code plug / sys key concerns

[tracker1833]

I've done some OJT with the CPS software for the XTS/XTL series radios and I've been doing alright, the videos that come with the software aren’t too bad.... I wasn't paying attention the other day and loaded the wrong key into a new template I was creating and had got pretty far along before I realized I had the software pointing to the wrong key. Wasn't too big a deal at the time, but the more I think about it, I'm wondering if this is at all a security issue. If someone has another key or makes a key, and tries to input my system data into the CPS, will it configure the radio properly? I know other data would need to go into the CPS, but with resources like radioreference.com and programs that can show radio and talkgroup ID info, it does not seem as though it as secure as we were lead to believe.
The moto dealer explained that it was impossible for a radio to be programmed with out the key. I'm not calling him a liar, but think I'm not getting the whole truth. The more I look at batlabs boards, the more I think it is possible. So naturally I want to bring up a possible security concern.
There always seem to be honest answers on this board so I thought I would give it a shot!

[wavetar]

I've done some OJT with the CPS software for the XTS/XTL series radios and I've been doing alright, the videos that come with the software aren’t too bad.... I wasn't paying attention the other day and loaded the wrong key into a new template I was creating and had got pretty far along before I realized I had the software pointing to the wrong key. Wasn't too big a deal at the time, but the more I think about it, I'm wondering if this is at all a security issue. If someone has another key or makes a key, and tries to input my system data into the CPS, will it configure the radio properly? I know other data would need to go into the CPS, but with resources like radioreference.com and programs that can show radio and talkgroup ID info, it does not seem as though it as secure as we were lead to believe.
The moto dealer explained that it was impossible for a radio to be programmed with out the key. I'm not calling him a liar, but think I'm not getting the whole truth. The more I look at batlabs boards, the more I think it is possible. So naturally I want to bring up a possible security concern.
There always seem to be honest answers on this board so I thought I would give it a shot!

Well, it depends whether we're talking about systems, or personalities within the radio. If your system isn't already in the radio, then it can't be added without the proper system key. Now, if your system was already in the radio and someone just wanted to add some of your system's talkgroups, then there is a work around that can be used to add them using a different system key. You can read that little tip here:

http://www.batlabs.com/syskey.html

It describes how it works in DOS RSS, but the same can be done in Windows CPS.

The above is true when using the older legacy system keys. The newer advanced system keys that can be used offer much more security...the radio can't even be read without the proper key.

[tracker1833]

that puts my mind at ease. I was afraid we would be "hackable", and seeing as we did not get the crypto option, I was hoping we did not have to pay for an upgrade. I'm not concerned about people listening to the system, I wanted to make sure nobody could xmit.

[RADIOMAN2002]

I'm not sure what you mean about someone listening and not transmitting. If they have a key to receive they sure can transmit too.

[Sideways]

Even if you have the right key, it doesn't necessarily mean that you will have access to the radio system. For anything above Conventional, you can configure the controller to reject unauthorized radios.

[wavetar]

Even if you have the right key, it doesn't necessarily mean that you will have access to the radio system. For anything above Conventional, you can configure the controller to reject unauthorized radios.

True to a point. If a valid ID is cloned, the controller has no way of knowing the unauthorized radio isn't legit. There is third party software available for multi-site systems to potentially catch this, but it's not factory included, and also won't work if the radios are on the same site.