Slashdot Mirror

← Back to Stories (view on slashdot.org)

Emergency Alert System Insecure

Posted by ryuzaki0 on from the ahoooooga-ahooooooga dept.

glebe writes "The U.S. Emergency Alert System used to issue disaster warnings and other alerts over T.V. and radio is vulnerable to spoofing and denial-of-service attacks, SecurityFocus is reporting. Apparently, 'the EAS was built without basic authentication mechanisms, and is activated locally by unencrypted low-speed modem transmissions over public airwaves.' The FCC acknowledged the security issues yesterday in a public notice seeking comment on the future of the system."

19 of 210 comments (clear)

  1. Old news... by ktakki · · Score: 4, Informative

    Almost two years old, in fact:

    http://www.securityfocus.com/news/613

    I'm sure one could find even earlier discussions of this vulnerability.

    k.

    --
    "In spite of everything, I still believe that people are really good at heart." - Anne Frank
  2. Old news. by dj245 · · Score: 2, Informative

    It was reported two years ago. We'll probably hear about it in 2006 too, unless someone takes advantage of it.

    --
    Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
  3. not only unencrypted but a public spec by js7a · · Score: 4, Informative
    the EAS digital signal is the same signal that the National Weather Service (NWS) uses on the National Oceanic and Atmospheric Administration's Weather Radio (NWR).
    -- www.fcc.gov/cgb/consumerfacts/eas.html

    NWR Specific Area Message Encoding (SAME)

    Full spec (pdf)

  4. Re:That thing is for real ? by tabacco · · Score: 2, Informative

    I believe it's also used for more localized alerts like "Tornadoes are coming" and "Whoops, the chemical plant up the street just started leaking toxic gas."

  5. Re:That thing is for real ? by c0dedude · · Score: 2, Informative

    No. It was not activated. Check the 9/11 commission report. It isn't just for a nuclear attack by the soviets anymove. Check it out here.

    --
    Since when has this country used intellectual elite as a pejorative term?
  6. Re:Dear FCC by Egonis · · Score: 2, Informative

    Common knowledge in replacing a server is that you build a new one, and switch to it when ready -- thus, not interrupting a critical service.

  7. Emergency Broadcast System problems by Animats · · Score: 4, Informative
    The previous system, the Emergency Broadcast System, was based on two components - teletype messages to broadcast stations, and secondary broadcast stations monitoring "primary" broadcast stations for an alert tone.

    On February 21, 1971, an alert message announcing a nuclear war was sent over the teletype network by accident. Somebody at NORAD loaded the wrong paper tape. Almost no stations broadcast the message. One station in Florida actually did. After that, NORAD lost their authority to send emergency action messages on their own.

    The current system has more input sources than the old one did. There are weather alerts, and now even child abduction alerts. If there's ever a phony message, it will probably come from some "authorized" input source.

    A detailed history is here.

    1. Re:Emergency Broadcast System problems by RadioTV · · Score: 2, Informative

      This brings up a good point. At the two stations (one FM and one TV) that I support the only alert that get automatically inserted are tornado warnings for our county - incase the operators had to run for cover. Everything else is interpreted by a live operator and the appropriate information is included in our broadcast.

      --
      I have great faith in fools - self confidence my friends call it. - Edgar Allan Poe
  8. Re:A good reason *not* to keep these things secret by RadioTV · · Score: 3, Informative

    This system is not now and never was a secret. You can go to any TV or radio station and talk to any broadcast engineer, announcer, master control operator or station manager. They all can explain the basics of how the system works.

    --
    I have great faith in fools - self confidence my friends call it. - Edgar Allan Poe
  9. Re:A good reason *not* to keep these things secret by Digital+Avatar · · Score: 5, Informative

    Not only that, but you can find the format for EAS messages on Wikipedia, along with an overview of SAME headers and messages.

    EAS has never been a secret. Neither was EBS, nor CONELRAD. HAND.

  10. It isn't as bad as it sounds. by Kiryat+Malachi · · Score: 5, Informative

    Yes, its based on low-speed modem transmissions over public airwaves. What wasn't mentioned is:

    The low-speed transmissions are done by 'primary' stations, who have big transmitters. 'Secondary' stations choose primary stations to monitor, and retransmit the alerts the primary stations transmit.

    The low-speed transmissions are done on their broadcast frequency.

    So, you know what you need to exploit this? Locally, you need to know which local station(s) is/are primary, and a transmitter big enough to override the monitored signal, or a group of transmitters big enough to override the monitored signal at each of the monitoring antennas.

    Nationally, you would need to do this for EVERY primary station.

    It isn't perfect, but its actually pretty reasonable security. A far bigger threat would be someone who could inject a believable warning into the primary systems, and even there, I'm not so certain its really a worry (see: 1970s NORAD mistake that no one broadcast).

    --

    ---
    Mod me down, you fucking twits. Go ahead. I dare you.
    (I read with sigs off.)
    1. Re:It isn't as bad as it sounds. by SagSaw · · Score: 2, Informative

      So, you know what you need to exploit this? Locally, you need to know which local station(s) is/are primary, and a transmitter big enough to override the monitored signal, or a group of transmitters big enough to override the monitored signal at each of the monitoring antennas.

      It's quite a bit simpler than that. Let's assume I want to get a message out to a large (local) audience via EAS. In most areas, the cable TV system will broadcase EAS alerts on all channels (or at least sound an alert tone and advise viewers to switch to a particular channel, which then carries the alert message). This means that all I have to do is inject the message into the system of the local cable provider.

