Slashdot Mirror

← Back to Stories (view on slashdot.org)

Code for Running GPS Satellites Stolen

Posted by michael on from the paging-james-bond dept.

twivel was one of many to send this in: "According to this article a hacker has obtained top secret space codes that could yield access to guiding ships, rockets and satellites. Why launch your own spy satellite when you can just borrow ours?" The funny thing is that the code was stolen only a couple of days after it was deployed.

9 of 193 comments (clear)

  1. They got the source code, so what? by glengeezer · · Score: 5
    An unidentified computer hacker has got hold of top secret U.S. computer system codes for guiding space ships, rockets and satellites, a lawyer in Sweden said Friday.

    So they got the source code for guiding the systems. If the system is properly engineered, it shouldn't matter if you know how to guide it, you still need access to the system. If the system is poorly engineered, I'm going to buy some pillows like that TV guy in Willabong Australia or wherever.

  2. GPS Signals by BarefootClown · · Score: 5

    Actually, you are talking about two different things. Selective Availability, the degredation of the general-use signal, was turned off last January. However, you seem to have confused SA with the different codes available.

    There are two (three, actually) codes transmitted by the GPS satellites. The C/A-code (coarse/acquisition) is the "general use" code, available to all, and (formerly) subject to SA. The P-code (precision code) is the "military" code; it requires special receivers, and you have to have a DoD license to get said receivers. The third code is the Y-code, and is used in conjunction with the P-code, and is not relevant for this discussion.

    There is no way to get to the P-code from the C/A-code; the P-code is approximately 1 millisecond in length (1,024 bits, transmitted at 1.023 MHz); the P-code is a week long, even transmitted at ten times the rate (10.23 MHz).

    The C/A- and P-codes are not "encrypted" in the classical sense of the word, they are just signal formats. (The P-code is encrypted to form the Y-code, but that's another matter.) SA does not perform any "encryption" on the C/A-code, it blurs the timing slightly between satellites, so your receiver doesn't know the precise length of time the signal took to arrive from the satellite. This causes the receiver to have a certain amount of ambiguity, and degrades the accuracy of the signal.

    For more information on the system, check out the Naval Observatory's site on GPS.

    --

    "Make it ten--I am only a poor corrupt official."
    --Captain Louis Renault (Claude Rains), Casablanca

  3. More reason to use open source by coupland · · Score: 5

    This provides even more support for the government moving to open source. If an open source model was adopted for this type of project then the system would have sufficient security that examination of the source ideally would not be an issue of national security. Who knows what backdoors the hacker has uncovered?


    ---
  4. Re:Overstepping Authority... by eddy · · Score: 5

    Since when are 'computer experts' policemen?

    Actually, it would be the other way around. Police men can be computer experts. However, what I've read in the local news is that police hired five computer consultants to help them in the raid

    Did they have a warrant?

    The police had one, yes.

    The mystery here is.. why the raid? Obviously they must have figured someone at the company being an accomplice in the crime, or they would simply had asked for access. Of course now they know they look stupid for raiding the place (which is not commonplace over here), and so they're doing damage control in the media by saying how pleased they were with the company being open and helpful during and after the raid.

    Apparantly the company, whose name I forgot, runs a webhotel-ish service, and the alleged criminal simply used them for free space. That got them raided.

    So yes, it's fishy. Local police probably relied heavily on information only coming from the FBI. Bleeech.

    --
    Belief is the currency of delusion.
  5. Eep. by Frogisis · · Score: 5
    "This is your captain speaking. We're having trouble with our ETA due to the fact O'Hare International keeps moving around..."

    --Later, friends--

    --

    --Later, friends--
    Frogisis, Master of

  6. Hmmmm.... by jd · · Score: 5

    Check Freshmeat II for any suspicious copies of Missile Commander. :)

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  7. Re:GPS Accuracy by HuskyDog · · Score: 5
    Now that the signal degradation is no longer being done, your commercial receiver is just as accurate as the military versions

    Rubbish! Civilian receivers are much more accurate now that SA is switched off, but they are still not as good as military receivers (at least not without the use of differential GPS). Civilian receivers only receive the C/A code broadcast on the L1 frequency (1575 MHz). Military receivers also receive the P & Y codes broadcast on the L2 frequency (1228 MHz). The Y code is encrypted and yes, the codes are changed regularly.

    There are several reasons why access to the L2 transmissions improved accuracy, but the most significant is probably ionopheric distortion. Essentialy, the signals from the satellited refract as they enter the atmosphere, thus they follow a path which is slightly longer than a straight line. The navigation codes attempt to allow for this, but the ionosphere is not static and civilian receivers only compensate for average conditions.

    Now, you will remember from your physics classes that different wavelengths (or frequencies) refract by different amounts (thus a prism generates a spectrum). By measuring the difference in arrival time of the L1 and L2 channels from the same satellite one can determine more accurately the state of the ionosphere between the receiver and the satellite. By using this knowledge when deriving the nav solution the received can further increase its accuracy.

  8. Re:Codes? by jovlinger · · Score: 5

    There seems to be a bit of confusion about this.

    I know GPS was encrypted with a perturbation signal, which if you could decrypt it allowed you to determine your position more precisely. Now that they've turned off those codes, that is no longer the case.

    There was one perturbation code for all the GPS satelites; the behavior shown during the gulf war (turning the encryption off rather than distributing secure receivers to troops) indicates that the satelites cannot be re-keyed.

    I imagine that many of the secret keys are hardcoded into the programs, thus mudding the line between the two. Is a program partially evaluated over a key secure or obscure or both?

    Hopefully there is significant redundant security in the system. You know that the NSA aint that stupid. They realise that obscurity != security, but they DO know that obscurity AND security is better than either of the alternatives alone.

    Hopefully the cipher codes remain secret, while the algorithms and protocols have been exposed.

  9. Codes? by coolgeek · · Score: 5

    The article clearly says "Source Code" not "access codes". All this means is the military (and Exigent) will getting their first lesson is Systems Security 101: Obscurity != Security.

    --

    cat /dev/null >sig