Emergency Alert System Insecure

glebe writes "The U.S. Emergency Alert System used to issue disaster warnings and other alerts over T.V. and radio is vulnerable to spoofing and denial-of-service attacks, SecurityFocus is reporting. Apparently, 'the EAS was built without basic authentication mechanisms, and is activated locally by unencrypted low-speed modem transmissions over public airwaves.' The FCC acknowledged the security issues yesterday in a public notice seeking comment on the future of the system."

A good reason *not* to keep these things secret

[Flexagon]

This is yet another example why keeping infrastructure details secret is a bad idea. It's security through obscurity in the real world, and removes any incentive to actually fix these things. Now that there is a public report about it, there's at least a chance that pressure can be brought to bear, and get it fixed.

That thing is for real ?

[Ralconte]

During the 9-11 attacks, did that beep come on the TV and radio? Some commedians have joked that it didn't so I don't know. I got my news from the web -- bbc.co.uk was fairly, and the local radio announcers gave the info as they saw it. Did the gov't even try to use the Emergency Alert System? Seriously, I thought the alert was just for a nuclear attack by the USSR, never ment to be anything more than that -- a useless anachronism since the 1970's. Sounds like another group of buearucrats who want some of the Patriot Act resources to pad a sagging budget.

In search of the perfect dam

[syrinje]

First of all, a small clarification - I agree that critical, life-saving infrastructure must be secure. That unauthorized access to these systems must be prevented. That public confidence in the sources of information is key to saving lives in the event of a disaster - and hence must be guaranteed to be genuine. A 100% of the time.

That said - don't y'all sprain yer hamstrings to jump up and point fingers at the "government" or twist this into an open-source vs. closed source issue.

Every system is designed in relation to its operating environment. The EBS was originally designed for a far more benign environment than exists today. I bet the primary goal of the designers was to come up with a system that was simple and effective and would work even if large parts of the power grid and the telephone network collapsed. It is inconceivable that they did not ask themselves if they needed bullet-proof authentication mechanisms - it is equally probable that they discarded that requirement as being potentially failure-prone. Given the fairly benign security environment that they designed for, and given the technology available and the overarching goal of simplicity - they cam up with what is really quite functional.

And then the world changed (surprise, surprise). the environment that surrounded the EMS changed, rapidly and unpredictably. Where previously it was safe to assume that natural disasters would bring people in the community together to work in co-operation to face the threat, we now wonder which sleeper cells activate in these situations. The comfortable security blanket of yore that RipVanVinkle aka RVV dozed is suddenly yanked off - exposing us to the elements.

Its like waking up one day in the shadow of a dam and suddenly seeing a thousand leaks in it. The small leaks have always been there - all dams leak and sweat a little. But now we know that there are people out there that seek to widen the cracks and stuff them with C4 and stick some fulminate in them (amazing how much chemistry you can pick up from the newspapers isnt it?). So RVV franctically tries to seal the leaks in the dam. Paranoia? Perhaps.

The real tragedy is that the time that should be spent tending to his crops, playing with his children, making hot, sweaty love to his wife and dreaming big dreams in his afternoon nap is now spent in searching and classifying and closing the leaks in the dam.

Will RipVanVinkle make his dam perfect? Can any dam be made perfectly leak free? Go figure.