Open Sources: Of Spies, Sedition, and Ham Radio

The Federalist: Did Fusion GPS’ Anti-Trump Researcher Avoid Surveillance With Ham Radio?

Steemit: Why did Nellie Ohr apply for a ham radio license one month after being contracted by Fusion GPS?

The American Spectator: Nellie Ohr: Woman in the Middle

This should drive home a few points, most important being that communications through means you have complete control over have advantages. The second is that thinking outside of the box, reverting to old, open-source tech can be a challenge to those accustomed to tracking through conventional options.

While we don’t have the details of exactly what she was doing, and likely never will, the takeaways is that someone advised her to get off the internet. I would not be surprised if they had set up a simplex VHF packet network to pass files. Nothing a thrift store or craigslist netbook, baofeng, and signalink can’t be capable of. Include some type of directional antenna and you’re frying with peanut oil.



59 thoughts on “Open Sources: Of Spies, Sedition, and Ham Radio

  1. Pingback: Brushbeater: Open Sources – Of Spies, Sedition, and Ham Radio | Western Rifle Shooters Association

  2. Bongo

    That’s why she should captured immediately, sequestered and tortured until she gives up the goods. Even if it isn’t reliable intel she’s a traitor and needs to be treated as such. Fuck Geneva and the UN.

      1. JohnnyParatrooper

        Actually, She is a US intelligence Agent, Which means she falls under similar codes of to the US military. Not Directly UCMJ, but rather the federal equivalent.

        She signed paperwork, and knows what happens if she is suspected of treason. We can investigate ANY member of the government AT WILL.

        She forfeit her rights a full Citizen when she took that first government paycheck.

        She, as everyone else, received this briefing. The same one I received. Two lawyers were present and her section chief.

      2. Bongo

        Just like she would observe due process with you or I? Don’t bet the farm on it — I understand where you are coming from but the game is fast a foot and I believe, in my gut, this country is about to go hot in less than a year — I hope I’m wrong… but I doubt it

      3. No she wouldn’t, the rules are whatever they like them to be.

        Be that as it may, our observance of the rule of law is what must set us apart. Should it not, and we with it, there will exist no philosophy upon which we also exist. The more pressing question is “what is the proper source of law”.

    1. LodeRunner

      Outstanding link ;P
      But, the point remains – there are a bunch of simple, cheap ways of moving data which have become “forgotten” enough that they’re now a very useful alternative to the Veriz-ATnT-Google-Book “normal channels”.

      There is unlimited wisdom in asking, “Well, how else could we do it?” when the rest of the crowd is just looking for the easiest way.

      1. Badger

        Precisely. Low-bandwidth, error-correcting, short-exposure; what’s not to like? In olden days it could’ve been theoretically possible using an OTP to simply have something that looks like:
        YoungJediCallsign de OldFOGCallsign – Ur making vy gud progress on your CW, gud job – Here are some new groups to practice from an old manual somewhere (and so on).

        Potentially tedious but easily doable & like many digital modes works down near the bottom of the solar cycle’s toilet. Just theoretical, y’all.

    1. JohnnyParatrooper

      Suspicion of illegal activity would warrant a warrant unto itself.

      She was being through, covering her tracks. The sign of a true Intel Asset engaging in treason or sanctioned OPS.

    2. everlastingphelps

      As an excuse for having the equipment (and suddenly spending a bunch of money on it) and possibly because most ham shops won’t sell to you without a ticket.

      1. everlastingphelps

        I don’t know — I don’t think that passes Occam’s Razor. That sort of short range stuff she could do easier with dead drops. I think this was for genuine transatlantic (or at least DC-Caribbean) HF stuff. But I think you are correct that it was nothing fancy, skill-wise. Off the shelf buddypole or mag loop, Yaseu 857d or similar, matching tuner, TNC, laptop, done. Run the whole thing off her Range Rover cig lighter. (She’s not worried about long-term.)

        Remember, she’s got the next best thing to State Sponsorship. She’s not trying to stick to a budget like we are. She just buy what she wants COTS and bill it back to Hillary.

    3. Wrench

      I kinda agree James Mitchell. But just maybe ole Nellie had a moment of fear from the FCC. They would smack her fingers faster than it seems anyone else in the DOJ or FBI.

