Slashdot Mirror
$26 of Software Defeats American Military
reporter writes "A computer program that can be easily purchased for $25.95 off the Internet can read and store the data transmitted on an unsecured channel by an unmanned drone. Drones are crucial to American military operations, for these aerial vehicles enable Washington to conduct war with a reduced number of soldiers. '... the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under US surveillance.'"
...you observe uav
Well, demodulating an unencrypted digital signal is not news.
I am more interested in what kind of RF equipment one would need to capture it off the air. ;)
It's not like you can do this with your WiFi card.
Don't tell the DoD. They've been paying $7,000 per license for that software.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
We need an OSS option stat. Nobody should have to give up their software freedom just to make a mockery of America's finest tech toys.
The only question is, would this make more sense as an added option in wireshark, or GNU Radio?
Counting the cheapest part of the machine is silly.
Software is often free. $26 is a lot for software. The radio reception, etc. and knowing where to aim are all much more expensive and require skill.
excitingthingstodo.blogspot.com
Defeating them would be gaining control of the drones (a really scary proposition)
This seems to be an information leak.. something that ought to be fixable by using some sort of encryption.
Or even by making slight changes to the stream format, since SkyGrabber seems to just be off-the-shelf software.
So they recorded unencrypted OTA video feeds? While yes, they probably should have been encrypted in the first place and . . .
The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.
Yea that's kinda bad and lazy of them,
Senior military and intelligence officials said the U.S. was working to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but said it wasn't yet clear if the problem had been completely resolved.
they're fixing it.
Your hair look like poop, Bob! - Wanker.
Perhaps the US can put an IP copyright on the data then sue anyone who looks at it without a licesnce! More money!
-- if you mod me down, I will become more powerful than you can possibly imagine
I doubt a "terrorist" is the kind of person who would actually spend money on software. I know perfectly reasonable teenagers who access software for free all the time on this thing called the internet.
Clovis
^ Clovis, look! It's that guy you are!
Perhaps the smart play would be to quietly encrypt actual data, while continuing to broadcast placebo or manipulated data in the clear.
why didn't the DoD just start passing a fake feed from the drone? They could have added another encrypted channel for the real feed, which I would assume is trivial given the military's budget. Then pass fake data over the unencrypted channel. Sometimes disinformation to the enemy is far more valuable than real intelligence. I can see a bunch of jihadis sitting around watching a tv screen. "Look at those infidels. They are going to blow up the wrong building! Our secret base is 100 kilometers away! Say, does anyone else hear that noi..." [BOOM]
-Arthur
Cave ne ante ullas catapultas ambules
"U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds. In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds." The Germans did not think the Poles could break their codes. The Japanese did not think the US and the Australians would break their codes. The British did not think Argentina would finish assembling the Exocets on their own without the French manuals or use them in a way differently than designed. The Afghan and Iraqi insurgents have the money and the brains to break into Western weapon systems, don't underestimate them (or the probable help from Iran, Syria, Korea, etc...) The prospect of getting killed is a powerful motivator.
Not all religious zealots with huge bushy beards who fight in jihads and live in caves and don't use commercial software are terrorists.
The US is known for in the clear intel gathering. They only encrypt the stuff they are interested in after sorting, that way they can sort a lot of info, very fast. If the US had to fill the sky with crypto computers on sats the flow would slow. Best just to push raw packets to a safe area.
The software CIA honeypot is Microsoft and people who use it networked.
Just as Enigma was and crypto ag was.
Skygrabber is a powerful filter system for a satellite dish. Passive and not networked.
Mb some version of Rivet Joint can spot the satellite dishes?
Domestic spying is now "Benign Information Gathering"
From what I could make out, it's just the video stream transmitted by the drone that's unencrypted, not communications that control the drone. The obvious reason this might be done is to save on the computational requirements onboard the drone by not making it encrypt the presumably immense data stream of the video. Decrypting the rest of the communication the drone receives is probably an order of magnitude less processing load, or even two.
If received and understood by the enemy in a timely manner, very useful information. But if it is just the image unencrypted and not GPS coordinates, etc, the enemy would have to have enough people watching the feeds to recognize the terrain that was being photographed... it's easy to see why this might not be considered likely and lead to the poor judgement to leave it unencrypted when the drones were designed, many years ago with less powerful processors available.
