Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Find Crippling Flaws In Global GPS

Posted by samzenpus on from the where-in-the-world dept.

mask.of.sanity writes "Researchers have developed attacks capable of crippling Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unamed drones. The novel remote attacks can be made against consumer and professional-grade receivers using $2500 worth of custom-built equipment. Researchers from Carnegie Mellon University and Coherent Navigation detailed the attacks in a paper. (pdf)"

179 comments

  1. Misleading Summary by KeithIrwin · · Score: 5, Informative

    The paper isn't really about attacking GPS infrastructure. It's about attacking GPS receivers. Some of these receivers may be part of other sorts of infrastructure. I was at CCS when the paper was presented. It's all about sending fake GPS satellite signals to receivers to exploit bugs in the software in the receivers. The work is interesting and includes attacks which can desynchronize the clocks on some devices and there was one device you could essentially brick by telling it at the satellite was at radius 0 (center of the earth) resulting in a divide by 0 overflow. I liked the paper and thought it was neat, and it could do serious damage to particular systems which rely on GPS if they have the right type of flaws in their software to be exploited by this attack, but it was not an attack against the GPS satellites or anything like that.

    1. Re:Misleading Summary by KeithIrwin · · Score: 5, Informative

      Err, I just meant divide by 0 error, not overflow. The fun bit of that attack is that the reason it effectively bricks it is that the divide by zero error crashes it and it reboots, but it logs its data into flash, so as soon as it finishes rebooting, it starts reprocessing the stored data, thus it reads the 0 again and crashes and it just gets stuck in a loop like that forever. It's a fairly fun and clever paper.

    2. Re:Misleading Summary by fermion · · Score: 2
      So that is interesting. Some GPS receivers have software errors that all bad input to brick them. It is no surprising because on thing that too many automated systems do not protect against is malicious input. This is, however, the sort of thing that be handled by a software update, if a GPS is capable of such a thing.

      I guess win one for smartphones.

      --
      "She's a scientist and a lesbian. She's not going to let it slide." Orphan Black
    3. Re:Misleading Summary by ne0n · · Score: 5, Funny

      If it was news you'd see it on Carver Media first. We saw this attack used in 1997 to start open hostilities between China and Britain. Luckily we had a man in the area and he managed to stop it before anybody went nuclear.

      --
      $ :(){ :|:& };:
    4. Re:Misleading Summary by Anonymous Coward · · Score: 1

      Interesting I guess, but it looks like specific attacks are targeted at specific receivers and whatever vulnerabilities exist in those designs. The story is somewhat lacking on detail, but it sounds like an attack on a Trimble system wouldn't necessarily work on a Garmin, and even an attack on a Garmin 5xx might not work on a Garmin 7xx. Also, given LOS and antenna positioning, the effective radius of such an attack would most likely be limited, maybe to only a few 10's of miles.

    5. Re:Misleading Summary by AlphaWolf_HK · · Score: 1

      How much do you know about the workings of GPS? I ask because I wonder if there is anything in the current implementation that would prevent adding a digital signature to the tracking signals without breaking compatibility with existing devices?

      Basically if the packet isn't signed, we just ignore it. I imagine for mission critical devices (e.g. commercial aircraft relying on IFR) they could upgrade the devices rather quickly. Consumer devices would of course be screwed in the current generation, but I don't really think a terrorist would benefit if somebody made a left turn instead of a right turn to find the nearest KFC.

      A hitman maybe, but I think somebody would look into the dark alley that it is pointing into and say "damn iOS maps" and find it the old fashioned way.

      --
      Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
    6. Re:Misleading Summary by Heretic2 · · Score: 1

      They've been working on a GPS replacement for awhile, I would be surprised if it wasn't already fielded by the military.

    7. Re:Misleading Summary by Jeremiah+Cornelius · · Score: 1

      I'm pretty certain that this is how Ian has intercepted and captured at least two US drones - including one of the "stealth" variety.

      Remember CDMA networks, as developed by Qualcomm, were the product of a couple Iranian researchers, living and working in the US.

      The Iranian ability to redirect America's cutting edge of battlefield technology back into the face of the aggressor is something that may well take the ignorant by surprise, should it happen.

      But I'd rather more so, if they didn't manage the feat - especially given the 0day possibilities in low-bid GPS software for Lockheed Martin or whoever.

      --
      "Flyin' in just a sweet place,
      Never been known to fail..."
    8. Re:Misleading Summary by AlphaWolf_HK · · Score: 1

      They've always been phasing in new birds to replace older ones, each with a new set of features, pretty much non-stop since they started, using the old ones as spares until they were retired. I believe the phase 2 birds rolling out before the phase 1 deployment even had the full intended coverage. Most civilian implementations probably have a limited feature set (all we really need is mapping) but I don't know if there is any kind of packet signing.

      --
      Careful with names containing L slashdot.org/~AiphaWolf_HK slashdot.org/~AlphaWoif_HK slashdot.org/~AiphaWoif_HK
    9. Re:Misleading Summary by Anonymous Coward · · Score: 0

      I'm pretty certain that this is how Ian has intercepted and captured at least two US drones

      Who is this drone-intercepting and capturing Ian ?

    10. Re:Misleading Summary by Guignol · · Score: 1

      "Researchers Find Crippling Flaws In Global GPS" is misleading ?
      Oh I see the flaw is not really in the global GPS system, thanks a lot for your post, I don't even have to read the fucking TFA thanks to you
      (I had mod points for you but you are already at +5 (twice) so...)

    11. Re:Misleading Summary by KeithIrwin · · Score: 3, Informative

      Well, thanks for the kind words anyway. Honestly, I thought that modding up my second comment (which was mostly just meant as an error correction) was excessive. If I'd known it would've been modded up, I might've not made it as I don't want to be a karma whore. But, oh well, I guess I shouldn't look a gift horse in the mouth.

    12. Re:Misleading Summary by KeithIrwin · · Score: 3, Funny

      I'm pretty certain that this is how Ian has intercepted and captured at least two US drones

      Who is this drone-intercepting and capturing Ian ?

      Well, as you likely know, most bagpipes have two or three drones, and Ian is a common Scottish name, so I'm pretty sure he's a Scotsman who managed to hijack some American bagpipes in transit. Clearly, the US needs to protect them better when they're transiting through the UK.

    13. Re:Misleading Summary by Anonymous Coward · · Score: 0

      Reminds me on the fighter jets rebooting if they cross the date line in the wrong direction.

    14. Re:Misleading Summary by Anonymous Coward · · Score: 0

      Scottish bagpipers would probably call themselves Iain, Ian is just a lazy sassenach shortening of a proud name. As for the drones, they'd only be captured if they couldn't be mistuned correctly to assult the ears of said sassenachs!

      (I'm still trying to get my head around the concept of a "stealth" drone. Have you ever heard them in full, err, "drone"???)

    15. Re:Misleading Summary by drinkypoo · · Score: 1

      Modern consumer-type GPS receivers are all updateable, but not all will receive updates of course. Old school units might actually use windowless EPROMs (for cost-saving) and might not be upgradable by any reasonable means (short of desoldering...)

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    16. Re:Misleading Summary by X0563511 · · Score: 1

      The "long" signal intended for military use requires a substantial key to decode. It's not jam-proof, but it should be spoof-proof.

      Of course, that all depends on the key remaining secret...

      I imagine the drone that was landed via GPS spoofing merely didn't have the equipment for the long signal. It's supposedly a pain in the ass to deal with.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
    17. Re:Misleading Summary by Anonymous Coward · · Score: 0

      No true Scotsman would ever do something so nefarious.

    18. Re:Misleading Summary by Hes+Nikke · · Score: 1

      All consumer GPS can do is get the date, and current position. They use other sensors and/or multiple readings to get your heading and speed. This information is then fed into mapping software that is already on the device that may or may not rely on more data off the internet. I'm unsure of what military features they may have aside from getting better fixes on your location, but clinton removed some/all consumer restrictions on fix resolution in the 1990s.

      --
      Don't call me back. Give me a call back. Bye. So yeah. But bye our, well, but alright we are on a shirt this chill.
    19. Re:Misleading Summary by Anonymous Coward · · Score: 0

      The "long" signal intended for military use requires a substantial key to decode. It's not jam-proof, but it should be spoof-proof. Of course, that all depends on the key remaining secret... I imagine the drone that was landed via GPS spoofing merely didn't have the equipment for the long signal. It's supposedly a pain in the ass to deal with.

      They claimed to have spoofed the military grade signal without breaking the encryption by simply adding delays to specific satellites and replaying the encrypted data. It would be difficult to get a desired result, but doable. I know enough about GPS and RF to write a budget for pulling it off.

    20. Re:Misleading Summary by BitZtream · · Score: 1

      The feature is already there. Military receivers have the ability to authenticate and reject bogus signals.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    21. Re:Misleading Summary by Anonymous Coward · · Score: 0

      I'm pretty certain that this is how Ian has intercepted and captured at least two US drones - including one of the "stealth" variety.

