Slashdot Mirror
The Second Operating System Hiding In Every Mobile Phone
Jah-Wren Ryel writes "Every smartphone or other device with mobile communications capability (e.g. 3G or LTE) actually runs not one, but two operating systems. Aside from the operating system that we as end-users see (Android, iOS, PalmOS), it also runs a small operating system that manages everything related to radio. So, we have a complete operating system, running on an ARM processor, without any exploit mitigation (or only very little of it), which automatically trusts every instruction, piece of code, or data it receives from the base station you're connected to. What could possibly go wrong?"
If you only use stuff for web browsing or emails over HTTPS - nothing.(well, remote probability of warning that says that something actively intercepts SSL communication). Also I am guessing that SIM card data may also become compromised.
For the rest of it - well... Intercepted phone calls/SMS, etc.
Those come to mind.
In the real world, this is called Firmware.
Every thinks a virus will cause the Zombie Apocalypse, when in truth it will be a broadcast of "Never gonna let you down" on infinite loop. Rick is Chinese...didn't you know? The same people who make these 'Cell' phones. Cell.....terrorist cells! OMG it all makes sense now.
So this basically means that even if the NSA is *NOT* spying on everyone's personal lives by surreptitiously turning on our cameras and microphones, then some 2-bit drug cartel with a couple crackers and an eBay account can? No thanks.
In my house, we are putting in a charging station by the front door, where we will leave all phones. Guests will be cordially invited to leave their cell phones at the door, feel free to pick up a free charge for the ride home.
In the words of a Google employee, "Fuck these guys."
The SIM firmware runs silently and in the background and by some reports, even when the phone is switched off, it continues to slowly ping cell towers, making your phone trackable unless you remove the battery.
My blog
http://en.wikipedia.org/wiki/Cell_(novel)
*insert pithy sig here*
*cough* java on the SIM *cough*
Only a few hundred thousand people know this.... maybe, "unknown by the majority" ain't "secret".
News at 9 - evolution isn't horizontal (sigh)
News at 11.
CLI paste? paste.pr0.tips!
I run an aftermarket radio on my Nexus 4 that enables LTE.
It's not a separate operating system. It is the definitions for the SDR ASIC in the phone. It is not part of the main ARM processor - it's memory is just mapped through it to facilitate programming.
What the hell is wrong with Slashdot these past few years? It seems that ever since the dice buyout the place has just gone in the shitter.
Because it's harder to exploit.
Did you know that inside EVERY SINGLE electronic circuit is an "OS" that is trusted for EVERYTHING? It's called "the laws of physics". If that circuit gets a signal to switch on, EVEN FROM A MALWARE AUTHOR, *it will switch*.
Worse, there's absolutely NO WAY to remove it!
QUICK! HIDE FROM THE PAEDO TAKING OVER YOUR COMPUTER!!!!
It doesn't matter if the RTOS and other firmware are secure if you don't have good security in the over-the-air protocols. That's the vector that would be used to get to this, assuming you have decent security on the host processor (or whatever you want to call the thing that runs stupid games). Some time ago I worked on 3G and LTE phy layer stuff, but don't recollect much about the higher layer protocols. Anyone know what sort of security they have?
From the original article, the author (Thom, whom I recognize for his efforts) introduces the topic of peer-reviewing every minutia of the devices we use; he laments about the absence of peer-review in proprietary and closed-source. As an open-source advocate, such a viewpoint is naturally expected and his flashing a light on the subject is always appreciated. [But how does he know? Wouldn't technology companies use security consultants to conduct security audits?]
However, applying the same lines of argument to every closed-source scenario is really preaching anti-capitalism. That means they're arguing against trust of the technology creator, against their desire for trust-based compensation, against the notion of making a dollar in order to spend a dollar (due to constant disclosure of all things 'private'), and against the underlying notion of privacy. Actually, scratch that... they're simply hypocrites.
Why? Because they advocate disclosure (anti-privacy) by others, thus not trusting others. However, they want personal privacy in the hopes of establishing a reputation for being trustworthy -- or are they advocating an ultra-liberal utopia where commerce is not based on property but instead based on a crafted perception of trust? Either way, that's hypocritical behavior! If everything becomes subject to peer-review, then the notion of trust vaporizes... and in the process, privacy is gradually lost... and both factors lead to an erosion of aspects of capitalism.
