 I'm going to actually read this this time because I find it so hilarious. Andrew Rodent Strutt, Bio, overall IT experience, 19 years, number of years, security experience, 11 years. That was the Bio he actually sent me. The guy who has been running a poxag network at Defcon for five years sent me the number of years he's had using a computer. Which I'm reasonably confident still isn't accurate. The big Bio was like this long and. If you send me that Bio, I would have read that one too just because like, he sent me a 12-page Bio we're starting to talk by reading it. So again, for those of you who missed the last introduction, this is Rodent, he does awesome things. He's been doing these awesome things for years and he's finally standing up in front of a bunch of you talking about how cool it is. So if you actually want to operationally use radios, this fine gentleman has a lot of experience and he's got it fitting in a bloody suitcase so pay attention and get licensed. Thanks everybody. Thank you, Andrew. Thank you guys. Thanks for staying and. So as I mentioned and for the next recording, this is for Sid the Hacker Dog and I work with Spiron Federal Spiron Security Labs and I'm a member of the AWRL. So call sign is Kela 6 Alpha Delta Sierra. Our event call sign this year is November 7th Tango for Telefreak. So this is just talking about my suitcase build. I've done several iterations of this. One, a long time ago, I bought a Motorola actual product that they had was a suitcase that gave me the idea. But that one, I spent a year trying to program it and I could not ever get the code plug. When I even brought it to a Motorola shop who specialized in old stuff, they were stumped on how to program it. So I used it as a volunteer firefighter in Afghanistan, because with all the noise and uncoordinated environments, we could barely talk with our handhelds like across the street. So I bought the repeater when I was over in Afghanistan. A different one, a Motorola actual product that they made, Bat Labs repeater, and it worked overseas but I can't get it to be reconfigured to work in amateur bands. So I started looking at different ways to build more suitcase repeaters. I like amateur radio, I like being able to provide services and emergencies and stuff like that for Aries. So this is my latest one and it seems to be working pretty good. So get a little bit into it. I have the equipment here and it's operational. You can transmit on it right now on 440-800, and I'll give you a little demonstration if it'll cooperate. Yeah, it is. So it has its own built-in repeater controller. Most of the features on that I disabled and I have a IRLP node that is a much more qualified repeater controller that I use externally, that does APRS and a bunch of other bells and whistles, and it's an IRLP internet radio linking project controller and linking device. So that does some of the heavy lifting as far as like the CWID every 10 minutes and it allows the range to be significantly expanded beyond just the RF capabilities. So most of it was just making decisions on how to do it. I mean, I looked at big ones, small ones. I looked at making suitcase repeaters with multiple handhelds. For example, I have multiple of these walkshons. Well, with the programming cables, you can cross-connect them and they do cross-band repeat. So with a little bit of effort, you can make two of these become an actual repeater. You still need a duplexer, you still need some other stuff, but it was all about the final build decisions and the hardware decisions and then the required software and configuration to make it work on amateur bands. I prefer to use for this type of stuff for repeaters to use commercial grade equipment. The duty cycle can handle the heat, it can handle longer transmissions and they're much more durable by magnitudes. Amateur radio does make some good stuff, but it's not always metal case and so on. So the decisions were for size, capabilities of the device. I didn't want to reinvent the wheel numerous times. So for example, the repeater that I chose has a built-in controller that does CWID. It has the ability to do battery backup built into it. So it has all the circuitry that I didn't have to re-hack or modify so that I could easily plug in 12 volts, solar battery and utility 110 to 220, and it could do the failover all automatically. So that's why I chose this repeater. It's a Motorola GR1225. It's widely available. I think they're still widely available, but I think they're almost 30 years old. So we'll get into a little bit more about the peculiarities of that. So the practical uses for it obviously is the mobile applications and amateur radio emergency service. Then like I mentioned, I do the Internet Radio Linking Project with it, and here's a node for it right here, which runs all off the battery and does APRS like I said, and it allows you to link to numerous different networks all around the world. I am building a new IRLP node to send to Iceland. There's no IRLP nodes in Iceland, and I have a hand buddy who talks on 2600 debt, and he got up to join a local club, get its license, and I said, hey, I'm going to send you an IRLP node so I can call you all the time, pester you. So it allows for some cool stuff that you can do and expand on it. Now the GR1225 does have an expansion port, which I'm not using, but it's mostly for linking to POTS telephone lines and to do phone trunking and some other stuff, but I'm not utilizing that, but it does have that capability. That was one of the reasons why I chose this particular chassis. The other thing I chose this particular chassis for is because it's just a