172 - 174MHz

Frequencies and legal status of the described activity apply only to Poland.

First of all, it’s worth noting that, broadcasting on frequencies intended for state services is prohibited, but monitoring itself is not, unless we don’t share the information with third parties.

No permission is required to use radio equipment intended for reception only. - Act of July 16, 2004, Telecommunication Law (Journal of Laws No. 171, item 1800), SECTION VI, Chapter 2, Art. 144, point 1.

Moreover, the signal reception itself is undetectable, or at least complex enough that you shouldn’t worry—it’s like you’re in the same room with other people and can hear them talking to each other.

Services such as the police, fire brigade, ambulance, border guard, city guard, security, TAXI, maritime companies,… still (as of July 2020) work mainly on equipment operating in analog technology and on uncoded frequencies, which can be easily eavesdropped using a regular scanner operating in the UHF/VHF band.

There are widely available sources where we can find the frequencies on which individual services communicate. For example, the police in Poland work on frequencies 172 - 174 MHz, and with a basic scanner and a broadband antenna (preferably omnidirectional on the roof), you can hear messages from both the surrounding area and further places, easily up to several dozen kilometers. (Of course, you don’t need the antenna, but the range is much shorter using just the scanner.)

An interesting fact is that on these bands, you can hear personal data being transmitted from time to time. I wonder how this relates to the Personal Data Protection Act, since the police provide names, addresses, PESEL numbers and the like in unencrypted channels available to everyone?

Encoded Transmission

Unfortunately, for several years, they have been moving from analog communication to digital, encrypted communication, so eavesdropping on them has become more difficult. According to personal observations most of them encrypts all correspondence using the MotoTRBO communication standard by Motorola (TETRA is another equally popular standard, used, for example, in city buses in larger cities)—instead of a conversation, we’ll hear a message encoded in digital form. The same system is already used by the police in the 172 MHz band in larger cities.

However, interesting programs have appeared on the Internet, e.g., DSD and DMR for decoding the MotoTRBO signal and this one specifically for TETRA.

Since DMR is a decoder, all it does is convert the digital form into an analogue form—still encoded, but there are ways to decrypt such a stream into plain form, as presented here.

Decoding MotoTRBO/DMR using DSD

To start playing, you need to connect the discriminator socket to the scanner, as described here.

Then you need to set the signal input level correctly. For simplex (direct), it will be 6-7%, which will translate into 11-12% on repeaters.

To set it up, please read this guide.

You can check the correct settings in the “old” DSD versions (because they show “level”), which you can download from here, and then:

1. Create a DSD folder.
2. Unpack the downloaded dsd-1.6.0.
3. Unpack the downloaded mbelib-1.2.5.
4. Transfer the downloaded Windows Binary with P25/DMR Filter 1.6.0 Beta to it.
5. Unpack the downloaded cygwin1.dll into it - download here.

All files should be placed directly in the DSD folder. After unpacking, they need to be moved. After starting dsd160, you need to set the signal input as described above.

I do not encourage you to eavesdrop or break any form of encryption, especially that used by services such as the police, this post is for informational purposes only and intended to show that such a hypothetical situation is child’s play.