TL;DR -- Peer-review everything means trusting nothing, disclosure of everything, and loss of privacy... yet it's hypocritical since the advocates seek to maintain anonymity when applying the same frustrations against capitalism as they do against trust-based commerce.
The situation isn't that much different as a desktop user connecting to the internet over a xDSL/Cable/whatever modem without first overwriting its firmware with a secure one (at least, with a modem, the user is the one uploading the firmware, and as most are Linux based, its easy to have a more or less secure firmware. Unlike the GSM/GPRS/LTE chip which is handled by the service provider, thought there exist ISP-remote-administered modems).
And with TFA's phone example, there's the OS running inside all the verious relay (different machine inside the cell tower, router, service provider's main router/server, tons of other routers along the optical fiber road [including a few NSA listening stations, the moment this road crosses the north American continent], a group of mail server receiving, storing and retrieving mail, then again a long chain of server and router [and another NSA listening station and/or FSB's or MSS's or ONYX's or ...] up to the recipient's servire provider, the the users' home routeur [with the xDSL and the Wifi firmware as additional steps inside, not necessarily opensource, although some chip makers are helping a lot], and finally the recipient's tablet [+/- an additional closed firmware on that chip too).
All this step could corrupt (unintentionally) or tamper (on purprose) or listen [hello NSA], on anything that is sent it the clear.
Sending things on the internet is as secure as sending a post card, especially back when much more of the processing was handled manually. Except that the current equivalent of my exemple's post-offices employee are much less moral. And except that the post office happens to have a weirdguy who's obessive-compulsive about xeroxing every single post-card he handle and store it into a binder "just in case he needs to embarass publicly someone in the future, and also to unmask communist conspiracies" whose name is either Ned S. Andale, or Feodor Stefanov Bakunine. Also except that there are at least 3 such guys in 99 out of 100 post offices.
Again the only way to trust your data is to practice end-to-end encryption. Encrypt it on you phone before sending it away. Decrypt then only on the receiving tablet.
An untrusted phone firmware is nothing new, and isn't much different than the trust into the OS running into another server along the transmission chain.
With one small difference: when you remove the battery of a phone everything is shut off your android running on your big octa-core big.little ARM CPU, but also the proprietary real-time system running inside the small ARM core inside the radio chip (that in practice functions as if owned by the phone company whose SIM is inserted).
Whereas, you can't just walk out and pull the cable of the NSA/FSB/whatever listening station in the middle of somewhere in the USA.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
It's important that the NSA be able to hack everyone's phone. It is wel known that each and every NSA contractor or employee is extremely honest while normal citizens are all wannabe criminals that must be monitored 24hours a day.
"Naturally.... what did you expect?"
"Well off to visit your mother!"
Assuming the embedded developers are skilled and can craft excellent low level software in ASM and C then very little. If we assume they threw some co-op's on the job with some cocky young programmers and they used Object Oriented languages then a hell of a lot. However I feel pretty confident that the code is pretty low level because having done radio programming, you generally need to work at the architecture level and not abstracted by 10 levels. Of course the other option is that it's all VHDL / Verilog in which case I trust it almost completely because anyone skilled enough to do hardware design in VHDL / Verilog is going to be pretty hardcore.
I think the IATA would have has something to say if that were really the case.
Why stop there? Every cell phone also runs on an operating system called QM (quantum mechanics). Hack that and you can make the phone do all sorts of really cool things.
I learnt recently that these baseband processors are controlled over a serial connection, and talk old-school Hayes AT commands.
So if this is true, then it should be reasonably easy for hobbyists to buy baseband processors off the shelf and interface them to microcontrollers or Arduino or whatever fairly easily, and get instant Wi-fi/Bluetooth/cellular data support?
This post makes it sound as if the phone radio controller is completely unhardened- that couldn't be farther from the truth! In most phones, they are so isolated from the main OS that even root access won't get you anywhere on that controller, other than sending control messages that are within its intended use.
In the case of the iPhone baseband, there hasn't been a new exploit (to enable unlocking) in years! And it's certainly not for lack of trying. The only successful current unlocks use man-in-the-middle attacks in the form of a specialized SIM.
