Slashdot Mirror

← Back to Stories (view on slashdot.org)

Most US Drones Still Beam Video Unencrypted

Posted by timothy on from the hey-it-beats-satellite-piracy dept.

An anonymous reader writes "Four years after discovering that militants were tapping into drone video feeds, the U.S. military still hasn't secured the transmissions of more than half of its fleet of Predator and Reaper drones, Danger Room has learned. The majority of the aircraft still broadcast their classified video streams 'in the clear' — without encryption. With a minimal amount of equipment and know-how, militants can see what America's drones see."

23 of 138 comments (clear)

  1. Link is spam by Anonymous Coward · · Score: 5, Informative

    The real Wired article is here.
    http://www.wired.com/dangerroom/2012/10/hack-proof-drone/

    1. Re:Link is spam by YrWrstNtmr · · Score: 2

      Wireds 'Dangerroom' isn't any better than Coinurl.com. Same scaremongering.

      Yes, the feed is apparently unencrypted. But OMGWEREALLGONNADIE is the standard modus operandi of Dangerroom.

  2. Spaceballs: When will then be now? Soon. by retroworks · · Score: 4, Funny

    I can picture the Taliban watching the back of their heads on a screen, like in the Mel Brooks film. "Prepare to fast forward!" http://tinyurl.com/cqbwm5y

    --
    Gently reply
  3. Re:Editor Fail by Anonymous Coward · · Score: 2, Informative

    Direct link to the article http://www.wired.com/dangerroom/2012/10/hack-proof-drone/

  4. Achmed, check this out, we're on TV! by Freddybear · · Score: 5, Funny

    Wait, are those cross-hairs? Oh shit...

    1. Re:Achmed, check this out, we're on TV! by Anonymous Coward · · Score: 2, Informative
      As someone who trains on ISR feeds in Afghanistan, I can tell you that's not how it plays out. If they can't put eyes on target, and confirm 100% there's no collateral, there's no shot. It's written into the Rules of Engagement, and I've watched countless times where a bad guy runs into a house and we waive off the ISR.

      Back to the article, a bad guy sitting there with an antennae, trying to grab ISR RF is going to have a very short life span.

  5. Re:Spaceballs: When will then be now? Soon. by GoodNewsJimDotCom · · Score: 2

    If the drones aren't encrypted, can't they be jammed?

    --
    God spoke to me
  6. Re:Editor Fail by theshowmecanuck · · Score: 2

    This was the first story I down voted on the recent submissions page when I looked in there today. It really wasn't that hard to click on the link and see the spam site and that this was spam. I even chose the binspam option on the down vote. Whoever is the editor today is slacking. I know I'm not the only voting on those but you'd think anything with a vote of binspam should get an automatic closer look. The second story I down voted was the Glenn Beck trash story. At least for that one I had to highlight the "theblaze" site name and right click on search google to get to the wikipedia link (third or fourth site down the google search) to see that it was bullshit.

    Is this lameness the result of the new ownership? Or is it because it's Friday night and they're network gaming and only spending a few minutes here and there posting stories so they look like they're working?

    --
    -- I ignore anonymous replies to my comments and postings.
  7. Re:Any technical details? by Pinhedd · · Score: 4, Insightful

    Encryption, real time, and noisy signals don't mix well. This isn't a youtube video in which the client can request that the server resend a packet that contained an error. Unencrypted video streams are fairly error tolerant as an error will only manifest itself as a slight artifact for a few short frames. Strong encryption schemes are not error tolerant, a non-correctable error would result in one or more blocks of data being entirely unusable.

    A stream cipher could be used instead of a block cipher but a stream cipher presents added difficulties in that not only would the bitwise/bytewise encrypted transmission (as opposed to blockwise) have to be tracked, but it would have to be tracked in sync with a key. If the key repeats, it can be determined with a little bit of work in the same fashion that an RC4 key can be determined to break into WEP protected networks.