shoebox, and there was guys out there who were recasing them and putting them in racks and doing different things. Motorola also has their own transportable method for this particular repeater. So when I started doing a bunch of research and looking at different people selling stuff and how they did it, I thought that this was a great choice to recase. Basically just tear the top off. It has a power supply, a 40 amp power supply, duplexer, controller, and transmitter all built in in one unit. So it was very simple to take it apart and just mount it in this case. And remount the case mount, the antenna connector, which is an end connector for UHF and the 110-220 and the DC power input. The last field day, I wanted to do battery in solar, but they didn't have enough power to provide at that level, so I ended up just using an AC inverter to go battery to 110. But it also does 110-220, so you can plug this thing anywhere and it'll basically work. That's what it looks like when they sold it 30 years ago. I do have a microphone that I got with it and it's kind of an important component because this is also how you program it, not necessarily with a microphone, but through the mic jack. So that's nice to have because you can turn off the repeat function and then also just use it as a base station, so for whatever reason. I think they marketed it as a dispatcher's stuff. They have several different markets that they would obviously sell this for, but that was something that I thought was nice. A lot of those do have that, not all of them do. I've worked with other repeaters that you can build custom with MaxStore or it was a MaxTrack, GE, there's several different, there's a CW ID coming out of the thing every 10 minutes. So there's other different manufacturers out there that you can use to pair up in multiple devices to build a repeater, but those are heavier, they're meant for vehicles, stuff like that. I chose this one because it had all the features I wanted and especially battery backup. So this is some of the specs that helped me choose why I got this one. I'm not big on the courtesy beep. Some old ham operators or younger or older generation ham operators don't like that stuff, but the simple programmer repeater controller on this, you can program it to do a courtesy beep with selectable tone, length and so on, do the CW ID built into it and it's adjustable from 25 to 45 watts. That was one thing that I was a little concerned about but I've since worked a little bit of a hack on it so I can't get the power level a little lower. It's all digitally controlled, which I found was very interesting looking at repeaterbuilders.com and pulling through all the documentation to figure out how to program this thing. And I did need help with a Motorola shop to tune the duplexer. I don't have the equipment to do that. So once I chose the frequencies and I knew how to program it and whatnot, I programmed it and I brought it to them and then they did the duplexer so that you can use one antenna on one frequency or one set of repeater pairs. So that was the main piece of why I chose this one. I have it kind of in between 25 and 45 watts because I'm not running it through an amplifier. I think I have it if I did the math right or the heat right through my testing at like 50% duty cycle. Earlier today I had it on a ham net and there's people calling into the net from Ukraine, Ireland, all over the US and just to talk about us and technology and stuff like that and they mentioned hackers. I was like trying to get in there to talk about it but didn't get a chance. But when it was on the net, it was almost keyed up 100% of the time. The hang time, when you unkey, I had that set to zero so it will unkey and try to cool down as much as possible and I did build a fan into it but with my testing I figured I needed to turn the power down a little bit more. It does get really hot. So I'm either gonna turn the power down even more and add an amplifier, a portable amplifier or I'm gonna add a ton more fans and cooling and keep the power where it's at in between like 25 and 35 watts. And you get pretty effective range on it. I made a homemade antenna to be extra transportable and basically I just measured out the coax length for this center conductor. So that's a quarter wave at 440 megahertz and then I just tied a zip strip on the end of it so it won't fall out of the PVC pipe and put it in there and glued it. I do have the same antenna for the POGSEC network that I use for this because they're near the same in frequency. The POGSEC network's on 433, this is on 440. So I do have a 5 eighths wave high gain antenna that I can run off of this but it was a little too strong for my room. I was actually saturating and interfering with the POGSEC network. So much so that there was enough radiation from this transmitter that it was activating the amplifier on the other network. So when this would key up, they'd call it chatter and so I realized at one point I put the antenna in my bathroom to get like enough isolation between the two and that worked for a while but I needed to use the bathroom and it's a lot of RF exposure in there. So I went back to this antenna. So I did wanna ask these guys Maybe I can leave it here and bring the big antenna and stuff like that, but I hadn't decided. There's still pretty good range, even with the quarter wave. I think that's a 0 dB J pole, in fact. It's not a quarter wave. But people were able to use it with a handheld down at the Cosmo, which is pretty decent range for 1 to 5 watt handheld into my potentially 0 dB J pole. So it's pretty decent range. And that repeats everything