Reverse Engineering Yaesu Ft-70d Firmware Encryption
Postedabout 2 months agoActiveabout 2 months ago
landaire.netTechstory
supportivepositive
Debate
20/100
Reverse EngineeringFirmware EncryptionEmbedded Electronics
Key topics
Reverse Engineering
Firmware Encryption
Embedded Electronics
The author reverse-engineered the firmware encryption of a Yaesu FT-70D radio, and the discussion highlights the value of reverse engineering in understanding technology and its potential career benefits.
Snapshot generated from the HN discussion
Discussion Activity
Moderate engagementFirst comment
3h
Peak period
8
6-9h
Avg / period
3.1
Comment distribution22 data points
Loading chart...
Based on 22 loaded comments
Key moments
- 01Story posted
Nov 13, 2025 at 2:12 AM EST
about 2 months ago
Step 01 - 02First comment
Nov 13, 2025 at 4:51 AM EST
3h after posting
Step 02 - 03Peak activity
8 comments in 6-9h
Hottest window of the conversation
Step 03 - 04Latest activity
Nov 14, 2025 at 11:29 PM EST
about 2 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45911704Type: storyLast synced: 11/20/2025, 4:35:27 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Those TDM'd bands 40MHz wide, with digital data and modulation past the limits of sanity, and the entire RF system being integrated into one die somehow? Oh boy.
One example:
https://rcmaniak.pl/userdata/public/assets/images/SpeedyBee/...
Oh, and it also speaks WiFi, just in case and it has its own little onboard computer and a web server.
https://imgaz.staticbg.com/thumb/large/oaupload/banggood/ima...
It's a centimeter on a side, and easily goes more than 10km. It's just mind-blowing that this exists. 0.9 grams, IIRC.
I ran into your tuning tips page the other day by way of a random search!
With that radio, I just use a drop of hot glue on the fuselage, and it works great! Plus, it's easy to find then :P
Ive been able to decode as low as -26 SNR.
Theres LoRa chips for 2.4GHz, 900MHz, 868MHz, 433MHz, and 144MHz.
Especially if you consider modern cellular radios. Your phone has a completely separate powerful computer just for handling the radio (we still call this a modem for some reason), with a large software stack running.
As for modulation, starting with LTE and turbo coding, we are now near the maximum theoretical channel capacity (Shannon limit), which is mind-blowing.
Learning the basics of radio is still worth the effort (and great fun!), but the gap is indeed huge.
The coolest modern ham stuff is happening on SDRs like hackRF.
Indeed.
The problem with many modern ham radios of any sufficiently complex feature set - especially when it comes to cheap hackable radios or digital radios - is that a lot of the functionality is hidden away in blackbox ASIC hardware blocks that have no public datasheets (e.g. BK4819 powering Quansheng's radios, Si4732, or for anything DMR, the AMBE-2020 vocoder).
It's truly a miracle what the hacker community has gotten out particularly out of the Quansheng chipset.
I've reverse engineered lots of things, but the one time I actually got paid for it (this is more a hobby to me), I got the exact opposite of what happened to you.
I quoted some small amount to document the protocol to configure some embedded device that I thought would take a day or so, and it turned into a two-week nightmare. Turned out there was no configuration protocol, it was firmware updates always -- and internal parameters were just overwritten along with the code. So I ended up having to disassemble a big chunk of the firmware before I could configure the device.
1 more comments available on Hacker News