Indoor Antennas Worthy Of 007

Many ham radio operators now live where installing an outdoor antenna is all but impossible. It seems that homeowner’s associations are on the lookout for the non-conformity of the dreaded ham radio antenna. [Peter] can sympathize, and has a solution based on lessons of spycraft from the cold war.

[Peter] points out that spies like the [Krogers] needed to report British Navy secrets like the plans for a nuclear boomer sub to Russia but didn’t want to attract the attention of their neighbors. In this case, the transmitter itself was so well-hidden that it took MI5 nine days to find the first of them. Clearly, then, there wasn’t a giant antenna on the roof. If there had been, the authorities could simply follow the feedline to find the radio. A concealed spy antenna might be just the ticket for a deed-restricted ham radio station.

The antenna the [Kroger’s] used was a 22-meter wire in the attic of their home. Keep in mind, the old tube transmitters were less finicky about SWR and by adjusting the loading circuits, you could transmit into almost anything. Paradoxically, older houses work better with indoor antennas because they lack things like solar cell panels, radiant barriers, and metallic insulation.

Like many people, [Peter] likes loop antennas for indoor use. He also shows other types of indoor antennas. They probably won’t do as much good as a proper outdoor antenna, but you can make quite a few contacts with some skill, some luck, and good propagation. [Peter] has some period spy radios, which are always interesting to see. By today’s standards, they aren’t especially small, but for their day they are positively tiny. Video after the break.

Continue reading “Indoor Antennas Worthy Of 007”

Inside The Top Secret Doughnut: A Visit To GCHQ

There’s an old joke that the world’s greatest secret agent was Beethoven. Didn’t know Beethoven was a secret agent? That’s why he was the greatest one! While most people have some idea about the CIA, MI6, and the GRU, agencies like the NRO and GCHQ keep a much lower profile. GCHQ (Government Communications Headquarters) is the United Kingdom’s electronic listening center housed in a 180 meter round doughnut. From there they listen to… well… everything. They are also responsible for codebreaking and can trace their origin back to Bletchley Park as well as back to the Great War. So what’s inside the Doughnut? National Geographic managed to get a tour of GCHQ and if you have any interest in spies, radios, cybersecurity, or codebreaking, it is worth having a look at it.

Of course, only about half of the GCHQ’s employees work in the Doughnut. Others are scattered about the UK and — probably — some in other parts of the world, too. According to the article, GCHQ had a hand in foiling 19 terrorist attacks, arresting at least two sex offenders, and prevented about £1.5 billion of tax evasion.

Continue reading “Inside The Top Secret Doughnut: A Visit To GCHQ”

Make Your Own Microdot

If you spent your youth watching James Bond or similar movies on rainy Saturday afternoons, then you may be familiar with a microdot as a top-secret piece of spy equipment, usually revealed as having been found attached to a seemingly innocuous possession of one of the bad guy’s henchmen, which when blown up on the screen delivers the cryptic yet vital clue to the location of the Evil Lair. Not something you give much thought in 2020 you might think, but that’s reckoning without [Sister HxA], who has worked out how to make them herself and detailed the process in a Twitter thread.

A microdot is a tiny scrap of photographic film, containing the image of some secret document or other, the idea being that it is small enough to conceal on something else. The example she gives is hiding it underneath a postage stamp. Because of their origins in clandestine work there is frustratingly little info on how to produce them, but she found a set of British instructions. Photographing a sheet such that its image occupies a small portion of her negative she makes a postage-stamp-sized one, and with care photographing that she manages to produce another of only a few millimetres in size. The smaller one isn’t very legible, but it’s still a fascinating process.

While we’re shopping at Q branch, how about an air-gun pen worthy of James Bond?

Tiny Transmitter Brings Out The Spy Inside You

When it comes to surveillance, why let the government have all the fun? This tiny spy transmitter is just the thing you need to jumpstart your recreational espionage efforts.

