Slashdot Mirror
FBI Nabs Chicago Transit Authority Radio Hacker
Wh15per writes "The Chicago FBI Joint Terrorism Task Force arrested an individual for misusing Chicago Transit Authority radio systems. Marcel Carter, 20, is charged with violating a US code that forbids interference with transportation operators. A federal complaint alleges he began using a radio to transmit on CTA frequencies in June 2008, often interjecting comments during communications between the agency's control center and train operators. The CTA claims Carter's radio communications were never followed, and passengers were never in danger."
See, there is some good news occasionally.
Oh, and can we reserve use of the term "hacker" for someone with at least a modicum of technical skills? This guy isn't even a cracker. All he did was talk on a stolen radio.
This isn't exactly Pump Up the Volume, frankly. Interfering with transit operations is a pretty dumb and dangerous thing to do (though I might be a bit paranoid given that I'm a Boston resident). Glad they got the guy.
Merriwhether said her son knew why he was being arrested, but didn't know that what he was doing was against the law.
Translation: "Merriwhether said that her son was a *@#$%&# idiot."
During an initial court appearance Monday, Judge Morton Denlow set Carter's bond at $4,500 and put him under the supervision of his mother. He was instructed to not use any broadcasting devices.
Interesting. So he can't use wifi? I wonder what the judge's order actually said.
They're going to throw the book at him.... and he deserves it. Dumbass.
FTFA: "interfering with the operation of a mass transportation vehicle, a felony under the USA PATRIOT Act."
Yelling at a bus driver? Felony
Leaning in front of an oncoming train? Felony
Talking on the transit radio band? Felony
Putting pennies on train tracks? Felony
Somehow, my youth was filled with felonious behavior. Perhaps the Homeland needs securing from scamps like me.
So, who will get the worst punishment, this guy or the guy who modded consoles? Taking bets now!
In a previous life, I was an air traffic controller. For about a month, we had a moron that was transmitting on ATC frequencies, trying to give or override control instructions. Since he didn't have a good grasp of ATC phraseology, he was easy to ignore. But he did succeed in causing quite a bit of frequency interference: ATC still operates on AM, so there is no "capture" effect as with FM, where the strongest station overrides weaker stations. Simultaneous transmissions are garbled, so "Say again" becomes a very automatic response in those situations (hell, I still use that phrase today...old habits die hard).
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology. With ATC, it's a trivial matter of ordering a handheld on-line that is capable of transmitting on all ATC freqs. Agencies that continue to rely on antiquated systems deserve part of the blame.
The other day I fantasized about hacking into the automated recordings in the Atlanta airport's subway cars (yes, I still miss the old "HAL" voice--PLEASE MOVE TO THE CENTER OF THE VEHICLE AND AWAY FROM THE DOORS). Sure, I'd go to jail for it, but just imagine, preferrably punctuated with lots of "Heh heh heh"s:
"This train is approaching Concourse A. Concourse A, as in ass-munch."
"... Concourse B, as in butt-wipe."
"... Concourse C, as in crapweasel."
"... Concourse D, as in douchebag."
I've spent way too much time in that airport.
Wow did they ever get the guys who was giving false instructions? That seems like a big deal.
It wasn't HAL, it was a BSG TOS Cylon voice.
... but everybody did call it HAL.
A simple answer is that it isn't much of a problem (how many deadly incidents have there been in the last decade?) and there are thousands of radios.
Nerd rage is the funniest rage.
Up next, Man hacks face by growing a beard.
At least with airplanes, they rely on decades-old, non-encrypted technology because it works, because to upgrade would require every grass field landing strip to upgrade decades-old radios that still work just as well as they did a half century ago, every antique piper cub to get new radio systems, and require world-wide adherence to the new standard all because some doof can override the signal if they want.
If that's not a knee-jerk, I don't know what is.
As for the busses, if they have enough of a problem, they can upgrade on a city by city basis, but until it becomes enough of a nuisance, they won't.
This guy would also would have been wise to stand close to a station and transmit at .05mw, greatly lessening the chances of control hearing him. Also would have helped to learn the lingo before jumping the gun. It's a good thing that a skilled soul didn't possess the radio.
There's other talk about the ATC issue, but that's harder to solve. CTA should move to encrypted radios. You can't really use that as an option for ATC as train drivers are a limited pool, whereas ATC frequencies are used by anybody flying a plane.
Oh, and attempting to issue orders to trains that may result in lethal collisions deserves a felony. Chicago deserves only bad press, and hopefully a budget line item for better comms. Much nicer than seeing somebody setup for a decade for screwing with an X-Box.
