HFGCS FAQ
All the questions you've never asked about the US military's shortwave radio network, but as a conceit, let's pretend you always did.
This is an updated version of an early 2024 FAQ previously posted to Twitter. Anthropic’s Claude AI (Opus 4.7) was used to compose this article, although it still took a few days put together, on top of all the time spent researching the information this article is based on.
This page works through the usual questions about the HFGCS, but even if you have read this kind of thing before, or watched a video about it, I think you will still get something out of it because a good deal of what follows I have not seen adequately discussed anywhere else. A lot of people have been content to recycle the same old information about the HFGCS over and over for years at a time, and for lack of independent research or even verification, ended up oblivious to the fact much of the information they were recycling was out of date. This FAQ includes observations resulting from my own original findings and research, and also works as a running set of corrections against a general body of knowledge floating around out there that isn’t quite right.
I monitored the HFGCS from early 2022 into 2026. Two core projects came out of my efforts — the DAILY COMPILATION RECORDING PROJECT and later the DAILY TIMECARD PROJECT. Between them, and supplemented by additional posts and videos across Twitter and YouTube, the overall NEET INTEL project amounted to a multi-year, often day-by-day record of EAM traffic. This FAQ is built on top of that record — thousands of transcribed messages, hundreds of structured timecards, and an untold number of hours of HFGCS broadcasts captured in continuous, 24/7 livestreams. Much of the information in this FAQ comes from original observations made during this effectively unprecedented endeavor.
What is the HFGCS?
If you go looking for an explanation of the U.S. military’s High Frequency Global Communications System (HFGCS), what you will mostly find is the same explanation, recycled, that has been sitting around for fifteen or twenty years12. Some of that is just the way these things go, but there is an underlying dynamic that precipitated the current situation. Once upon a time, the military used to be reasonably candid about the HFGCS. In fact, at one point the system even had its own public website, hosted by McClellan AFB3. However, after 9/11, the information portals stopped being publicly accessible. The system itself was never fully classified, and still isn’t; it still turns up in news stories, in non-classified documentation, in Air Force public affairs material. However, primary sources are no longer making friendly overviews accessible to the public, and they certainly aren’t going to provide any deeper dives along the lines of what the NEET INTEL project was able to cobble together.
The most current authoritative descriptions of the HFGCS from official resources are those found buried in Department of Defense budget justification documents. The FY27 procurement document in particular has a genuinely detailed account of the HFGCS;
The High Frequency Global Communications System (HFGCS) program provides the Department of War (DoW) with a critical unique strategic asset: a global, high-power, high-frequency (HF) network. This network ensures resilient communication for both nuclear and non-nuclear command and control (NC3/C2), serving a wide range of users, including US Strategic Command (USSTRATCOM), Air Mobility Command, the White House Communications Agency, Navy submariner forces, and other government agencies like the Department of Homeland Security and the Federal Emergency Management Agency (FEMA).
HFGCS is essential for disseminating critical information to global strategic forces, especially in contested environments where satellite communications might be compromised. The program leverages a network of 13 strategically located ground stations and two network control stations equipped with modern, commercially based, HF radio technology, ensuring beyond-line-of-sight communication with aircraft, ships, and land-based platforms.
— FY27 Air Force Other Procurement, Program Element 0303133F4
When people say ‘HFGCS’ colloquially, what they usually mean is the worldwide network of high-power ground stations that simulcast Emergency Action Message broadcasts, run phone patches, and handle a fairly wide range of other beyond-line-of-sight traffic. There are around 13 active stations at the moment5.
For a long time the whole network was run from a single Centralized Network Control Station (CNCS) at Joint Base Andrews. But a post-9/11 review identified this situation as exactly the sort of problem you could expect it to: a single CNCS was a single point of failure. The original plan was for Offutt AFB to become the second CNCS6, but a 2019 flood7 that tore through parts of the base may have interrupted those plans. Whatever the case, it was ultimately Grand Forks AFB which became the secondary NCS8.
The hfgcs-msl GitHub repository9 assigns each of the 13 stations to one of two network control stations, labeled ‘ANCS’ and ‘GFNCS’, which it is reasonable enough to speculate are Andrews and Grand Forks.
It should be noted that nobody seems to have undertaken any effort to align HFGCS traffic with these assignments. The designations may also simply not matter much in practice, as each NCS appears able to remotely control any station, regardless of label.
In addition to the known HFGCS stations, there are also entities which behave as if they are additional HFGCS stations, though not quite. RED RIVER and WOLFHOUND, respectively the 608th Air Operations Center at Barksdale AFB and the USAFE Joint Personnel Recovery Center at Ramstein10, can be heard on the HFGCS coordinating activity and communications between ground stations and air assets. However, they are not known to simulcast or rebroadcast EAMs.
What are the HFGCS frequencies?
As of 2025 the primary HFGCS frequencies are 4724, 8992, 11175, and 15016 kHz. The ground stations will usually simulcast a message across all four, but not always, and this is where listeners sometimes tie themselves in knots, because a broadcast can be exclusive to one frequency, or to some of them, and someone who couldn’t pick it up on 8992 will report, with great confidence, that it ‘wasn’t broadcast on 8992’ when it simply was and they missed it. The network as a whole runs 24/7 and does not switch on and off, but individual stations have historically kept per-frequency schedules11, and very likely still do, even if the current scheduling isn’t anything I’ve seen documented publicly, or, for that matter, been able to work out for myself.
These four are only the primary frequencies. CHARLIE WINDOWS, ZULU designators, VERDIN, and various UHF channels each get their own Q&A below. Information on many HFGCS related frequencies can be found on HFGCS Wiki12, and a NEET INTEL video provides information on many of them13.
How many HFGCS stations are there, exactly?
The honest answer is that the U.S. Air Force itself does not seem to have settled on a number. The FY27 budget document says there are ‘13 strategically located ground stations’. A 2022 DVIDS release, covering an antenna installation at Joint Base Elmendorf-Richardson, likewise calls that antenna ‘one of the U.S. Air Force’s 13 HFGCS stations’. And yet the photograph attached to that very release shows the 673d Communications Squadron’s own HFGCS wall map, which labels itself ‘1 of 14 HF Sites’, and plots fourteen of them.
So practically speaking, it feels like the answer is 14. But why is there a contradiction in what sources say — how many stations are there, officially? The honest reading is that it might depend on whoever produces the official material. More likely it simply depends on which sites get counted as full ‘stations’ in any given document. These are documents being written at different times by different people in different branches, who’ve never compared notes and maybe never will.
What is an EAM?
Emergency Action Messages (EAMs) are, in the words of the Department of Defense’s own budget documents, “highly structured, authenticated messages primarily used in the command and control of nuclear forces. They are disseminated over numerous survivable and non-survivable communication systems including terrestrial and space systems.” That covers the basics well enough. Most of what you’ll read online gets these basics right (most EAMs are 30 characters, and so on), but the basics are also where these writeups often stop. There is quite a lot more to say.
