I assume most numbers stations have disappeared in part due to the proliferation of global internet access. But I've kinda wondered, how does that work? One of the benefits of numbers stations is that it was nearly impossible to determine who was listening to a shortwave radio station. Any internet resource someone visits would be traceable by the government. Even with SSL nearly everywhere it's not nearly as anonymous as numbers stations were. I'm assuming most clandestine users see the ease of access and greater diversity in how messages can be sent over the internet as far outweighing the limitations of shortwave?
I don't think they need the Internet. If you look at frequency hopping in military radios, and how GPS receivers pluck out the signal from below thermal noise floor, it seems entirely plausible to me they're just happily streaming audio and video over regular radio - but without the right key for a specialized receiver, not only you won't be able to listen in and transmit back, you won't even be able to prove there is a signal in the first place.
Finding strong signal in another man's off-white noise: it's classy if you're a rich-country spy (or radioastronomer/voyager mission control?) chipping a pseudorandom sequence, but it's trashy if you're a paranoid suffering a psychotic break.
Well, if you find a signal in the noise, there are three possibilities:
1. You knew what to look for, though you shouldn't have. They'll either disappear you, or call you paranoid and forcefully commit to a mental institution (where the treatment regiment will surely make you suffer all kinds of mental ailments).
2. You didn't know what to look for, but you found a legit signal anyway. This means they've fucked up - but once they realize that you know, you'll get the same treatment as in point 1. There is no "responsible disclosure" when it comes to spycraft, and the only bounty will be on your head.
3. You're just paranoid and imagining things.
By the time the wider public learns about you, the three possibilities here are indistinguishable.
Number stations are far from being disappeared. The current schedule of tracked ones can be seen in [0].
I guess clandestine operations now use expiring dead drops in the form of IP addresses with some protections, but they may be using applications or other hide in plain sight methods like chats rooms in games, etc., which are not unheard of.
Considering governments and intelligence services love to run Tor exit nodes from time to time, they may have their own darknet servers, too.
There's no way to be sure how they operate, and I don't want to dig into that kind of rabbit holes, to be honest.
Back when https://en.wikipedia.org/wiki/Anna_Chapman was in the news, I think I remember talk of hollowed out rocks containing a battery powered WiFi hotspot. Person sits on a particular bench at a particular time and a data exchange with their phone / some other gadget is triggered automatically.
(Usual risks of the person setting the drop (and therefore the drop itself) being under surveillance apply, I guess)
They are almost disappeared in Europe. The only one that you can easily listen are The Buzzer, The pip, The Squeaky Wheel and the letter beacons (not really number stations), all of them from Russia.
Maybe in Asia or America you can listen more number stations.
In WWII, censors were deeply suspicious of knitting patterns sent through the mails. These days, unless they find your decoder app, who's to notice if the numbers have been steganographically covered in a gigabyte or two of the internet's favourite: cat videos?
I have a hunch that 4chan used to pass around rule 34 images steganographically in other images, but I was too lazy and too horrified of what I might see to find out for myself.
I guess that's where tor and similar techniques come in. Don't forget it was created by the DoD for just that purpose.
And it's not impossible to locate a shortwave listener (especially in the days when numbers stations were commonplace). At really short range it's possible to detect the local oscillator though modern direct conversion techniques make this harder.
In the 80s some countries were using this principle to identify people watching TV without a license.
What you say about locating SW receivers may have been true in the era of superhetrodyne receivers, but today, in the era of direct digital sampling, it's no longer true. Old superhet receivers would leak the LO through the mixer out to the antenna so nearby detectors could deduce where the receiver was and what it was tuned to (assuming a standard IF, which is a fair assumption given the plethora of high-Q 455KHz and 10.7MHz ceramic filters).
Nowadays with a good digital receiver, nothing leaks from the receiving antenna.
Well yes that's what I said - these days it's less true with the direct conversion (many superhet's around though still!) but SW numbers stations are not really a thing anymore anyway so the solution is a bit late :) And a direct conversion receiver and the computer attached to it can also leak RF. I'm pretty sure equipment these days leaks more RF than in the 80s. And not just RF. People have even been able to determine private keys from the coil whine in the audio sampled across the room from the PC running the crypto!
Though I wonder if spies used SDRs (or other direct conversion receivers) earlier than the mainstream for this reason.. On the other hand I've heard spies usually shy away from special electronics because it's a lot harder to explain than a standard holiday shortwave receiver.
Exactly, numbers stations were a big thing in the 70s-80s.
In those days carrying a SW receiver was pretty standard and almost every country had a world service radio station that people would actually listen to.
These days using the internet makes a lot more sense yes, both for tourists and spies. Because spies want to be where the mainstream is to avoid detection.
You can blame satellite TV for the demise of numbers stations. Shortwave radios became less common with the uptake in broadcast television, so it in turn became more suspicious to be in possession of one.
I won't speak to the methods the US uses now, but Russians are fond of ad-hoc wireless networks in public places.
I wonder if this popular 2001 rumination on the difficulty of source attribution in public local networks had any influence on said preference: https://www.youtube.com/watch?v=TVdoQ2fmIYs
> Russians are fond of ad-hoc wireless networks in public places.
I always appreciated that in the lore of the STALKER games the PDA network that allows modern communication within the Zone is a cooperative mesh network between every STALKER's gear.
Maybe there are less than in then "golden days", but take a look at https://priyom.org/ to get some first-hand experience.
EDIT: This site features a schedule/calendar with links to several webSDR sites, making it very easy the hear some of those transmissions live.
"why do I own a shortwave radio? you see sir, I saw this site priyom.org on th' orange website, and kinda got nerdsniped..."
(and in 10th grade, there was this girl I was crushing on who was really into microprinting, so I tried to play cool and wound up with a closet full of photoreducers, and wouldn't you know, that hobby stuck too...)
I would say that's a bad assumption. National intelligence services routinely collect and analyze Internet traffic -- especially international traffic. Most are unable to analyze everything, but they'll keep an archive so they can go back later and look at something specific if needed. Also, I would assume they've got some AI looking for trends and also flagging "unusual" traffic for further (human) review. These HF stations are perfect for untraceable one-way traffic to foreign intelligence operatives.
The OP message is made of ascii ordinals encoded in hexadecimal. That led me to some interesting ideas based on fooling your adversary into thinking they had cracked your code, when they had in fact missed a hidden message:
1/ In the above example the message was “one if by land two if by…” and the encoding base was hexadecimal. Does a message exist that encodes in a different base but looks like it is hexadecimal? For example the OP’s message decodes to utk"ol"h if the base was actually 17. We assume it’s base16 not base17 because only the digits 0-F are used. Is there a string of pairs of digits in the range 0-F (without G) that would decode to something meaningful in base 17 (0-G)?
2/ And what about a message that means two different things — something innocuous in base16, with the secret message in base17, say? Other bases might work: 15 feels like a good candidate too, but it is probably harder to make a readable message the more you deviate from the masquerade base.
16 --> 15 would be a good candidate, as everyone would assume base 16 and you could use the full character set in your (secret) base 15 message. Too lazy to test it out, but theoretically plausible.
