Anatomy of #SIGINT Signals Intelligence and Reconaissance


Anatomy of #SIGINT Signals Intelligence and ReconaissanceEdit


This is or


  • Primary Topics:
  • Design of Infrastructure
  • Wire Taps and Acquisition
  • Signals Classifiers
  • Classification Table
  • Packet Signals
  • Index of Systems

Overview of DocsEdit

These topics are sorted by SCOPE and CONTEXT.

Structure of Signals Intelligence systems, wire taps, signals collection and related infrastructure;

Structure of communications or analytics or processing.

   Current updates at
   This is

Design of InfrastructureEdit

Terrestrial and local communications infrastructure:Edit

Telegraph, Telephone, Cable, DSL, Cellular, WiFiEdit

Conventional communications infrastructure is DESIGNED with the intent to make it easy and efficient to tap, intarface, access, and repair. Telephone and Telegraph cable is strung between trees on telephone poles so that it is accessible for repairs as well as easy for anyone to gain access to. By creating a "Soft Target" the telecom companies reduce risk of tampering by malicient entitites and ensure that costs of repair and maintance are minimal. Since the [year:ce] 1700s, multiple carrier modes were used on telegraph systems including the union labour human intelligible morse code, machine encoded signals including teletype and its derived ASCII, RF and modulated signals types used by military since the late 1700s, trans-atlantic signaling modes including HF radio over copper conductor in the 1800s, high speed machine telegraph and telefax in the mid 1800s, and later the adoption of RF radio broadcasts over wireless included the use of human and machine generated morse code with a sub carrier using modulated RF communications. These systems became commonplace by the 1930s and continue to operate today.

Your Telephone uses a high power 12vdc volt-direct-current circuit similar to your car battery which provides power for your telephone and the switch circuits to your house. Telephone wires are accessible anywhere along the telephone pole utility right of way, and any [idiot] can plug into them the same way you can at your house. This means that anyone can use your long-distance service when you are not paying attention, anyone can listen to your telephone calls, and anyone can interfere or redirect your communications. By ensuring the SOFT TARGET conditions, it means significantly less physical tampering beyond repair of the telephone infrastructure. Additionally, inductive resonance of the high energy telephone lines including in your house and handset provides sufficient power and spurrious energy to be listened to a block away, using an inductive "pickup" device.

Your DSL and Cable Modems use HF Radio signal broadcasts INTO the conductor of the telephone or cable system, the same conductor that carries your analogue voice communications by phone, or the analogue television signal through cable. These very loud radio broadcasts are heard both by your neighbour's devices as well as anything nearby the telephone lines. Modern "cable" uses digital signals both for TV and Cable Modem transport, a better quality signal throughout the system, but any sensor in physical proximity can receive these same signals in the same way your consumer modem or the telecom provider can.

Cellular Phones and WiFi are radio carriers for digital encoded signals, these tend to be on standard RF channels with standard transport encoding, meaning they can be listened to by any similar device that knows the mode of communication. Any signal can be recorded, decoded, listened to, or generated by any compatible device. Satellite communications, on the basis that they use space-based satellites, are prevented by policy from using signals encryption, and therefore are designed to be an open broadcast communication. Though a commercial satellite communications service provider, such as internet or voice can encode the data itself, the majority of the communication is an open broadcast. Similar to Cellular or Wireless systems, any receiver of a certain mode can receive any broadcast using that mode.


Telecommunications carriers are obligated by law in many regions to provide wire-tap access to communications lines as well as information on the history of communications over those systems. Frequently this is called "meta" or "descriptive" data which includes the addressing or telephone number for the communication routed through the system, and the system also provides the recorded content of the communication especially when stored in compliance with "mandatory" data retention.

Frequently urban areas replicate signals on the local telecommunications infrastructure and pass them into a regional intelligence gathering system.

Communications Infrastructure Back-Doors, "Deep Packet Inspection"Edit

Circuits included in the design of telecommunications providers include the ability to route, replicate, distribute, and offload civilian communications using a variety of methods.

Typically, all trans-local communication, such as telephone call to your physically adjacent neigbour, is replicated at the telecom switch station, providing your signal to a monitoring system that sends it to the regional intelligence gathering station. Some communications systems, such as internet packet routing, include the ability to replicate specific types of communications, sections thereof, and modernly certain descriptive characteristics by computationally processing the data flow and selecting specific information to copy and forward to another destination besides your intended recipient.

