So here's... next slide.
Well, Ham Radio is the amateur radio service, which we talked about already.
It's licensed by the FCC. So that's who you participate with. You need a license to transmit.
You can, hopefully a lot of us have played with the SDR, inexpensive, you know, software to find
radio dongles and software. You can listen to anything, you know, within limits. But to transmit,
you have to have a license. Frequencies are allocated by usage. And over on the right,
there's a chart that's showing different bands, they call them in the amateur radio service.
And then there's a thing called a band plan. That's who's allowed to transmit on what frequencies.
The most part, amateur radio frequencies are shared with somebody. So if there's like a public
service or commercial service or something else that's out there in a similar or nearby frequency
range, if you end up transmitting and mess up their signal, so they can't do what they're supposed
to do, you're going to be the one that gets told you need to tone it down, lessen the power, move
the antenna kind of stuff. So now what's interesting is high end frequencies that we were looking at
earlier, some of those are exclusive to the amateur radio service, which is a godsend for experimenters
and folks doing cool stuff. There's different license classes. And at this point, the entry
level license class is a technician license, which is a very straightforward to get.
You have to, there's a tiny bit of math and most of it you can memorize or if you test prep,
you can learn, understand and do the recognition thing versus having to break out a calculator and
compute things. Technician class is authorized to transmit on VHF, UHF and microwave frequencies.
And then the band plan we talked about, technician test is easy. So we're good there. Let's go here.
And is this my, let's see where we're at.
Oh, taking the test. Yeah, there's different test prep methods. You can take the test in person,
you can take it online, which is what I did. I'd always wanted to get a ham radio license.
And but back in the day, when I first looked at it, knowing how to send and receive Morse code
was a requirement. And I just never had the time to get in there and figure all that out.
Nowadays, that's not a problem. Oh, this is the basic steps you would go through,
which may be a little more minutiae than we all need. But you study for the test,
register for your FRN. And then that goes on a website. And you sign up with a testing body to
take the test. And that can be online with Glarg, that's who I used. You pay your test,
or pay your fees, take your test. And then assuming you passed, you get assigned a call sign.
And the other cool thing you can do is you can go look for call signs that are in disuse,
so to speak. They call that a vanity sign. Or sometimes in the case of, say you have,
you know, a parent and a child or a family relation, and a younger family relation,
and that person is no longer either actively transmitting, they're not using their license,
or maybe they passed away. And the family relation would like to be the keeper of that license,
you can sign up with the FCC. And assuming nobody else has tried to get that license,
your uncles, or your aunts, or whoever's ham radio license number, you can now legally
transmit on allocated bands. And like I mentioned before, go check out Open Research, or yeah,
openresearch.institute. And you can see what projects I got going on. Also interested in
having people contribute. You know, there's a whole lot of smart people in this room. So I'm
sure there's something out there you would take a look at and say, hey, that's kind of cool. Let's
go explore that. And to complete my meme thing. So on the first slide, we had, you know,
ham radio isn't just for dinosaurs. So now we're going to have any questions
by our space going dino there. So if anybody's got a question, holler it out or track me down
and we can talk about stuff. This can be a dry topic, but it also can be an exciting topic,
depending on, you know, where your project interests lie and so forth.
So what separates the technicians? I've actually been doing some of the ham study app stuff for
the technician app or for the technician exam. What makes the higher level ones a lot more
difficult to obtain? Like what separates them? Well, so what I did, I'm a general class,
is the one up above technician. So I went and took the technician like a test because I was like,
I just want to see what's going on here. Some people go on there and take two or three at a one.
I didn't have that much time to commit or try to keep things, you know, stuck in my head long
enough. Really what the difference technician has a list of things. There's a certain amount
of relationships of, you know, if a frequency range is this, how big is the antenna for a
half wavelength or a quarter wavelength or whatever. And so you figure out the math. I mean,
you're already doing, you know, binary math. I think you could take a number and divide it into
or by 300 and do okay. Right. So that's pretty straightforward. General class had a few more
specific things. I'm trying to remember what some of those were. And then the next one is,
is it extra advanced extra? I can't remember what the one after general is. Yeah. That was got extra
extra. Yeah. That one has more math. And then I also saw a thing from one of the guys on the
deaf, the DCA five, eight slack was, there was a topic being kicked around and they had an answer.
And it's like, Hey, that's because I'm studying for extra. And a lot of it could be policy.