    4. quietsurvivalist

      Because even though most hams can intercept it, most would rat out anyone without a valid call. With a license she can practice and get set up and running. Since a scanner wont pick the message up, all she needs is software plug ins to direct a coconspirator to a dead drop. The majority of “digital scanning technology” now is directed to cell phones. This is right out on front of god and everybody where the Tech weanies fail to look. I see it all the time, and Im Fed LE

  3. I’ll have a good laugh if she actually used hobby-grade RF gear for tradecraft purposes. If she was smarter than the average bear, she’d have encrypted the information she was sending, and simulated commercial traffic on a fixed service HF band.

    1. She’s a tech ticket. And an academic. And the band needed would have had much to do with the distance the signal needed to travel.

      Knowing what I do about 99% of academia, she’s cheap when it comes to anything other than lattes and textbooks. They like for you to think they’re much smarter than they really are also.

      And a lot can be done with off the shelf equipment with no paper trail. You know this.

      1. oughtsix

        Does anyone think for one second that she didn’t have the best equipment and guidance that clintonmoney could buy? Probably an operator/coach?


      2. I think they bought the cheapest stuff possible. These people are cheapskates when it’s not handed to them.

        Ohr was not a conventionally trained handler either- she’s an academic and Stalin apologist. They were accomplishing off the books work in plain sight. If you read between the lines you’ll see what I’m actually saying here.

      3. everlastingphelps

        This. Money was cheaper than time. Buying ~$2K of gear is no big deal for Them, and it’s better than letting her try to iterate her way to a QSO like we do. On the other hand, the less money she spends, the more she keeps for her own salary. They aren’t throwing money away like .mil.

    2. quietsurvivalist

      Why bother encrypting anything and drawing attention

      The most successful criminals are ones who do it in front of god and everybody. Online especially the biggest thing is encrypt, sneak around, find “secret” frequencies” . The obvious most of the time isn’t, and encryption will point fingers at the user fast. I see that kind of thing a lot and people are definitely NOT as smart as they think they are

      1. Most of the commercial digital mode traffic on HF is encrypted, and elicits no attention, especially if it otherwise looks legit, like say from a fishing fleet.

        But I hear so much random wierd HF stuff on and off the ham bands that I suspect no one cares, and those who might be paying attention will classify with such a high compartmentalization that no one will see their report.

      2. quietsurvivalist

        Actually no. All encrypted transmissions are intercepted inside the US, its a real truth

        What most are is exactly what you say, business using approved encryption for business use by NSA. But approved or not its no secret its being recorded and scanned

  4. generation tide pod

    sdr? it’s trivial with current technology to record, in real time, everything from dc well into microwave. don’t think that isn’t happening. radio is not secret.

    1. That depends on who is listening, who has the capability of listening, and if the skills of the sender.

      As my students know, there’s plenty of means to defeat eavesdropping, it simply requires more than two brain cells and competent instruction.

  5. Jon


    Thanks for adding VHF packet to my job book. Just when I was concentrating on trying to get WiNLink working on HF.

    A fella could spend a lifetime trying to get commo skills up to speed.

  6. Big Sam

    Doubt she ever even went on the air.

    But there are long haul communications that she would have needed a valid ham call sign for.

    Things like Echolink, which can use enough on-internet/off-internet to confuse actual location and destination.

    Especially if the last listener listens over the air, and wouldn’t even need to be a ham ticket holder.

    Perhaps there was special nodes set up to facilitate.

    Properly configured there could be several air-gaps in the message transfer route, and perhaps any return was routed differently or by a different method.


    73 (of course)

    1. Big Sam

      Or perhaps she accessed WinLink, WIRES, DStar, IRLP or similar?

      Not much a stretch to do satellites either.

      Not all hams check every call the hear for validity or operating class/band appropriateness, so HF operations cant be ruled out.

      To help obscure communications there are plenty of transport mechanisms in the digital modes, as well as plain text modes that don’t look/sound like code groups.

      Even the darling of Emcom, ALE, could be purposed to run data.

      Then there are negative data encoding, where parts, pieces or bits of normal traffic are deleted to carry information.

      Would love to know what gear she had and what’s on her computers.

      Plenty of games to play.

