Emergency Alert System Insecure

glebe writes "The U.S. Emergency Alert System used to issue disaster warnings and other alerts over T.V. and radio is vulnerable to spoofing and denial-of-service attacks, SecurityFocus is reporting. Apparently, 'the EAS was built without basic authentication mechanisms, and is activated locally by unencrypted low-speed modem transmissions over public airwaves.' The FCC acknowledged the security issues yesterday in a public notice seeking comment on the future of the system."

Re:A good reason *not* to keep these things secret

[Digital+Avatar]

Not only that, but you can find the format for EAS messages on Wikipedia, along with an overview of SAME headers and messages.

EAS has never been a secret. Neither was EBS, nor CONELRAD. HAND.

It isn't as bad as it sounds.

[Kiryat+Malachi]

Yes, its based on low-speed modem transmissions over public airwaves. What wasn't mentioned is:

The low-speed transmissions are done by 'primary' stations, who have big transmitters. 'Secondary' stations choose primary stations to monitor, and retransmit the alerts the primary stations transmit.

The low-speed transmissions are done on their broadcast frequency.

So, you know what you need to exploit this? Locally, you need to know which local station(s) is/are primary, and a transmitter big enough to override the monitored signal, or a group of transmitters big enough to override the monitored signal at each of the monitoring antennas.

Nationally, you would need to do this for EVERY primary station.

It isn't perfect, but its actually pretty reasonable security. A far bigger threat would be someone who could inject a believable warning into the primary systems, and even there, I'm not so certain its really a worry (see: 1970s NORAD mistake that no one broadcast).