Structure
Many EAMs are highly structured, and you don’t need to do anything clever to start seeing it. Earlier work of mine pointed at repeating tetragrams turning up in similar positions across messages of the same length14. More recent analysis15 goes a good deal further: some long EAMs (not all of them, and the picture varies a great deal from one length to the next) appear to be assembled out of a vocabulary of discrete 44 character blocks. Not a periodic 44 character cipher, but actual, reused blocks of content: two messages that share a prefix can turn out to share whole blocks, weeks or months apart. Where that happens, it is not something strict OTP encryption can do, and it is exactly what a fielded message format would do. The per-length structure heatmaps give a much better feel for how much of this varies.
A couple of odds and ends
At one point EAMs were generated by a program called EAMGEN16. The current-day system context, named throughout the FY27 budget documents, is the Strategic Automated Command and Control System (SACCS), the NC3 system through which the National Command Authority disseminates EAMs (along with Force Direction Messages and automated ICBM re-targeting data) to the bomber and ICBM legs of the triad.
Are EAMs encrypted with one-time pads?
The single most-repeated claim about EAMs is that they’re encrypted with one-time pads. This claim is regularly asserted with enormous confidence. It is probably wrong.
When we consider EAMs logistically, it actually makes more sense for them to not be encrypted with one time pads. EAMs are received simultaneously by assets all over the world, the volume going out on any given day isn’t fixed in advance, and the actual operational requirement doesn’t really demand OTP-grade secrecy in the first place! These are time-sensitive messages that, even fully decrypted, would still be codewords and abbreviations and authentication elements that anyone other than an intended recipient would struggle to understand. Encryption strong enough to resist real-time cryptanalysis is enough. OTPs would probably be over-engineering it.
The statistical case against all this is newer, and might be the most compelling. A 2026 ciphertext-only analysis of 5,377 unique 30 character payloads17 found a distribution that simply isn’t consistent with the uniform output a standard authenticated cipher produces. Character frequencies are visibly skewed — the letter M and the digit 5 in particular run roughly a third low — and certain positions show structural suppressions a random source could never produce. Identical content blocks also turn up across different messages weeks or months apart. The details are laid out in the EAM characters Q&A, but the premise is simple. A one-time pad, by definition, cannot produce identical ciphertext for two different messages.
We can also argue against the idea based on official documentation. The FY27 budget documents put a name to the cryptographic hardware that handles EAMs: the KG-3XA program — an embeddable module, the KGV-363, and its host, the KG-333M — described as a ‘form, fit, function modernization’ of the crypto required by the Minimum Essential Emergency Communications Network and the Fixed Submarine Broadcast System, ‘employed in various airborne and ground equipment for processing of Emergency Action Messages in the nuclear triad.’ That is not proof of anything on its own, since key management for a pad would need hardware too, but it seems odd to write a procurement line to ‘form, fit, function modernize’ a one-time pad, because a pad is not a device. EAMs are run through a cipher unit, and a cipher unit is a far more comfortable fit with everything above than a stack of pads is.
My best guess as to where the OTP idea even came from: the shortwave-listening community largely arrived at the HFGCS by way of numbers stations, most of which probably did use OTPs, and brought the assumption along with them. They told anyone they could that their asserted expertise meant they knew EAMs were encrypted with OTPs, but never had the real expertise to think they might stop and check if what they were saying made sense before they said it, a million times and never with any qualification or caveat, to anyone that ever asked.
What are the four EAM Groups?
You can sort EAMs into four behavioral categories, on the basis of how their two character prefixes behave over time. I designated them as Groups 1 through 4, and made a video discussing such a categorization system on Youtube in November 202318. It has held up well enough across everything I’ve monitored since.
Group 1 is the bulk of HFGCS EAM traffic — roughly 66% of all EAMs are Group 1 messages, and every single Group 1 message that has been documented is exactly 30 characters. Only one Group 1 prefix is active across the whole network at any given time, and it rotates every three to eight weeks. These are also the messages E-6B aircraft rebroadcast most often.
Group 2 is about 26%. Group 2 messages run anywhere from 30 to 163 characters, and a little under half of them, about 47%, carry an explicit FOR [CALLSIGN] addressee, which is its own subject entirely (see the Directed EAMs Q&A).
Group 3 is small, around 3%. Its messages cluster at particular lengths, and they frequently carry embedded runs of three or more repeated characters. Group 3 prefixes are the sporadic ones: they’ll surface for a few days, vanish for weeks or months, occasionally settle into a stretch of sustained activity, and then go quiet again.
Group 4 is the other 3% or so, and it produces the longest and most structurally elaborate EAMs there are. Known lengths run from 36 all the way to 292 characters19. About 60% of Group 4 messages contain a run of four or more identical characters (FFFF, XXXX, ZZZZ, that sort of thing), and about 38% contain repeated multi character sequences. Group 4 also, predictably, generates the highest operator-error rate, which is simply what length and structural complexity will do to a person reading aloud.
The naming and the categorization are mine, though they echo categorizations and namings that a handful other monitors had already been piecing together. The scheme is built on, and only sets out to name, readily observable prefix behavior.
Interestingly, the FY27 budget documents name four separate message classes: EAMs, Force Direction Messages (FDMs), Force Management Messages (FMMs), and Higher Authority Command Messages (HACMs). The idea of the four EAM groups aligning with these four official message classes can’t be confirmed, but it’s a genuine possibility worth keeping in mind.
What are Directed EAMs?
About 47% of Group 2 messages do something the rest of the dataset doesn’t: before reading the message, the operator names a recipient — FOR [CALLSIGN]. I call these Directed EAMs. Other people call them FOR messages, addressee messages, specifically addressed messages; none of those names are official either, but the format itself is real enough.
These messages fall into four subcategories.
ALPHABET FORCE messages are directed to a FORCE designated by a NATO phonetic letter. ALPHABET FORCES I’ve documented include ALPHA, BRAVO, CHARLIE, FOXTROT, GOLF, KILO, ROMEO, SIERRA, TANGO, UNIFORM, and VICTOR. They recur across years, and across notable activity periods (GLOBAL THUNDER exercises among them), which makes them feel like standing organizational entities rather than anything tactical or one-off.
ALPHABET REGION messages work the same way but for a REGION. Messages for REGIONS ALPHA, BRAVO, and CHARLIE20 have been documented, and messages for ALL REGIONS21 have been broadcast as well.
Messages for numbered callsigns (the [WORD][NUMBER] format), are very strongly tied to E-6B Mercury aircraft. You can usually take a numbered callsign you heard over the HFGCS and match it to a specific E-6B on ADS-B flight trackers. TAMPA52, WILE70, PRONG67, BETEL01, WAHOO73, etc. are all callsigns heard on the HFGCS, and all ended up documented as callsigns used by E-6Bs used over ATC, ACARS, and so forth.
The fourth subcategory is the largest by a wide margin. Several hundred messages for unnumbered callsigns have been documented across the monitoring periods, with some only appearing in a tight burst over a few hours, while others trickle out sporadically over days.
