Slashdot Mirror

← Back to Stories (view on slashdot.org)

$26 of Software Defeats American Military

Posted by CmdrTaco on from the cheap-at-twice-the-price dept.

reporter writes "A computer program that can be easily purchased for $25.95 off the Internet can read and store the data transmitted on an unsecured channel by an unmanned drone. Drones are crucial to American military operations, for these aerial vehicles enable Washington to conduct war with a reduced number of soldiers. '... the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under US surveillance.'"

2 of 534 comments (clear)

  1. Some real kneejerk reactions above by Kupfernigk · · Score: 5, Interesting
    Really this is a huge fuss over nothing, and some of the more wacko conspiracy theories about CIA honeypots and the like (above) are just as silly as the "shoot General Atomics" mob.

    Is there any real security risk in this? I suspect it is very small. The Russians never bothered to encrypt the telemetry on their ICBM tests, because after all even assuming someone was reading it, they had no way of stopping the thing. Even if you know where the drone is, it is going to be very hard to shoot down; RPGs and IEDs really aren't much use. And given that this is a video feed, how do you ray trace back to the actual position of the camera?

    Unfortunately there are plenty of assholes out there who will exaggerate anything in order to claim that they are more security conscious than the next person (and perhaps hope to get a contract for their company). But this is surely small war, no-one dead, move along please.

    --
    From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
  2. Re:but what are the hardware costs? by Anonymous Coward · · Score: 5, Interesting

    Simple explanation here.

    Back in the early days of this design, someone designated drone-originated video as unclassified. Otherwise there's no way in hell it would be unencrypted.

    This isn't an oversight - there's guaranteed a loooong paper trail going back to a conscious decision regarding the classification level of the drone video here, and following conscious decisions regarding the design.

    If you use encryption in a military system that is not NSA Type 1 approved, there's a LOT of paperwork required to prove that your encryption is not being used to protect classified information.

    Type 1 approved crypto is a royal pain in the ass. - http://en.wikipedia.org/wiki/Type_1_encryption

    It often proves significantly easier in terms of cost and paperwork to not encrypt than to prove that your encryption isn't being used to protect classified information. Security guys ask, "If it's unclassified, why are you encrypting it?", with "It's good design practice." resulting in massive beancounter agro.