[yellowbkpk]

When I helped run a college radio station as a student, one if the things I had to check on was the Emergency Alert System (EAS). It's the system that cuts into your broadcast and allows emergency personnel to transmit information over TV and radio.

Maybe it was specific to our setup, but our station was assigned two other stations to listen to for EAS alert tones. If the box heard the tones it would flip a relay and broadcast the audio from the station it heard the tones on. If you drove by the station with and FM transmitter and replayed the EAS tones, you could transmit whatever you want. I imagine the stronger FM stations have a bit more security than we did, but it always striked me as a rather vulnerable system.

[pavement]

Growing up, the audio tone for that signal was etched into my brain over the course of numerous Saturday mornings, when I woke up early enough to hear the tests. This was before cable was normal. Sometimes it felt like the dial-tone-like noise drilled into your ears for a solid 90 seconds.

Example: https://www.youtube.com/watch?v=oOVwgKmzROw

The new sound is even worse (and seemingly longer), and I imagine it's signal (which sounds more like fax machine squelches than an alert noise) has been crafted to prevent incidents like you describe.

Example: https://www.youtube.com/watch?v=Llrkn2ASVNQ

Also, to prevent deliberate piracy, which was something of an urban legend, but with real, known examples, like the Chicago Max Headroom instance:

https://www.youtube.com/watch?v=tWdgAMYjYSs

It's interesting, because I had always thought the noises were intended to capture the interest of viewers, since it sounds like something of an alarm. It never occurred to me that it might be a system-level control signal. Which makes much more sense now, since the tests were called out as tests, and not drills to prompt viewer activity.

It's funny, because after decades and decades of listening to the test drills, on 9/11 I had expected to hear it cutting in, but it was largely absent and unused. The only time I've ever heard it for real, was during weather-related situations like hurricanes.

[joezydeco]

The new sound is even worse (and seemingly longer), and I imagine it's signal (which sounds more like fax machine squelches than an alert noise)

This is the SAME (Specific Area Message Encoding) header, designed to deliver more detail to receiving devices about where the event is, the type, and how severe it will be.

https://en.wikipedia.org/wiki/Specific_Area_Message_Encoding

This is how you can buy weather radios that only deliver emergency weather messages for your county or town as opposed to the entire listening area of the station.

[jacquesm]

> The new sound is even worse (and seemingly longer), and I imagine it's signal (which sounds more like fax machine squelches than an alert noise) has been crafted to prevent incidents like you describe.

The evil part of me wonders if a replay attack would work for that more complex signal or whether it contains something tied to the current date.

The problem with emergency measures is they have to work in circumstances when you can't rely on other stuff any more which means they have to be as simple as possible.

[jsmthrowaway]

Most stations have that device configured to only automatically take over air for the most egregious emergencies, with the rest aired on a discretionary basis. You generally only see full auto relays with full auto stations; pretty much every station with a butt in the big seat is wired discretionary, with individual station policy regarding which alerts to rebroadcast. I wouldn't generally retransmit a severe thunderstorm warning, for example, though I repeated every test. To my knowledge, only a Presidential Activation of EAS bypasses everything, and by law there's a book next to every eligible transmitter that describes the procedure for that (it's a bit unique).

For those who don't know, the tones -- which are indeed received from well-known designated primary stations -- come with a textual representation of the bad news, which is printed out on a little receipt-size slip from a box called a EAS-911 (a few vendors make them). One of two things happen next: either the EAS-911 takes over air automatically and rebroadcasts the bad news as it is received, or it is recorded instead and a little button begins blinking to indicate that the device is waiting for you to give it permission to take over air and rebroadcast the bad news. Pretty much everyone with resources is set up the latter way, partially for the very reason mentioned.

The real ugly scenario with the automatic relay stations is when the primary forgets the "I'm done" tones, and then every station in the state plays WGN for an hour. That's happened before. Fines have been levied.

[jacquesm]

> To my knowledge, only a Presidential Activation of EAS bypasses everything, and by law there's a book next to every eligible transmitter that describes the procedure for that (it's a bit unique).

Let's not give anybody ideas here, twitter is bad enough.

[jsmthrowaway]

Don't worry, half the country probably doesn't know how to operate an actual EAN, nor where the book is when it comes. I have a feeling the Wikipedia page on it is going to be very busy in the first ten minutes after a president decides to pull the trigger.

This is backed up by me skimming the relevant section of the binder when I was training on a station, saying out loud "I didn't know there was a Presidential Activation of EAS," and my boss at the time replying "there is?" rather surprised.

[makomk]

The nationwide tests of the EAS have apparently not gone terribly smoothly, and that was with advance notice and planning. So it wouldn't surprise me in the slightest.

[dom0]

Volksempfänger would be damn classy propaganda. But Trump is not classy, never was, and never will be.

[tallanvor]

Well, the small stations who don't have a person decided when to play the alerts are typically listening to two larger stations, and it varies which ones they are listening to. So yes, a malicious actor could conceivably do this, but he/she would have to be close enough the antennas and have a transmitter powerful enough to broadcast over the assigned signals.

As others have noted, larger stations generally always have at least one person present who can verify alerts before rebroadcasting them.

EAS is not a perfect system, but it's not the worst in terms of infrastructure weaknesses.

[akira2501]

> larger stations generally always have at least one person present who can verify alerts before rebroadcasting them.

New rules recently in effect, presidential alert messages (PAM) are to be rebroadcast by station equipment immediately with minimal delay and without requiring operator intervention.

[thatwebdude]

Oh, great. Can't wait for them to hack that one...

[karmicthreat]

The SAME format has no inherent security to it. Some implementations do some signal processing (thresholding really) to try to mitigate fake messages.