Baseband hacking article: "Baseband Hacking: A New Frontier for Smartphone Break-Ins"
http://readwrite.com/2011/01/18/baseband_hacking_a_new_frontier_for_smartphone_break_ins#awesm=~on54yB5zHMVt93
Apparently, the firmware in baseband processors don't get updated a lot because of certification requirements, vendor laziness, etc, and certain well-funded attackers have swags of exploits for phones that can crack phones from over-the-air through the baseband processor itself.
By this logic, even your computer has multiple operating systems. The chipset on your motherboard is not pure hardware - there are small cores in there running embedded software that you never see. I am not talking about BIOS, which is another type of firmware, that is visible to the user.
EVERYTHING these days has software. Shipping a software patch is cheaper than a recall. This goes back to the old joke - the mechanical engineer thinks it is an electrical problem, the electrical engineer thinks it is a mechanical problem, but they both agree that it should be fixed in software.
This story reminds me of the Simpsons episode where Kent Brockman breaks a story about the government training people to kill on an industrial scale. "They call it the 'Army', but I have a better name - Killbot Factory".
Remember, You are unique...just like everyone else.
Did anyone here really not know this?
This has been the case since forever. In fact, this is BETTER (if done right), used to be it was a hardcoded OS in the actual hardware itself, this is actually capable of being upgraded in the case of exploits.
I think a more pressing concern is that the internet is still based entirely on TRUST.
Trust which is being broken more and more each year.
Lessee, Mitnick was busted in what, '95 or so, using a switch simulator? So, in 20 years, bad actors on all sides of the law, including generations of Feds and cops camped out at cell switches bullshitting with engineers, have not come up with ways to hack your cell phone that they can take to the local *cough* *ahem* underground electronics designer, or else, or some pliant security engineer, to implement? Yeah, right, sure. Actually it's probably closer to 30 years. Just assume your phone is pwned, never mind iOS or Android. Is that why Verizon Fraud keeps trying to social me into a compromised position-they're recruting? No thanks, the pay SUX!
Nah, I want (NOT!) one of those PHAT JUICY DHS grant contracts like the City of Seattle recently gave Aruba(sic?) for their new mesh network total spectrum surveillance/dominance platform, complete with kill switches to disable phones when the Pinkertons pull out their batons to crack skulls. Apparently they could do this all along but just needed the cover to admit it. Why else are we reading TFA now, when I've always wondered about it, and wondered why it got no play? I assumed it was because somebody $BIG wanted it that way. Or else. Guess I was right.
Time to certify an open-source baseband-processor/RTOS combo. Day late, dollar short, barn door closing, but necessary, and maybe ultimately sufficient.
What could possibly go wrong?
Oh that's easy.
People who have no effin idea what the hell they are talking about, but feel compelled to spew their opinion and ask stupid questions. You can find them all over the internets and the workplace.
that any of those strangers are "random". :)
Oh, i don't know... maybe I could get my iPhone unlocked?
I do not fully trust the author because as far as I understand the baseband processor is supposed to control only the radio and nothing else. That means wifi, gsm and bluetooth.
Usually, wifi is handled by another chip, with its own different firmware. This might have started changing now with more consolidation sought by system integrators. /. found way around the firmware limitation, and forcefully turned the Bluetooth on, creating a possible extra entry point and thus extending the attack surface)
Frequently GPS is also handled by the radio sub-system.
(That's why you have feature phone with GSM + Bluetooth but no Wifi, that's also why Wifi only tablets also lack GPS [early iPads, for exemple]. )
In some rare occurrences, this chip can also communicate with SD cards (it has a SPI interconnect).
(That's very frequent in USB 3G/4G modems. It's basically a standard radio chip, with the bluetooth and GPS function turned off and packaged inside an USB stick, with a SD card reader as a bonus. But instead of talking to a main system ARM runing Android, it talks over an USB chip to a whole computer/laptop running Linux or Windows. Note that recent exploit mentioned on
I don't understand why the baseband would have to deal with anything else, and why it would be the master processor and not just a blackbox "device" that the main OS sees and communicates with, in a properly isolated fashion.