      Remember CDMA networks, as developed by Qualcomm, were the product of a couple Iranian researchers, living and working in the US.

      The Iranian ability to redirect America's cutting edge of battlefield technology back into the face of the aggressor is something that may well take the ignorant by surprise, should it happen.

      But I'd rather more so, if they didn't manage the feat - especially given the 0day possibilities in low-bid GPS software for Lockheed Martin or whoever.

      No, that was done by spoofing. This is a software attack. Devs often assume the only data they need to sanitize is user input and stuff that comes in over network, these guys were just screwing around with the data broadcasted by the satilites to cause errors in software, the drone attacks did not affect the software but caused the drones to misjude their position

    22. Re:Misleading Summary by RockDoctor · · Score: 1

      The "long" signal intended for military use requires a substantial key to decode. It's not jam-proof, but it should be spoof-proof. Of course, that all depends on the key remaining secret...

      And the military being able to get hold of enough military-grade chipsets when they need them.

      I imagine the drone that was landed via GPS spoofing merely didn't have the equipment for the long signal. It's supposedly a pain in the ass to deal with.

      My precise point.

      As I understand it, during several of the recent Gulf Wars the military have had to use lots of civilian GPS systems because their suppliers couldn't crank out the military-grade systems fast enough, or at a low-enough cost. There is no reason to believe that the logistics will be any better for the future Gulf Wars.

      --
      Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
  2. Well, duh. by girlintraining · · Score: 4, Interesting

    This isn't news. The GPS signal is very, very weak. It's actually right at the noise floor and using some rather ingenious encoding to resolve the signal. The signal itself is fully-documented for consumer equipment. Given the weak signal strength and the protocol having no encryption or validation to speak of, of course jamming is possible; Receiver selectivity dictates it'll lock on to the strongest signal, the root square law dictates that just about any terrestrial source with line of sight will be stronger than the one in space. The only problem to work out then is processing; You have to figure out where the receiver is now, and then figure out where you want it to be, and adjust all the signals it could receive from the GPS satellites simultaniously to cause it to (falsely) lock on to the new position. And considering that the timing needs to be in fractions of a millisecond to have any value at all, you need to be very exact.

    Most of the equipment is dedicated to computing what the signal needs to be.... the actual transmitter is dirt cheap.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Well, duh. by tylerni7 · · Score: 4, Interesting

      I don't think you looked at the paper really. GPS spoofing and jamming are nothing new (as is mentioned in the paper). The new aspect is that there are software attacks that can be done on the receivers. For example, one of the divide by zero errors will cause a denial of service attack on some receivers. This is vastly different from jamming, because the DoS continues even after the transmitter is shut off. Jamming would obviously stop as soon as the transmitter is turned off. That is the new, exciting, and dangerous part of all this.

    2. Re:Well, duh. by AK+Marc · · Score: 2

      Satellite runs as close to the noise floor as possible. I've used some equipment that runs with SNR in the negatives (noise above signal).

      --
      Learn to love Alaska
    3. Re:Well, duh. by alen · · Score: 0

      The government can encrypt GPS if they want

      They have done it before. It just makes the receivers report the wrong location

      Military gps can take special keys to decrypt the signal

    4. Re:Well, duh. by Anonymous Coward · · Score: 1

      Mod parent down. The paper has nothing to do with jamming or spoofing. It's about exploiting firmware/software bugs in receivers.

    5. Re:Well, duh. by sjames · · Score: 1

      Exactly. Exploiting a software bug will place much lower demands on the attacker for results nearly as useful.

    6. Re:Well, duh. by Anonymous Coward · · Score: 5, Funny

      A new software attack to disable GPS functionality? - Apple maps was released months ago.

    7. Re:Well, duh. by Anonymous Coward · · Score: 0

      You seem to like spouting misinformation about stuff.

      GPS has had encryption, the US military can turn it on and off and make sure that everyone else could only use the lower accuracy signal. In the past "everyone else" got around it by using differential GPS systems. If there wasn't any encryption they wouldn't have needed to do that back then.

      http://en.wikipedia.org/wiki/Differential_GPS

    8. Re:Well, duh. by tbird81 · · Score: 2

      Thank you for your sarcastic comment on behalf of everyone else. We're all such complete cocks that we get offended when someone explains something we're proud of working out for ourselves, because it takes away one of the few tiny achievements we will manage in our sad pathetic lives.

      (That above paragraph was sarcastic... the following paragraph is not.)

      You're a dickhead AC. (That's a person who behaves in a selfishly annoying way for his own pleasure, not actually someone with a penis for a head. And I was not calling you the glans penis either [that's the medical term for the head of the penis].)

    9. Re:Well, duh. by jones_supa · · Score: 1

      And I was not calling you the glans penis either [that's the medical term for the head of the penis].)

      BTW the medical term for sperm is spermatozoa.

    10. Re:Well, duh. by Anonymous Coward · · Score: 1

      There are two separate signals.

      The military signal is always heavily encrypted, and these attacks won't work against the military receivers unless you know the key. However, the military receivers are expensive, so expensive that one of the reasons selective availability was turned off is that a lot of soldiers who don't qualify for a military GPS receiver run around with a civilian receiver.

      The civilian GPS signal is not encrypted. What makes the receiver report the wrong location when selective availability is on, is errors deliberately added to the signal to prevent enemies from using GPS for guided weapons.

    11. Re:Well, duh. by Anonymous Coward · · Score: 0

      Noise above signal is not a negaive SNR, it's a SNR less than one.

    12. Re:Well, duh. by ceoyoyo · · Score: 1

      A hammer does this effectively as well. The difference is that with the hammer attack, a firmware flash with updated software can't fix the problem.

      The GPS makers, particularly the ones who make military and infrastructure systems, are going to have to be a little more careful about bugs in their code.

    13. Re:Well, duh. by ceoyoyo · · Score: 1

      "(That above paragraph was sarcastic... the following paragraph is not.)"

      I'm glad you included the parenthetical phrase... oh, never mind. ;)

      Don't let the 13 year olds get to you. And by "13 year old" I don't mean the AC is actually 13, although he might be. He might also be a 35 year old who still lives in his mother's basement but acts like a 13 year old.

    14. Re:Well, duh. by AK+Marc · · Score: 1

      Well, the funny thing is that the AC was wrong becuase I was wrong. Eb/No can be negative, but SNR isn't. Eb/No is called "digital SNR", so I used the term loosely. I was corrected for being too pedantic, as the AC already knew, but was telling everyone he knew, when the thing he says was obvious was actually incorrect. That, and I recognized the error when another AC mentioned there wasn't a concept of negative SNR (though it would be possible with negative signal or noise, but I'll leave thinking about that to someone else).

      --
      Learn to love Alaska
  3. What a nonsense by angel'o'sphere · · Score: 2, Insightful

    Planes and Ships don't rely on GPS.

    If you have a license to pilot any of them, you have learned how to navigate without.

    --
    Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    1. Re:What a nonsense by MichaelSmith · · Score: 5, Informative

      Well okay but I work in air traffic control and there is a high level of relience on positonal information from GPS.

      --
      http://michaelsmith.id.au
    2. Re:What a nonsense by Anonymous Coward · · Score: 0

      Planes and Ships don't rely on GPS.

      If you have a license to pilot any of them, you have learned how to navigate without.

      I beg to differ - they DO rely on GPS. This has become MORE prodominant over time as computer-controlled/assisted flying as grown. I think what you mean is that pilots are not soley reliant on GPS.

      Just because you learnt another method of doing something - say, telling the time by the sun, doesn't mean everyone stops using clocks. Nor does it mean that it is the best method, the used method, nor the one you are always going to be able to use in an emergancy.

    3. Re:What a nonsense by realityimpaired · · Score: 4, Informative

      Commercial airliners are still equipped with other navigation systems, but most of them are beacon systems that are only useful when you're close to an airport. These systems are still used for landing. For long distance navigation, the non-GPS systems are almost all a distant memory. It's *possible* to navigate a plane with a compass and a clock, and if you're flying low enough (and in an area with enough airports) it's possible to navigate by switching beacons, but I wouldn't want to hazard that in a plane the size of most commercial airliners. It's the kind of thing you do (and are trained to do, or at least were when I was taking lessons) in a Cessna, not a 767.

      The real concern is that the occupants of the plane have no way of knowing that their GPS information is bad in the first place. You can have a thousand backups available to you, but if you don't know that your primary system is being fed bad information, are you going to check/trust the backup that's based on technology developed a century ago (seriously... clock/compass is how Amelia Earhart and Fred Noonan were navigating)? And assuming that the GPS actually *crashed* (in the DoS way described in TFA), you'd still have Air Traffic Control to tell you where you were... they don't use GPS, they use radar.