Around 8% of Directed EAMs name more than one recipient. Those can combine callsigns from the same category (FORCE + FORCE, REGION + REGION) or mix categories (FORCE + word-only). What I have never once seen is a FORCE paired with a numbered callsign, or a REGION paired with anything that isn’t another REGION. The largest multi-addressee message I’ve documented went out to ten callsigns at once, on October 24, 2024.
Every Directed EAM documented uses a Group 2 prefix. No Group 1, Group 3, or Group 4 message has ever carried an addressee, and that holds even at the extremes. Even the surprisingly long 285 character message of October 28, 2025, addressed FOR EXERCISE GT 26 CPX AC ST, still carried a Group 2 prefix22.
What patterns exist in EAM characters?
There are a handful of patterns in EAM characters. Some of them you would start to notice yourself, just by transcribing enough messages; others only surface once you run some higher-order analysis across the whole dataset, and would never jump out at you one message at a time. Here are a few of the more notable ones I’ve called attention to over the years.
M and 5 are under-represented. Across more than 6,000 unique EAMs, the letter M and the digit 5 turn up only about 60 to 65% as often as the other characters — call it a 35 to 40% deficit against what a uniform distribution would give you. It holds across every prefix group I’ve checked, and I have no good explanation for it in terms of any standard encryption scheme. It is just there.
0, 1, 8, and 9 don’t appear in standard EAMs at all. 8888 messages are the exception, and they get their own Q&A. The 0 and the 1 are obvious enough: written out by hand, they’re too easy to confuse with O and I23. The 8 and the 9 are less obvious, until you count what is left. A through Z, plus 2 through 7, is exactly 32 characters: a base-32 alphabet.
Those first two patterns (the M and 5 deficit, and the four characters that never appear) are the kind of thing best put in a single picture. Here is every character’s share of the payload across the Group 1 dataset:
In a 30 character Group 1 EAM, the last six characters are almost always all distinct from one another. Across the 30 character Group 1 dataset, any pair of positions inside that trailing window coming up equal is suppressed by something like a factor of fifteen; it is ‘almost’ rather than ‘always’ because there is an interesting set of exceptions. That is a good deal stronger than a simple ‘no doubled letters’ rule: it isn’t about adjacent characters, it is every pair of positions in the window.
Identical strings of characters show up across different messages that share a prefix, sometimes weeks or months apart24. This is one of the things that quietly demolishes the OTP hypothesis — a one-time pad, by definition, cannot produce identical ciphertext for two different messages.
Are EAMs used to communicate DEFCON levels?
On September 11, 2001, an EAM was used to change the DEFCON level, and the phone-conversation transcript that records it happening is sitting, declassified, in the DoD archive2526. It is worth reading. A DEFCON change is squarely the kind of nuclear command-and-control traffic an EAM exists to carry, so the answer is plainly yes27.
What is a Force Direction Message?
People almost never ask about FDMs, but they probably should! Force Direction Messages have been named alongside EAMs in DoD documentation for decades (a 1999 description of the Single Channel Transponder System states outright that SCTS “provides Emergency Action Message (EAM) and Force Direction Message (FDM) dissemination capability”28), and I used to write that whether they still existed as a distinct class was an open question. However, even the FY27 budget documents name Force Direction Messages repeatedly, and plainly as a current, fielded category: the Strategic Automated Command and Control System (SACCS), which disseminates EAMs for the National Command Authority, is described as handling ‘Higher Authority Command Messages, Force Direction Messages, EAMs, and automated ICBM re-targeting data’, and the Global ASNT terminal program lists ‘Emergency Action Messages (EAMs), Force Management messages, and Force Direction messages’ among what it receives and relays to bomber and tanker aircrews. All this to say that FDMs are not a lapsed historical curiosity, but an ongoing message type.
However, at least from the outside, an FDM may well still be indistinguishable from an EAM, though it’s possible prefixes set FDMs apart, in which case it isn’t. A budget document naming the category does not tell you how to pick one out on the air. So the shortwave-listening habit of calling everything an ‘EAM’ sits exactly where it always did: unavoidably imprecise, because FDMs are real and, as far as audible structure goes, a lookalike. The four-Group taxonomy might still map onto an EAM-versus-FDM split, or onto the broader four-class breakdown — either way, not something I can settle from monitoring alone.
Nonetheless, ‘EAM’ is the colloquial term everyone uses to talk about and understand these messages, and I reluctantly concede that insisting on ‘EAMs and/or FDMs’ everywhere would probably be more pedantic than it is useful.
How many EAMs are typically broadcast on any given day?
Routine daily EAM counts vary, but they are not random. Across the 224-day stretch from June 23, 2023 to February 1, 2024, the average came out at 14 to 15 messages a day, with a median of 14. Later windows I’ve sampled ran a little higher, averaging 18 or 19 with medians of 16 to 17. Though I haven’t tried to fit a proper trend to it, there does appear to have been a gradual uptick in message volume over the years.
Days with a very low volume of EAMs (zero to three messages) are rare, and when they do happen they tend to land on federal holidays.
When do EAMs broadcast?
The HFGCS is a 24/7 network. In theory, an EAM can broadcast at any time of day, and on any day of the year. However, general trends in the time of day an EAM is more likely to broadcast and even what day it is more likely to broadcast can be observed when the entire NEET INTEL project dataset is charted out:
Do EAMs correlate with world events?
The news-cycle version of the question
This is the easy version, and it’s the one that goes viral. Something big happens in the news, the EAM count that day looks high, and people on Twitter and YouTube announce a connection. The same people reliably say nothing on a day with 30+ EAMs and no news to hang them on, and say nothing on a day of enormous headlines and unremarkable EAM volume. A strong, consistent correlation between EAM traffic and arbitrary geopolitical events has never been established. All of that is true. It is also a gross oversimplification, and one that concedes far too much to a particular cast of mind. A large part of the public, and no small number of self-styled ‘OSINT experts’ with them, come at this subject with exactly two settings: is this urgent, breaking, happening right now?, or else oh, this is nothing. Almost everything genuinely interesting about the HFGCS lives in the wide space between those two. Follow the two-setting logic all the way out and you would have to hedge Able Archer 83 down into a footnote, and the Cuban Missile Crisis next to it, for fear of ‘clickbaiting’ or ‘needlessly worrying’ an audience that had no intention of engaging with the detail to begin with. That is the tail wagging the dog. There are, in fact, any number of apparent exceptions to the ‘no correlation’ line: cases where large-scale military exercises and operations do seem to leave a ‘mark’ on HFGCS activity.
The operational version
Specific, pre-scheduled military activity does sometimes leave a detectable signature on HFGCS traffic; two cases stand out.
STEADFAST NOON 2023. NATO’s annual nuclear exercise ran October 16 to 26, 2023. Overall message counts and structure across that window looked entirely normal: no surge, no lull. But the YI prefix showed up carrying a distinctive internal repetition pattern on October 11, just before the exercise; again on the 16th, the start; and again on the 26th, the end, and then it was gone. The pre-exercise appearance was probably pre-deployment or keying of some kind; the bracketing of the exact start and end dates is the conspicuous part. A distinctive prefix family landing precisely on the boundaries of a known exercise might, of course, be coincidence, but it is conspicuous enough to be worth flagging and watching for.
