Slashdot Mirror
FBI Nabs Chicago Transit Authority Radio Hacker
Wh15per writes "The Chicago FBI Joint Terrorism Task Force arrested an individual for misusing Chicago Transit Authority radio systems. Marcel Carter, 20, is charged with violating a US code that forbids interference with transportation operators. A federal complaint alleges he began using a radio to transmit on CTA frequencies in June 2008, often interjecting comments during communications between the agency's control center and train operators. The CTA claims Carter's radio communications were never followed, and passengers were never in danger."
See, there is some good news occasionally.
Oh, and can we reserve use of the term "hacker" for someone with at least a modicum of technical skills? This guy isn't even a cracker. All he did was talk on a stolen radio.
Merriwhether said her son knew why he was being arrested, but didn't know that what he was doing was against the law.
Translation: "Merriwhether said that her son was a *@#$%&# idiot."
During an initial court appearance Monday, Judge Morton Denlow set Carter's bond at $4,500 and put him under the supervision of his mother. He was instructed to not use any broadcasting devices.
Interesting. So he can't use wifi? I wonder what the judge's order actually said.
FTFA: "interfering with the operation of a mass transportation vehicle, a felony under the USA PATRIOT Act."
Yelling at a bus driver? Felony
Leaning in front of an oncoming train? Felony
Talking on the transit radio band? Felony
Putting pennies on train tracks? Felony
Somehow, my youth was filled with felonious behavior. Perhaps the Homeland needs securing from scamps like me.
So, who will get the worst punishment, this guy or the guy who modded consoles? Taking bets now!
In a previous life, I was an air traffic controller. For about a month, we had a moron that was transmitting on ATC frequencies, trying to give or override control instructions. Since he didn't have a good grasp of ATC phraseology, he was easy to ignore. But he did succeed in causing quite a bit of frequency interference: ATC still operates on AM, so there is no "capture" effect as with FM, where the strongest station overrides weaker stations. Simultaneous transmissions are garbled, so "Say again" becomes a very automatic response in those situations (hell, I still use that phrase today...old habits die hard).
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology. With ATC, it's a trivial matter of ordering a handheld on-line that is capable of transmitting on all ATC freqs. Agencies that continue to rely on antiquated systems deserve part of the blame.
The other day I fantasized about hacking into the automated recordings in the Atlanta airport's subway cars (yes, I still miss the old "HAL" voice--PLEASE MOVE TO THE CENTER OF THE VEHICLE AND AWAY FROM THE DOORS). Sure, I'd go to jail for it, but just imagine, preferrably punctuated with lots of "Heh heh heh"s:
"This train is approaching Concourse A. Concourse A, as in ass-munch."
"... Concourse B, as in butt-wipe."
"... Concourse C, as in crapweasel."
"... Concourse D, as in douchebag."
I've spent way too much time in that airport.
A simple answer is that it isn't much of a problem (how many deadly incidents have there been in the last decade?) and there are thousands of radios.
Nerd rage is the funniest rage.
Up next, Man hacks face by growing a beard.
At least with airplanes, they rely on decades-old, non-encrypted technology because it works, because to upgrade would require every grass field landing strip to upgrade decades-old radios that still work just as well as they did a half century ago, every antique piper cub to get new radio systems, and require world-wide adherence to the new standard all because some doof can override the signal if they want.
If that's not a knee-jerk, I don't know what is.
As for the busses, if they have enough of a problem, they can upgrade on a city by city basis, but until it becomes enough of a nuisance, they won't.
This guy would also would have been wise to stand close to a station and transmit at .05mw, greatly lessening the chances of control hearing him. Also would have helped to learn the lingo before jumping the gun. It's a good thing that a skilled soul didn't possess the radio.
There's other talk about the ATC issue, but that's harder to solve. CTA should move to encrypted radios. You can't really use that as an option for ATC as train drivers are a limited pool, whereas ATC frequencies are used by anybody flying a plane.
Oh, and attempting to issue orders to trains that may result in lethal collisions deserves a felony. Chicago deserves only bad press, and hopefully a budget line item for better comms. Much nicer than seeing somebody setup for a decade for screwing with an X-Box.
For about a month, we had a moron that was transmitting on ATC frequencies
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology.
How would adding encryption to your transmissions fix the RF problem of a doofus transmitting on top of the valid transmissions? The cure for a DOS attack is not making the protocol more complicated thus even easier to overload.
Also, inevitably, what happens when the JFK airport IT department loses or screws up the key, and all communication is lost? Seems that AM is much more failsafe.