Projects that cost a lot of money generally don't happen until there's an actual example of something going wrong due to lack of action. If one of the recent transportation mishaps could be definitely blamed on someone interfering with transmissions, Congress would push the money out in weeks.
Have you been touched by his noodly appendage?
Is there a reason planes couldn't be equipped with both systems during some type of "transition" phase? Is it just money, would it be too heavy for the planes?
For about a month, we had a moron that was transmitting on ATC frequencies
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology.
How would adding encryption to your transmissions fix the RF problem of a doofus transmitting on top of the valid transmissions? The cure for a DOS attack is not making the protocol more complicated thus even easier to overload.
Also, inevitably, what happens when the JFK airport IT department loses or screws up the key, and all communication is lost? Seems that AM is much more failsafe.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Well, partly because if you upgrade all aviation comms to encrypted radios, then every pilot would need to go out and upgrade their equipment to an encrypted unit. Which then means that encrypted radios need to become readily available for every pilot and/or A&P mechanic to purchase, which means every Tom, Dick, and Harry can walk into Ye Olde Pilot Shoppe and buy one, which means that said Tom, Dick, or Harry can then carry on with their mischief. You'd in essence be forcing everyone in the Aviation field who uses comms for anything to upgrade their gear and not improving anything as a result.
Now, with a closed-loop internal system like bus and train, I see your point. You have a fixed number of authorized users, and life is good. Mischief would be limited to a hacker who has the time and resources to monitor the frequencies long enough to break the encryption (which wouldn't be terribly long, since all the radios would have to use the same encryption keys, but at least the infantile idiots who buy a GPRS radio at WalMart and have trouble inserting the batteries properly would be excluded - so when someone DOES break in they'll celebrate their achievement by something more sophisticated than yelling "AFLAC" in a falsetto duck voice every ten seconds).
I don't know how much more encrypted radios are, but I'm assuming it's more of a budget issue than a technological one, and the very real possibility that the system can be broken anyway. Heck, I'd think using the cellular network would give them more secure communications with better voice quality and less need to maintain expensive radio towers. But that's point-to-point communications and not broadcast like a radio would be (which means a switch operator can't get on a radio and yell that anyone approaching switch XYZ had better stop right now or risk a crash, for example).
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Whew, for a second it sounded like a good plot for this Die Hard sequel I wanted to write. Oh wait...
A new secure, encrypted system (or at least one that implemented digital signatures for each transmitter) would probably wind up being smaller and lighter than many of the older radios installed on many planes.
The problem is:
Key/certificate infrastructure?
Transition period? Planes will need new antennas and potentially both systems installed simultaneously, unless the new system operates in the old frequency bands (may be too crowded for this)
In general, it's a massive organizational nightmare, and if the new system is in a different frequency band, there's the challenge of integrating it onto a massive pile of legacy aircraft platforms. Adding a new antenna to an aircraft is NOT necessarily an easy task. (Physically it is, but planning its location isn't always so easy.)
retrorocket.o not found, launch anyway?
Yeah, the guy was a dumbass. Yeah, his pranks could possible maybe caused some trouble. But 'Terrorism Task Force?'. Really? This is what we have 'Terrorism Task Forces' working on?
"You wouldn't want Farmer Jones to come back, would you?"
"No, no, we wouldn't want that. Napolean is always right."
- For the complete works of Shakespeare: cat
It came along with the train, 50 years ago.
Becasue the system works fine. When an asshole does screw with it ti gets headlines. That means it's a non common occurrence.
Plus, this guy had an official radio.
The Kruger Dunning explains most post on
I've heared sort of the same stories from my friends who operate in those fields. One doesn't have to have a rich fantasy to see how this kind of pranks can go horrible wrong.
-Talking out of turn...that's a paddling. Looking out the window...that's a paddling. Staring at my sandals...that's a paddling. Paddling the school canoe...ooh, you better believe that's a paddling
Jasper.
The Kruger Dunning explains most post on
Agencies that adopt the "latest and greatest" radio systems may be putting lives at risk.
Digital systems can have transmissions completely garbled or even dropped is the signal isn't just right. Plus, with the data compression, you lose some of the audio quality. With an analog system, the transmission might fade out or sound a little off, but you'll still hear the urgency in someone's cries for help.
Which would you rather have when you're a firefighter trapped in a basement after the floor you were standing on collapsed?
There are a number of good reasons why public agencies hesitate to upgrade. First, there are so many of them (agencies and radio systems) around. Yes, the systems are antiquated, and easy to listen or interject into, but given the many millions that are deployed out there, you will incur a huge cost for replacing the existing system. This is complicated by the fact that you often have to use a different frequency band altogether, which could require the use of new base stations, cabling, antennas, etc. If the frequencies are too far apart, you also have to replan your network to account for the gains from technology (channel planning, capacity considerations, network planning, other services you may want to add, etc.) and the losses from possibly moving to a higher frequency.