It should've been encrypted, for sure. Agreed.
However, it does need to be encryption that works over a noisy channel, with possible gaps in the datastream. Your typical block-cipher using chaining thus doesn't qualify. (If you wonder why, try encrypting a one-megabyte file, then change a few characters randomly in the first half of the file, then decrypt it)
It's still not a hard problem mind you, just slightly more so than "grab AES, set it to CBC-mode"
Is there any real security risk in this? I suspect it is very small. The Russians never bothered to encrypt the telemetry on their ICBM tests, because after all even assuming someone was reading it, they had no way of stopping the thing. Even if you know where the drone is, it is going to be very hard to shoot down; RPGs and IEDs really aren't much use. And given that this is a video feed, how do you ray trace back to the actual position of the camera?
Unfortunately there are plenty of assholes out there who will exaggerate anything in order to claim that they are more security conscious than the next person (and perhaps hope to get a contract for their company). But this is surely small war, no-one dead, move along please.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
furthermore, there's nothing to say they still can't do that, or aren't actually doing that already. in fact, a big story in the international press about how dumb the military is on these video feeds is a good cover. one can hope, anyways, that the military is smarter than depicted in this story
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Sensationalist... i would expect this from a tabloid.
Title should have been: Unencrypted data broadcasted everywhere ... can be received by anyone!
The leap from that to "$26 of Software Defeats American Military" is quite a big leap in my opinion.
Sigs are for the weak.
From TFA:
The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones. Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes.
As an engineer in the defense industry and with experience integrating communication systems, I can't even think of one military data radio system in use that doesn't have encryption ability. Even if they are using off-the-shelf wifi (doubtful) they wouldn't need to change hardware to at least have some encryption. Either this quote is a lie, or someone did something monumentally stupid.
Dewey, you fool! Your decimal system has played right into my hands!
"Hey I can see my house from here! Oh Wai..."
Damn straight. There's Free Software that can do it!
I am TheRaven on Soylent News
Not to be harsh about it, but think back to high school and college and ask yourself if you would describe the people who were planning military careers as the "best and brightest" of your class.
Ahh, you are thinking of the one or two guys who were all gung ho but not especially bright and had delusions about being a badass commando. Yeah, my school had some too. See the thing is though that those guys aren't the guys running the military. The guys you are thinking of end up as infantry grunts or something similar and exit the service after a few years. I have a cousin who is one of those guys. Smart but classic ADHD and socially stunted and not someone I'd trust right now to be in charge of anything. But he served two tours in Iraq and now he's in college so I have hope for him.
The guys in the officer corps (commissioned and higher level NCO) are almost invariably bright and hard working and most of them that I've ever met didn't talk much about their interest in the military. I have a classmate who is a major in the US Navy who never gave the slightest hint he was interested in a military career. He was quiet, very smart, and I would have guessed he'd be an engineer but instead he's become a heck of a good officer. I have a number of friends who were graduates of West Point and Annapolis and I've been impressed as hell by each one of them. Smart, incredibly disciplined, and I'd hire any one of them in a heartbeat.
The US military is an incredibly complicated and large organization with huge budgets, difficult goals, and a huge workforce. If you think managing all that is easy and doesn't require tremendous skill, you are delusional. Sure they make mistakes just like any other large organization but their mission is also more complicated than most and if they fail, people die.
No more words needed.
$26 software defeats American military? OMG, we've been beaten?
Oh, wait... you're just saying that insurgents have a tactical advantage in some missions because they've exploited a security vulnerability using $26 software. So maybe $26 software used as weapon aganist US military?
Ah... but the military discovered the problem in the field, and is working to plug the security hole. $26 software annoys American military temporarily.
...never works. This has been known for nearly two decades (TFA): "The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said."
Why not use the Drones as a way to help folks? Afghanistan does not need an Aggressor Sniper Team for every flat tire problem. How about applications like Snow Fall Levels? Lake Levels? Traffic? Crop Pests? River and Lake Levels? Civil Engineering Project Completions? Sometimes just walking up to the person and saying, "Would you please stop flipping off the Reapers as they fly by. To Americans it means 'I going to empty my bladder'."