out, obviously. So much time I've got. I'm getting there. So the major components to configure the thing is a beast. And that was the hardest part, configuring the hardware and recasing it. And all the hardware stuff was semantics. I had to make the right decisions, choose the right hardware, find a case that it would fit it, and find a case I could drill without destroying it, and stuff like that. But the hardest part, and as I mentioned before, the other suitcase repeater I bought, it was almost impossible to reconfigure for amateur bands. This one, I spent months looking around for the right software, the right configurations, pointing through repeaterbuilders.com. There's a ton of information up there. Definitely used that as a resource. But there was nothing that exactly addressed my configuration, my use case, in this particular box. So there's a couple of different pieces that make it work. Obviously, the Motorola Radio Service software, the RSS, they have like 10 different versions of it through many different generations that are CPU and speed dependent, processor dependent, adapter dependent, and it's a huge mess. And Motorola does not like you using this for amateur stuff. They don't like you buying the software through unauthorized sources, so obviously do that appropriately. And some Motorola dealers don't know what to do when you come and you wanna bring it for amateur radio, so you have to build a relationship and whatnot. I did work a relationship to get the duplexer tune, but otherwise I did all the research to program it myself and to get the software working and whatnot. So, old operating systems. I read that you needed old operating systems. So first I tried, I was like, no, you don't need to go that old, so I tried Windows 7 VM. Slowed that down, wouldn't work. You turn off FIFO buffers because over the serial interface, this was before FIFO buffers were even invented, before the new serial chips were even invented, and it screws up the programming and you can very easily brick the microcontrollers on this thing. So first I tried Windows 7, thinking that it would work, didn't work. Tried Windows XP, thinking, oh, this will be the kicker because I saw a piece of information. A guy did it with Windows XP. It still didn't work. So I bought a utility that you can slow the speed of the virtual machine down, I slowed it down to 100 megahertz and I got it to send the header off the radio. So I knew I was on the right track. I ended up having to get a Windows 95 VM, slowed it down to 100 megahertz and then that USB adapter that I showed you earlier, I set the latency on that to max and I set the buffers to the minimum and then it started to talk to the radio. So and before you try to write anything to the radio with the appropriate RSS software, you just wanna read the existing configuration. So I spent weeks and weeks just trying to get the configuration off of it to read it and I knew it could do amateur radio. I just needed to retune the duplexer to be on amateur radio. So once I got it to read the configuration out, it was like, yay, success, I'm talking to it. Then I had to go through all the many different things in the RSS software to configure it. I disabled the CWID, I set the hang time to zero and I tweaked the power. Now the interesting thing that I found about the power and a lot of radio equipment, even modern radio equipment, it's analog controlled with a potentiometer. You can just get into the screwdriver if you know where to turn on the right pot and adjust the power. This thing actually uses the microprocessor and sends a PPM transmission to adjust. So at the speed it sends the pulses is what determines the power output. So it was really strange. Like when I got into the RSS software and I looked at the power settings, there was like 24 bars or 12 bars. It wasn't just a power setting. I had to tune each bar to get the appropriate. I've learned later that it's mostly for the different channels, so you'll set your duplexer on a center frequency and it gets less efficient as you vary off those frequencies. So you wanna adjust the power, so either SWR or reflection from the duplexer. So when you get off the center frequency, like on channel 12 versus channel one and you tune for channel six, that you're not gonna fry your radio. So I set the power max in the middle and then I taper off on the other side. So it was a lot to be able to configure it. I read all over the place and there's guys on eBay selling ancient laptops with all the Motorola software on it and all the adapters for like thousands of dollars. Like here's what you need to configure. And there's no other way to do it ever. You need to buy this. It wasn't acceptable for me. Now I did find through the repeater builders forums, there was one guy that mentioned that he was able to do it with virtualization for a totally different piece of equipment, for a different newer generation stuff. But when I saw that, I figured there is a way to make this work. Like I'm a big virtualization guy. I like making old technology, work with new technology. And so when I saw that little tidbit of information, he said, well, I did it with an XP VM. That's what made me think, oh, I'll try it with XP's, Windows 7 and so on. But the only way I could do it was with Windows 5, Windows 95 and 100 megahertz and with that USB to serial adapter that could even slow it down even more. So that was a big deal and I was pretty happy with that because all the information out there was saying that it couldn't be done and then eventually I was able to do it. So I was pretty happy with myself on that. But I think a lot of it mostly