Second, you cannot compromise public safety during the transition period. This not only applies to the agency that is doing the upgrading, but also to all the others who rely on that agency to provide services. Finally, you have to contend with the chaos during the transition period, when you either have two, probably incompatible, systems in operation. There is also the problem of finding available spectrum and relocating existing users from that band you want to move into (This happened when cellular services were introduced in the US in early 90's and the existing terrestrial microwave links had to be relocated from the 2GHz band to the 6 GHz band).
Yes, many public systems live in the stone age, but it is not because they like living there. There are often very few paths available to modernize cleanly and efficiently without spending a lot of time and money and not risking public safety.
No, many planes are equipped with multiple radios (for backup or simply to be able to switch frequencies quickly) anyway.
The real issues are threefold:
1. Money: Encrypted radios cost, and there are a LOT of the old AM-band radios out there that would need to be replaced. Most planes have one, and most pilots carry at least one handheld for emergency backup and to get ATIS and just to monitor the frequency while they are preflighting to get an idea of what traffic is like, etc.
2. Range: With an AM, unencrypted radio, you can lose a surprising amount of signal and still make out what the person on the other end is saying. Once you encrypt the signal, your signal has to be pretty close to perfect or the decryption doesn't work. So you either just cost radios serious amounts of range, or you have to find a new frequency band where more information can be packed into the same frequency and you have more discrete frequencies to ensure a clear transmission free of interference.
3. Security: In order to use them, pilots will need to purchase them. So every pilot shop is going to need to offer these radios for easy sale. If pilots can buy them, so can other people, unless you want to get into a registration system as complex and useless as a gun ownership database. Then, of course, you can't really issue unique encryption keys to each radio because registering them is going to require a hellishly complex system. So you'll end up with something that is easily replicated and easily acquired, and therefore offers no real security.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
So the new system would transmit using the same AM technology, but after the controller/pilot releases the mic key, it would transmit an digital signature. If the signature wasn't correct, the receiver would light an alert light.
Anyway, I agree that the amount of damage that's been caused by pranksters doesn't justify the cost of a new system. Just make sure the FAA & FCC are on the ball when there is a prankster, and we'll be just as safe.
All ideas^H^H^H^H^Hprocesses in this post are Patent Pending. (as well as the process of patenting all postings)
You call it antiquated, I call it reliable.
You're confusing the attack with the symptom. The symptom is a DoS because the attacker is an idiot, but
1) A more savvy attacker could actually issue legitimate-sounding instructions that might get followed
2) The attacker probably wouldn't find it nearly as entertaining if he/she knew that nothing said was actually being heard by anyone. "Oh, look at me, I'm holding down a PTT key and maybe making it hard for someone else's transmissiont to get through!" As an amateur radio operator, or heard deliberate interferance on many occasions, and that's pretty much never what it sounds like.
So encryption may not solve every possible problem, but it would help with a lot of practical ones. That said, you certainly could focus on a protocol more resistant to jamming. A good start would be to go to digital, so you can do more with less bandwidth and have automatic error recovery - which points out that sometimes more complex is more resistant to DoS, because sometimes more complex systems are more efficient.
And this is the krux of the matter. It's not really the 20 year old moron's fault that he is able to so easily interject into their system, it's the creator of the system's (the subway's) fault for choosing to use an insecure system. Sure everyone can get mad and point fingers at this stupid kid, or lock him in jail, but that doesn't necessarily accomplish anything as related to the problem the kid pointed out with his actions.
I think they're taking this security-through-obscurity thing a little to far...
And "yelling at a bus driver"? Sorry. That probably doesn't count as interfering with the operation of a mass transit system, either.
Of course it does.
It distracts the driver.
He can't respond quickly enough to the kid taking his bike out into street - the car that ran the stop sign.
Someone dies.
At the very least, you've done your bit to make the mass transit experience singularly unpleasant for everyone.
That doesn't help boost ridership and revenues, it sure as heck doesn't make it any easier to recruit and retain drivers.
Wait, I thought you needed the CIP Device to do that?
I also just watched an interview on TV, http://abclocal.go.com/wls/story?section=news/local&id=6945913
The fact that he got out on such low bond means he probably got SOME kind of lawyer.
The fact that he did the above interview means either he or his attorney are missing a few cycles.
Also, it was said that he did this for a year...
How long is operator radio training?
How many here have had some kind of radio training?
How long did it take you to know the calls and codes?
I'm leaning on the side of stupid.