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Well, partly because if you upgrade all aviation comms to encrypted radios, then every pilot would need to go out and upgrade their equipment to an encrypted unit. Which then means that encrypted radios need to become readily available for every pilot and/or A&P mechanic to purchase, which means every Tom, Dick, and Harry can walk into Ye Olde Pilot Shoppe and buy one, which means that said Tom, Dick, or Harry can then carry on with their mischief. You'd in essence be forcing everyone in the Aviation field who uses comms for anything to upgrade their gear and not improving anything as a result.
Now, with a closed-loop internal system like bus and train, I see your point. You have a fixed number of authorized users, and life is good. Mischief would be limited to a hacker who has the time and resources to monitor the frequencies long enough to break the encryption (which wouldn't be terribly long, since all the radios would have to use the same encryption keys, but at least the infantile idiots who buy a GPRS radio at WalMart and have trouble inserting the batteries properly would be excluded - so when someone DOES break in they'll celebrate their achievement by something more sophisticated than yelling "AFLAC" in a falsetto duck voice every ten seconds).
I don't know how much more encrypted radios are, but I'm assuming it's more of a budget issue than a technological one, and the very real possibility that the system can be broken anyway. Heck, I'd think using the cellular network would give them more secure communications with better voice quality and less need to maintain expensive radio towers. But that's point-to-point communications and not broadcast like a radio would be (which means a switch operator can't get on a radio and yell that anyone approaching switch XYZ had better stop right now or risk a crash, for example).
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
A new secure, encrypted system (or at least one that implemented digital signatures for each transmitter) would probably wind up being smaller and lighter than many of the older radios installed on many planes.
The problem is:
Key/certificate infrastructure?
Transition period? Planes will need new antennas and potentially both systems installed simultaneously, unless the new system operates in the old frequency bands (may be too crowded for this)
In general, it's a massive organizational nightmare, and if the new system is in a different frequency band, there's the challenge of integrating it onto a massive pile of legacy aircraft platforms. Adding a new antenna to an aircraft is NOT necessarily an easy task. (Physically it is, but planning its location isn't always so easy.)
retrorocket.o not found, launch anyway?
Becasue the system works fine. When an asshole does screw with it ti gets headlines. That means it's a non common occurrence.
Plus, this guy had an official radio.
The Kruger Dunning explains most post on
-Talking out of turn...that's a paddling. Looking out the window...that's a paddling. Staring at my sandals...that's a paddling. Paddling the school canoe...ooh, you better believe that's a paddling
Jasper.
The Kruger Dunning explains most post on
No, many planes are equipped with multiple radios (for backup or simply to be able to switch frequencies quickly) anyway.
The real issues are threefold:
1. Money: Encrypted radios cost, and there are a LOT of the old AM-band radios out there that would need to be replaced. Most planes have one, and most pilots carry at least one handheld for emergency backup and to get ATIS and just to monitor the frequency while they are preflighting to get an idea of what traffic is like, etc.
2. Range: With an AM, unencrypted radio, you can lose a surprising amount of signal and still make out what the person on the other end is saying. Once you encrypt the signal, your signal has to be pretty close to perfect or the decryption doesn't work. So you either just cost radios serious amounts of range, or you have to find a new frequency band where more information can be packed into the same frequency and you have more discrete frequencies to ensure a clear transmission free of interference.
3. Security: In order to use them, pilots will need to purchase them. So every pilot shop is going to need to offer these radios for easy sale. If pilots can buy them, so can other people, unless you want to get into a registration system as complex and useless as a gun ownership database. Then, of course, you can't really issue unique encryption keys to each radio because registering them is going to require a hellishly complex system. So you'll end up with something that is easily replicated and easily acquired, and therefore offers no real security.
"This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
Point 3 is misleading. Yes, pilots could purchase them, and you might not want to go to the trouble of uniquely identifying every pilot, but that's not the same as pilots being able to transmit as a controller! It'd be possible to use public keys to identify known-good control towers, and only distribute keys to those towers after proper investigation, rescind keys if they get out into the wild, etc. Pilots need to know that the control tower really is a control tower -- it's not quite as important the other way around. As long as a light indicates "you're hearing the voice of a real, authorized controller", you can ignore messages when that light isn't on. For that matter, you could auto-exclude them. Like auto-muting advertising.
We've managed to encrypt and authenticate large chunks of the internet without assigning unique IDs to every internet user. We can do this too. Not that this is the only hurdle. Your other points stand. It's still a huge challenge.
You'd in essence be forcing everyone in the Aviation field who uses comms for anything to upgrade their gear and not improving anything as a result.
I smell another economic stimulus plan brewing... All it needs is a catchy phrase, like "Cash 4 Crashers"
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Who is about to get pwnt by the full weight of the post 9/11 hysteria.
Throw in a healthy dollop of "omg there have been numerous subway accidents recently" and he's screwed.
He was formally charged Monday with knowingly interfering with the operation of a mass transportation vehicle, a felony under the USA PATRIOT Act.