    4. Re:What a nonsense by QuantumRiff · · Score: 1

      Right.. Not like the FAA is trying to move to a new way of tracking planes using GPS or anything.. (http://www.faa.gov/nextgen/implementation/programs/adsb/) Or that Alaska Air already uses it on all its planes..

      --

      What are we going to do tonight Brain?
    5. Re:What a nonsense by Anonymous Coward · · Score: 0

      When I'm several nautical miles off the coast down-rigging for Snapper until dusk, without land in sight, GPS is quite important thank you very much.

    6. Re:What a nonsense by Kagato · · Score: 3, Interesting

      True, but it's a daily problem for ATC in some parts of the world. North Korea jams GPS around ICN on a regular basis. Even EWR had a GPS issue for some time. They figured a trucker was using a GPS jammer to block the logger on the truck. Every time the truck would drive near the airport it would create a hassle.

    7. Re:What a nonsense by TooMuchToDo · · Score: 1

      Just wait until ADS-B/NextGen rolls out.

    8. Re:What a nonsense by MichaelSmith · · Score: 2

      Pretty much here in Australia. I have taken to hanging out beside runway 16/34 at Tullamarine in Melbourne, recording MODE-S data. Anything medium or heavy with a normal turbine engine has ADS-B. Many turboprops do and some rotorcraft. But I also found out that tulla is a great place to pick up garbage data, probably from the maintenance facilities. I got one track with lat=0.0,lon=0.0

      --
      http://michaelsmith.id.au
    9. Re:What a nonsense by Anonymous Coward · · Score: 1

      VOR/DME based navigation is still available in the US and many other nations and is much more than just "beacon", it is useable at high altitudes and long distances, and most airliners already use airways primarily defined between VOR's. It isn't difficult nor dangerous at all to work without GPS to a high degree of accuracy and flexibility.

    10. Re:What a nonsense by Jubedgy · · Score: 1

      If you were a prudent mariner you would be DRing on your paper chart at a reasonable interval. Aids to navigation (buoys/lighthouses/etc...) aren't affected by your GPS unit and also provide a good means to determine your position. If all else fails and you are that worried about where you are, a sextant and sight reduction tables still work. If you can't handle all that, then you should NOT be out at sea at night.

      Hell, here's a quick procedure that will get you in the general vicinity of your destination (close enough to use the aforementioned nav aids) which doesn't require any knowledge of sight reductions (assuming you're in the northern hemisphere):

      1. Determine the latitude of your destination
      2. Measure the elevation (angular distance) of Polaris above the horizon using your sextant
      3. Determine the local variation to convert your magnetic compass heading to true heading based on your estimated location on your chart
      4. Compare the Polaris angle to the latitude of your destination. If the star is too low on the horizon, head due north (true). If it's too high, head due south (true)
      5. Once Polaris is at the proper altitude in the sky, turn due west or due east (true) depending which coast you're on
      6. Don't get lost at sea like a retard next time

      --
      Si hoc legere scis nimium eruditionis hebes
    11. Re:What a nonsense by Alioth · · Score: 1

      Large airliners also have inertial navigation (certainly if they are going trans-ocean). Works just fine with no GPS.

      Also IFR-capable GPS receivers, whether they are in a small single engine plane or a state-of-the-art B787 have RAIM (receiver autonomous integrity monitoring). The pilots *will* know if the GPS is getting bad data, because the GPS will detect this condition.

      --
      Oolite: Elite-like game. For Mac, Linux and Windows
    12. Re:What a nonsense by AmiMoJo · · Score: 1

      Even over the continental US radar coverage is patchy, and it won't help you out at sea. The reason the US government gave up its ability to completely disable GPS is that the FAA wanted to use it instead of radar for some areas.

      Could be an interesting way to hijack a plane.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    13. Re:What a nonsense by sexybomber · · Score: 1

      Planes and Ships don't rely on GPS.

      If you have a license to pilot any of them, you have learned how to navigate without.

      Right you are. My sextant, watch, Nautical Almanac, and H.O. 249 Sight Reduction Tables laugh at these puny exploits. Let me know when researchers have found flaws in the apparent motion of the celestial spheres.

    14. Re:What a nonsense by angel'o'sphere · · Score: 1

      Using it, does not mean you rely on it ...
      Relying on it means: if it is broken you are completely lost and don't know what to do and where to go.
      This is simply not the case.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    15. Re:What a nonsense by deadweight · · Score: 1

      I actually found Bermuda that way. I ran a latitude line east until the radio beacon on the north end of the island bore due south. I have no idea how many of those old time radio beacons are left and it is a major PITA getting around that way compared to GPS.

    16. Re:What a nonsense by angel'o'sphere · · Score: 1

      Thats what I mean. You dont rely on it. You use it. you are aware and educated enough to recognize flaws and use other means to navigate.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    17. Re:What a nonsense by Man+On+Pink+Corner · · Score: 1

      As far as I'm aware, large commercial airplanes all still have inertial guidance. "There's more than one way to do it" has been the rule in air navigation for a long time, and that won't change anytime soon.

      Not all of them have GPS, either. AF 447 could have been saved if one of the pilots had bothered to bring a sub-$100 Garmin with them. Instead, it was "Derp, what's an ocean doing up here at 40,000 feet?"

    18. Re:What a nonsense by dj245 · · Score: 1

      Having gone to a maritime school, a lot of my friends are on the bridge of large ships. A lot.

      They can go without it, but GPS is so easy, convenient, and reliable that they basically rely on it. Shooting the stars with a sextant is relegated to trainees and practicing for the various exams which are required to be promoted to second mate, first mate, and finally master.

      --
      Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
    19. Re:What a nonsense by angel'o'sphere · · Score: 1

      So they don't use landmarks, no signals like lighthouses no depthsfinders etc?

      How exactly should it work to drive by GPS?

      You don't plot your course on a map? Or if you do and your GPS tells you you are left, you steer more right?

      That means you don't use a compass to define your heading? You don't know what the "missdirection" of your compass is in your sailing area? You don't know the influence of your ship/boat on your compass?

      Sorry, to pilot a boat with GPS only is simply retarded. Regardless how convenient it is to have it on board.

      So in other words, if GPS fails, for what ever reason, you don't know what to do. (Do you even notice it has failed?)

      And on top of that you likely believe that in case of an accident you can simply claim: "hey, my GPS told me I'm far away from this spot!" Pffftttt. I hope your friends never have an accident ... besides the harm done it would be an eye opener.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    20. Re:What a nonsense by ceoyoyo · · Score: 1

      You can still navigate an airliner cross country the way they did before GPS, using dead reckoning and inertial navigation between VOR and ADF stations. Airline pilots are still required to know how to do this.

      Planes don't generally use GPS for altitude at all (which is the biggest concern for bad GPS data). If you're not an idiot you use all the navigation information available to you, including GPS, radar, other electronic navigation aids, gyro compass, magnetic compass and your two eyes looking out the window. If the Amelia Earhart and Fred Noonan methods don't agree with the new fangled ones you trust the old ones to keep you safe (i.e. above the ground) while you figure out what's going on. I know airline pilots. They do this. They don't just stare at their GPS until the reading goes blank.

    21. Re:What a nonsense by Obfuscant · · Score: 1

      That means you don't use a compass to define your heading?

      When getting from A to B, the important criterion is not your heading but your bearing. You don't use your compass to determine your bearing. The first time you did and you were in a crosswind, you'd be in the wrong place going the wrong direction. It's a typical student mistake to ignore wind corrections and try to fly the ILS by nailing the compass to the bearing, or doing the same when following an airway.

      Or if you do and your GPS tells you you are left, you steer more right?

      Your compass does not tell you if you are left or right of your desired course, so yes, if the GPS tells you you are left, the natural reaction, lacking any reason to disbelieve your GPS, is to steer right until you are back on course. And that is the standard definition of the term "rely": to believe and act upon. If you are using an ILS then you are typically equally reliant upon the localizer. You may rely upon a VOR cross-vector for information about how far along the ILS you are, but for left-right info you rely on the "localizer", whether that is a ground-transmitted radio signal for ILS/VOR approaches or satellite-transmitted ones for a GPS approach.

      The fact that pilots do, indeed, rely upon such signals can be easily verified by reading the NTSB reports of accidents that happen when pilots don't realize they shouldn't rely upon the signals that have failed and follow the incorrect guidance into terrain.

    22. Re:What a nonsense by Obfuscant · · Score: 1

      and most airliners already use airways primarily defined between VOR's.

      In the US, under FAA guidelines to help steamline traffic flow and increase system capacity, and due to pressure from airlines to reduce costs by shortening flight times, most airliners use direct routing whenever possible and permitted by ATC.

      Airways, a leftover from the old A and N beacon days, are becoming less and less important. They are still a prime feature of arrival and departure routing because it is more convenient for ATC to funnel everyone into and out of congested airspace by making sure everyone is using the correct roads going the correct direction instead of trying to manage a hundred different routes (present position direct), but once you leave the "big city" a direct routing is much more common. And when it isn't direct to your destination, it's due to ATC not being able/not wanting to coordinate that with sectors more than one or two hops away, not because airways are so much better.