Throughout the internet systems, each transport provider must actively replicate the data so that it may pass it on to the next device in the route, at each step allowing the data and signal to be copied and sent to others as well. Additionally, wire taps throughout these systems allow direct access and replication of the signal, as well as interference with or molestation of its content.


As the size of the telecommunication system increases, more inter-regional communication is congregated on additional communications lines and passed to the larger regional intelligence gathering and analysis systems. This includes entire city regions or larger service demographics. Frequently each region has its own intelligence gathering and processing systems, some large cities are far more advanced than small countries. At any level, these systems replicate or record all signals.

National systems, such as military and intelligence, commonly access all communications at the perimiter of their region, or more importantly, they acquire ALL communications from within and passing through the region. Some nation states have policy or law related to the access of their institutions to the gathered signals, but criminal entitites, and entities working with the nation commonly export the information gained in what is called "information laundering"


International PortsEdit

International airports, for example, are "foreign" areas within a region. Historically, most internet and long-distance and inter-national telecommunications were routed directly through the regional international airports, seaports, or other "foreign" areas. This situation provided the nation-state and other entities the opportunity to access and offload communications from all traffic passing through the location. Laundering through airports was the primary design of the early commercial internet system deployed in the 1990s. In these regional cases, and in the case of international trans-boundary transport of wired (or optical) communication, it is most frequent that a nation-state or criminal enterprise will "long-route" the communication OUTSIDE of their local "jurisdiction" for the purposes of making it a "foreign" communication and providing the opportunity to tap, record, intercept, or molest the data outside of their regional zone. This process is common using both "foreign" entities who "illegally" access communications to pass signals outside of a zone, and by nation-states (and minor regions, such as US states) to pass the signals to their neighbours for the process of laundering so that their local laws and policy are evaded.

Terrestrial Intra-Boundary Systems:Edit

[stating the obvious, perimiter intercepts]


  • physically located on international boundary of UK, terrestrially managed
  • Taps all incoming communications lines

UK CSCSG 's TEMPORA is a terrestrial network duplicating all signals entering from international routes, typically telecom and internet fibers, at their cable landing stations within the UK. SIZEOF, and includes most international communications transit between europe and the US, including anything passing through. Much of this collected data is provided to international brokers or clearing houses for sale to both nation-states and criminal or commercial entities.

INTERNATIONAL and OFF-SHORE Signals Intelligence Gathering Systems:Edit


  • Nuclear powered sub-sea SIGINT control nodes
  • Located at 12NM (offshore)
  • Connects to all cable systems, fiber or conductor
  • provides "back-up" communications routing
    • in case of cable break or failure
    • gets all signals in exchange
    • can reroute or molest data in transit at wire speed
  • Designed as full-mesh with namesake "HYDRA" extension
  • Any cable break, inserts new head
  • originally US via NATO and UN SC

HYDRA was majoritively deployed in the 1980s as the long-distance telephone communication began using optical fiber and the international conductor and fiber networks became an economic dependency in civilian communication and commerce.

Though the HYDRA system was initially a NATO project with UN support, it became common that multiple interconnects and multiple parties would tap each cable, becoming redundant and cumbersome. This situation also provided significant complication with loopback conditions, each wiretap on another wiretap had the likelyhood of observing its own signals returned to it frequently encoded by another party. This resulted in the creation of AQUAINT, or international AQUA-INT intelligence systems.

Situations with physical infrastructure, wiretap efficiency and viability:Edit

Wiretaps on Wiretaps???Edit

  • Loopback Infinite
  • especially when encoded signal
  • physical overkill
  • potential risk to source target medium
  • Not necessary when allied entity or neighbour are redundant


Though frequently a micro-state or minor "nation" will provide "flag" or policy authority for a physical wiretap, intelligence, or monitoring system, including providing the liability for long-looping communications for espionage, it has become more common in the late 1990s through currently that an international system maintains most of the infrastructure or governance. As most reconnaissance systems are installed by military assets, it is necessary that a peering point and central management provide coordination so that military systems do not interfere with each other and more importantly do not interfere with civilian communications without global awareness and authority**.

One such system is AQUAINT, providing deep-sea and international waters coordination and management of wiretap systems, including the routing of select signals for analysis or molestation "intercept" and through large recording systems such as HYDRA.