The FBI's Joint Terrorism Task Force has been investigating the case for more than a year...
...
If convicted, he faces up to 20 years in jail and a 200,000 fine.
One would have thought that this would be a case for the FCC and the Chicago Transit Police.
[Fuck Beta]
o0t!
Of course it does.
It distracts the driver.
From what? The comment was simply "yelling at the bus driver", under the SUBJECT "Pranks...". If you are standing at the entrance of the bus yelling at him while he's waiting for you to pay so he can close the doors and move on, you aren't distracting him from anything -- his job at that moment is to watch you pay your fare, so he's already dealing WITH YOU. So no, simply "yelling at the bus driver" as a "prank" isn't a felony because it isn't interfering with the mass transport system.
Now, if you run up behind him while he's DRIVING DOWN THE STREET and start yelling at him out of the blue, yes, I suppose that's something that should be punished and is dangerous, which is why I wouldn't call it a PRANK.
Someone dies.
Yes, if you cause the death of someone, except under specific circumstances, it is a crime and you should go to jail. That's not "a prank". Simply yelling at a driver does not mean "someone dies".
At the very least, you've done your bit to make the mass transit experience singularly unpleasant for everyone.
And now you're trying to define "making something unpleasant" as a felonious interference with a mass transport system that endangers lives and property. Shit, most of the people riding on the bus make the experience unpleasant for the others. They smell, they spit, they yak yak yak, they play radios, they step on your toes as they walk by. They cough, they sneeze, they wheeze and gasp, they spill their drinks on you. If you want to claim that "make the experience unpleasant" is a felony, then there are a lot of people who need to be arrested.
That doesn't help boost ridership and revenues, it sure as heck doesn't make it any easier to recruit and retain drivers.
You really need to get a grip on the difference between "interference with a mass transport system" and "being obnoxious". Or don't, and continue to whine about how the Patriot Act ruins your life because it makes everything you do illegal, and look stupid when you tell people exactly what you're doing that you think is illegal. No, "yelling at a bus driver" isn't. "Putting pennies on a train track" isn't. "Interfering with mass transport communications and safety systems" is.
Well, no.
Cell phones are encrypted radios, too, yet they are cheap and plentiful.
Cell phones have to be registered and assigned to an owner (it has to be, otherwise the cellphone company could not bill users), and in case of theft, it can be remotely disabled.
My point here is that I do not see a reason why public transportation systems still rely on decades-old, non-encrypted technology. With ATC, it's a trivial matter of ordering a handheld on-line that is capable of transmitting on all ATC freqs. Agencies that continue to rely on antiquated systems deserve part of the blame.
There are three major reasons: interoperability, reliability, and expense.
Different areas have different needs, and that inevitably means that not every system will work with every other system. For a closed system like a subway this may not matter so much but in most other cases it's very important. And it's very hard to anticipate who's "allowed" to speak to who. The common denominator is unencrypted analog.
Digital systems do not degrade gracefully. A partial or garbled radio transmission may at least be of some use. A weak burst of data that no one hears is of no use at all.
Radio systems are very expensive and tricky things to get right. Not only is there the cost of replacing all that perfectly good equipment, there's the cost of transmitters, repeaters, towers, and planning. Fire and police often listen in at home or in their personal vehicles, too, so you have to factor in that cost as well.
There's also one other reason that's often forgotten or deliberately obscured by the authorities, and that's public access and accountability. Railfans and aviation enthusiasts listen in on this stuff all the time, and there have been cases where their own personal records have been useful in determining the causes of accidents. Same goes for non-transportation radio transmissions from police, fire, and more mundane stuff like construction crews and snowplows (Where are the worst icing conditions? Are they anywhere near my road yet?)
It's useful stuff for people to be able to hear and there's no good reason for all of it to be kept secret just on the off-chance someone steals a radio.
If convicted. A high cost for something he did on a Saturday in the park on the 4th of July...
Any insufficiently advanced magic is indistinguishable from technology.
You *DO* realize that's why aviation still uses AM, right? The FM capture effect, when it happens, happens spontaneously, and there's no way to know it's happening. If you "step on" someone on the FM band, it's possible to just continue on with a very wierd instruction. And given that a plane may be in-between you and the one you're talking to, someone may get a garbled transmission that gets dangerous. Unless you catch the fact that the voice changes, you'll never know.
On AM, you'll get the warble, which basically means the transmission gets stepped on and alerts everyone to the collision. (Sometimes, the ATC tower is just powerful enough that even stepped on, you can make out what's being said). But the FM capture effect is very dangerous since the "most powerful signal" can be the plane flying beside you.
If your idiot was standing near the runway, he could easily send a "cleared to takeoff" that's only heard by that pilot, while ATC is sending "cleared to land" to the plane in the air.