Point 3 is misleading. Yes, pilots could purchase them, and you might not want to go to the trouble of uniquely identifying every pilot, but that's not the same as pilots being able to transmit as a controller! It'd be possible to use public keys to identify known-good control towers, and only distribute keys to those towers after proper investigation, rescind keys if they get out into the wild, etc. Pilots need to know that the control tower really is a control tower -- it's not quite as important the other way around. As long as a light indicates "you're hearing the voice of a real, authorized controller", you can ignore messages when that light isn't on. For that matter, you could auto-exclude them. Like auto-muting advertising.
We've managed to encrypt and authenticate large chunks of the internet without assigning unique IDs to every internet user. We can do this too. Not that this is the only hurdle. Your other points stand. It's still a huge challenge.
You'd in essence be forcing everyone in the Aviation field who uses comms for anything to upgrade their gear and not improving anything as a result.
I smell another economic stimulus plan brewing... All it needs is a catchy phrase, like "Cash 4 Crashers"
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Who is about to get pwnt by the full weight of the post 9/11 hysteria.
Throw in a healthy dollop of "omg there have been numerous subway accidents recently" and he's screwed.
He was formally charged Monday with knowingly interfering with the operation of a mass transportation vehicle, a felony under the USA PATRIOT Act.
The FBI's Joint Terrorism Task Force has been investigating the case for more than a year...
...
If convicted, he faces up to 20 years in jail and a 200,000 fine.
One would have thought that this would be a case for the FCC and the Chicago Transit Police.
[Fuck Beta]
o0t!
A cryptographic system, properly done, would be able to deal with lost radios.
I realize this wouldn't be directly applicable, but I've run OpenVPN networks before. Each remote machine (laptop, etc), and each server, has its own keypair. Servers, at the very least, can run CRLs -- so if a laptop is stolen, I can revoke its key and deny access right there, without affecting other users.
Radio would suggest a different mechanism, but ultimately, disabling a single missing radio doesn't sound like a particularly difficult task.
Don't thank God, thank a doctor!
Well, just to play devil's advocate, I'd rather lose all aviation comms entirely than start relying on invalid information. I don't NEED a radio to fly. It just allows for far more efficient handling of traffic. If you managed somehow to knock out every radio in the country, there would be very few crashes (possibly even none) - pilots would receive visual instructions to either vacate the area for a while (or head to a reliever airport for landing) or continue in pattern, and of course no one would get takeoff clearance so the fact that planes are landing less frequently just means you have a couple of pretty hairy hours for pilots and controllers until enough planes land and get off the active runways. If it happened in IFR (instrument) it would get a little uglier, but there are pretty decent procedures to handle it fairly well.
On the other hand, adding invalid information to a channel could add real risk. So if I call an airport frequency at night for tarmac conditions and get a response that everything is fine (when in reality the tarmac is being plowed up by the Mayor of Chicago, but the runway lights are still on) I'm at more risk than if no one answered at all. I have a spot where I'm less likely to look for a hazard where one may actually exist.
I agree with you (for many other reasons I've stated in other posts) that an encrypted radio system is pretty useless for aviation from a security perspective. It's theoretically possible but basically practically impossible to truly secure aviation communications. And if it doesn't add security, it obviously doesn't justify increasing complexity.
But there are conditions under which no communication at all is better than possibly compromised communications. Trains may be a good example of this - a train operator can be told that if the radios go down they need to slow the trains way down so they can see hazards. The "DOS attack" introduces major inconvenience and delays, but no significant risk to passengers. The comms are providing efficiency, not safety. Whereas injecting real-sounding but false information ("Train 321, that blockage ahead of you has been cleared, you are free to resume speed") could present a real hazard - and a low-powered radio near the train you are targeting could easily be heard by the train conductor but NOT by a central controller.
So I could see where there may be some conditions where encrypted radios are useful. Aviation isn't one of them, but it's like protecting a network against a DOS attack - you can't lower security to prevent the DOS attack, and sometimes you accept an increased risk of DOS attacks as a cost of securing communications when they DO happen. In fact, a very rational response to a perceived "hack attack" on your network is to disconnect your network from the Internet for a while. A self-imposed DOS attack to prevent something more serious.
But, is it worth the money? What are the chances of a successful injection of invalid instructions? Are there cheaper methods available, such as "read back" (when you get instructions from the Tower, you read them back to the Tower along with your aircraft ID in your acknowledgment - this is to ensure that the correct pilot got the information correctly), that would be just as useful at basically no cost?
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology. With ATC, it's a trivial matter of ordering a handheld on-line that is capable of transmitting on all ATC freqs. Agencies that continue to rely on antiquated systems deserve part of the blame.