      This is all based on the growth and reliance upon GPS. Even when RNAV was common in large iron, it wasn't as often used to assign direct clearances.

    23. Re:What a nonsense by Obfuscant · · Score: 1

      Not all of them have GPS, either. AF 447...

      You seriously believe that an Airbus 330 doesn't have a single GPS somewhere in all that electronics? That a cheap GPS receiver would have been mounted on the dash ready for instant use in preference to the multiply redundant flight guidance systems already installed? That any major airline would sanction the use of a cheap handheld GPS for flight guidance in the first place?

      Which sub-$100 GPS from Garmin has an airspeed reading? Which one shows the angle of attack? How would this have helped an aircrew when the failure was in training them how to deal with aerodynamic stalls at high altitude?

      No, adding another unused, slow-to-initialize instrument to the mix would not have helped AF447. What would have happened would have been "where the hell is my flight bag, where's the 'on' button, oh look, it's found one satellite, derp, what's the ocean doing at 40,000 feet?"

    24. Re:What a nonsense by angel'o'sphere · · Score: 1

      Wind correction (side drift etc.) has nothing to do with compass or heading.

      Ofc you are correcting for that, like you correct for currents and tides etc. Bottom line that is vector arithmetic, yielding a "compass heading" you finally follow.

      Sorry, don't know the abbreviations you use, like ILS/VOR and NTSB ... I'm more a sailor than a pilot, did not start with my air license yet ;D

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    25. Re:What a nonsense by dj245 · · Score: 1

      So they don't use landmarks, no signals like lighthouses no depthsfinders etc? How exactly should it work to drive by GPS?

      There is a distinction between positioning and navigation. Perhaps I should have been more clear. Positioning is almost always done by GPS nowadays, with visual cues taken where available. Navigation uses your position, speed, heading, current, wind direction, etc to find your way from A to B. On ships, they use differential GPS with an accuracy of a couple of inches in many cases. The receivers will tell you the accuracy that they have at the moment- it comes out of the calculations for determining GPS position as a kind of "remainder" similar to long division. Determining position by GPS is not retarded. It is the cheapest, easiest, most reliable way to determine position. To not use it to determine position given the other options would be silly.

      --
      Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
    26. Re:What a nonsense by Obfuscant · · Score: 1

      Wind correction (side drift etc.) has nothing to do with compass or heading.

      You are patently and obviously wrong. Your heading, which is read from your compass or DG, depends in great measure upon the wind correction that you need to apply to your bearing. If you need to use a 10 degree right deviation to maintain a 340 degree bearing, then you will do so by keeping your compass (or DG as the proxy for it) on 350. If there is no wind correction necessary, then your heading will be your bearing and your compass will read 340 while on course.

      Bottom line that is vector arithmetic, yielding a "compass heading" you finally follow.

      Which then proves that your heading has a lot to do with your wind correction. Like you just denied. And we remain with the point that your compass does not tell you if you are where you are supposed to be, only if you are pointed the right direction. Being pointed the right direction, given crosswinds, doesn't mean you are heading the right direction, and says NOTHING about whether you are on your desired route of travel.

      Sorry, don't know the abbreviations you use, like ILS/VOR and NTSB ..

      Google is your friend. Instrument landing system, VHF omnirange receiver, National Trasportation Safety Board (which is involved in maritime accidents, so if you don't know them, then your maritime relevance is questionable).

      I'm more a sailor than a pilot, did not start with my air license yet ;D

      Then you still have a lot to learn about GPS and compass "bearings" and how reliant pilots are on GPS.

    27. Re:What a nonsense by Man+On+Pink+Corner · · Score: 1

      Read the report. The crash happened because they didn't realize they were losing altitude. A quick glance at any consumer-grade GPS receiver that reports altitude would have changed things dramatically.

      I have no idea what equipment the plane comes with, and apparently neither did the pilots.

    28. Re:What a nonsense by angel'o'sphere · · Score: 1

      Well, perhaps I should have been more clear: no, wind and sidedrift has nothing to do with 'heading' as I calculate that beforhand as you explained. So I hold course on the calculated magnetic course. (By adding/substracting the magnetic north error from true north, the wind, the current and if neccesary current from tided) I assumed that was obvious from my post.

      As you have perhaps noticed, I'm not a native english speaker. And the abreviations for maritime rescue systems in europe are definitely not NTSB.

      Naval rescue radio etc. goeas via MRCC (maritime rescue coordinaten center), GMDSS, mostly via sattelite commections as INMARSAT, COSPAS-SARSAT, LEOSAR and GEOSAR. IMMARSAT likely is meanwhile phased out. Weather warnings etc. go via NAVTEX.

      I don't think I have a lot to learn on compass bearings, as I already dit that .... only my wording seems to have been unclear to you.

      Anyway, my point was: if the GPS system fails, it will be a majour incomvenience but not a desaster. Certainly not for ships. And you allready pointed out what instrument landing systmes are, as wel there are radio signals for holding course etc. used in air traffic. So I doubt a commercial airplane will be in majour trouble just because GPS is failing. For a hobyist pilot who learned to depend on GPS (depend instead of rely) this might be a problem. Thats exactly is why we don't use GPS in yachting education at all. (Except for 'man over board'-key and distance logging if you do nothing more than running circles and doing man-over-board maneuvers). A few years ago it was not even possible to pinpoint your position with GPS more accurate than 10 yards or even up to 50 yards. Can you imagine how desasterous it was 10 years ago to "rely" on GPS in a sailing area like the northern sea or the english channel?
      Best Regards (sorry, the iPad has no english spell checking ;) )

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    29. Re:What a nonsense by angel'o'sphere · · Score: 1

      A few years ago GPS was only accurate to soewhere between 50 and 10 meters/yards. Because it was artificially distorded.
      Most sailing yachts e.g. have GPS at all. So if you want to use it you have to use a hand held model, which is very limited in its usefullness due to display sizes.
      However I agree that for a big ship which is on the open ocean GPS is a cheap and good option. But exactly that was my original point. If for one of them GPS fails, they are not lost but can fall back on traditional methods (which are on open sea not that hard either).

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    30. Re:What a nonsense by Rich0 · · Score: 1

      Airliners generally use inertial guidance, supplemented by a variety of navigational sources. These include GPS and beacons.

      Sure, navigating by beacon manually is a bit of a pain as you have to constantly dial new ones as you pass out of range of old ones, and failures of beacons and their non-replacement makes coverage more spotty. However, an airliner's RNAV system knows where it is at all times and what beacons should be in range. It will tune two beacons at all times and anytime it can triangulate a position (which is almost all the time) it updates its position accordingly. It also uses GPS in the same manner.

      RNAV predates GPS - airliners maintained inertial position and updated automatically by triangulating beacons before GPS became standard on aircraft.

      As far as ATC goes - they use radar RIGHT NOW, but the plans are to move to ADS-B, which uses the position reported by the aircraft. That is generally more accurate than radar anyway, but obviously it is vulnerable to GPS spoofing, assuming the plane doesn't check the GPS position against other navigation sources.

  4. Boffins by PvtVoid · · Score: 2

    What the fuck is with the science press in Britain / Australia about the word "boffins"? Why does every single science article, without fail, have to have some supposedly clever pun or alliteration around the word? (Extra points for using the word astro-boffins.)

    I've gotten to the point that if I see the word "boffins" in a science article, I immediately click away. Please make it stop!

    1. Re:Boffins by cheesybagel · · Score: 1

      A boffin is slang for scientist, engineer or someone in a similar position. It seems they have used this slang ever since WWII when they used to show scientists in white lab coats working on some sort of radical new technological development. The word as used today is mostly derisive which is somewhat representative of what happened to R&D in Britain since I guess.

    2. Re:Boffins by EvolutionInAction · · Score: 1

      I don't know, I can't imagine el Reg without the gratuitous use of the word. It fits the tone of the tech rag quite nicely, I think.

    3. Re:Boffins by mister2au · · Score: 2

      Why is that any different to researcher or expert or scientist? They are just as useless or even less useful terms

      It is an Australian article using "Australian English" or "British English" ... the term is well understood to define an academic/researcher with a very strong but narrow focus in a typical theoretical area.

      It is no more problematic than terms like futurist (who has a broader focus) or your typical engineer/scientist labels (for those who are more problem solving focused).

    4. Re:Boffins by grcumb · · Score: 1

      What the fuck is with the science press in Britain / Australia about the word "boffins"?

      Because if it didn't exist, the tech pundits wouldn't know how to tell the gurus from the wonks.

      Vocabulary: Get used to it.

      --
      Crumb's Corollary: Never bring a knife to a bun fight.
    5. Re:Boffins by Anonymous Coward · · Score: 0

      I am glad that I am not the only one to think this. I am Australian and I can not stand the use of the word boffin.