  8. True Story by Anonymous Coward · · Score: 3, Informative

    I was deployed in Afghanistan in 2010, had a bunch of prototype "advanced" receiver equipment that I was volentold to test. When I asked how I'm supposed to load keys into the decoder, "Oh you don't need that" Confused, I looked in the unit to see the keyfiles empty. Somehow the unit still worked. After playing with the equipment, even in-theater, our drones were broadcasting completely in the clear on UHF. Whenever there was one overhead, I could simply fire up this heavy POS attached to my kit, and watch us on the ground walk around, (Or whatever female medic on one of the local FOBs the UAV operator was stalking)

    Actually most of the time, the UAV was watching the chicks on the big FOB.. Yeah.

  9. Re:Editor Fail by SomePgmr · · Score: 2

    I've been saying for a while that there should be something like version control on the summaries. Maybe just show a "diff" link underneath and last edited hh:mm.

  10. Re:Soooo maybe that is anticipated by Z00L00K · · Score: 3, Interesting

    Then there is the point that if the hunted knows that he's discovered then it may be enough for them to call off an attack. So unencrypted may actually serve a purpose.

    And when you run encryption there's always one more factor that can go wrong. No picture at all is completely useless.

    --
    If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  11. Breach of Privacy! by krashnburn200 · · Score: 3, Insightful

    Almost as bad as if they had revealed the number of Americans they spied on.

    1. Re:Breach of Privacy! by scarboni888 · · Score: 3, Insightful

      We've always been at war with Eurasia.

      Freedom is slavery.

      Weakness is strength.

  12. You misunderstand by backslashdot · · Score: 5, Insightful

    You misunderstand. Pinhedd is saying that with an unencrypted signal .. unlike a digital encrypted signal .. if the signal is weak and lossy you can still see usable information.. it may have image noise .. but you'll be able to make out rough outlines. But if the signal is encrypted .. with most forms of encryption you either get a perfect imagery or nothing. Either you will see a clear image or random total image noise. If you make the signal more resilient to noise, the weaker the encryption quality. This also means you lose out on range too since you need a clear strong signal.

    We need better ways to encrypt.

    1. Re:You misunderstand by fustakrakich · · Score: 2

      We need better ways to encrypt.

      We need better defense against drones... For once, think of the children

      --
      “He’s not deformed, he’s just drunk!”
    2. Re:You misunderstand by mysidia · · Score: 4, Insightful

      Use a reliable strongly encrypted side-channel for controlling crypto of the primary channel.

      Use a "one-time pad" for the video channel used as a "multi-time pad instead", XOR each block by a random value preloaded on both sender and receiver, each block also XOR'ed by a value negotiated over an encrypted control channel protected with a shared key, pick a new XOR value every 10 - 20 seconds to transmit over the encrypted channel, for the next N seconds of video, and a number of One time PAD bits to skip in the transmission, also transmit a value indicating a pattern for a certain number of 'extra' bits of noise or false signal to be included --- possibly a FALSE unencrypted video stream transmitted alongside the real one.

      Include enough "one time pad" / random data stored on a memory card, for 18 - 24 hours of video, then recycle the pad.

      One time pads are resilient against 'noise' because they result in the same number of bits noise in the output.

      The non-sophisticated adversaries are not likely to defeat even an imperfect implementation. Strictly speaking, any reuse or multiple use of a one time pad makes the stream immediately decipherable by a potential adversary, who has successfully recorded enough ciphertext encoded with the same pad bits, in that they can determine parts of the one time pad.

      The possible range of original plaintext for video are much larger than readable human language -- any arbitrary value. Even with simple 'scramble every bit by XORing it with a fixed value' will be extremely tough for unsophisticated adversaries, trying lots of XOR values to decrypt is easy -- ANALYZING the output of every value that you try, requires an adversary to have some serious computer vision technology, to decide if the output of each attempted value is the video stream being searched for or not.