Obviously they don't think it's a big issue. And they're right. What's the worst case scenario here?
Last words overheard from an Al Qaeda satellite-intercept house: "Hey, look, I'm on TV!"
And of course these drones have been operating for years, and have to withstand conditions well beyond what any off the shelf parts are rated for. Doing good crypto in a small package wasn't quite as easy twenty years ago when these were in development.
...
You are a dangerous fool. Never use a one-time pad more than once, even for "light" security. Doing that turns the whole thing into a Vigenère cipher and destroys all security. You might as well just XOR each byte of the message with 0x42.
Private companies were much better, until they started outsourcing to India. It's amazing how economy can work for you and against you at the same time isn't it?
Where is the "Ignorant" mod tag?
I agree. I expect better from Slashdot, but they seemed to have turned their headline writing over to the DrudeReport.
What they don't say is that this report going back to January of this year, and that the military has been working on fixing the problem since then. They "hackers" can only pick up the video signal, not other info, and could not control the drones, which is what is implied from the headline.
I do think it is embarrassing and kind of hard to imagine that you couldn't see this coming, especially with North Korea regularly developing and selling anti-US technologies. This should have been in the design, or at least identified as a risk.
1) Spread rumors that cheap software can defeat Predator drones.
2) Offer software for sale on the internet.
3) Include tracking device with every copy of software sold.
4) Trace every shipment to it's destination.
5) Send Predator drone to attack destination.
Yep, sounds like a winning plan to me!
I've abandoned my search for truth; now I'm just looking for some useful delusions.
A Vigenère cipher generates ciphertext C(N) by passing plaintext symbol P(N) through the function E(P(N), K[N mod len(K)]), where N is the symbol number of the input, K is the key, K[Q] is the Qth symbol in K, and E is a function such that E(A,B) -> A', and E(A',B) -> A. Decryption simply applies the same function to the ciphertext, yielding the original plaintext.
This description clearly applies to XOR with a random pad. What makes a one-time pad secure is that the key is always longer than the input, so attacks that depend on correlation don't work. Conversely, Vigenère is insecure because the key repeats. Used with a random "key" as long as the message, Vigenère is equivalent to XOR, and is provably and perfectly secure.
Well, bear in mind that it's probably sending the video signal compressed in the first place, and compression is just as prone to catastrophic errors as encryption is. It's encoded either way. As others in this thread have mentioned, you just do some error correction and carry on. Encapsulate the encrypted payload with some kind of error handling stream.
that's quite worrisome. I really hope that they only receive encrypted data or, at the very, very least, need some sort of secure authentication that can't be easily falsified. If you could transmit to the drones with $30 software and have them listen, I would be absolutely terrified.
So if this is the future...where's my jet pack?
The Germans had great confidence in ENIGMA as well. But, the Allies could read it and it made us look stupid. Granted, cracking some of the current Allied codes would require a fundamental breakthrough in computing - like a proof that P=NP and the utility to solve these problems, but...
What if the Chinese had it?
We would be screwed.
This is my sig.
Warning:
Comment in first link warns not to trust uploader. Possible nasty shit instead of actual App.
And, no, I am not going to find out...The last thing I want is the feds kicking in my door. Keeping the article in mind, I suspect the Government will be closely watching these torrents now (if they haven't already been doing so. Wouldn't surprise me if the whole story is a government plant to smoke out tourists...erm, terrorists).
I apologize for the self-response, but felt it was warranted.
Telling me the key length is a big hint. But 5,632 bytes is only about 11 repetitions of your key. That means I have 512 separate Caesar ciphers to crack, with a ciphertext of 10 or 11 characters each. Even Sherlock Holmes needed more than that to solve the puzzle of the Dancing Men.
Feel free to carry on using your not-so-one-time pad, though. The larger the data set relative to the key, the easier it gets. Once you give the attacker enough data to make frequency analysis possible on the 512 separate Caesar ciphers, then your Vigenere cipher is gone.
Real Daleks don't climb stairs - they level the building.