Yup. For all the designs I've seen (and some smart phones have 100% fully open designs, such as the various OpenMoko boards), the radio chip is just a blackbox device talking over some limited channel to the main SoC (in OpenMoko GTA02/03 it's something imitating a serial interface. There's not much difference between an old PC talking to an anolog modem over serial and a openmoko talking to the radio chip).
Then usually the main SoC talks to the other peripherals: RAM is directly soldered to the CPU in a Package-over-Package fashion, so it's completely innaccessible. Camera, sound chip, memory card, charger controller are also connected to the SoC on other channels (SPI, I2C, etc.)
But then again I'm not knowledgeable enough to be certain about any of this.
When thinking hard there would be a few broken design were this could happen.
Note that such designs are to be considered broken. Having so little isolation toward the chip that is constantly talking to the outside and downloading updates is a serious security and stability issue.
And stability *IS* an issue: I've had problems with old phone (not supported anymore by constructor) having bad updates on their modem and having problems.
(Once I need to call my service provider and then, after a long debuging session and several tentative upgrade [over the air], I ended-up changing SIM).
Possible such bat design:
- Fully integrated chips: where one single chip is repsonsible for everything on the phone.
That's the situation with QualComm's Snapdragon. Okay, the phone maker will spare an extra chip and room on the PCB.
But that's pure nightmare fuel regarding security and stability.
(When a HP Pre 3's modem crashes, the whole phone freezes and crashes. There are entire forum threads about this).
- Everything on the same bus: several common interconnect in smartphone (like SPI) can talk to several chips on the same bus.
If the SoC (of course), the Camera, audio codec AND the radio are all on the same bus, the radio chip could pull some shit and disturb the bus (to act as if it was a master and turn on the camera, then listen on the bus to eavesdrop audio and video packet which where destined to the main SoC).
That's an awful design, both from a security point of view (the modem should be considered untrusted) and quality (a crashed radio could crash other component, also they have all to share the very limited bandwith on the bus: SPI has only 100Mbit/s, for instance).
The modem should b
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Yup, that's why I said my "post-card example with manual handling" doesn't do justice to current reality.
You need to add a bunch of lunatics with a strange fetish for Xerox machine to make it more similar to today's situation.
And according to you source, there *are* actual copy-machine-fetishist in post offices.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Back in 2002 I used a Siemens "world phone" (capable of using the American GSM frequencies) that I had bought to be able to use it both in Sweden and in the US with Voicestream. This worked great, but shortly after T-Mobile purchased Voicestream, my phone started having random freezes which I felt sure was because of changes to their network and how it communicated with the phone. I complained about it to T-Mobile and simply got informed that they didn't "support" my phone. The freezes happened every two days or so, and the only fix was to remove the battery and put it back in for a reboot.
One day this must have happened during the night when the phone was charging. When I checked it in the morning it was completely dead, very very hot and never turned on again. Seems to me the freeze caused it to keep charging when it should have sensed a full charge and stopped.
Unne Liljeblad, Mix Engineer
There's a tiny OS running on your CDROM drive, your external USB hard drive, your BlueTooth Mouse, etc. This isn't just a cell phone issue.
Mike @ The Geek Pub. Let's Make Stuff!
I don't know what that's supposed to mean. AFAIK, the wireless modem is just a device from the point of view of Android or iOS. In addition (depending on the phone), it may also have a direct path to the microphone and speaker in order to make "old fashioned" phone calls. Other than that, in what way is it supposed to interact with cameras, memory, or storage, and why?
remember c3 talks about spy software on sim cards already years ago
So this must be how Chinese smartphone manufacturers are sniffing cell data...
Perhaps the article was written in 2006?
And I for one welcome our hidden RTOS overlords. I’d like to remind them that as a trus+++ATH0.!d#dG$adf...
-- Senior Software Engineer, Attorney appearance services, locallawyerapp.com.
A phone - simply put - contains 2 parts - the Applications, & the Baseband. The former is the stuff we generally discuss here - Android, iOS, Windows Phone 8, BlackBerry OS and what have you. The latter is the stuff that the submission talks about.
There really isn't a need for there to be any filters on the baseband, since it has essentially 2 roles:
The apps portion would then take care of any filtering, or other operations. In other words, think of the baseband as an I/O unit of the phone, and the apps processor as the CPU that takes that I/O & processes it according to the OS.