      However, 'skipping' a certain number of pad bits, for every transmission, introduces unpredictability, and means only a proportion of bits in a frame might be reused, that requires an adversary not only have more than 48hours recorded data but also conduct complex difficult matching, in the process of trying to figure out which bits might be reused --- only a percentage of bits in the transmission may be reused, and by the time they have conducted the search, the drone's mission is done.

      XOR'ing every block over a period of time by the same reference block, is also immediately decipherable by an adversary, who can conduct an analysis to figure out what the XOR block is.

      However, combining XOR with a "one time" or "multi use" pad, significantly complicates the process of attempting to figure out the XOR key. No analysis of that is possible without first figuring out the random pad data of a block.

      And the simple / militant adversaries, are not likely to break any level of encryption. Or at least, if they do, by the time they were able to decode the video stream: again, the mission will already be over by the time they get it.

      And they are in no better position to decode the next video stream (assuming new keys and random pads are loaded on every drone, before its next mission).

  13. Re:play chess much? by Lloyd_Bryant · · Score: 4, Informative

    What is this some Michael Bay "the signal that hacked your network" shit? How could they detect a passive receiver?

    Because the receiver ain't quite as "passive" as you think. Google for "local oscillator" for an example.

    Digital systems tend to generate noise on predictable frequencies as well - if a device has a chip that's clocked at a given frequency, then somewhere in that device is an oscillator used to generate that clock (though it may or may not be working at that particular frequency).

    The only truly passive receiver is one that is completely shielded to prevent it from radiating any of this noise. But you *have* to have a gap in the shielding in order for the incoming signal to be received. So building an undetectable receiver is not quite as easy as you might think.

    --
    Don't tell me to get a life. I had one once. It sucked.
  14. Re:Neither is the control software. by Anonymous Coward · · Score: 2, Funny

    1600 Pennsylvania Avenue Northwest Washington, DC 20500

  15. OMG by Poorcku · · Score: 3, Funny

    Unencrpyted and barely legal! LOL

    --
    I take my children to see Madonna(..), but I never for once ever thought I was in the same business.Chris Rea.
  16. Re:Spaceballs: When will then be now? Soon. by aix+tom · · Score: 2

    I heard rumours they also tried cheaper Hollywood-style encryption, but they had to many casualties because the drone wasn't operational fast enough.

    They had to watch too many FBI warnings before they could start it up.

  17. Re:False by baffled · · Score: 2

    Thinking about it more, key negotiation shouldn't even be necessary.

    You need a pre-determined set of sufficiently-large encryption keys on a removable module of sorts, like a USB key. Produce the key-set USB-key in pairs, for transmitter & receiver. Encryption cycles through the key-set at a predetermined schedule. Timing is managed with an internal clock. Imprecision of timing at change-over intervals is handled by simple dual-decryption attempts, and determination of correct sequence by CRC or some such block header data. This is basic smut. Why am I even bothering..

  18. Re:play chess much? by Fnord666 · · Score: 2

    The real trick is that the gov can track video receiving equipment (by the frequencies they use to decode the video) What is this some Michael Bay "the signal that hacked your network" shit? How could they detect a passive receiver?

    I don't know about applying this to video but this is definitely real and is how LEOs detect radar detectors in states that ban them. This wikipedia article has a description of how it works. The short form is that radar detectors use superheterodyne receivers to detect the radar signal. These receivers are a lot more cost effective than trying to process the actual radar signal. Superheterodyne receivers need a local oscillator. This oscillator is not shielded so it leaks signal and that signal can be detected. Here is a good block diagram of the receiver. The local oscillator at the bottom is what leaks detectable signal.

    The other question is whether this would be detectable in reality. We are talking about a very low power signal if it even exists. This is not something you could build an "anti signal" missile around. At best you might be able to have boots on the ground with a portable detector to figure out if someone in a particular location was actively watching a video signal. Or they could just be watching a youtube video.

    --
    'The tyrant will always find pretext for his tyranny.' - Aesop's Fables