      I have removed a whole series of news sources from my google news page that continue to use the word.

    6. Re:Boffins by robot5x · · Score: 1

      Mitchell and Webb mock this kind of inverted media snobbery really well I think.

      --
      Hej! Nasi tu byli!
    7. Re:Boffins by Inda · · Score: 1

      Fuck yeah bro!

      We should'll use words like, you know, axed, irregardless, regift, and toileting.

      Those limies and convicts should speak like they know the good words like, you know, compartmentalize, operationalize, overexaggerate, professionalization, rationalize, utilize

      Make them special people talk good, ya'll.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
  5. so why don't we just name the drones? by holophrastic · · Score: 4, Funny

    heh, "unnamed" drones.

    1. Re:so why don't we just name the drones? by Anonymous Coward · · Score: 0

      These aren't the drones you're looking for.

    2. Re:so why don't we just name the drones? by taiwanjohn · · Score: 1

      Read it again. They're not "unnamed" they're "unamed".

      --
      XML is like violence. If it doesn't solve your problem, you're not using enough of it. --AC
  6. Please NO! by Anonymous Coward · · Score: 0

    OMG not the unnamed drones. I hate the named ones....take them!

  7. Unnamed drones by Anonymous Coward · · Score: 0

    Drones are unmanned, not unnamed

    1. Re:Unnamed drones by taiwanjohn · · Score: 2

      They wrote a "uname" daemon that's hosted on aerial drones. But of course there's a flame war over whether to use Kdrone or Gdrone... .

      --
      XML is like violence. If it doesn't solve your problem, you're not using enough of it. --AC
  8. BEWARE THE UNNAMED DRONE !! by Anonymous Coward · · Score: 0, Funny

    Those dornes without names are dangerous !!

  9. The Navy still teaches navigation by the stars by Anonymous Coward · · Score: 1

    GPS is a nice alternative, but the Navy (US and Royal at least) still spends a lot of time teaching navigation by the stars, dead reckoning, etc. The nautical charts and star location books are still published and issued to ships. Tomahawk cruise missiles and nuclear ballistic missiles are capable of not using GPS. A pain, not having GPS, but their are ways around not having it.

    1. Re:The Navy still teaches navigation by the stars by queazocotal · · Score: 1

      GPS was essential in 1989.
      Today, your average smartphone (without GPS) just using the camera, onboard sensors, and a few tens of gigs of stored imagery can get really accurate position tracking, at least in good weather. Less ideal in broken cloud.

  10. $2500 Spoofing Transmitter by PPH · · Score: 2

    Also known as a HARM target.

    --
    Have gnu, will travel.
    1. Re:$2500 Spoofing Transmitter by Anonymous Coward · · Score: 0

      Also known as a HARM target.

      Well, according to your link, HARM has a unit cost of $284,000. The spoofer here costs $2500, and would be trivial to operate remotely, so you would not risk your life. (Or assholes would put it on a children's hospital for maximum collateral damage hand-wringing). Nicely assymetrical. You might even be able to separate the transmitter from the rest of the system. Then you spend even less for every HARM you attract.

      Iran could easily set up 100 of these, with failover. How many HARMs are available to the US in the area, and how many aircraft/ships would be kept busy while they were deployed? Plus, there should be spares ready for the actual SAM sites.

      Not to mention that if your adversary is not the US, they may not even have HARMs. This sounds like an eminently practical tool in warfare to me.

    2. Re:$2500 Spoofing Transmitter by stubob · · Score: 1

      Use a multi-million dollar missile to take out a $2500 pile of electronics? Your tax dollars at work...

      --
      Planning to be moderated ± 1: Bad Pun.
    3. Re:$2500 Spoofing Transmitter by PPH · · Score: 1

      Its not the cost of the missile. Its the cost of the infrastructure (or potential damage) it protects.

      --
      Have gnu, will travel.
  11. Worst case by viperidaenz · · Score: 2

    Some poor bugger drives to the wrong destination.

    GPS isn't trusted. It's already known to be hackable.
    It would be news if they hacked the anti-spoofing system the military has been using for the last 6 years

    1. Re:Worst case by Anonymous Coward · · Score: 0

      Or an aircraft with 300 souls on board crashes while on a GPS approach (landing).

    2. Re:Worst case by Anonymous Coward · · Score: 0

      you should probably stop using missiles that rely on it then...

    3. Re:Worst case by Anonymous Coward · · Score: 0

      This could actually help apple maps users. Jam their GPS signal if they're using Apple Maps. Maybe the user would actually read road signs rather than blindly following their phone? http://www.abc.net.au/news/2012-12-10/apple-maps-strands-motorists-looking-for-mildura/4418400

    4. Re:Worst case by lannocc · · Score: 2

      Soles are imaginary anyway, so who cares?

      But I'm looking right at my shoes! Look, but don't smell.

      --
      -IOVAR Web Dev Platform
    5. Re:Worst case by tqk · · Score: 1

      Soles are imaginary anyway, so who cares?

      The bottoms of my feet are not imaginary.

      --
      "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
    6. Re:Worst case by Muad'Dave · · Score: 1

      The bottoms of my feet are not imaginary.

      Rotate your feet +-90 degrees and they will be imaginary. You will also likely fall down.

      --
      Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
    7. Re:Worst case by deadweight · · Score: 1

      *SOULS*. A radio call from an airplane is "souls onboard" because if they ask for people the pilot will frequently not count himself and the rest of the crew.

    8. Re:Worst case by BitZtream · · Score: 1

      GPS isn't accurate enough for approach. It isn't and never has been used for that. Automated approaches use an entirely different system local to the airport.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  12. You are wrong by A+nonymous+Coward · · Score: 1

    Planes especially very much rely on GPS, it's at the heart of all navigation systems in airliners. Even most private GA pilots use handheld ones if it's not part of the panel, unless they are intentionally flying by railroad tracks and highways. I believe LORAN was shut down a few years ago. The US Navy considers sextant use so useless that it was dropped from required study at the Academy some years ago, although it may still be taught as an elective.

    GPS is also at the heart of many military precision guided missiles and shells.

    You are a really misinformed troll.

    --
    Infuriate left and right
    1. Re:You are wrong by viperidaenz · · Score: 2

      GPS is also at the heart of many military precision guided missiles and shells.

      They also don't use civilian GPS receivers and employ anti-spoofing technology in every single deployment. No missile relies entirely on GPS.

    2. Re:You are wrong by Anonymous Coward · · Score: 1

      Planes especially very much rely on GPS, it's at the heart of all navigation systems in airliners. Even most private GA pilots use handheld ones if it's not part of the panel, unless they are intentionally flying by railroad tracks and highways.

      Speak for yourself, the AC here is a punk. While we have available all sorts of hot GPS equipment, flight training includes major time learning to work VORs, ADBs and yes, the extremely effective look out the damm window method. And we practice it.

      The US Navy considers sextant use so useless that it was dropped from required study at the Academy some years ago, although it may still be taught as an elective.

      This is a naval perspective, pilots are considerably more careful. You screw up on a boat, you go adrift, or ground. You screw up in the air, and It Will Be Bad(tm).

      The old saying is absolutely true. There are old pilots, there are bold pilots, but there are no old, bold pilots. If GPS disappeared GA would be the -most- prepared to deal with it.

    3. Re:You are wrong by angel'o'sphere · · Score: 1

      You are a really misinformed troll.
      The missinformed troll is you.
      I did not debate the usefulness of GPS or its wide adoption. I debated the word rely. If I rely on something it implies I'm helpless without it. Which is not the case.
      If you only know about sextants (and that they are no longer used - which I doubt) then you don't know much about navigation, especially on ships.

      GPS is also at the heart of many military precision guided missiles and shells. Every one knows that, so you can safely assume I know it as well ...

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    4. Re:You are wrong by BitZtream · · Score: 1

      Pilots (in America) are required by law and are certified by written test to KNOW how to navigate WITHOUT GPS.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    5. Re:You are wrong by ceoyoyo · · Score: 1

      Airliners don't rely on GPS. They use it, because it's convenient, but they don't rely on it. If GPS fails airline pilots are quite capable of using land based radio navigation aids (yes, they still exist, no they are not LORAN), inertial navigation or dead reckoning. I believe general aviation pilots qualified for visual flight rule must still be able to navigate without instruments (thus visual flight rule) and instrument flight rule pilots must first be VFR qualified. The US navy might have eliminated celestial navigation training for all officers but I would be very surprised if every navy ship isn't required to carry at least one navigator capable of celestial navigation, and they most certainly have navigators capable of navigating using the visual, sound and non-GPS radio navigation aids deployed around coasts. Certainly commercial ships are required to have celestial and coastal navigators aboard. Private boat owners must also be familiar with the latter and if you're venturing away from land you'd be smart to learn some celestial as well. I teach the course to obtain a pleasure craft operator certificate, including the coastal nav part, in Canada. I'm also a qualified non-commercial celestial navigator (that useless sextant training).