The reason aircraft communications rely on non-encrypted, AM radio is every aircraft in the world needs the ability to talk to every other aircraft and every tower in the world. The existing radio system is simple and works with radios installed in planes that have been in service for decades. It is the same with Marine radio, every craft in the world can talk with every other craft and Coast Guard station because the radio system is simple and open. Unless we stop allowing private pilots and captains, the equipment has to be available to everyone, so even if we did convince everyone in the world to switch to a new system, you would still be able to order a radio on-line that would work with the new system. Public transportation agencies, and private transportation companies, could switch to something more complex for internal use, and /\/\otorola would love it if they did, but it would be an expensive solution to a small problem. If they share infrastructure (like railroad tracks), they would also likely have to continue using and maintaining their existing equipment to communicate with other users of the infrastructure.
--Rich
Heh, i can imagine the news getting into an uproar after someone manages to corrupt the la guardia key and all pilots everywhere start ignoring the tower...
Hmm, I hadn't thought about one-way identification. That does raise an interesting possibility. I still think proper read-back would offer essentially the same assurance (since once a bonehead starts injecting invalid commands into a frequency, the real controller is going to start issuing corrections really quick, and pilots are trained in visual signals if the radio comms become unclear). But that does make positive identification of the tower a real possibility. IMHO not nearly worth the expense, but it's an excellent point.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
It's a good thing that a skilled soul didn't possess the radio.
That's because Skilled Souls, are almost never assholes.
At least the kind that would seek to cause a train crash...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I'm glad I don't have any mod points, because I couldn't decide between "Funny" and "Insightful". :)
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
To paraphrase Oliver Wendell Holmes, JR, "A lot of the damage done in the world is done by stupid people."
That's why the law holds everyone to the same "reasonable person" standard, and doesn't care that "the guy was just an ignorant fool who did something stupid."
Oh noes! So, what if someone with some REAL terrorist intentions got ahold of one of these radios, and actually did his research, and got on the ATC frequency and navigated a plane into something important like
Well, no.
Cell phones are encrypted radios, too, yet they are cheap and plentiful.
Cell phones have to be registered and assigned to an owner (it has to be, otherwise the cellphone company could not bill users), and in case of theft, it can be remotely disabled.
Well, even if we did switch to such a system, you could go online and buy a handheld that talks on the new digital spread spectrum encrypted system. The pilots need for backup radios wouldn't go away just because they are using a digital system.
Tony secured the CIP device for us already.
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology. With ATC, it's a trivial matter of ordering a handheld on-line that is capable of transmitting on all ATC freqs. Agencies that continue to rely on antiquated systems deserve part of the blame.
There are three major reasons: interoperability, reliability, and expense.
Different areas have different needs, and that inevitably means that not every system will work with every other system. For a closed system like a subway this may not matter so much but in most other cases it's very important. And it's very hard to anticipate who's "allowed" to speak to who. The common denominator is unencrypted analog.
Digital systems do not degrade gracefully. A partial or garbled radio transmission may at least be of some use. A weak burst of data that no one hears is of no use at all.
Radio systems are very expensive and tricky things to get right. Not only is there the cost of replacing all that perfectly good equipment, there's the cost of transmitters, repeaters, towers, and planning. Fire and police often listen in at home or in their personal vehicles, too, so you have to factor in that cost as well.
There's also one other reason that's often forgotten or deliberately obscured by the authorities, and that's public access and accountability. Railfans and aviation enthusiasts listen in on this stuff all the time, and there have been cases where their own personal records have been useful in determining the causes of accidents. Same goes for non-transportation radio transmissions from police, fire, and more mundane stuff like construction crews and snowplows (Where are the worst icing conditions? Are they anywhere near my road yet?)
It's useful stuff for people to be able to hear and there's no good reason for all of it to be kept secret just on the off-chance someone steals a radio.
Took them a whole year to find this clown. I'd like to think that our enforcement efforts were a little better than this.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
If convicted. A high cost for something he did on a Saturday in the park on the 4th of July...
Any insufficiently advanced magic is indistinguishable from technology.
You *DO* realize that's why aviation still uses AM, right? The FM capture effect, when it happens, happens spontaneously, and there's no way to know it's happening. If you "step on" someone on the FM band, it's possible to just continue on with a very wierd instruction. And given that a plane may be in-between you and the one you're talking to, someone may get a garbled transmission that gets dangerous. Unless you catch the fact that the voice changes, you'll never know.
On AM, you'll get the warble, which basically means the transmission gets stepped on and alerts everyone to the collision. (Sometimes, the ATC tower is just powerful enough that even stepped on, you can make out what's being said). But the FM capture effect is very dangerous since the "most powerful signal" can be the plane flying beside you.