Your phone's radio does not have an OS, I think the poster needs to learn about embedded systems and what the firmware in these things do.
Do not look at laser with remaining good eye.
not all SIM cards have a java engine in them. AT&T's latest do not.
Do not look at laser with remaining good eye.
This story brought to by 2011. 2011, the year Ralf-Philipp Weinmann did all this work, to which this author has added literally nothing.
Stay tuned for breaking reports on the possible death of Moammar Gadhafi.
WTF. It's extremely different.
I know for sure that my untrusted modem does not have access to any information that my trusted computer hasn't opted to send to it. The untrusted modem doesn't have keys to mount my drives, doesn't have a connection to my microphone, doesn't have access to the RAM which holds the keys to decrypt the packets that I'm sending through it to the ISP, and so on. The two devices are in different enclosures and I know what's happening on the wire in between them.
A user doesn't have any fucking idea what's happening inside their phone, even at the hardware level. Have you taken it apart and examined the circuit board? There's no way to be sure what hardware the untrusted part of the system might have access to. The untrusted part could easily have a covert channel to the microphone, camera, the other computer's RAM (where it could get keys, not that it really needs 'em if it can listen to the mic and speaker and see what's on the screen and where the user touched), etc.
it's unbelievable that the hayes command set is still in use today. I can just see someone thousands of years from now typing this into their cellphone to get free calls:
+++
OK
ATH
ATQ
ATDT 123 456 7890
CONNECT 3000000000000000
This is called "firmware", dipshit.
Non-story, move along.
And now I realize the main motivator for non-removable batteries in phones (and laptops for that matter).
The energy required to send back to the basestation is going to be in the same region as the original signal at source, not once it's been spread out and dissipated...
Sorry, no. The antenna on a cell tower puts out a far stronger signal than your phone, and is also much more sensitive at receiving incoming signals.
I mean, if they used that second OS layer to track you, they'd be setting up inconspicous WiFi tracking cell stations in all major cities that literally know exactly who you are and where you are even when you think your cell phone is off.
Like those recently reported in Seattle on The Stranger.
Don't be paranoid.
By the way, I like your new shirt.
-- Tigger warning: This post may contain tiggers! --
Likely the smartphone modem will also have a GSM chipset (eg. Qualcomm) as well; this is mainly separate from the baseband processor and have limited contact with it (eg. maybe need some AT commands to control the GSM modes).
In general, the firmware running on a baseband processor is very hard to change. Changes to that processor must be re-vetted through several approval processes (PTCRB and usually one or more carrier, eg. AT&T) and consume time and money. It is for this reason that you cannot program your own code into this processor (I'm guessing scripts don't count as a program as they are sandboxed within an internal VM-like system).
- I stole your sig.
Richard Stallman mentioned something about this w.r.t surveillance and why he does not carry a mobile phone.
http://news.cnet.com/2100-1029-6140191.html
Many of you have probably forgotten about this incident that drew attention to the FBI's ability to turn on a phone's features even while it's off. I would assume that the two (baseband processor and "roving bug") are connected.
Fifty watts per channel, baby cakes.
It's nice to know that no matter what you do the big spy agencies out there will always have a back door into your phone.
Obviously, the Great 1984 Snooping Powers want to subvert and track every single information system. GCHQ says this quite openly in their Snowden powerpoint slides.
So what's the engineering solution ? Use something like the ENIGMA, TYPEX or SIGABA. Run it in a completely disconnected computer so that they cannot insert their GovShite. Then use any form of NSA-GCHQ telecom system (iphone will do fine, but you can also use alcatel) to enter and txmit the cryptogram.
Here: http://scherbius2014.de
Sorry, no english translation yet. Use Google translate for the time being.
"Modem firmware is non-free and there is no free alternative" and another saying "The modem controls CPU memory (read/write)".
That's typical for Qualcomm devices. The Radio chip is part of the main SoC. And thus could have access to everything. Replicant apparently confirms it.
Qualcomm sell it as an advantage (Less separate components, space saved on PCB).
