At exactly noon on the first Tuesday after Balint Seeber moved from Silicon Valley to San Francisco in late 2015, the Australian radio hacker and security researcher was surprised to discover a phenomenon already known to practically every other resident of the city: a brief, piercing wail that rose and then fell, followed by a man's voice: "This is a test. This is a test of the outdoor warning system. This is only a test."
The next week, at exactly the same time, Seeber heard it again. A few weeks after that, Seeber found himself staring up from his bicycle at a utility pole in the city's Soma neighborhood, examining one of the more than 100 sirens that produced that inescapable emergency test message around the city. At the top, he noticed a vertical antenna; it seemed to be receiving signals via radio, not wires. The thought came to him: Could a hacker like him hijack that command system to trigger all the sirens around the whole city at will, or to use them to broadcast even more alarming sounds?
Balint Seeber holding the radios he used to reverse engineer and spoof the communications of San Francisco's emergency sirens, like the one on the pole behind him.
Now, after two-and-a-half years of patiently recording and reverse-engineering those weekly radio communications, Seeber has indeed found that he or anyone with a laptop and a $35 radio could not only trigger those sirens, as unknown hackers did in Dallas last year. They could also make it play any audio they chose: false warnings of incoming tsunamis or missile strikes, dangerous or mass-panic-inducing instructions, 3 am serenades of death metal or Tony Bennett. And he's found the same hackable siren systems not only in