Minuteman III ICBM test launches. Vandenberg SFB runs unarmed Minuteman III test launches on publicly announced schedules. Across 11 launches I had monitoring coverage for, Group 4 EAMs show up at roughly 3.6× their baseline rate in the D-1 to D-3 window ahead of the launch; 8 of those 11 launches showed elevated Group 4 activity. For comparison, on an ordinary non-launch day a Group 4 prefix appears only about 22% of the time (an average of 0.29 long messages a day, across 807 baseline days). A write-up is available for review at minuteman_icbm_x_hfgcs_eams.html.
This evidence is not in tension at all. Random news cycles do not correlate with EAM volume or content, but specific pre-scheduled operational activity sometimes might, at rates you could actually quantify. They’re two different things people are both calling ‘correlation’, and the second one is what serious monitoring is actually for.
Did the HFGCS play a role in OPERATION MIDNIGHT HAMMER?
On June 21, 2025, the United States struck Iran’s nuclear facilities in OPERATION MIDNIGHT HAMMER. Unusually, a fairly precise public timeline of the operation was publicly released. Thanks to this data, I was able to take a look to see if any correlation or alignment could be observed between EAM broadcast times and operation stages. There did appear to be non-trivial alignment suggesting the HFGCS did play a role in the operation29.
Are long EAMs cause for concern?
For the most part, no, long EAMs are not the cause for concern the internet has made them out to be. Long EAMs are the ones most likely to go viral, but a good number of them could be identified as running on a preset schedule. Once you have identified the schedule, it becomes easier to stop reading too much into them.
Three times across 2023 and 2024, on a roughly quarterly cadence, the same thing happened: a 194 character EAM went out on a Saturday evening UTC, and a 216 character EAM followed it the next afternoon, Sunday, at around 16:45 UTC. It happened on 19–20 August 2023, again on 18–19 November 2023, and again on 10–11 February 2024 — the same two lengths, the same Saturday-into-Sunday structure, near-identical UTC slots each time.
On Saturday, May 18, 2024, a 210 character EAM went out at 21:16 UTC, and within hours it was being passed around online as evidence of something, and a self-appointed HFGCS expert, @redanblacattack (now @Rick_Fenlon) made a tweet implying his ‘expertise’ meant he could credibly suspect the EAM was associated with concurrent breaking news of a drone attack in Russia. But if he was actually as diligent of a monitor as he implied he was, he would’ve recognized the 210 character Saturday-evening EAM as entirely routine and predictable. I made a short video walking through the whole pattern30, and was blocked for my troubles.
This isn’t to say we know that every long EAM is scheduled, but enough of them visibly are that we can begin to suspect even more are (just on less obvious schedules). Separately, we know that geopolitical events do not run on a timetable, so when someone points at a long message they happened to notice and declares it must be about whatever is at the top of their news feed, they are anchoring a random point inside a pattern that was already there.
If you want to go looking yourself, the 2022–2026 message calendar lays out all long EAMs in the entire NEET INTEL dataset. Diligent investigation is likely to continue to turn up some schedules or patterns that ‘experts’ like Rick Fenlon never put together.
Can you read anything into an operator’s tone of voice?
The claim that you can read significance into an HFGCS operator’s tone of voice is unfounded. It quietly assumes the operator either understands the message or has some context for how much it matters, and neither of those is well-established31. More to the point, the people who make this claim have a bad track record. I’ve seen people claim an HFGCS operator was crying because the EAM they were reading meant that WW3 was about to begin. Not only did WW3 obviously not begin, the operator wasn’t crying, they were laughing. Consider that an operator could read a practice message with strong enunciation and a little nervous tremble in their voice not because nukes are about to fly, but because they know a superior who will pass/fail them is listening. Just like anyone else at any job, the mood of an HFGCS operator could be affected by any number of things, such as personal troubles in or out of work, a funny joke someone just told them, workplace pressure, etc. The idea someone listening to them with a shortwave radio could accurately identify and differentiate their tone of voice as a ‘giveaway’, while completely separate from important context, is simply bizarre.
What is a SKYKING?
SKYKING messages get discussed every single time the HFGCS comes up, and they are, at this point, rarely broadcast on the HFGCS at all. People keep talking about them for the same reason a lot of HFGCS information is the way it is: it’s recycled from a period when SKYKINGs genuinely were common.
I can’t say the SKYKING side of things has ever much bothered me. To me, their whole foreboding reputation looks fairly undeserved. Larry Van Horn’s 2006 documentation defined SKYKING as “The collective call sign for all Single Integrated Operational Plan (SIOP) committed aircraft and missile crews. Its meaning is ‘all SIOP committed aircraft and missile crews copy the following message.’”, and my read, for whatever it is worth, is that SKYKING messages functioned as either mission abort or return-to-base messages. If I’m right, that would mean they were never the ‘it’s about to pop off’ signal anyone imagines. In fact, sometimes they might’ve been much closer to signals that could’ve been read as ‘whatever that was, it just ended.’
For the recent record: there is an April 12, 2024 broadcast that went out from SKYKING to SKYMASTER on 11175 kHz (recording), though some might hesitate to call it a SKYKING message at all: structurally it follows the SKYMASTER format rather than the classic SKYKING one, and several of its three-letter groups turned up in other traffic to SKYKING that same day. The case is less that ‘SKYKINGs have stopped’ than ‘the classic SKYKING message has gone quiet on HF, and the callsign surfaces in new and unfamiliar contexts that older monitors are uninterested in’.
Whatever the case, if you come across someone presenting themselves as an HFGCS expert but they still discuss SKYKING as if it’s the end-all-be-all of HFGCS traffic, that’s probably a tell that you’re talking to someone that’s out of the loop32.
Who is MAINSAIL?
When someone keys up and asks for MAINSAIL, they are making a deliberately open-ended request — to any global ground station, whoever can hear them, whether that’s Andrews or Offutt or Sigonella or anyone else. That has been the case for a while, with things still more or less in agreement with Larry Van Horn’s write-up from over a decade ago33.
What has changed is when the name is used. Stations broadcasting EAMs used to identify by their own station callsign — Andrews would say ANDREWS, Offutt would say OFFUTT, and so on. But around 2014 they all shifted to identifying as MAINSAIL during EAM broadcasts, and then around 2015 they shifted again to rotating daily callsigns. So today a ground station answering a MAINSAIL request might identify as MAINSAIL, or as the station it is actually transmitting from, or as the daily HFGCS callsign.
What is a “rotating daily callsign”?
Around 2015, the callsigns used for EAM broadcasts moved off station names and MAINSAIL and onto a rotating pool of unique daily callsigns. They almost always change at 00:00 UTC.