If your idiot was standing near the runway, he could easily send a "cleared to takeoff" that's only heard by that pilot, while ATC is sending "cleared to land" to the plane in the air.
I find that I'm constantly saying "Say again". Between people on crappy cell phones, crappy cordless phones, in fringe areas, in noise rooms, or are just drifting off and forget to talk into the microphone, there's always some part of the conversation that I missed.
I think it annoys the crap out of the cold callers. They call, ask for [garbled name], and my answer is "Say again." Then they say "what", and it's a vicious circle. :)
If you wanted to call me, you'd better do it in English, and you'd better be clear and concise about what you want. I'm not going to spend 10 minutes on the phone with you to find out that I didn't need to be speaking with you in the first place.
Serious? Seriousness is well above my pay grade.
Why does everyone talk about encrypting the signals? It's more important to know who is talking than attempting to restrict the list of people who can hear or transmit. Therefore it would make sense to me to sign the transmissions. If there's noise, the signing fails, but you can still use other forms of trust to verify the transmitter. Without significant noise, you have a greater degree of trust -- and with that, people without trust can be ignored.
my blog
Actually, the piper flying in and out of a grass strip may not need radio at all. You don't "need" it until you're in controlled airspace. At least that was the rule a decade or so ago. It is polite to be able to call your approach on an uncontrolled airport, since it'll give the others a clue of what the heck you're attempting to do.
When I was flying out of a small airport with no tower, there were planes in and out all the time with no radio. We also had handhelds, either for instructors on the ground talking to student pilots in the air, or for taking rides in planes with no radio, or a broken radio. Not a big deal.
If they required an encrypted upgrade to every aircraft out there, it wouldn't change things. People would still need to be able to buy radios so they could communicate. It would seem to make sense to trunk the communications, but sometimes it's very useful for others to hear what you have to say.
"tower 1234 heavy experiencing heavy turbulence FL320 approx 100 miles west of you."
Ahhh, it may get bumpy. Fasten your seat belts.
Sure, that'll be broadcast back out by tower as a weather advisory, but sometimes it's nice to get it quick. :)
Serious? Seriousness is well above my pay grade.
I'm a borderline participant in the local digital fiasco^H^H^H^H^H changeover, so I can add some to this.
It is a very large budget issue. Standard LMR (land mobile radio) units run $100 to $600, depending on features. Digital (APCO Project 25, in the US) makes the radios START at $1000 each and go up from there. Every radio in the system must be upgraded for the system to work as a whole. Every radio in the system must be programmed correctly (and if you think that is as easy as it sounds, well, it isn't that hard, but our local "major brand" radio shop can't seem to do it right the first two or three times...).
But, there is also a big technical issue. Analog coverage is almost always better than digital. You can hear an analog signal further away or with less signal than a digital one. Analog degrades more gracefully. A weak analog signal can be understandable; a weak digital signal just isn't heard at all. You typically need more bases or repeaters for digital systems than for analog.
The "major brand" company came into our area and started talks designing a two-county 700MHz digital trunked radio system for all public service users. They wound up proposing a mixed 150MHz/700MHz trunked system using at least 36 repeater sites, just to get reasonable coverage where it was mandatory. (Compare this to a total of about 10 sites for current analog Sheriff's Office coverage for both counties.)
About five years ago, our Sheriff wrote a DHS grant to convert the entire county and city law enforcement communication system to digital. Radios were replaced, both mobile and handheld. Repeaters were upgraded. Then it was tested. It didn't work. Something wasn't programmed right. Years went by. A year ago, the Fine Candy Company issued a license for the same frequency to an SO a few hundred miles away. They started interfering with our main repeater. Aha! A great excuse to finally go digital. Nope, it still didn't work. Another round of reprogramming ALL the radios. While we're waiting for the final digital switchover, let's change the CTCSS access tone for the repeaters to DCS. That'll solve the problem, but it also required another round of programming everything. Nope. Interference still there. One more programming round. Finally, digital worked! Yay! The switches were flipped, dispatch went digital.
For three days. Then the county side of the operation went back to analog. The digital coverage sucked out in the county. The city was fine. But, of course, the radios were MISprogrammed so that digital users didn't hear the analog users . City users were stepping on county users because they couldn't hear them, and county users couldn't tell what was happening in the city because they were receiving only analog. After another two or three days, the city users went back to analog, too.
We're still analog. But we have really nice, new radios. (Our Emergency Services side of the operation used to use $200 Icom radios; we have now replaced them all with $1500 Bendix-King digital units. The Icoms were small and convenient, the BKs are BRICKS that nobody wants to carry.)
