Spy radio
Burst encoders
• • • Donate • • •
   Logo (click for homepage)
Motorola MDT-9100
Mobile Data Termial

The MDT-9100 was a mobile data terminal, developed by Motorola (USA) during the 1980s, as one of the successors to the D-1118. The units were developed for use by the Police and were mainly built into police vehicles. Several versions of the 9100 were introduced over the years.
The unit consists of a fairly small processor board (CPU) inside a rugged plastic case with a built-in CRT screen and a small keyboard mounted at the front. The screen is 30, 40 or 80 characters wide and 24 or 25 lines high, and is used to the display messages sent by despatch.

The image on the right shows a typical MDT-9100 inside a Dutch police vehicle. In 1996, Philips Crypto in Eindhoven (Netherlands) developed a high-end mobile encryptor for the MDT in the form of a PCMCIA card. This card was only suitable for the MDT-9100-386 and the 'T'.
A Motorola MDT-9100-WS terminal equipped with a Philips Crypto module

The MDT-9100 became a popular mobile terminal and was used by many Police Agencies world-wide, well into the 2000s and in some countries even as late as 2010. In the Netherlands, the Motorola MDTs were phased-out when the new nation-wide C-2000 network was rolled out [2]. C2000 is a digital trunking system, based on Motorola's TETRANET Trunked Radio system [3].
A Motorola MDT-9100-WS terminal equipped with a Philips Crypto module Switching the unit on Operating the keyboard Function key legend used by the Dutch Police (Eindhoven) Metal bracket to keep the Philips Crypto Card in place

Over the years, different versions of the MDT-9100 were developed and introduced. Although they all look the same, the interior of each model is quite different. Furthermore, the text on the backlit keys was often customised for specific needs or languages. The known models are:
  • MDT-9100-10
  • MDT-9100-11
  • MDT-9100-20
  • MDT-9100-T
  • MDT-9100-386
  • MDT-9100-WS
The first model (10) is fairly simple and can only be used in combination with a base station. It does not allow messages to be prepaired off-line. Models (T) and (386) are both based on a 386 motherboard and are in fact mini PC's. They are the only models that feature PCMCIA expansion slots. The latter could be used for memory expansion, a solid-state harddisc or an external data encryptor, such as the highly secure Philips MDT Mobile Encryptor that was released in 1996.
The MDT-9100-T was the first device in the 9100 family that was based on a 386 PC board. It is in fact a mini PC running the well-known AMI Bios that is used to boot the Windows 3.0 operating system. It has 4MB of RAM, but no harddisc. Instead it features a non-volatile RAM (NVRAM) which acts as a flash-type harddisc. It has two COM-ports (COM1 and COM2) and a parallel printer port. A 15-pin port is used for the radio interface [1]. Further information below.
The MDT-9100-386 was a more advanced version of the MDT-9100-T. In addition to the features listed above, the 386-version also had a SCSI interface. There may be other differences, but we are currently not aware of them. The 386-model became rather popular with many Police agencies in the US, but also world-wide, for example in The Netherlands.

The CRT-screen has a resolution of 80 x 25 characters, but can be made to display larger text at 40 x 25 by using the appropriate DOS 'MODE' command. For expansion, two PCMCIA card-slots are available at the right side. The slots only accept old style 16-bit PCMCIA cards [1]. In 1996, Philips Crypto BV in Eindhoven (Netherlands) developed a PCMCIA expansion card for this model, that added high-end cryptography to the unit (see below).
Security issues
Although Motorola promoted the MDT-9100 as devices for secure data communication, they were in fact highly insecure. Like its predecessors, the MDT-4800 and the D-1118, it used a fairly simple unencrypted data protocol that was easily broken by hackers during the 1990s [5].

According to Motorola, a 'special code' was used, but the code appeared to be nothing more than plain ASCII. The data protcol was known as the MDT-4800 protocol and used bit-interleaving as a means to correct transmission errors, and to obscure the data stream. When hackers discovered the properties of the protocol, several PC programs appeared that allowed the general public to monitor police conversations with nothing more than a scanner, a PC and a simple interface [5].

In the US, the problem was 'solved' by making it illegal to publish and use the PC-based hacking software. Although it helped the authorities to take down most sources from the internet, it didn't prevent wide-spread use of the software. As a result, many people were able to monitor police conversions well into the 2000s, mainly because no real encryption was used on these systems.
In The Netherlands, the MDT-9100 was used by the Police in the cities of Amsterdam and Eindhoven. Both police departments were aware of the security risks involved, and knew that criminals were able to monitor their data traffic.

As a result, the Eindhoven Police Department teamed up with Dutch crypto manufacturer Philips Crypto BV in 1994, with the desire to develop a truely secure solution. Eventually, this colaboration resulted in 1996 in a PCMCIA card with high-end data encryption, that could be installed in existing MDT-9100-386 terminals.
Philips UP-2198 crypto card for MDT (rear side)

Initially, the Amsterdam Police would also be involved in the project, but they pulled-out when they discovered that their MDT-9100s were not suitable for the expansion, and no budget was available to replace the existing terminals. Despite its high potential, Philips never managed to sell the system world-wide. Eventually, Eindhoven would be the only city to use this solution.

 More about the Philips PCMCIA crypto card
The history of the Motorola MDT-range dates back to the late 1970s, when Canadian-based MDSI (Mobile Data Solutions Inc.) introduced the first car-mounted terminal. The company was later bought by Motorola who introduced the name MDT (Mobile Data Terminal). In 1993, parts of the MDT business were separated out of Motorola and were sold back to some of the original owners [6]. Today, the business is known as MDT Technologies Inc., or MDT for short [7].
  1. Mobile Data Terminal, Revision 31 July 2007
    Technical data about some MDT-9100 models. Retrieved May 2012.

  2. Wikipedia, C2000
    Retrieved May 2012.

  3. Wikipedia, TETRA (TETRANET) Terrestrial Trunked Radio
    Retrieved May 2012.

  4. Wikipedia, Mobile data terminal
    Retrieved July 2012.

  5. Various contributors, Motorola MDT-4800 data protocol
    Copyright unknown. Retrieved February 2011.

  6. RCR Wireless, MDSI focuses on strength of vertical applications
    27 November 2000. Retrieved November 2013.

  7. MDR Technical Services, Website
    Retrieved November 2013.

Further information

Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
Crypto Museum. Last changed: Monday, 03 March 2014 - 09:12 CET.
Click for homepage