depends on that serial adapter. Even though they said that you could do it virtually, they wanted you to have a physical serial port. And I think it's mostly for like multitasking. So if the device isn't available for that microsecond or what have you, it'll lose contact with the radio and you'll brick it. And these are hard to find, they're not cheap and so on. So at all costs, I just wanted to make sure I would not brick the radio. So I was very, very careful about working with the serial adapters over virtualization. And then the other thing that Motorola does, and I'm not sure why they do this, but they do this serial magic where they have different ways of configuring the multiple generations that they have. And so they sell this thing called the RIV, the radio interface box. And it basically drops voltage into the serial. You can plug power into it and or a nine volt battery. And this was the only way you can configure it. There were people saying that you could do it ribless. They sell stuff out there to do it ribless. And they even said that it would work with the GR1225. I bought one, it doesn't work. And I went through the guy who's making them and selling them and he said, oh yeah, it'll work, it'll work. I mean, I sent him a video saying, no dude, this doesn't work. So I ended up buying an actual reel. I bought a Chinese knockoff one and they had the schematics for it. It looked exactly like the Motorola one. It didn't work for some reason. So I ended up buying an actual Motorola rib, which wasn't very expensive. They were just very rare on eBay to find. And this was the final piece that I needed to be able to configure it. I also found guys who were saying that it would work with just DB9 to the RJ45, it doesn't work. It has to go DB9 through the rib to DB25 to RJ45. And I looked through all the wiring and the schematics and I drove me crazy because it looked right. But for some reason, Motorola is very particular about how they want to be programmed. So this was a major piece. I had to get this paired to that. I didn't have to modify it or anything, but I had to get the cable for the GR25, RJ45 to DB25, an actual Motorola rib. I tried a ribless and it still didn't work. And then this is just a standard DB9 to DB9. So this was a major piece and it delayed me weeks after I'd built it and everything was working, but I wanted to configure and change some of the other settings and I went through like pulling my hair out, trying to figure out how to get it to talk on the right operating system with the right serial configuration and the right wiring. So that was a major piece and hopefully I never lose this thing. You don't have to reconfigure it very often, very rarely. Some repeaters, they get configured and they stay that way for their entire life. But it's nice to have and it's good know-how. I like working with this old equipment and intend to build more stuff to do this. So I was trying to find a quote from Vlad because he's pretty good with quotes and giving me tidbits of information, but I couldn't find, I searched through all my emails, trying to get a quote from him, but I ended up finding this quote from A-R-R-L and Aries. Hamray does model is when all else fails. So this is one of the reasons why I built this and I demonstrated it at the amateur radio field day so that on a fly you can roll up anywhere with no power or very little power and infrastructure and still be able to get radio communications. And so when I did it out there, I ran it all off my car and an AC inverter and it worked great. It was, everyone was doing a bunch of HF contesting at the field day, but no one had set up an onsite UHF repeater to talk just point to point with everyone. So I brought it up and they liked it and then I turned on the IRLP and so we could link to other places, which was very cool. So I'll do a quick demonstration of that. I think we're linked up, but let's see here. I'll call into the Las Vegas Western Reflector on IRLP. Let's see if it'll work. Las Vegas, Nevada. Please pause two seconds between transmissions and key up for one second before talking. Link connected. So what I've done is I've connected the repeater through IRLP to Reflector, which is point to multi-point. So I don't know who's connected to the Reflector at this time, but there can be hundreds of nodes that are connected to it and whatnot. So I'm basically using this as a repeater controller and a link. I'm obviously using a hotspot right now, but I use an open VPN tunnel. So that's all contained and more secure and it works quite well. So this can run forever off of batteries. I forgot to charge the other big battery, but I used that for a day and a half and it ran that. This is also a 70 centimeter transmitter, but this only does like a quarter watt. It's basically acting as just another user on the repeater. It transmits through the input and the repeater transmits on the output and it comes out. So this will do the CWID. It'll link to other repeater networks and so on. And I'll do another one where there may be some other chatter from other networks here. So there's another super busy network and that's the CWID obviously. And if you can read that, November 7th, Tango-R for repeater, slash R, yeah. So were you decoding it or are you just? So I'll connect to another repeater network that there's usually a lot of traffic on and it's called the WIN system, the Western inner, Western something inner tie. I always forget. It's a weird word and I give shorty trouble for it and yeah, so here. But on this network there's like, there's anywhere from like 40 to 50 repeaters connected to this repeater all the time. It's