As for the previous comment about aviation radios being available to anyone who wants to buy one, guess what? So are LMR. Pony up the money and you, too, can have a P25 compliant LMR. (I have bought three of them from eBay so far.)
Right, and there are some parallels between cell and avcom that could be applied. I'm not saying we're inventing a whole new technology, only that it's an expensive proposition.
Cell phones aren't cheap, really, but they appear so because you pay for them as part of your cell plan, but point taken that they ARE cheaper than your average AvCom.
But the kind of a "cell phone" and network you'd need to support aviation would be very different from your average handset.
If you want individual registration and encryption, the tower system would have to handle secure multicast (pilots calling in to a conference line or something analogous?). That's a lot of channels if you want to secure the communication, as opposed to the current handful of channels.
Keep in mind that a very large number of airports in the US do not have a control tower. Pilots use UNICOM, which basically means a frequency is assigned to the airport and anyone in the vicinity who is equipped with a radio is encouraged to use it to talk to each other. So you're adding a centralized system to a lot of airports that don't have one, or pilots will have to have two radios if they want to use UNICOM airports.
Cells are also low-range, so you'd either need to put in a lot of towers in rural areas (or add more if you want to use the existing cell network), or go with a higher-powered radio (meaning more frequencies need to be available to reduce crosstalk). The current cell frequencies are pretty loaded up as it is.
Aviation uses AM radios because they have excellent range, decent fidelity, and are simple and reliable (and NOT dependent on a centralized system to work - if the Tower goes down for some reason pilots can still talk to each other). Also, they use a frequency that is really only good for voice (not enough bandwidth/clarity in AM for encrypted singlecast, much less multicast).
Readback (having each pilot acknowledge orders from the Tower) already ensures that Pilots and Controllers are actively confirming the validity of their mutual conversation. If you tried to introduce invalid instructions, they'd get caught quickly.
So, even if you went to the significant expense of building out a cell-like system, or had pilots use the existing system with all the government-sponsored expansion of the existing system that would mean.. you're putting a lot of money toward solving a problem that doesn't really need a technological solution.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
It's not even that strong a requirement. All that you really need is the same guarantee that a protocol like SILC gives you; letting you tell that the person claiming to be the tower today is the same one who was claiming to be the tower yesterday. Airlines can share public keys between their craft so all of them can identify the same set of towers. Private pilots can do the same, or distribute keys out-of-band. When someone starts talking nonsense, you can just block all transmissions from them and if they keep switching keys then block all transmissions from unknown keys until they shut up.
I am TheRaven on Soylent News
heh :) misread that as man hacks beard by growing face
What's funnier? That fact he got caught doing something stupid, or the fact he is twenty years old and released to the custody of his mother? :)
In the Amateur Radio Community we call them Jammer's.
Kinda makes sense, no?
73
Not to mention:
4. Aviation is often an international activity. So you would have to get all ICAO members to agree to use new encrypted radios. It's been enough of a hassle just changing the channel spacing from 100kHz to 50kHz to 25kHz and finally 8.33kHz in Europe while the USA wants to go with a VHF digital radio solution that packs 4 voice channels into 25kHz, that I don't see encrypted ATC radios happening any time soon.
un-ALTERED reproduction and dissimination of this IMPORTANT information is ENCOURAGED
Totally off topic but my mobile phone isn't registered. In fact, the majority of personal phones are not registered in the UK. We use pre-paid. Phones are sold off the shelf next to the DVDs.
When credit can be bought over the phone, online, at ATMs, newsagents, supermarkets... why bother with contracts?
This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
this really falls under the fcc responsibility..
Not so long ago, train drivers in my country communicated with their controller via similarly antiquated radio (as an alternative to the inconvenient and occasionally dangerous line-side telephones), and so did ships on our shores.
The trains are now rolling out a GSM-based system which gives them lots of useful features - e.g. you can do N:M mapping between endpoints and numbers, the driver dials a number for the signal they're stopped at, and the controller for that signal automatically gets the call. A controller can call any train he can see on his screen without needing to look anything up.
The boats get GMDSS's DSC, which means unique identifiers assigned permanently to each boat's radio, and a GPS hookup. Day-to-day this means calling other vessels that are similarly equipped is as easy as dialing a phone, but in an emergency it means the coastguard always knows which vessel is in trouble and where it's located. That means the right help can get to the right place quickly. If you're able to talk to the coastguard and explain the nature of the emergency that's great, but the main thing is that they know what to look for and where.
These systems aren't completely safe against spoofs, but they're much more resistant than the previous generation of systems. I don't think any idle prankster would break into them, only someone intent on causing harm, and therefore worth prosecuting.