We kid, of course — you’ll want to stay within the law of the land if you choose to build [TomTechTod]’s diminutive transmitter. Barely bigger than the 337 button cell that powers it, the scrap of PCB packs a fair number of surface mount components, most in 0201 packages. Even so, the transmitter is a simple design, with a two transistor audio stage amplifying the signal from the MEMS microphone and feeding an oscillator that uses a surface acoustic wave (SAW) resonator for stability. The bug is tuned for the 433-MHz low-power devices band, and from the video below, it appears to have decent range with the random wire antenna — maybe 50 meters. [TomTechTod] has all the build files posted, including Gerbers and a BOM with Digikey part numbers, so it should be easy to make one for your fieldcraft kit.

If you want to dive deeper into the world of electronic espionage, boy, have we got you covered. Here’s a primer on microphone bugs, a history of spy radios, or how backscatter was used to bug an embassy.

Continue reading “Tiny Transmitter Brings Out The Spy Inside You”

34C3: Microphone Bugs

Inspiration can come from many places. When [Veronica Valeros] and [Sebastian Garcia] from the MatesLab Hackerspace in Argentina learned that it took [Ai Weiwei] four years to discover his home had been bugged, they decided to have a closer look into some standard audio surveillance devices. Feeling there’s a shortage of research on the subject inside the community, they took matters in their own hands, and presented the outcome in their Spy vs. Spy: A modern study of microphone bugs operation and detection talk at 34C3. You can find the slides here, and their white paper here.

Focusing their research primarily on FM radio transmitter devices, [Veronica] and [Sebastian] start off with some historical examples, and the development of such devices — nowadays available off-the-shelf for little money. While these devices may be shrugged off as a relic of Soviet era spy fiction and tools of analog times, the easy availability and usage still keeps them relevant today. They conclude their research with a game of Hide and Seek as real life experiment, using regular store-bought transmitters.

An undertaking like this would not be complete without the RTL-SDR dongle, so [Sebastian] developed the Salamandra Spy Microphone Detection Tool as alternative for ready-made detection devices. Using the dongle’s power levels, Salamandra detects and locates the presence of potential transmitters, keeping track of all findings. If you’re interested in some of the earliest and most technologically fascinating covert listening devices, there is no better example than Theremin’s bug.

Continue reading “34C3: Microphone Bugs”

Inside An Amateur Bugging Device

[Mitch] got interested in the S8 “data line locator” so he did the work to tear into its hardware and software. If you haven’t seen these, they appear to be a USB cable. However, inside the USB plug is a small GSM radio that allows you to query the device for its location, listen on a tiny microphone, or even have it call you back when it hears something. The idea is that you plug the cable into your car charger and a thief would never know it was a tracking device. Of course, you can probably think of less savory uses despite the warning on Banggood:

Please strictly abide by the relevant laws of the state, shall not be used for any illegal use of this product, the consequences of the use of self conceit.

We aren’t sure what the last part means, but we are pretty sure people can and will use these for no good, so it is interesting to see what they contain.

Continue reading “Inside An Amateur Bugging Device”

Eavesdropping With An ESP8266

In the old days, spies eavesdropped on each other using analog radio bugs. These days, everything’s in the cloud. [Sebastian] from [Hacking Beaver]  wondered if he could make a WiFi bug that was small and cheap besides. Enter the ESP8266 and some programming wizardry.

[Sebastian] is using a NodeMCU but suggests that it could be pared down to any ESP8266 board — with similar cuts made to the rest of the electronics — but has this working as a proof of concept. A PIC 18 MCU samples the audio data from a microphone at 10 kHz with an 8-bit resolution, dumping it into a 512-byte buffer. Once that fills, a GPIO pin is pulled down and the ESP8266 sends the data to a waiting TCP server over the WiFi which either records or plays the audio in real-time.

[Sebastian] has calculated that he needs at least 51.2 ms to transfer the data which this setup easily handles, but there are occasional two to three second glitches that come out of the blue. To address this and other hangups, [Sebastian] has the ESP8266 control the PIC’s reset pin so that the two are always in sync.

Continue reading “Eavesdropping With An ESP8266”