We’ve talked before about number stations — mysterious shortwave transmitters repeating numbers, presumably for clandestine purposes. But, of course, the mere fact that they are unusual makes them stand out. The best place to hide something is in plain sight. In the old days, a broadcaster might slip a fake news story in mentioning a name that has a secret meaning, for example. But according to [Steven Murdoch], the United States has an even more obvious hiding place for a numbers station: inside GPS.

Every L1 C/A navigation message is a 176-bit field known by the affectionate moniker: Subframe 4, Page 17. The GPS specification says it is for “special messages.” No one has disclosed what those messages might be.

[Murdoch] at University College London analyzed over 12 million GPS packets from 2007 to 2026, trying to understand what was in this field. You might think 176 bits isn’t much, and you are right. But the L1 C/A signal carries 50 bits per second, and each frame is 1,500 bits. As [Murdoch] points out: “every bit much earn its place.” Each subframe is 300 bits, so this mysterious signal is 12% of the subframe. It must be important to someone.

Even if you don’t find spy stuff that interesting, the techniques used to sift through 19 years of data using Python, Julia, and other tools are worth reading about. The source code is available, too.

In 2023, the field has, at least sometimes, changed format. However, the best guess is that the field is sending cryptographic rekeying to other systems.

Of course, the truth could be different, but you have to admit, hiding spy messages in the GPS stream is truly hiding in plain sight. Of course, there are still contemporary traditional number stations out there, too.