It could be things are allowed to do what, you know, a given band range is shared by
what like the, the, the 220 megahertz, the 1.25 meter band, the low end of that is actually shared
by old school paging services and things. And so there, you could end up with a test question that
says, you know, what part of the 1.25 meter band are you not allowed to use? And then you'd have
to recognize which of them it is. And it would be the one on the low end. Oh, I don't know if
that's a good enough thing. I've got a couple of different prep book things that I found that I can
recommend. They're, they're pretty good. So you don't have to go out there and you know, and I'm
not trying to suggest that, Hey, you're going to be an MCSE by reading the cliff notes, but it's
more focused how you, how to study, what to study, what to recognize, and then what you have to
calculate. It's really based on other tests. I'm sure everybody in the room has taken, this is a
pretty darn easy. Awesome. Thank you. And also, tell them about the ARRL guide you can get for
studying for the test. I didn't even use that one. So x-rays telling me to make sure I mentioned the
American Radio Relay League guide to studying for the tests, which I ended up not using,
which is probably pretty complete and useful. It was just a path I didn't, I didn't go down,
but the ARRL is also kind of the governing body besides the FCC of all things ham radio. And,
and then there's also local groups, just, you know, similar like local DEFCON groups
on in the San Diego area. So there's the Palomar amateur radio club, and they run repeaters and
things that, you know, we're up on high mountains. So if you're in a good place geographically,
you can talk to folks nearby, not so nearby with, you know, just a handheld or something simple.
You don't have to be the person with the 30 by 40 foot, you know, big beam antenna on 100 foot tower
pointing off into faraway places. Can you do anything with emergency services yourself?
Yeah, I do. I am part of ARIES amateur radio emergency service. They just had a thing a
couple of weekends ago on the, using wind link with hospitals. They set up and they, you know,
if you think about doing a tabletop exercise, they're doing a tabletop exercise, but they're
doing it for real with, you know, fake data, fake, fake transactions and things. And so everything
that gets sent out has to have a drill header on it so that it doesn't get acted on. But yeah,
there's lots of amateur radio service. I think there's also, and you could probably talk to it
better x-ray. I've heard of Mars, which is military related and is in a slightly different
frequency range from some things, but you know, and some of these services may or may not still be
out there. I can't remember. Mars is a military affiliated radio station. It's
our amateur radio station. I briefly worked at the Mars station at Treasure Island during Vietnam
and they work in conjunction with the amateur radio people. And one of the things that they
do is set up phone patches like the Vietnam so people in the States can actually talk to people
in Vietnam so they can talk to their loved ones. It's really, it's really cool. A lot of fun.
Yeah. Once you get into amateur radio space and you find frequency ranges or things, there's
all kinds of different protocols. I'm kind of a low power guy, so I'm not going to try to put
some giant antenna up. I, with a random wire around my backyard and a little, I think most
it puts out is maybe 10 watts. There's a protocol called FT8 and there's software written by smart
folk and you load the software up and I was able to hit Japan. I hit Belize. There are monitoring
stations around the world that feed back. And I even saw my signal being picked up by something
in Antarctica. That doesn't mean there would have been enough signal there, but these, this protocol
FT8 is made for very weak, very low level stuff going on. So there's a lot of cool stuff to play
with. And the only other thing about amateur radio for the most part is not allowed to send
encrypted traffic. For the most part, if you're sending information, the protocol has to be known
and the folks that may or may not, you know, that are listening would need to know that that's
something, or at least if you want to be in compliance, that your, your, whatever traffic
you're carrying isn't encrypted. But the only exception being, and this is what that one test
question was, the other person remembered, uh, control signals that run some kind of remote
device that's up on a mountaintop. Those are okay to be encrypted. So somebody doesn't take it over.
Anyway, it's a whole lot of blah, blah, blah. I should relinquish the stage.
Thanks everybody. I turned off megaphone.
Okay. Well, we're running a little ahead of schedule. It looks like the next talk is going to be here. It's
now four o'clock. So we've got about an hour. So feel free to wander around, talk to people,
get something to drink, go to the bathroom, talk to people. That's a novel thing to do at a
conference designed for people to talk to each other. So yeah. And ask questions if you see
speakers. If you've got questions, feel free to ask them questions. And we'll see you back here at,
uh, let's see, it's Las Vegas. It'll be 4 p.m. Las Vegas time
for our next presentation, which will be by, uh, Jabels on Pwning Lazy Admins. So that should be
an exciting talk because there's a lot of lazy admins out there. So there must be a lot of fun
things to talk about.
Transcribed by https://otter.ai