I have spent a genuinely non-trivial amount of time cataloging these, and with only a couple of ambiguous exceptions I am fairly sure of this: virtually every HFGCS callsign observes a 9 character limit, spaces included (some callsigns are two words). The apparent exceptions are things like CUTTY SARK and LIGHT BUOY (10 characters once you count the space), and my suspicion is that internally they are treated as 9, with the space simply dropped: CUTTYSARK, LIGHTBUOY.
The limit seems to reach almost everything else on the network, too. SKYMASTER fits inside 9 characters, so does MAINSAIL, and so do the station names: ANDREWS, OFFUTT, SIGONELLA. The one that genuinely doesn’t is PUERTO RICO, which is 11 characters, or 10 without the space.
What is interesting is that the limit might effectively be a kind of platform-type signature. HFGCS NCSes and E-6B callsigns stay inside 9 characters, but the 10 character tactical callsigns read as a different class of platform entirely. FILIBUSTER was heard during what looked like an attempt to contact an E-4 ‘doomsday’ platform on HF34, and SPELLCASTER and BELLPEPPER35 were both heard running radio checks ahead of a SKYMASTER exercise period in April 2026. Callsigns like these stick out in a pool of callsigns adhering to a shorter character limit.
The numbered callsigns (the [WORD][NUMBER] format) are very strongly tied to specific E-6B aircraft, and one appearing on the HFGCS can usually be matched to a specific airframe on ADS-B trackers; that is covered more in the Directed EAMs and E-6B entries.
So why did nobody notice the 9 character limit earlier? Probably just poor documentation. For years, an admin of eam.watch (someone who falsely claimed inside knowledge of the HFGCS36) logged, and kept logging, test counts from Diego Garcia under the callsign DIEGO GARCIA, when the recording plainly only says DIEGO37. Other listeners mishear callsigns and log ones that break the limit. Meanwhile, Air Force Instruction 33-21738 might’ve been dangling a definitive source just out of reach: “The VCSLI contains detailed procedures for requesting, assigning, and using voice call signs, and is available on the VCS SIPRNet web site”.
What is an E-6B Mercury?
The E-6B Mercury is a U.S. Navy aircraft, flown by Strategic Communications Wing 139. In the Navy’s own words, its primary job is to “receive, verify and retransmit Emergency Action Messages (EAMs) to US strategic forces.” For monitoring purposes the E-6B is the airborne half of the whole system: the ground stations broadcast EAMs on HF, and E-6B aircraft rebroadcast them on both HF and VLF (the latter via a trailing wire antenna), which is how the coverage reaches the submerged ballistic missile submarines that can’t pick up HF at all.
There is a fuller picture of what an E-6B crew actually does, and it turns up in an unexpected place: the same FOIA-released aircrew training plan that pins down NEREP and AKAC-274 (c.f. the 274 message Q&A) is an E-6B program syllabus. The aircraft’s wartime role is the Airborne Command Post (ABNCP), and crew train on things like Emergency Conferencing, handling Nuclear Execution Reports, the Nuclear Planning and Execution System.
E-6Bs show a strong preference for Group 1 messages when they rebroadcast EAMs, and they also work the CHARLIE WINDOWS and other discrete frequencies for E-6B-to-E-6B traffic. As mentioned earlier, the recipients of Directed EAMs with numbered callsigns can usually be matched to a specific E-6B on the public trackers (ADSBExchange, Flightradar24).
However, that last part has gotten harder in recent years. From late 2024 and on through 2025 and into 2026, E-6B visibility on the public flight trackers has been dropping: the aircraft turn up under false hex codes more often, fall off the trackers entirely more often, and there have been both large-scale exercises and apparently routine days of the week where radio traffic implied more aircraft airborne than would appear on flight radars. Attributing a callsign to a specific airframe is still useful, but it’s a lot harder to do now than it was in 2022 or 202340.
What is the E-6B rebroadcast timetable?
The E-6B rebroadcast relay pattern is worth identifying because it’s a regular feature on the HFGCS: a ground station broadcasts an EAM ‘for’ a specific aircraft, then follows it with a second message addressed ‘to no one in particular’ — and a while later another, different transmitter, under its own callsign and very probably that same aircraft, rebroadcasts the second message on a half-hour schedule, presumably toward submarines.
The exact minute past the hour it keys up on isn’t arbitrary, either — the slot tracks, roughly, which body of water the aircraft is covering:
Time slot coverage
:00 and :30 Gulf of America (and, rarely, Lake Michigan)
:10 and :40 Atlantic
:20 and :50 Pacific
What is VERDIN?
The VLF Digital Information Network (VERDIN) is the very-low-frequency counterpart to the HFGCS, and carries much of the same traffic. E-6B aircraft broadcast digital EAMs on VLF through their trailing wire antenna, mainly to the submerged submarines that HF can’t reach41.
VERDIN runs on a small set of VLF frequencies:
17.8 kHz VERDIN ATLANTIC
22.7 kHz VERDIN PACIFIC
26.35 kHz VERDIN SPORTS
27.2 kHz VERDIN GULF
30.0 kHz VERDIN PENINSULA OF UPPER MICHIGAN
SPORTS is the most amusing VLF frequency. 26.35 kHz was documented in use to broadcast information covering sports scores, closing stock prices and naval-history trivia42. 23 kHz might also be a VERDIN frequency43.
The FY27 budget documents contain some information regarding VERDIN as well. The KG-3XA cryptographic program (the same one discussed in the one-time-pad Q&A) includes an embeddable module, the KGV-363, described as supporting ‘Very Low Frequency (VLF) receivers and transmitters’ and tied to the Fixed Submarine Broadcast System.
If you want to take a look at some VERDIN captures, null has a dedicated YouTube playlist44.
What is an “8888 message”?
Standard EAMs never use the characters 0, 1, 8, or 9. 8888 messages (formally, Quad 8s or alternatively, Octopus messages) are the exception, containing those characters and, most conspicuously, opening with 888800 and closing on 8888. They are almost certainly not standard EAMs, and it’s entirely possible they shouldn’t be broadcast on the HFGCS at all.
As part of research for a video I made in 202345, I could only find evidence of 11 documented 8888 messages across nearly twenty years of records. The count now is over 38, HF and VLF combined, with the documented record running from a 1999 UDXF log all the way through broadcasts still happening in 2026. A writeup that supercedes the one in the video is available at octopus_8888.html.
What the expanded dataset shows is that the structure is consistent. An 8888 message opens with the 888800 header, then a two-digit day that matches the calendar date, then a four-digit time at or near the time of transmission, then a middle block of paired characters (most often AAEEGGKKNNXXZZ), and closes on a trailing 8888.
The HF instances are mostly disregarded (since 2018, most are followed by an explicit disregard call from the operator), while the VLF instances typically are not. And the VLF ones correlate with specific aircraft hex codes: E-4 airframes (ADFEB3, ADFEB4, ADFEB6) and E-6 airframes (AE0412, AE0414, AE040E) have all been associated with VLF 8888 broadcasts more than once.