But the implications are awful, both from a security point of view (As mentionned by TFA) and from a stability point of view (I've mentioned it in another post: HP Pre^3 tend to crash very badly when their old and non supported radio firmware encounters an unexpected situation). This should be considered as a very bad design and not worth the few saved bugs. The good part is: part of the problems (stabilities issues) are directly consumer facing. So even not technically inclined people are able to understand it and avoid such phones.
It's not on the paranoid-level "The NSA might use to spy on you !" (Which, while possibly true, tends to be immediately dismissed by the average user as "they thing they're not interesting").
It's on the level of "This phone crashes constantly now, and my ISP doesn't want to support it because it is more than 5 months old and I should buy another one".
The closest thing to a free phone is one of the OpenMoko phones. They still use a proprietary modem, but it communicates over SPI, and the main CPU is the master.
Have one, it does indeed functions this way. Several other phones seem to follow this design.
(Make sense from a stability/security point of view: if some try to hack the radio, or if the radio chip crashes, the phone is still safe, and will simply reset the radio chip or ask politely the user to save work and power-cycle at the first possible occasion. Older Pre from Palm work that way too.)
Also this make it easier to have a base design working in different region (just swap the daughter board with the radio chip to make both GSM and CDMA phones depending on the target markets)
Also possible to do a design without a a daughter board for PDAs and tablets (difference between Wifi-only tablet and tablet with Wifi+3G+GPS).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
A separate hardware/software system for handling radio is nothing new. It is the same reason why drivers for WiFi cards have binary blobs from the manufacturer. The radio spectrum is a Federal zone (US Constitution Article 1 Section 8) in which Congress (as the FCC) gets to exercise powers apart from the Bill of Rights like legislatures elsewhere in the world are accustomed to exercise [Downes v. Bidwell]. FCC sets the rules on how devices use the spectrum and they have made the (correct) assumption that the device will be used to abuse the spectrum or permit unauthorized parties to spy on others. Ergo, keep the transceiver away from the public.
Another fine opinion by The Fucking Psychopath®.
Somebody please tell the iPhone dev team that baseband security is so bad. They've been terrible at finding and exploiting these problems since the A5 baseband in the iPhone 4S.
â¦. :-P
I'm interested to know the other phones that also follow this design. Thanks.
Saddly, I'm not an expert in phones, so I can't give you an exhaustive list.
A good way to start would be to check the tear-downs (like ifixit and other similar).
That will give a good global idea of the internals.
(3G on a separate daugther board is better than 3G as a separate chip, which in turn is better than an all-in-one SoC)
Also, check the ARM CPU of a phone. If the CPU advertises an All-in-One SoC including 3G/4G, that a very bad sign.
On the other hand, if the CPU is just ARM Cores + GFX and other similar basic functionality and doesn't pack a 3G/4G function (like, for example Ti OMAP or Samsung Exynos) that's a good start.
As mentioned by the A.C. to whom I was replying, looking at a full-opensource firmware like replicant is another good source of info:
- if they mention that a radio firmware is absolutely mandatory to bring up the device, even for basic functionnality like enabling access to RAM, that's a very bad sign (as the case with Replicant on the Snapdragon's NexusOne).
- if they mention that, for example, they lack a 100% opensource firmware and because of this 3G and GPS* aren't functional, but everything else is working more or less, that's a very good sign that the 3G is designed in the "separate independant black-box format" as would be best.
*: sometime, GPS functionnality is handled by the radio chip too.
In theory, that would be a security problem (an "NSA firmware" on radio chip could track the phone's position using GPS)
In practice, that's not so much a securtiy problem: you have to realise that the 3G chip constantly communicate with a cell tower, and thus your service provider already knows your position without even using a GPS, but simply by looking with which towers your phone communicates.
In fact using cell towers (and Wifi access points) is a crude substitute for positionning when GPS isn't available. It might not be enough for driving instruction (no way to clearly know how many centimeters/meters until the next right turn) but it's enough to give an approximate position (city block or couple of streets).
A GPS functionnality on the same chip as 3G won't give out any information that isn't already known.
It's not problematic from a point of view of security, only stability (a crashed radio firmware suddenly causes the phone to lose positionning, whereas a separate GPS chip would continue to give un-corrected position (only losing the extra precision that differential gps could provide using data sent from the tower).
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]