      "Over-riding" the signal of whatever station they monitor is not that difficult. All you have to do is be physically close to their receiver and have a reasonable amount of power. I imagine that, at most, 5W-50W is all that would be needed in most cases. 5W is easily provided by a hand-held radio and 50W or more can be found in off-the-shelf mobile transceivers.

      If you don't know what station the cable company monitors, or where the receiver is physically located, it might get a bit more difficult, but not much. In this case, simply try every station/location in order of likelyhood.

      All this assumes, of course, that the cable provider uses an automated system. If their system involves a real-live human reading the message prior to broadcase, your message would have to be believable enough to pass a cursory sanity check.

      --
      Come test your mettle in the world of Alter Aeon!
  11. Been following EAS/EBS for a while... by Etcetera · · Score: 4, Informative


    It truly was designed for a different era, but has its uses even today. Virtually all weather emergency bulletins are sent out via the EAS protocols today, which doesn't normally affect people in, say, Silicon Valley, but makes a big difference in Tornado Alley and in Florida right now.

    A few miles from here there was a fire at a chemical factory in La Mesa, CA... I was sitting there watching something on a high-cable channel when I hear a tone and see scrolling text at the top of the screen advising me to evacuate the area. Thank you EAS, and thank you Cox Cable.

    When San Diego had its Cedar Fire in 2003 (largest fire in the history of CA, which altered everyone here's life) the EAS was used by the NWS, FD, and PD to provide information on evacuation across all channels on the cable systems (not sure about the radio, they might have been covering that themselves).

    The California Office of Emergency Services has a Emerg. Digital Info Service that uses some of the same technology and protocols as well (includes the much-reknowned AMBER alerts).

    Don't think that this is some relic, this is used and tested on at least a weekly basis nationwide (SD Info).

    That being said, efforts to modernize and update things are great. I'd like to see some sort of emergency protocol for data packets, similar to the emergency phone service that allows infrastructure workers' phone calls to have priority in the midst of an emergency. There should be a EAS sitatuion website that is update out-of-bounds and is replicated (through some fancy AS routing) to servers all across the country, so it's always accessible. Think of a FEMA-run Akamai.

    The company I work for was even considering some way to allow people to have EDIS/EAS alerts pop up (via Messenger service or some other client) whenever they were released for the area they're in (won't work because of all the RFC1918 space they use :\).

    Emergency Alert Systems, and Civil Defense systems in general ARE still around, and ARE working within their original intent, but more public attention needs to be brought to them, so that all know about them. It's not so much security, but having more eyes on them will undoubtedly help suggest further improvements.

    And I agree with the earlier poster... ANYONE who hacks a system like this deserves the 20 years of time they'll get. That's just dumb. It's on a par with DOSing a 911 call center. Don't do it. You WILL cause loss of life and NO ONE will have any sympathy when you go to prison for a very, very long time. In fact, I'd love to help catch you.

    --
    Hire a Linux system administrator, systems engineer,
  12. Tell us something new? by t_allardyce · · Score: 3, Informative

    Nice to know terrorism is really being taken care of seriously, so between this, voting and letting anything onto a plane that the tabaco companies deem ok, what else isnt working? the next terrorism incident will strike terror into everyone not because of fire and death but because they will suddenly realise their worst fear - that the people incharge are all idiots!

    --
    This comment does not represent the views or opinions of the user.
  13. Yawn by uofitorn · · Score: 1, Informative

    Another article covered earlier in the day by The Register...

    --
    "What kind of music do pirates listen to?" -Paul Maud'dib
    "Yeeeaaarrrrr n' Bee!!" -Stilgar, Leader of Sietch Tabr
  14. Re:A good reason *not* to keep these things secret by jrockway · · Score: 2, Informative

    Here's security through obscurity:

    Frgw ocpw ap. a egmxugjt!

    You don't know what I said, but as soon as you figure out my algorithm you will. And you'll know what anyone else using that algorithm said. That's security through obscurity.

    On the other side of the coin, is SSH2 Key-based authentication. I can tell you exactly how that works, but that knowledge won't let you log into my computer. You need the key. That's real security.

    --
    My other car is first.
  15. Re:So... by w9wi · · Score: 2, Informative

    - The data rate and modem tones used are non-standard. (though public knowledge) One could build one's own encoder, but you won't do it easily with off-the-shelf parts.

    - Stations are only required to forward EAN ("we're about to be nuked"), EAT ("OK, I guess we *aren't* going to get nuked"), and RMT. (monthly test) Many stations don't relay any other alert. (then again, many do)

    - Stations are not required to automatically forward *anything*. They may hold even EAN/EAT/RMT for a few minutes, long enough to not relay if it's an obvious hoax. (then again, many stations *do* automatically forward everything)

    - The larger the station, the less likely it will forward an alert without reviewing it for validity.

    - Stations are required to monitor at least two sources of EAS data. To spoof a manned station, you'd need at least two transmitters.

  16. Re:Dear FCC by MasterSLATE · · Score: 3, Informative

    In regards to your mention of Sept. 11....

    As a NYC area citizen who was affected by that tragedy, I would like to point out that at no time during the day did the EAS even get used, at least in my view. I never saw it go off on any of the many channels we were flipping through.

    --

    [sig]www.masterslate.org[/sig]
  17. Re:Simple solution by Alioth · · Score: 2, Informative

    The whole point of public key cryptography is you DON'T need to have a shared secret. It doesn't matter who gets hold of the public key so long as everyone keeps their private keys secure. Broadcasting public keys is fine.

    --
    Oolite: Elite-like game. For Mac, Linux and Windows