  7. cuttahotha

    It is possible to set up your own outernet with some repurposed ubiquiti wireless modems and have your own mesh net that is broadband and completely outside the “internet”. With directional “dish” antennas, it would be narrow beam width and harder to intercept. All doable with a tech license.

    1. LodeRunner

      Has been and is being done in a number of areas. First experiments I was involved with were in 2004/5. We were using WAP11Bs with hacked firmware BINfiles, back then. With Ubiquity it’s much easier to implement.

      Or, if you want to roll your own, you can do it with Raspberry Pi’s as the node controllers. There’s a lot you can do if you go that route, including bridge V/UHF packet with Hinternet (Ham Internet – 900/1200/2400Mhz HSMM links) into a coherent wide-area network with unified routing, security, name-services, etc.

  8. LodeRunner

    Johnymac –
    I don’t have anything resembling a prepared reading list – most of what I know is a result of my professional experience with corporate IT systems engineering. Here is a good place to start –

    I’d be happy to work with NC Scout to share material on the topic here on his blog, if he’s willing to dedicate the bandwidth necessary to the topic.NC Scout and I have a mutual acquaintance who is over-the-top smart on this topic and I’d love to see him contribute… lets see what we can make happen.

  9. Doc Raydio

    Thanks, LodeRunner: I’d be interested as well. RasPi is a great platform (as opposed to a BeagleBone).

    73 de Doc Raydio

  10. Old Grey Guy

    All the above possible. KISS. CW software on sound card. High speed CW. Bottom end of 2m or 432mhz. Almost not one listens down there. Plain Text. Change frequencies every transmission, hour or day. Odds of being found close to zero.

  11. LodeRunner

    Obscurity is the art of being recognized only by those who already know you. Being “radio obscure” via the use of atypical modes, frequencies, and timing is easy enough to implement, but requires a bit of thought and planning. This should be your second layer of communications security (minimizing your Probability of Intercept being first and foremost).

    “Compressing” messages is allowed under Part 97, “encrypting” them is not.
    There are a number of methods where the only legal difference between the two is whether the compression algorithm is “published” or not. One such method is to use a look-up table of common words and phrases. Computers do an amazingly good job of automating such mundane and repetitive tasks.

    Spend some time on the question of “compressing” the thousand most used words and phrases in the English language, and a suitable solution for a third layer of comsec will suggest itself.

  12. PRCD

    “Actually no. All encrypted transmissions are intercepted inside the US, its a real truth”


    Wow. This must mean the NSA has signal monitoring equipment just about everywhere, doesn’t it? Can they also decrypt it? Is there somewhere I can read up on this?

    I have heard of some smaller countries buying hundreds of signal monitoring receivers, so it’s plausible that the US buys a lot more. If they’re intercepting encrypted transmissions, why wouldn’t they be able to intercept everything else with much simpler modulation (FM)?

    1. PRCD

      I think I can answer my own question. Signal monitoring receivers sweep very fast through the spectrum (0-6 GHz or higher) and 100 GHz/sec. Power is detected in each band against some threshold and the spectra of signals are sent to a modulation recognition program (modrec). The modrec program determines if the modulation is worth setting a monitoring receiver on. You have a fraction of staring receivers for the total number of signals out there, so you can’t set a receiver on every signal. It all depends on the expected number of signals of interest you must monitor at a given time. We can intercept and monitor all of the encrypted transmissions out there because we have enough signal monitoring receivers AND because encrypted waveforms are rare. FM waveforms are not rare and unless there is more information about when to monitor it and in at which center frequency, you don’t set a monitoring receiver on it to record it. There are simply too many FM transmissions to record without more knowledge of which to record and when. In Afghanistan, for example, you might record all the signals in the FRS/GPRS band because terrrrists like to use simple bubble pack radios and no one else does (I’m making this up).

      1. From experience, the Taliban prefer hi-band VHF and work from homebrew low-power repeaters.

        It can all be monitored simultaneously, but this depends on a lot that I’m not getting into. Specific enablers (monitoring platforms). The hinge to all of it is the human behind it, which is infinitely fallible.

        This is why I teach the basics and the basics alone, because if you master that you’re about 80% ahead of everyone.

Comments are closed.