|
|
|
|
Recorder Bugs FSB
Covert harddisc recorder
DILOGER is a self-contained harddisc-based audio recorder, 1
built around 2002 by an unknown party, and used by the current Russian
federal security service FSB
– the successor to the KGB –
for recording intercepted telephone calls, or the audio from a nearby
covert listening device, or bug.
It was commonly placed inside a regular unobtrusive vehicle, parked in the
vicinity of the person or building under surveillance (the target),
allowing 24/7 monitoring of the target [1].
|
It has a removable 30 GB IDE harddisc and can record up to 4 channels
of uncompressed audio, with 16-bit resolution, at a rate of 22 kHz, using
pulse-code modulation (PCM).
Each input can be connected to the (line) output of a receiver, or directly
to a microphone. The input levels are fully adjustable.
The device is powered by an external 12V DC source, such as a car battery.
Back at the office, the samples can be downloaded from the harddisc,
by connecting the device to a TCP/IP network and accessing it from a
personal computer (PC)
using the FTP protocol.
|
|
|
Wireless covert listening devices (radio bugs)
generally have a limited range – in the order of 50 to 150 metres –
which means that a listening post (LP) has to be established close to
the target. This was generally done by using a nearby house, a hotel
room or a mini van, but this could attract the attention of the target,
especially if the operators had to get in and out regularly. To overcome
this problem, an inconspicuous car was parked in the vicinity, with the
above Diloger connected to a receiver. The harddisc had to be
swapped for a fresh one just once a week [1].
|
-
Also known as a hard disk recorder, or a hard drive recorder.
|
HELP REQUIRED —
The device has a built-in FTP server, which is protected with a username
and password. At present, these are unknown to us, so we are unable to
download the contents of the harddisc to a PC. If you have information that
could help us to get access, please contact us.
The FTP server identifies itself as LioNet 1.0.
The device also has a built-in HTTP server, through which it identifies
itself as Diloger version 1.3.
➤ More
All controls and connections are located at the
front panel of the device,
as shown in the image below. At the top left is a bay for a removable 2.5"
IDE harddisc, such as the one placed in front of it. In this case, a
30 GB harddisc – made by IBM in Hungary –
is used. The power socket is at the bottom left. The device is activated
as soon as a 12V DC power source is connected to it.
The device is operated by five black push buttons along the bottom edge of
the front panel, in combination with a Liquid
Crystal Display (LCD). The user interface is in English and is menu-driven.
Up to four audio sources can be connected to the gold-plated RCA (CINCH)
sockets at the right. The input level (line or microphone) can be selected
via the menu. The menu is also used to shut the device down after use.
It can then be reactivated by pressing the red button at the left.
The device has a built-in 10baseT ethernet interface that is available
via the RJ45 socket at the front panel. It allows a PC – connected to the
same network – to access the built-in FTP server (LioNet 1.0) and the
HTTP server. The HTTP server only shows the name of the device, the version
number, the current date/time, the free space on the harddisc and the current
DC power supply voltage. The FTP server requires a username and password,
which we do not know at present.
|
The device is housed in an a black aluminium enclosure, consisting
of two extruded aluminium profiles — used as the sides — with rectangular
panels for the front, rear, top and bottom. The construction is held together by
four large self-tapping screws at the front and four at the rear.
|
The front panel has a number of cut-outs and holes to accomodate the display,
the controls and all connections. The interior can be accessed by removing the
screws from the front and rear panels. Inside the device is a large printed
circuit board (PCB), that is tightly fitted into the rigs of the side panels,
close to the bottom of the case.
Above the PCB, fitted in two other rigs of the side panels, is a makeshift
bracket that holds a
bay for a removable 2.5" IDE harddisc.
An extra PCB
is fitted in the IDE socket of the main PCB to buffer the IDE lines and
provide the 3.3V power.
|
|
|
The main PCB comprises an embedded computer platform, built around an 8-bit
ATmega 128 [a] microcontroller made by Atmel (now: Microchip). Sound sampling
and playback functionality is provided by two AD1845 CODECs [b]
made by Analog Devices. Ethernet access is provided by an RTL8019AS
[c] full-duplex 10baseT ethernet controller with built-in
RAM buffer made by Realtek.
|
When recording, the PCM data from the CODECs is stored on a
harddisc, whithout the use of a disc controller. This is possible because
the necessary logic is embedded in the IDE harddisc. The device
featured here, is equipped with a 30 GB 2.5" harddisc, made by IBM in
Hungary. It is fitted on a carrier PCB, which in turn is mounted inside
a plastic enclosure that can be inserted into the harddisc bay at the front
of the device.
After the harddisc has been inserted, the plastic knob at the front left
of the harddisc, should be shifted to the left. It is then locked and enabled.
|
|
|
Determining the age of the device is straightforward.
Various components are marked with a date code of 2002. In addition,
the PCB is labelled with a date code of wheek 51 of 2002,
confirming that it was made in late 2002.
Determining the origin of the device is more difficult, as there are no
manufacturer markings on any of the PCBs. This could suggest that it
was designed in Russia, or that it was bought as an OEM product.
All parts are from Western manufacturers, and all of the menu texts are
in English. Nevertheless, the recovered sound samples are all Russian.
On startup, the device identifies itself as DILOGER, but a Google search
for this name yielded no results.
|
The device runs on an 8-bit
Atmel ATmega 128 microcontroller
with 128 KB
of Flash ROM (which holds the firmware), a 4 KB EEPROM
(for the settings and the passwords), and
256K external RAM for
workspace. The firmware supports various interfaces and services,
including:
|
When we obtained the Diloger featured here, the display remained
blank when we tried to switch it on. There were two issues, both
of which were fixed easily. The first issue was that the small
IDE adapter card – fitted in the IDE socket on the main PCB –
was not seated properly, probably caused by transport. The second
issue – the blank display – was solved by readjusting the contrast
potentiometer on the main PCB. After this, the device came to
life and we were able to play back the two audio samples we found
on the harddisc. So far, the following has been done:
|
- Exterior cleaned
- Display contrast re-adjusted
- Harddisc interface converter board refitted
- Earphones socket internal connector refitted
- Serial port access confirmed
- Ethernet access confirmed
|
CODEC 16-bit PCM at 22 kHz Inputs 4 Level Microphone or line (adjustable) Output 3.5 mm jack, stereo Harddisc IDE, 30GB, 2.5" Ethernet 10Base10, full-duplex Clock Real-time clock (RTC) with lithium battery Power 12V DC (external) Dimensions 215 x 145 x 79 mm Weight 1300 grams
|
- KGB Museum, Diloger harddisc recorder
Retrieved February 2021.
|
|
|
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Sunday 28 February 2021. Last changed: Wednesday, 17 March 2021 - 20:06 CET.
|
|
|
|
|