      The only people who pilot boats or planes who rely on GPS are careless ones who passed the non-electronic navigation tests, ignored everything their instructors, other boat operators/pilots and common sense told them, and forgot everything.

      The OP is absolutely correct and you're wrong on all counts except LORAN being shut down and possibly celestial navigation not being taught to all US naval officers. Killing GPS would piss off a lot of people, but it wouldn't bring down any planes or run aground any boats piloted by anyone competent. And as others have noted, this has been (inadvertently) tried. Various GPS jammers have in different ways gotten close to airports and coasts. No planes crashed.

  13. You miss the point by A+nonymous+Coward · · Score: 2

    Spoofing the signals to make receivers mistake their position isn't the point of this report. It's the potential to brick the receivers which is new.

    --
    Infuriate left and right
    1. Re:You miss the point by sabri · · Score: 4, Interesting

      It's the potential to brick the receivers which is new.

      Which is why I find it interesting that 60% of the authors of the paper (3 out of 5) are employees of a commercial entity that.... creates "coherent" navigation equipment.

      Perhaps it's just one big advertisement for their solutions?

      --
      I'm not a complete idiot... Some parts are missing.
    2. Re:You miss the point by the_Bionic_lemming · · Score: 1

      So if my GPS goes down I should commit suicide?

      If some nitwit is going to invest 3 grand and take time to write code just to brick a cheap gps i'll be happy to help crowdsource some funds for my local police to equip some popo vehicles with cheap and basic spectrum checkers.

      At the very least some of the big rigs that cranking out some serious wattage will get fined as well as finding the nitwit driving around with the gps bricker.

      The point here is that the original article is just causing fud.

      --
      _ _ _ Go for the eyes Boo! GO FOR THE EYES!
    3. Re:You miss the point by Garybaldy · · Score: 1

      Since when do the police investigate and enforce FCC regulations?

    4. Re:You miss the point by Anonymous Coward · · Score: 2, Interesting

      Or maybe they did, you know, actual research for their solutions, and rather than being selfish cunts about it, decided to actually publish their results and contributing to the research community instead of hiding everything and smashing everything that competes with it down by using vaguely written patent applications? As hard as it may be for slashdot to believe, governments and corporations can occasionally do something right.

    5. Re:You miss the point by Anonymous Coward · · Score: 0

      They have patents pending for some of their stuff, specifically autonomous spoofing detection. They're essentially drumming up fear and will patent the most cost-effective way of detecting/mitigating it.

  14. what could go wrong by Anonymous Coward · · Score: 0

    All testing was done using the latest IPhone5.

  15. Apple by Anonymous Coward · · Score: 0

    Who needs to cripple a GPS, when an iPhone can leave you stranded all by itself!

    1. Re:Apple by Anonymous Coward · · Score: 0

      Who needs to cripple a GPS, when an iPhone can leave you stranded all by itself!

      That's called natural selection and the police are wrong to interfere with it.

      See how fat and stupid and childish most Americans are? That's what happens when you don't allow natural selection to run its course. Australia doesn't need that.

  16. Only GPS? by ikaruga · · Score: 1

    Does it work for Glonass too? The paper didn't mention anything about alternative positioning systems. Lots of modern chips come with support for at lest GPS+Glonass nowadays. If you're serious about terrorism you probably going to take down both systems.

    1. Re:Only GPS? by Anonymous Coward · · Score: 0

      These are software attacks on receivers, which probably use the same code paths to compute GLONASS solutions (and maybe Galileo too, when it goes live)

  17. Re:Well, duh. .. Speaking of "DUH..." by Anonymous Coward · · Score: 5, Interesting

    Up until about 3 years ago we in North America had another electronic navigation system in-place and operational: LORAN C.

    The loran system -though not as precise as GPS- was in many respects much more difficult to jam. Upgrades were planned that would have improved the loran system; instead, in a spectacular case of "penny wise-pound foolish" the sysetm was turned off, and its infrastructure (think 'some of the tallest antenna masts ever built' ) quickly dismantled/destroyed.

    http://en.wikipedia.org/wiki/LORAN
    From Wikipedia:
    "In November 2009, the U.S. Coast Guard announced that the LORAN-C stations under its control would be closed down for budgetary reasons after January 4, 2010 provided the Secretary of the Department of Homeland Security certified that LORAN is not needed as a backup for GPS.[19]

    On 7 January 2010, Homeland Security published a notice of the permanent discontinuation of LORAN-C operation. Effective 2000 UTC 8 February 2010, the United States Coast Guard terminated all operation and broadcast of LORAN-C signals in the USA...

    [In the quoted Wikipedia article, the following paragraph was placed BEFORE the above]
      Originally completed 20 March 2007 and presented to the co-sponsoring Department of Transportation and Department of Homeland Security (DHS) Executive Committees, the report carefully considered existing navigation systems, including GPS. The unanimous recommendation for keeping the LORAN system and upgrading to eLORAN was based on the team's conclusion that LORAN is operational, deployed and sufficiently accurate to supplement GPS. The team also concluded that the cost to decommission the LORAN system would exceed the cost of deploying eLORAN, thus negating any stated savings as offered by the Obama administration and revealing the vulnerability of the U.S. to GPS disruption.[18]"

    end of quoted Wikipedia material

    Loran and its technological successor E-loran are still available in some more enlightened parts of the world (see linked article)

    Note that I am a USian. The above is NOT one of my country's
    more shining (dare I say 'brighter') decisions.

  18. I read the paper. In brief... by Anonymous Coward · · Score: 1

    In brief, the paper basically says engineers who build GPS receivers often write crappy firmware that doesn't do good bounds or sanity checking on the data contained within the GPS signal. (This should hardly be a surprise given how crappy firmware and device drivers are in general.) Fake a GPS signal with bad data that fits within the parameters of normal GPS signal and you can get these badly designed GPS receivers to freak out. And, of course, since crappy engineering is more or less a universal constant, the same would apply to other GNSS systems.

  19. Dammit! by Anonymous Coward · · Score: 0

    Why do they have to go and build these jammers?
    When I'm traveling and need cash, I need my Global GPS to be able to find ATM Machines!

  20. Demoed at TEDxAustin by HizookRobotics · · Score: 1, Informative

    Novel attack... demoed at TEDxAustin back in February and posted online for everyone to see ;-) http://www.ted.com/talks/todd_humphreys_how_to_fool_a_gps.html

    1. Re:Demoed at TEDxAustin by tylerni7 · · Score: 2

      The TEDxAustin talk you mentioned is focused on GPS spoofing to make a receiver think that it is somewhere else. Spoofing in that sense has been around for a long time, and while it is very cool and everything, it isn't what is novel about this paper/attack.
      This paper goes from just making a GPS receiver think it is located somewhere else to actually exploiting software vulnerabilities in GPS receivers to cause them to crash and things like that. The attacks are related, but the position based spoofing is just a subset of this work.

  21. Too easy... by Anonymous Coward · · Score: 0

    I was hoping to read that the attack vector was swapping the systems with an iPhone....

  22. Re:Poorly Edited Summary Too by Anonymous Coward · · Score: 2, Funny

    Researchers have developed attacks capable of crippling Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unamed drones.

    What happens if they run "uname -a" then?

    Seriously, you had to go that far, when they had "Global GPS" (yep, Global Global Positioning System) right in the headline?

    Seriously though Slashdot management must have zero concern about low quality, sloppy, careless editing. I would fire in a heartbeat any so-called "editor" who can't even bother to run a spell-checker at least once in a while.

    Yeah? YMBNH...

    What an insult to everyone else who is expected to actually perform and do a good job to earn their paycheck. In this economy there are PLENTY of people who would do a better job and possibly for less money than what Slashdot staff are currently making. Perhaps they should start contacting Slashdot management and making offers? The current crop of "editors" would be no competition at all.

    It is widely suspected that the current crew of /. do not receive a "paycheck" at all, but are paid in bananas, peanuts, or some such simian treat. But if you want them put away, feel free to contact the local zoo with a tip about their missing baboons....

  23. send in 007 by Joe_Dragon · · Score: 1

    send in 007

  24. Wait a second... by Anonymous Coward · · Score: 0

    Iran could have been telling the truth about spoofing GPS coordinates?

    The US government would never lie to me, would it?

  25. Encrypted P-Code by billybob_jcv · · Score: 1

    Isn't this exactly why the P-Code is encrypted in the military signal? Spoofing the C/A data has been a known vulnerability in the system since day 1. The rest of the problems are simply bad programmers. That's not a limitation or vulnerability in the GPS system - it's a problem with the receiver manufacturers and the BS test & validation done by the civilian side of the government when they put those receivers in the CORS stations. I saw the code in some of the old reference receivers (in the 90s) - it was complete shit. No software design, no real architecture, no configuration management, it was a bunch of crap hacked together by the engineers. Full of debug code, obsolete comments and large sections of code that were bypassed with a "aaa =0; if (aaa == 1) {....a bunch of test code....} As long as it passed the acceptance testing, and it fit on the flash card, no one cared what it looked like inside the flash.