basically down to Mexico, all the way up to Washington, DC and Idaho and Surral. So currently we're connected to that and so I have a footprint of thousands of miles over the internet through that. So if there's a little break, just sounds like some normal chatter, there's a little break I'll ask for a demonstration from these guys and usually people will pop up on frequency and say, hey, I'm in Washington, hey, I'm in Mexico and so they wanna show off you. Yeah, that's on your end. This is K680S in Las Vegas. Can I get a demonstration on the WIN system, please? So what do I say about that? Hi, this is K680S in Las Vegas. Can I get a demonstration of the WIN system, please? I have to get a break in between transmissions to catch them. So when I transmit there's like a half a second delay and then on the other side, there's another half a second delay so you really, when you're linking across multiple repeater networks, you have to catch it. There we go. Hey, I appreciate the callback. I'm actually given a talk here at DEF CON in Las Vegas about internet radio linking and mobile repeaters. So I appreciate the quick come back and giving us a demonstration of the WIN system. This is K680S, I'll be clear monitoring. So that's a demonstration of the system and the linking. Sometimes you can run into some grouchy ham radio operators and that's just the way that it is. But that's a demonstration. But feel free to use the repeater if you have a license. If you're with an eye shot of another amateur radio operator, you can, as an unlicensed radio operator, use the hand band. So just use our event call sign, November 7th Tangle in 7T. And if you're around another ham radio operator or like such as myself, I can give you a radio and you're welcome to try it out and test it. So that's about it. I think I'm good for time. So any questions? The Q's first there, go eyeball. So he's asking about the serial driver for the programming of the Motorola device. So I'm using virtualization. So in Windows it has the driver, the host operating system for Windows 7. So that driver and then through VMware, that just translate that back into the VM. So the specific adapter that I have, the driver allows you to tweak latency in the buffers. Some USB adapters are just plain dumb and they just connect and they just work. This driver actually lets you tweak some of those settings. So I don't remember how I found that one but it's been super advantageous that I've had that USB adapter. So it's just using the Windows driver. And inside the virtual machine, it's just a standard serial port as far as the VM is concerned. So thank you, good questions. You were first here, I'll get you. Go ahead, sir. This is, the question is, is there a model of the IRP controller that I'm using? This is called a nano node. And the guy also makes micro node. There's a couple of different iterations of it. It's basically a Raspberry Pi with a UHF transmitter built into it. It's semi proprietary, but it's a very good package, a very good system. But it's proprietary enough where I messaged the guy after I paid 600 bucks for it and I asked, hey, could I get a shell on my own Linux machine? And he said no. So I said, well, I'll deal with that. Thank you very much, sir. So thank you, good question. So Lindsay. So the question is, when am I gonna get my general? Are they doing tests here at DEF CON? We'll do, you got three VEs? Probably, get some VEs, we'll do a test. Now, I brought the book, I was reading on my Kendo, I plan on doing it this DEF CON, but I don't think they're doing tests. They are? Yes, sir? But not today? Okay, we'll work it out. Okay. So even more encouragement for me to upgrade my license to general, and I will definitely do it, I promise. Mark my words. Great question, thank you. More questions? Sir, why did I choose 440? The antennas are smaller. It seems to propagate a bit better in certain different environments. I've ran other repeaters on two meters, 144, 140 megahertz. And those work fine, but for some reason I like 440 better. I like 70 centimeter better. It seems to propagate better through stuff, and it still does a decent amount of range, but the other major kickers, the antennas are smaller. That's one of the reasons I'm not a big fan of HF. You need giant amplifiers, giant antennas. HF has a purpose and a place, and I'm not against it, but it's noisy, the antennas are huge, it takes a lot of power, a lot of amplification, and so this works well. So great question, I appreciate that, yeah. Any other, there, another question. So the question is that I don't like HF, and that's why I haven't upgraded my call sign, maybe. I just haven't felt a big need for it. I have done HF contesting and whatnot, like I did at the last field day, so I've experienced it a lot. My Elmer's been giving me trouble for it for the last 20 years, but I just haven't had a big purpose for it, a big need for it, especially with IRLP, and this is one of the things, this is the oldest linking platform that's out there. It's now All-Star and a few others, and also DMR and other linking digital modes and whatnot, but this is the first one, and it relies on PGP for the links, so the guy that built it, Dave Cameron, built it strong and encrypted from the very beginning, so even though it's a new type of linking, it's the oldest one, so it's old school with old school, so on, so good question. Any other questions? Is there a PL on the repeater? Yes, it is on 44800 and the PL is 123. The offset for a repeater for standard 70 centimeters is five megahertz positive. Any other questions? Thank you very much. I appreciate it very much, thank you.