A man inspired by a 22-year-old memory traveled back in time to raise the first generation of cellular networks from the dead. He built a tiny 1G network using the ancient AMPS protocol, then utilized it to finally answer an issue that had bothered him since childhood.
AMPS was first introduced in the 1980s as the Advanced Mobile Phone System, and it serves as the analogue underpinning for all modern 1G networks today. Back then, voice transmission was rather simple: radio waves were broadcast across numbered channels on the spectrum. The trouble is, no encryption or scrambling was utilized to secure the audio, so with the correct receiver, you could tune in and listen in on people’s calls. That openness was a defining aspect of the time, until digital 2G came along and closed the door.
- Wi-Fi 6 Mesh Wi-Fi - Next-gen Wi-Fi 6 AX3000 whole home mesh system to eliminate weak Wi-Fi for good(2×2/HE160 2402 Mbps plus 2×2 574 Mbps)
- Whole Home WiFi Coverage - Covers up to 6500 square feet with seamless high-performance Wi-Fi 6 and eliminate dead zones and buffering. Better than...
- Connect More Devices - Deco X55(3-pack) is strong enough to connect up to 150 devices with strong and reliable Wi-Fi
He’s been wondering about this for years, ever since he was a kid and witnessed his uncle pull out an Ericsson DH668 handset, type in some digits, and suddenly be able to hear another discussion. This event resonated with him, and he’s spent the last two and a half decades trying to figure out whether the story was a family legend or true. The strange thing is that you can’t eavesdrop on calls with a regular phone, but his uncle thought it was so simple.
To get to the bottom of this, he managed to reactivate AMPS in a controlled environment to check if it was possible to eavesdrop on a call. He employed low-power technology to keep things local and contained, avoiding interference with the public spectrum, and there was no genuine carrier network involved. He used software defined radios to handle all of the heavy lifting, essentially simulating the cell sites that used to coordinate calls as they moved around a metropolis. A few antique handsets were on hand, including the Ericsson with which the memory was associated.
He initiated a call between two phones, and immediately, crisp analog audio began to flow. It was the kind of clear voice that today’s overly compressed calls struggle to equal. Then, with a third device on standby, he typed the code he remembered from years ago, and the phone went into test mode. Channels became selectable by hand, and he simply tuned in to the active call, where the voices from the conversation poured out of the speaker. No decryption or special access is required; simply tune in on the correct frequency and you will receive the entire exchange.
The demo basically proves that the uncle wasn’t making this up after all, because certain Ericsson models had what’s known as test mode, which allowed you to manually select the channel, and if you were in a busy urban network, you’d have dozens of calls going on, each on a different channel. However, getting the ideal one was simply a matter of patience and a little luck. When you eventually tuned in, eavesdropping came effortlessly, as the system provided no defense against this type of activity.
[Source]