Get AQUA-INT-ed ("acquainted" or [to] "acquaint")Edit

As multinational and military entities began competing for access to civilian and commercial carrier lines, there was need to "get acquainted" so that various intelligence gathering systems, namely taps, would be inter-associated rather than redundant (or self-defeating by interference). Tapping an optical fiber requires the physical access either to the internal optical conductor (by using a drill and prism) or direct access to the repeater's electronics and photonic systems.

Additionally, it is possible to inductively tap an optical repeater electronics or laser, but extraction of high frequency optical signals from the power sheith cable or by spurrious emissions is not efficient.

As signals intelligence, processing, and transport became common through the 1990s, international

A similar project by US NIST and NSA of the same name concentrates on the "meta" or interpreted and descriptive analysis of communications, typically including signals or data gleaned from these systems.

See also:

Though these brokered wire-tap systems are used both by commercial, criminal, and governmental parties, additional systems have been deployed with specific international intent.

UN Security Council, Nuclear Monitoring, INTERPOL-ICPI, NATO, OthersEdit

[single channel systems, special purpose, earth monitoring and weapons]


As Signals collection methods get more complex, so do their collection processing requirements. For any target signal, the intercept, recording, analysis, or replication must be equally or considerably more complex. In your local environment, your Cell phone, your ISP connection have a certain physical data transport capacity typically called "throughput" or erroneously "bandwidth" which is the physical characteristic of the communication device. Ideally, this communication device will perform at wire speed, transporting the data at the same speed at which it is designed to function. In a packet retention system, such as internet and cellular, each device forwards the content "up-stream" and waits for acknowledgement that the communication was passed through. In MOST situations, the actual throughput of the communication is a tiny fraction of the designed capacity of the device. This is called fraud, over-saturation, or over-subscription of the communication service. The correct operation of these commercial communication systems is the whole total aggrigate of the end subscriber line capacity, meaning every client receives and sends data at the throughput speed designed device.

Impact of Wire TapsEdit

The majority of "Bottle-Neck" situations in the consumer internet and communications systems is caused by the INEFFICIENCY and INCAPACITY of the wire-tap systems. They do NOT ALLOW communications to pass through until the wire-tap system has received a copy and had the opportunity to modify or change your data. In most internet communications systems, the CARRIER service provider is requested to provide all communications over their system to the signals intelligence wire tap or offloading system. This requires them to pause, hold, or wait for the offload network or system to take the data.

Example: A typical cable modem, dsl, or cell internet connection is advertised in MEGABITSPERSECOND, Mbps. The total aggrigate of a communications provider network SHOULD be the sum of the endpoint devices' maximal performance speed. In any situation where this is NOT the case, the primary problem is usually the man-in-the-middle MIM or MITM party being too slow, overburdoned, or incompetent and not processing the wire traffic or signal at the appropriate speed. In many cases, this is made worse by outdate or inefficient carrier infrastructure or system switching, meaning the communications are not getting through efficiently.

When these infrastructure problems combine with failures of the signals-intelligence systems, the result is catestrophic failure to provide service. aka FRAUD

In some regions this problem is due to published legal or policy requirements known to the public, other times it is because of an individual or system that is molesting your communications.


A term typically used in "Law Enforcement", "Sources and Methods" means the who, what, and HOW of signals intelligence intercepts. Typically this includes the rogue staff at a telecom, ISP, or communications infrastructure provider, sometimes this is a physical back-door built into a communications infrastructure device. Typically most devices have liabilities built into their designs, such as addressing, unique identifiers, and both hardware and system (software) remote control interfaces.

Frequently these processes are performed by a distinct operating unit of a telecommunications provider as a "secret" operation.

[devices with built in interfaces are a liability]





The HYDRA systems use analogue processing of signals but include the ability to transpose signals for digital representation, including decoding of binary signals. Additionally, these high-energy systems communicate with both space, terrestrial, and sub-sea systems using a diversity of modes including fiber or electromagnetic conductor, electromagnetic field effect or channelised corridor, split-ion duality and more advanced carriers.



APOLION is a peered ION communication system with global use in military contexts. By using a split ION or peered particle, the signals between devices regardless of range is near realtime as one endpoint is directly field coupled to the other endpoint. This communications medium is used to ensure distinct communication between physical devices especially in global security contexts. Additional uses include .... and space based sensors, where the ambient field around the satellite or deep space probe is directly coupled to the receiving ion, providing full signals acquisition and proximity awareness for processing.

Historical DataEdit