  26. A little flat but still interesting by WaffleMonster · · Score: 1

    For me "middle of the earth" attack was a new and interesting idea... otherwise this paper would have read a heck of a lot better had the hyperbole been left at home.

    The contorted attempt to say changing time is not "spoofing" or including offtopic segways such as hacking web servers and perl CGI scripts was a little too much to stomach.

    No mention at all of RAIM and similiar technologies.

    1. Re:A little flat but still interesting by Errol+backfiring · · Score: 1

      I read "Middle Earth". Maybe we should call this a Tolkien Attack?

      --
      Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
  27. Jammers are way cheaper by flyingfsck · · Score: 1

    Geez, these guys were unable to find $50 GPS jammers on Alibaba?

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
    1. Re:Jammers are way cheaper by azalin · · Score: 1

      But not as permanent as bricking the device.

  28. US hacking Iranian websites? by Anonymous Coward · · Score: 0

    We hear of Chinese hackers attacking American websites, now we have Americans hacking Iranian websites. What does this have to do with GPS? Why of course, the loss of American Drones over Iran, with the loss suspected due to hacking GPS signals making the drones think they are somewhere else (both location and altitude). This has only happened twice, but highlights what can happen to JDAM style bombs and drones.

  29. Here is an application: by Anonymous Coward · · Score: 0

    On board GPS jamming so that any GPS tracker put in your car would show a random position. 1) you know where the receiver is 2) you want it to be far away at random place static, say white house who cares where

  30. If anyone thinks what consumers use for GPS ... by tyrione · · Score: 1

    is what the Navy and the rest of the Military/Covert Ops use they are sorely misled. In fact, general researchers would be required to have top secret classified clearance and most certainly would not be publishing their findings. NASA has several levels of GPS solutions. We lowly consumers use very old tech for GPS/GIS.

  31. Re:BEWARE THE UNNAMED DRONE !! by azalin · · Score: 1

    And I rode through the dessert on a drone with no name...

  32. Peace! by Anonymous Coward · · Score: 0

    Finally a way to stop the USA raining it's bombs down on innocent people all over the world.

    1. Re:Peace! by BitZtream · · Score: 1

      Well, there are three problems that show just how ignorant you are.

      First off. GPS guided bombs and missles make it so we attack a building with a single bomb, rather than our old method which was to carpet bomb the entire city and 20 miles around it with thousands of bombs.

      Second off. The bomb will now hit some non-target rather than the target. Hope your kid doesn't happen to be in the school it just hit rather the command bunker it was supposed to hit.

      Third off. They don't even use GPS for the last bit of guidance. GPS gets you 'close' so that other things such as terrain following radar can do the final guidance or bring the missle to bear on the laser designator.

      Maybe we'll get lucky and you'll be the next one blown to bits by a misdirected rocket.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  33. Global GPS? by Anonymous Coward · · Score: 0

    I use it to get to my local Automated ATM.

    1. Re:Global GPS? by ledow · · Score: 1

      Just so long as you have to enter your PIN number...

  34. Re:Well, duh. .. Speaking of "DUH..." by Bearhouse · · Score: 1

    Yup, rather dumb move, saving peanuts compared to most budgets, but the US Coastguard ran it, and they're really strapped for cash.

    Shame, since as well as the benefits you note, the infrastructure was successfully used to broadcast data to augment GPS accuracy. This would perhaps been a more convincing arguement for keeping it in place, since it's true that in recent years usage was reported to have dropped considerably.

  35. Other global positioning systems? by Captain_Chaos · · Score: 1

    Are receivers for other global positioning systems like Galileo and GLONASS also vulnerable to these attacks? If so, is it too late (or even possible in theory) to fix the problem in those systems, given that they aren't fully online or in widespread use yet?

    1. Re:Other global positioning systems? by ceoyoyo · · Score: 1

      You can fix the problem in your GPS receiver by plugging it into your computer and flashing the firmware. Or buying another one, if the company ever stops being lazy and fixes their software bug.

      GPS receiver software has bugs just like any other computer system. Who woulda thought?

  36. Thats politicians for you by Viol8 · · Score: 1

    They know the cost of everything but the value of nothing. Unless its related to re-election campaigns.

  37. Total Fucking Shocker by EmagGeek · · Score: 2

    I can't fucking believe it. Do you mean to tell me that if you have a receiver tuned to a certain frequency, and you have a transmitter on that same frequency, then you can transmit information from the transmitter to the receiver?

    Top it off though! If you have not one but two - TWO transmitters, and one is vastly more powerful than the other, then you can get the receiver to receive the stronger one over the weaker one?

    Completely fucking amazing, if you ask me. I had no idea you could do something like that. It's almost like, when I'm at a party, I can hear the people who are talking louder better than I can hear the people who are being quiet, and stand a better chance of recovering the information they are conveying.

    Wow. Whowouldathunkit?

  38. Best Case by Anonymous Coward · · Score: 0

    Combine this with Apple maps and you may end up in the right place after all...

  39. In Actual Operation by sjbe · · Score: 1

    Planes and Ships don't rely on GPS.

    They don't HAVE to use it but in actual practice they most certainly do rely heavily on GPS. It's the best system available so of course they rely on it.

    If you have a license to pilot any of them, you have learned how to navigate without.

    Just because people are trained to do without GPS in case of problems doesn't mean they don't rely on it in actual daily practice.

    1. Re:In Actual Operation by angel'o'sphere · · Score: 1

      The word rely implies: "you can not without".

      However they can. That was my point, so the TFA is either wrong or the summary is wrong.

      E.g. my body functions rely on a working pancreas for insuline (or on insulin injections). I can not live without insulin. Hence I rely on it.

      Just because people are trained to do without GPS in case of problems doesn't mean they don't rely on it in actual daily practice.
      As a navigator on a ship you are required to crosscheck your positions with non GPS means.
      That is either simply demanded by "good seamanship" or even by law.
      A bigger ship, and many simple boats have radar. On top of that more or less every singel boat has echolog depths finders.
      Most boats I have been on have NO GPS. Except for the GPS in your smartphone.

      As a pilot on a plane, you get confirmations from ground stations that track you via radar.

      No sane captain of a ship or navigator or pilot would ever rely on GPS ... sorry you are jsut wrong.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    2. Re:In Actual Operation by Obfuscant · · Score: 1

      The word rely implies: "you can not without".

      Actually, there are two main definitions of "rely" and neither means "cannot do without". I rely on someone's advice when buying cars. I can certainly buy a car without his advice. That's the "is dependable and is readily believed" definition. The other is closer to what you think it means, as in "she relies upon her parents for tuition." That, too, does not mean she cannot find another source of tuition, just that she is currently using that source.

      But this is a word game. Pilots do, of course, rely upon GPS all the time since it now appears in so many aircraft and is the basis for the push for direct-to routing. They are not necessarily in a position where they cannot do without it, unless they happen to be IFR (cannot "look out the window") in an aircraft without an NDB or INS, and out of range of a VOR.

      As a pilot on a plane, you get confirmations from ground stations that track you via radar.

      That you've never been out of radar contact speaks more about your piloting experience than how the world actually works. I've had controllers tell me "primary and secondary radar out of service" while on an IFR flight plan. I've had them tell me "radar contact lost" because I've been below their coverage (it happens all the time on approach to KONP.)

      No sane captain of a ship or navigator or pilot would ever rely on GPS ...

      Then you must think there are a lot of insane pilots. And as ILS and VOR approaches are decommissioned in favor of GPS ones, there will be even more of them.

  40. What Help Is "Authentication" by Anonymous Coward · · Score: 0

    I can still receive a legit signal, delay it and broadcast the delayed signal to the victim. And no, it is not easily to detect this "discontinuity" as loss of signal is rather common. Just drive through NY or a very mountainous area and you will find out why.

    1. Re:What Help Is "Authentication" by IndustrialComplex · · Score: 1

      I can still receive a legit signal, delay it and broadcast the delayed signal to the victim. And no, it is not easily to detect this "discontinuity" as loss of signal is rather common. Just drive through NY or a very mountainous area and you will find out why.

      Yes, that is a man in the middle attack, which is an understood problem, and one of the ways to counter that is authentication which uses a timestamp. Given that GPS is entirely based around having extreme precision timestamps, it's probably not going to be very difficult discard 'delayed' messages.

      Running an internal clock with precision (within seconds per year) is trivial. At best you could only delay messages a second or two before the receiver decided something was fishy. And that assumes a very simplistic method of authentication.

      --
      Out of modpoints but really liked a post? 1BDkF6TtmmeZ3yqXbz9yhdYVqRYnwFoXDj
    2. Re:What Help Is "Authentication" by Anonymous Coward · · Score: 0

      If the delay is small enough (entirely possible) you won't be able to differentiate between delay and the satellite being slightly further away.