Planes could get this sort of good stuff, and they should. Of course you can't go from nothing today to expecting bush pilots in Africa to have some fancy digital radio system installed next week, but GMDSS DSC has been a success despite the fact that many parts of the world don't mandate it and probably won't for years to come.
Hell, I have a Yaesu FT-5100 that is modified to operate out of band. I just use it to listen and even there its not the most sensitive receiver.
The kid that did this on the CTA is just someone who bought a radio. No technical skill at all.
rant warning: This a very clear illustration why no one should ever "mod" their Amateur mobile or HT to transmit out of band. If that modded rig gets out of your hands into some punk-ass kid, this is exactly what happens.
I don't think the problem with encrypted radios is an issue of "range" or coverage". Granted it's expensive to put up a few more repeaters but if I can do it by purchasing a bunch of Moto radios from a hamfester, it's not that big of a problem for the CTA. P25 is a fairly open codec and the equipment isn't that expensive. The bottom line is that the CTA failed to be proactive by choosing not to secure their land mobile communications.
Sure, perhaps if they just went out and purchased some generic, "off the shelf" product, it might be fairly easy for someone to break into, but it's really just a matter of how much you want to spend and how secure you really want it to be. For one thing, just because all the radios in the system use the same keys doesn't mean it would be trivially easy for someone to break. Unless by "break" you just mean getting your hands on a stolen radio unit. Even then, I would think that most encrypted communications systems are periodically updated with new keys. Depending on how frequently you update your keys, it might be the case that even if someone managed to steal one of the radios, a subsequent key update would render the stolen radio useless in a very short amount of time.
The way you paint it, yeah sure, they could try going with encrypted radios, but even then it wouldn't be long before someone hacked into that too. I can tell you from direct experience that that's simply not true. They can make it as secure as they want. It's just a matter of making security a priority, and coming up with the right system design. Truly secure communication systems can be designed and built, and frequently are. In a truly secure system, there are multiple layers of security, not just a single encryption layer. It's like peeling an onion. You incorporate everything from simple interleaving schemes, to user authentication, to data encryption (possibly multiple layers of it), to frequency hopping, to frequent key updates (along with good human security procedures to make sure the keys aren't leaked), etc, etc.
Sure, there's no such thing as foolproof, but you can make a system that is secure enough such that breaking it would require a coordinated effort by dozens of highly-skilled people. And you don't necessarily have to spend a billion dollars to get something reasonably secure. Having a bit of cash definitely helps, but the biggest hurdle isn't having enough money, it's having the will to do it.
Felonies are the spice of life. Things that go boom are cool.
Some felonies are just stupid though.
For example 30 years ago a moron from my childhood neighborhood got his first pair of bolt cutters.
Nothing with a lock was safe. You deliberately left things unlocked so as not to attract Kenny.
Then he found a railroad switch to a siding with a padlock on it. He derailed a few cars at the end of a freight into a river that night.
If it hadn't been backing up when it derailed he would have likely killed the engineer.
On top of that he couldn't shut up to save his life. We never saw him again.
John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
I went to work today and noticed an unusual number of cops at some CTA stops' exits and entrances... Thought it was weird, now I know why!
Is Capitalism Good for the Poor?
Im in chicago and the kid basically confessed on channel 7 news last night. He said he bought the radio from a guy in wisconsin and it was already programed to the cta channels. For what its worth, the kid looks like he has a mental disability and truly doesnt understand the severity of the charges against him. I feel bad for the kid, but boy he was doing some stupid shit.
What would be the point of encryption aviation frequencies?
The key would need to be provided to every aircraft and indevidual using the frequency, thus eliminating the whole purpose of an encryption key. This also would allow for desasterous concequenses if somebody who needed the key did not have it.
Analogue radio is a tried and proven communications medium it would be stupid to attempt to change it.
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
Just because it's encrypted doesn't mean you can't jam it.
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
As a pilot I would like to know what the purpose of replacing the AM radios would be. Yes you can encrypt communications but that seems to create more problems than it solves. Remember these radios are used by Aircraft and Airports all over the world, giving somebody the wrong key is going to render their radio usless. Will each airport use it's own encryption key? That's ALLOT of keys to be handed out.
I don't think I need to go any further into this since I'm sure you can see the problem.
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
Simultaneous transmissions are garbled, so "Say again" becomes a very automatic response in those situations (hell, I still use that phrase today...old habits die hard).
I have become permanently accustomed to saying "Say again" and "Unable..." Not from working ATC, but from a lengthy, heavy addiction to Xavius ATCC (ATC simulator).
Thank you, Edward Snowden.
"Arguments from authority are worthless." —Carl Sagan