There are two leads on 8888 messages. The first: the veteran HF monitor Larry Van Horn relayed an anonymous source saying that, historically, 8888-formatted messages appeared on the ISST (ICBM Strategic Satellite Test) system as test messages, which would make them test-format traffic rather than live launch orders. The second came out of a Titan II missile museum tour I included in that 2023 video, where a former crewman walks through the actual launch-authorization procedure: a two character envelope selector followed by a five character code, sealed in a ‘cookie’, that has to match for an event to be real. That 2+5 structure maps cleanly onto the inner fields of an 8888 message as observed on both HF and VLF, which strongly suggests these are either a direct descendant or a very close cousin of those nuclear command formats.
None of that confirms 8888 messages are ICBM-related. But the format, the documented adjacency to ICBM systems, and the simply tiny broadcast rate all point the same direction: toward high-significance test or control traffic somewhere inside the nuclear command-and-control world.
What is a SKYMASTER event?
The phrase SKYMASTER event has drifted into meaning two slightly different things at once: the radio callsign SKYMASTER, which sometimes appears on the HFGCS during certain large broadcasts, and the underlying STRATCOM exercise that produces it. They are not the same thing. A SKYMASTER event is, properly, a large STRATCOM-driven exercise; the radio callsign SKYMASTER is one optional surface symptom of that exercise, and when it does appear, it tends to appear near the end, not the start.
For what it is worth, SKYMASTER is a genuine procedural term and not a piece of listener folklore: ‘SKYMASTER procedures’ turns up as a named training subject in a FOIA-released E-6B aircrew training plan, and, tellingly, it sits in the same lesson as NEREP communication procedures (that document is discussed in the 274 message Q&A).
On the HFGCS, a SKYMASTER-scale exercise looks like this: hundreds of messages over many hours, several distinct formats running at once (ordinary EAMs, SKYMASTER-prefixed messages, 274 messages, RECOVERY REPORTS), and heavy use of additional HF and UHF frequencies well beyond the usual four46. In SKYMASTER mode each primary frequency starts behaving like its own network rather than a mirror of the others, which quietly breaks the usual assumption that the HFGCS simply simulcasts everything across 4724/8992/11175/15016.
I used to call all of these ‘SKYMASTER events’ and nothing else. They are better thought of as STRATCOM exercises that may or may not throw a SKYMASTER callsign onto HF. To handle the cases where the indicators are all present but the callsign isn’t, I added the FAKEMASTER category — see the next Q&A.
What is a FAKEMASTER event?
A FAKEMASTER is an event with every hallmark I’d expect of a SKYMASTER (E-6B forward deployment, conspicuous airspace reservations, heavy EAM traffic, unusual callsigns, all the formats discussed in the SKYMASTER Q&A) but with no documented SKYMASTER call. Either it is a similar-scale exercise that is genuinely different in some operational way, or the call happened and I missed it.
The cleanest example is June 23, 2024 (an E-6 forward-deployed to Norway, special airspace reservations, an unusual EAM read by the numeric callsign LOOKOUT44), which I flagged at the time as anomalous. The DoD afterward implied it had been little more than a photo opportunity of some kind, but HFGCS audio recordings clearly prove a real exercise took place concurrent with the DVIDS photo op. The case for that day being GLOBAL STORM 24 rather than a mere photo op is laid out in the GLOBAL STORM Q&A.
How often do SKYMASTER events happen?
Fairly often47.
How do you know a SKYMASTER event isn’t real nuclear activity?
This is the question that comes up most when one of these broadcasts goes viral.
First: I was able to forecast the dates of many major SKYMASTER events I documented well in advance. I would post these forecasts in public and with verifiable receipts, sometimes weeks or months out, and the events have landed on or near those dates. The forecasts and their paper trails48 would be published online ahead of time. Anyone insisting SKYMASTER traffic is real nuclear activity is, by implication, insisting that I am leaking sensitive US military information ahead of time, which would make me either a serious U.S. military security problem or a serious foreign-intelligence opportunity. I have not been arrested or kidnapped on either count.
Second: STRATCOM publicly announces its large exercises. Offutt AFB’s social media announced its April 2026 exercise window six days ahead of time. Whiteman AFB and DVIDS pages routinely publish dates. This activity is rehearsed in the open, and it is a genuinely routine part of how U.S. strategic forces operate. Some SKYMASTER events can be cleanly associated with these publicly identified exercises.
Third: a ‘real’ EAM would probably look and sound very much like an exercise message. The difference would be context, not content. In an actual crisis, every major news outlet on earth would be covering a nuclear emergency in plain language. You would not be finding out from the HFGCS.
What is GLOBAL STORM?
GLOBAL STORM is one of the recurring U.S. STRATCOM exercises with a known name, and is part of the same broad family as GLOBAL THUNDER and GLOBAL LIGHTNING, the kind of large strategic-deterrence drill that throws the activity discussed in the SKYMASTER Q&A onto the HFGCS.
Although OSINT missed it and audio proof sat unnoticed and undiscussed for several years, GLOBAL STORM 23 ran on July 11, 2023. A recording I made that day has a participant clearly identify the exercise by name over the HFGCS49.
Evidence points towards GLOBAL STORM 24 taking place on June 23, 2024. This happens to be same date as the USS Tennessee activity flagged in the SKYMASTER Q&A. At the time, the NEET INTEL project logged that day as a FAKEMASTER (the term is defined in the FAKEMASTER Q&A), while a good deal of the wider commentary settled on calling the day a photo opportunity, or a show of force. My read is that it was something a great deal bigger: a major, ‘Tier One’ STRATCOM exercise that simply went unrecognized as one, for the unglamorous reason that DVIDS never labeled it as such. The circumstantial case for the GLOBAL STORM 24 identification is laid out in that same recording; two further HFGCS timecard recordings back it up5051, and the documentary background (GLOBAL STORM, the broader STRATCOM exercise calendar, and the USS Tennessee deployment) is set out across the sources525354555657585960616263.
What is a 274 message?
A 274 message is a format that, for a long time, turned up almost exclusively during STRATCOM exercises. That is no longer quite true, as it has started to appear outside that context too. Either way it remains poorly documented, and was rarely logged online until recently64. Despite the name, these messages are not 274 characters long; the ‘274’ points instead to AKAC-274, a real operational publication named outright in a FOIA-released E-6B aircrew training plan65, where ‘the use of the AKAC 274/AKAL 1553’ is listed as one of the things a Force Status controller is trained on.
That same training plan also settles what NEREP means. NEREPs are Nuclear Execution Reports; the plan lists them explicitly, in at least three types designated LA, GA, and SA, with their own message precedence and their own communication procedures.
What is a CLARINET MERLIN message?
CLARINET MERLIN appears by name in the FOIA-released E-6B training plan discussed in the 274 message Q&A. The syllabus carries a lesson on the process of sending, relaying, and receiving CLARINET MERLIN messages. From this, it would appear to be a category of traffic that E-6B crew handles, but I never heard anything I thought might be a CLARINET MERLIN message.
What is a RECOVERY REPORT?