  41. Re:Well, duh. .. Speaking of "DUH..." by Muad'Dave · · Score: 1

    At least it will allow the government to clean up the maritime charts by removing the LORAN-C TD lines that clutter them up.

    http://www.loran-history.info/Atafu/LoranChart-Atafu.jpg
    http://img641.imageshack.us/img641/7070/clipimage002it.jpg

    --
    Tiller's Rule: Never use a word in written form that you've only heard and never read. You will end up looking foolish.
  42. In other news by grumling · · Score: 1

    Bump keys can be used to unlock just about any door, and yet crime statistics remain in line and have even been dropping in many parts of the world since the Internet has raised their profile in recent years.

    This would be more interesting if someone were droning my neighborhood, but some of the hacks took days, not minutes to perform (and as others pointed out, affects individual receivers, not the entire system). Hardly a James Bond villain level of manipulation.

    --
    "Well, good luck finding a judge that doesn't run a bestiality site."
    1. Re:In other news by SmurfButcher+Bob · · Score: 1

      Almost. The manipulation is irrelevant.

      Proper summary should be, "In other news, shitty software is shitty." THAT aspect is interesting, largely because few people realize how shitty most of it is, nor where that shittiness is found, vs. where we expect that shittiness should not be. That you can brick a receiver with a divide by zero in a cached almanac... the genius pool at $GPSCO being of THAT quality may be news to most.

      --

      help me i've cloned myself and can't remember which one I am

  43. Actually Your Know Nothing by Anonymous Coward · · Score: 0

    If you had any clues you would know what a "replay attack" is.

    Get that Book of Mr Schneier and get yourself a EE education. There is very little they can "secure" using crypto. They can just deny third parties access to accurate positioning/timing.

  44. so what if it's an ad by Anonymous Coward · · Score: 0

    Why wouldn't they write a paper describing it? That's the traditional academic advertising approach, as opposed to, say, the Pons & Fleischmann approach of hold press conference then write paper.

  45. How Can That Be Abused ? by Anonymous Coward · · Score: 0

    I guess 200$ worth of RF components, some soldering and a crappy laptop will be sufficient to get the control tower declare a major emergency ?

    Mount that package on a balloon, deploy at Heathrow, Atlanta, or New York an see how long it takes for the to get some ELINT aircraft investigate. I am sure it would take them hours and they would shut down all airports in the area because they are already 100% dependent on this to get the aircraft timely onto the runways. And if they can't make it timely, the backlog will be dramatic in less than an hour. If they don't divert quickly, some a/c will run out of fuel (especially the cheapos like RyanAir, who give a fuck about spare fuel regulations).

    Scaremonger ? Well maybe. Wait until someone tries.

  46. Reverse by Anonymous Coward · · Score: 0

    you are the troll. Pilots are still required to be able to use alternate means of navigation. Such as terrestrial beacons.

    1. Re:Reverse by deadweight · · Score: 1

      True - but they are being shut down 1 by 1 as they fail. My old route I had memorized to get around DCA used a radial from a VOR that is now dead :(

  47. NOT by Anonymous Coward · · Score: 0

    Crypto just denies the other guys your signal. It DOES NOT stop the other guys replaying your nice crypted signal and re-broadcasting in the direction of YOU DUMB ASS and your crypto-GPS receiver. You will think that your real position is on the hill while your Abrams-Dumbass-panzer is already sitting in the river.

    1. Re:NOT by ImprovOmega · · Score: 1

      Okay, there's two things going on here. You're assuming confidentiality only when encryption is perfectly capable of providing both confidentiality and integrity. Basically with encryption (if you do it right) you can assure both that the enemy cannot use your signal *and* that the signal you got as legitimately sent from your outer space transmitter.

      Of course you could potentially jam the military signal, though Frequency-Hopping Spread Spectrum tends to make this...challenging. So you have an encrypted channel being transmitted at hundreds of different frequency bands that even if you had the encryption keys (good luck) you would still have to have a broad spectrum transmitter in perfect sync with the receivers (even harder) in order to spoof military equipment. This is not your standard civilian swill that you're dealing with.

      Protip: the military built the system with the idea in mind that the people they are shooting at would try to fuck it up.

  48. Well by Anonymous Coward · · Score: 0

    ..guiding an 300 passenger a/c into a nice hill in afghanistan (by means of 2000$ hardware) would be enormous fun for some people.

  49. NOT by Anonymous Coward · · Score: 0

    See my reply to the parent message of yours.

  50. Re:Poorly Edited Summary Too by Chris+Mattern · · Score: 2

    Seriously, you had to go that far, when they had "Global GPS" (yep, Global Global Positioning System) right in the headline?

    At least he didn't say "Global GPS System".

  51. Fooling Yourself by Anonymous Coward · · Score: 0

    As a licensed airplane pilot and USCG licensed ship's captain, I can tell you with absolute certainty that we do in fact use GPS extensively in both fields. We have become highly reliant on GPS and it would have a profound negative impact on both air travel and shipping if the GPS system were taken down.

    We are highly reliant on the extreme accuracy of GPS and AIS. We, as professionals, are not solely dependent on it, but it would suck to lose it. I'd hate to have to break out a sextant and land(ship) hundreds of meters or even kilometers from my intended destination when I am well use to coming within small fractions of a meter of my destination after thousands of kilometers of fully automated operation. English channel without GPS & AIS? I'd rather have root canal without anesthetic.

    1. Re:Fooling Yourself by deadweight · · Score: 1

      Don't forget DSC - that will go tits-up too. Can you imagine AIS with a bunch of spoofed GPS positions? OMFG that would be bad in a crowded area :( Likewise spoofed ADS-B. BTW - I heard a Mayday call go out because the *backlight* on a GPS died and the skipper could not find his way home after dark. It was a clear night and he was anchored NEXT TO A LIGHTHOUSE and he was LOST ANYWAY!

  52. Re:Well, duh. .. Speaking of "DUH..." by GrumpySteen · · Score: 1

    The loran system -though not as precise as GPS- was in many respects much more difficult to jam.

    If you'd read the article, you'd have realized that it wasn't about jamming the GPS signal. It's about sending false data to GPS units in order to attack them directly and cause crashes, brick the receivers, etc. Loran being more difficult to jam does not mean that Loran systems would be any less vulnerable to the types of attacks discussed in the article.

  53. Ok so we wiped out a whole town... by 3seas · · Score: 1

    And now we can say it wasn't our fault...

  54. The U.S. military... by Anonymous Coward · · Score: 0

    ... has at least a half dozen clandestine GPS systems in use. The researchers haven't fathomed how to disrupt these, and I don't think it's obscurity that secures them, I think they're obscure because they're so ridiculously secure we'd rather not tempt other nations to reverse engineer them. The dozens of GPS systems we DO know about, used by USAF or Navy fx., these are independent systems using different communication protocols. You might ruin my ability to find a local restaurant but you will *never* disrupt the military's capacity to track its assets accurately and precisely across the globe.

    1. Re:The U.S. military... by deadweight · · Score: 1

      You are on a LOT of drugs if you think there are "dozens" of sat-nav systems.

  55. Official Air Force Response by Anonymous Coward · · Score: 0

    We are shocked to find such flaws in our systems. The USAF will work tirelessly to eliminate these flaws.

    And we promise there aren't any more. You can stop looking now.

  56. Re:Well, duh. .. Speaking of "DUH..." by hazeii · · Score: 1

    Indeed, still good here in the UK. You can build a Loran receiver that'll feed the PC soundcard at the cost of a few pennies, and get highly accurate time info from it to boot.

    Absolute madness to kill off such a simple, reliable system.

    But since GPS is so expensive by comparison, there's plenty of money to pay lobbyists with...

    --
    All your ghosts are just false positives.
  57. Was on Risky.biz a month ago... by sleepy_weasel · · Score: 1

    I heard about this on the Risky Business Podcast a month ago. Patrick interviewed Tyler Nighswander and they talked about the Divide by 0 issue, as well as how many receivers are out in the middle of nowhere, and have other issues (easily guessable passwords)...

    http://risky.biz/RB261

    --
    It's all damned lies and statistics!! I mean 47% of all people use statistics to back up their arguments.
  58. Re:Well, duh. .. Speaking of "DUH..." by ceoyoyo · · Score: 1

    LORAN was a great system, but I'm not sure the decision to shut it down is as shortsighted as you imply. LORAN wouldn't be used much now that GPS receivers are so widespread and cheap. It would still be useful as a backup on ships but if someone wanted to run a ship aground using GPS jamming they could also jam LORAN. There's no reason to think LORAN receivers wouldn't have similar software bugs as GPS receivers. Either way, the appropriate backup for GPS, LORAN or both is a navigator who knows what he's doing and can figure out where the water ends without using electronics of any kind.