A RECOVERY REPORT is another format you will basically only hear during STRATCOM exercises. It seems to be an unusual way of confirming that SKYMASTER messages have reached their intended recipients. One remarkable thing about them is that slashes are actually read aloud as part of the message. This might be the only context in which they ever are read that way over the HFGCS.
What are the CHARLIE WINDOWS?
On top of the four primary HFGCS frequencies, and the discrete frequencies nobody outside knows, STRATCOM uses 9031 kHz, which, on the primary frequencies, I’ve heard referred to not as ‘9031’ but as the ‘CHARLIE ECHO WINDOW’, presumably to keep the handling of it a little low-key.
CE is one of a series of ‘CHARLIE WINDOWS’ (CA through CI) that the shortwave-listening community documented some time ago. The mildly surprising part is that the frequencies documented back in the mid-to-late 2000s are still the same ones in use today66.
I have heard most of these in use myself. I’ve also heard operations mention a ‘CL’, without ever pinning down which frequency it refers to. All of the CHARLIE WINDOWS appear to be reserved for E-6B-to-E-6B communication.
What are the ZULU frequencies?
The ZULU frequencies are a set of channels STRATCOM uses, each one identified by a code-name designator of the form Z-number (Z100, Z170, and so on); collectively they are possibly known as the ZULU NET. The older public lists of ZULU frequencies (the ones the shortwave-listening community put together in the mid-2000s) are badly out of date, and full of entries that don’t line up with anything in current use. Several of the ZULU designators look like they descend from the older MYSTIC STAR network. These channels don’t appear to be held in absolute reserve. For instance, Z100 (13907 kHz) is also used by the U.S. Coast Guard.
What is ESTEEM HIGHLY ALPHA?
Most of what crosses the HFGCS is EAMs and routine station business, but every so often you catch something else entirely: a phone patch, where a unit asks a ground station to bridge it, by actual telephone, through to some particular number. In March 2024 I caught one between two units signing 4HA and 1YG, and the audible half of it ran: ‘4HA, this is 1YG. Roger. Esteem Highly Alpha. [My cell?] 2051, over.’67.
I was initially perplexed, with none of the self-appointed experts appearing to be familiar with the term ESTEEM HIGHLY ALPHA at all. However, answers could be found on Russian-language monitoring forums, and in old issues of Monitoring Times68. The trail runs a long way back: there is a 1992 recording (a shore control point and a submarine working HF authentication off password tables, then a time-of-receipt readback) archived with a full transcript on cubanos.ru69. English-speaking monitors were logging it in Monitoring Times in the 1990s, and on the forums the English-language trail runs at least to 2016. The Russian record reaches at least as deep, between that 1992 recording and forum logs running from 2013 on. The 2013 Russian log is the tidy one, with ANDREWS phone-patching a unit signing 8LX through to 5JE, the whole exchange explicitly ‘EXERCISE ESTEEM HIGHLY ALPHA’, and that log notes, almost in passing, that 8LX was a submarine70.
The number on the other end is worth a look too, though I will point rather than print. It is an ordinary commercial line, and a strikingly persistent one: the same number gets dialed in the 2024 patches and in monitoring logs going back well over a decade. Those logs are public, and the number sits in them in full, there for anyone curious enough to go and read it71. Run it through a search and it lands squarely on U.S. Navy directories around Norfolk, Virginia: Fleet Forces Command, Naval Support Activity Hampton Roads. So what you are actually hearing, when ESTEEM HIGHLY ALPHA goes by, is a Navy unit (often, on this evidence, a submarine that has surfaced to do it) using the HFGCS as a switchboard to telephone a shore command and report in on an exercise. It’s a decent reminder that the system is more than just EAMs.
Is eam.watch a reliable source?
Not really, and the more weight you put on it the worse the data gets. eam.watch is a community-driven log of HFGCS traffic, and like any crowd-sourced archive it inherits the strengths and weaknesses of whoever happens to be paying attention on any given day. The most obvious failure mode: a blank day on eam.watch does not mean no EAMs were broadcast that day, it usually just means nobody logged them. There are a great many such days in the record.
Transcription quality is the more serious problem. The site has no working quality-control process, and the miscounts can be substantial. For example, I recently saw them log a 75 character EAM as a 51 character EAM, off by 24 characters on a message where the operator even stated the length out loud72. The smaller, more familiar case from the callsign Q&A — Diego Garcia test counts logged as DIEGO GARCIA when the recording plainly only says DIEGO — is a symptom of the same systemic lack of care and curation.
I would have liked to use the eam.watch database. It is large, and a large database is genuinely useful for the kind of structural analysis I have spent years doing. But the data isn’t clean enough to use without auditing every individual submitter, and the most prolific submitters tend to be the ones who never audited their own entries. When I suggested, years ago, that structure-based quality control could flag plainly impossible message lengths and similar errors, I was accused of trying to violate the U.S. Espionage Act and told this was unacceptable conversation. The institutional memory is correspondingly thin: when I posted 8888 message recordings in November 2022, the admins reacted as if no similar traffic had ever been documented, even though earlier contributors had already logged 8888 messages on the site itself.
The broader lesson applies to any HFGCS source, not just this one. Insider claims by site admins and self-styled experts should be checked, not trusted — a point worked through at greater length in a dedicated video.
How can I follow this work?
The NEET INTEL project is effectively shutting down in 2026, but all the archives, recordings, and writeups remain available. A surplus of information, including EAM structural analysis, has been published to neetintel.github.io. Longer-form articles are at neetintel.substack.com. As well, videos with commentary, explanations, and analysis are accompanied by hundreds of hours of actual HFGCS recordings over on the NEET INTEL YouTube channel.
If you want to monitor any of this yourself, 11175 kHz tends to reward attention from North America, because it carries the most additional aircraft and ad-hoc voice traffic on top of the simulcast EAMs. The UTwente SDR is convenient, and a lot of people default to it. The problem is, it misses a lot of North American traffic, particularly E-6B broadcasts, and this is major reason as to why so much of the genuinely interesting activity went undocumented for years by the wider listening community.
If you have read all the way to the end and found this useful, this took me a bit to write and represents untold hours spent both monitoring the HFGCS, recording and transcribing EAMs, and looking up information and previous transcriptions across the internet, including scouring Russian-language forums, finding dead Discord servers, etc. Likes, retweets, ko-fi contributions, etc. let me know it’s appreciated. Cheers.
Larry Van Horn’s 2006 writeups are the foundation most HFGCS information online still rests on, this FAQ included — he did first-rate work. If some of it has dated in the two decades since, that is just what happens to documentation; the real gap is that nobody has given it a comprehensive update.
Larry Van Horn’s milcom blog. mt-milcom.blogspot.com; maintained until 2023.
HFGCS official website. McClellan AFB; archived 25 October 1997.
FY27 Air Force Other Procurement. U.S. Department of the Air Force, 2026.
673d CS Airmen integral to Global Communications System. DVIDS, January 2022.
Andrews radio operators assist crew members worldwide. Joint Base Andrews, 2006.
Offutt rebuilds command center. 55th Wing Public Affairs, 2023.
UDXF Master Callsign List. udxf.nl.
This schedule appears to be outdated, but it’s still a good reference for the idea of stations operating to per-frequency schedules. See page 2 of https://udxf.nl/USAF-HFGCS.pdf.
List of Radio Frequencies. HFGCS Wiki; archived 15 December 2025.
HFGCS and other US military radio frequencies. NEET INTEL, YouTube.
x.com/neetintel/status/1703141877627691399; EAM structure (100+ characters).
44 character block structure and its explainer. Block analysis across 21 prefix groups and 1,512 pairwise comparisons.
The Post Cold War SIOP and Nuclear Warfare Planning: A Glossary, William M. Arkin and Hans Kristensen. Natural Resources Defense Council, 1999.
EAM 30 character format analysis. Statistical analysis of 5,377 unique 30 character payloads, 2026.
Emergency Action Message: Message Categories. wiki.hfgcs.com; archived December 2025.
HFGCS EAM 250501 06:25 UTC [292 CHARACTER MESSAGE]. NEET INTEL, YouTube; broadcast by callsign INFATUATE on May 1, 2025, the longest EAM captured under the project.
HFGCS EAM 231207 17:19 UTC [FOR REGION CHARLIE]. NEET INTEL, YouTube; a 30 character message addressed to REGION CHARLIE.
HFGCS EAM 230417 17:43 UTC [FOR ALL REGIONS]. NEET INTEL, YouTube; a 30 character message addressed to ALL REGIONS.
HFGCS LIVESTREAM 251028A. NEET INTEL, YouTube; the 285 character message appears at 01:25 UTC.
x.com/neetintel/status/1736431126208512360; HFGCS operators can be heard complaining about message handwriting.
x.com/neetintel/status/1683976792703467520; identical character strings across EAMs.
x.com/ReidDA/status/1713272506394513818; the 9/11 DEFCON-change EAM.
9-11 AIR THREAT CONFERENCE CALL TRANSCRIPTION. U.S. National Archives.
Wikipedia editors have argued that ‘EAMs do not change DEFCON’ and are ‘just a message format’, as if those are competing claims. Delivering messages is what a message format does, and the declassified transcript shows one delivering this one.
Single Channel Transponder System (SCTS). GlobalSecurity.org, 1999.
x.com/neetintel/status/1936815771973242927; whether EAMs related to the June 21, 2025 strike.
A Short Video About Long EAMs. NEET INTEL, YouTube.
Whether operators know the meaning of the EAMs they read is unresolved. There’s a mix of anecdotal claims either way. I’m agnostic on it, and neither invested in or much bothered by claims in either direction.
‘Outdated’ here is about the prominence the old writeups give SKYKING, not a claim it never happens now. As the recent record above shows, it still surfaces, but it’s not common, and doesn’t have the continued relevance as a signal that those out-of-date writeups imply.
Who or what is MAINSAIL? Larry Van Horn, mt-milcom.blogspot.com, 2013.
STREAMER and RICOCHET incident, January 2 2025, attempting to raise FILIBUSTER (10 characters) on 11175; discussed in 分析: 250102 – Are E6s flying dark? (NEET INTEL, YouTube).
HFGCS COMMUNICATIONS 260408 18:02-18:09 UTC – MAINSAIL attempts to contact BELLPEPPER. NEET INTEL, YouTube.
解説: What is eam.watch? – False “HFGCS experts”. NEET INTEL, YouTube.
An eam.watch admin has repeatedly logged Diego Garcia test counts as DIEGO GARCIA despite the recordings clearly only saying DIEGO. Example from November 2023: eam.watch
Though from 2014 and rescinded, AFI 33-217 is a good lead.
Strategic Communications Wing 1. U.S. Navy.
A plausible explanation for all this could be that it’s part of a broader post-New START effort to obscure U.S. strategic force activities.
A KiwiSDR with the right antenna can be configured to decode these transmissions into text.
HFGCS LIVESTREAM 241220T. YouTube — suspected VERDIN traffic on 23 kHz.
8888 Messages. NEET INTEL, YouTube, 2023.
Non-HFGCS EAM 250820 20:05 UTC [9RX on 13450 kHz; 202 character message]. NEET INTEL, YouTube; a non-HFGCS station rebroadcasting an HFGCS-originated EAM during the August 2025 SKYMASTER window. Audio courtesy of @P7P7P7P7P7P.
SKYMASTER window comparison. Month-by-month view of the documented windows.
Internet Archive snapshots, GitHub version history, archive.is captures, hfunderground.com forum posts.
HFGCS COMMUNICATIONS 230711 ※ GLOBAL STORM 23. NEET INTEL, YouTube.
HFGCS TIMECARD 230711. NEET INTEL, YouTube.
HFGCS TIMECARD 240623. NEET INTEL, YouTube.
210818-F-LK801-1047, Air Force Global Strike Command photo.
Global Lightning 05. The original, at nukestrat.com, has stopped resolving — a curious thing for a document to do after standing untouched for years, and going dead only once it turned up in the NEET INTEL GLOBAL STORM video. Make of that what you will, but in any case the file can still be found using archive.org.
Global Storm highlights interoperability of U.S. strategic deterrence. IPDefenseForum, 2021.
ODD EYE CIRCLE ‘Air Force One’ Official Dance Ver.. Official ARTMS, YouTube.
GAO-06-847. U.S. Government Accountability Office.
Joint Exercises, 11 September 2001 to Present. Joint Staff, FOIA case 17-F-1192.
Air Force Joint Officer Management Handbook. tmd.texas.gov.
U.S. STRATCOM Exercises, 2005–2006. nuclearinfo.org.
U.S. Senate hearing 116–56187. congress.gov.
Missile Defense Agency RDT&E, FY2026 budget justification. comptroller.war.gov.
HFGCS 274 MESSAGE 240111 05:15 UTC. NEET INTEL, YouTube.
J3NT Initial Training Plan. FOIA-released E-6B aircrew training material, FOIA case 15-055; via The Black Vault.
HFGCS STRATCOM CE WINDOW 231223. NEET INTEL, YouTube.
x.com/neetintel/status/1768039935603261872; the March 2024 4HA/1YG phone patch and the ‘Esteem Highly Alpha’ transmission.
Monitoring Times, September 1996 (Vol. 15, No. 9). Larry Van Horn’s ‘Utility World’ column reports Exercise Esteem Highly Alpha as a GHFS connectivity check for U.S. Navy assets assigned to the Commander, Submarine Atlantic Command. Via worldradiohistory.com.
Exercise ‘Esteem highly alpha’. cubanos.ru — archived recording and transcript of a 1992 U.S. Navy HF exercise exchange.
x.com/neetintel/status/1769387549519130930; a second, failed patch to the same number, with monitoring logs of this traffic going back to 2013. Transcription: hfunderground.com; recording: youtube.com.
The 75-as-51 mis-log was discussed publicly at x.com/neetintel/status/2051754076103421997; the 75 character structure heatmap referenced there is at neetintel.github.io/structure_heatmap_75char.html.