$40 Hardware Is Enough To Hack $28,000 Police Drones From 2km Away

mask.of.sanity writes: Thieves can hijack $28,000 professional drones used widely across the law enforcement, emergency, and private sectors using $40 worth of hardware. The quadcopters can be hijacked from up to two kilometers away thanks to a lack of encryption, which is not present due to latency overheads. Attackers can commandeer radio links to the drones from up to two kilometers away, and block operators from reconnecting to the craft. With the targeted Xbee chip being very common in drones, IBM security guy Nils Rodday says it is likely many more aircraft are open to compromise.

What latency overhead?

I never heard encryption causing latency overhead that matters for RC....more like serious negligence overhead

Re:What latency overhead?

Read the article...they went cheap and the CPU doesn't properly support encryption. Saved a few bucks in parts cost, but now have a completely insecure system...hah

Re:What latency overhead?

Translation: None of the engineers know how to implement encryption, so they claim that encryption won't work on their CPU so they can keep their jobs.

Re:What latency overhead?

[booboo]

It creates cashflow latency overhead.

Re:What latency overhead?

[ArchieBunker]

More like management wanted to save $2 per unit and went with the cheaper CPU.

Re:What latency overhead?

[NotInHere]

Or they are just idiots who think that nobody would ever want to hack their product, and that its much easier to debug without encryption.

Re:What latency overhead?

I don't think so. Nowadays every CPU is powerful enough to do encryption at the rate needed to send commands to a quadcopter, even the cheapest embedded crap.

Re:What latency overhead?

[NotInHere]

Not for embedded CPUs, they are considerably less powerful, and if there isn't dedicated support for the algorithms there is considerable lag.

Re: What latency overhead?

What would you rather have, a little lag or a chance that your $28k drone gets hijacked and stolen?

It's a small price to pay. The real reason there was no encryption is because the police are too foolish to figure it out/realize that it is necessary.

Re:What latency overhead?

[BitZtream]

No, they went stupid. The chips they are using DO have encryption built in. All XBee chips do, as an example.

Re:What latency overhead?

[BitZtream]

I have 3 racing quads (Naze32 based controllers), 2 photography quads (with full auto pilot, navigation (ArduPilot)), 2 traditional RC Helis and 2 RC Seaplanes (These use COTS parts from Futaba for competition purposes), all of which have some sort of autopilot or 'assistance' on them. The CPUs in NONE of them support encryption.

You do realize that you can FLY an aircraft with full auto navigation on an Arduino, right? I don't think you understand how easy it is to write compact software that will do amazing things on tiny CPUs, probably due to dealing with bloated ass PCs where no one gives a fuck about writing decent software.

Flying an aircraft doesn't require a lot of CPU horse power. Standard servos and speed controllers operate at 50 hertz. They've changed speed controllers for quads because the APs can do much higher refresh rates, which when coupled with the way quads work makes a noticeable stability difference, So you see, even a little Arduino has CPU power to spare for flying the aircraft ... but it doesn't have encryption.

The CPU in all 5 of my quads cost less than a dollar each. You can get encryption instruction sets in all of them (The cpus that is) ... but that'll put the chip at $3-5/each instead of $0.75

In the embedded world, you don't bring shit you don't need with you, it wastes power and space, generates heat, and introduces additional complexity and unknowns. Even if they included encryption for no monetary cost, you wouldn't buy a chip with it unless you knew you were going to use it. Do you want your aircraft to crash because of some weird Errata that only occurs on chips with X feature that you don't use?

HOWEVER, All XBee chips DO support encryption so that the CPU DOESN'T have to know anything about it. All they would have had to do was flip a bit with the configuration tool and add figure out how to manage keys in the production environment/end user space.

Re:What latency overhead?

It would need a very powerful CPU to decrypt the huge bandwidth of 25 bytes/second of remote control commands received by the drone. Even the 10 uSec latency of a couple of XOR operations is clearly unacceptable.

Re: What latency overhead?

[houghi]

Define 'little lag'. With something that is flying around with 'a little lag' is not really a good thing. Try driving a car where your steering wheel has 'a little lag'.

Re: What latency overhead?

Read the comment you're replying to. Of course it has nothing to do with latency and everything to do with manufacturing cost.

Re:What latency overhead?

[scsirob]

Any ARM processor can encrypt and decrypt data at plenty speed and next to no latency. A Raspberry Pi Zero at $5 is more than enough. The processor in your smartphone is plenty. Even if it isn't and they had to 'splurge' for a multi-core Intel CPU it would be like $100 or so. There is no excuse, none whatsoever, to leave encryption out to save a few bucks.

Re:What latency overhead?

Read the article...they went cheap and the CPU doesn't properly support encryption.

You mean the article that talks about 25k€ hardware? That does not compute. You don't spare a few € for the sake of BOM in such low-volume, high-price items.
There is some other reason behind this than cost savings.

Re:What latency overhead?

HOWEVER, All XBee chips DO support encryption so that the CPU DOESN'T have to know anything about it. All they would have had to do was flip a bit with the configuration tool and add figure out how to manage keys in the production environment/end user space.

As does TFA say.
TFA even says encryption was enabled.
There is a non-subtle difference between WEP and WPA, and if someone who broke into the device says WEP was used rather than WPA for performace reasons, I think it is fair to assume that person knows what they are talking about? Yes, I would have liked to understand the technical issues better too. But such is journalism.

Re: What latency overhead?

Not that hard, you just gotta train yourself to compensate. If it's computer controlled, even easier, because the computer can factor in the lag when making calculations of which command to sent.

Re:What latency overhead?

[BitZtream]

Lets start by establishing that they don't use either WEP or WPA, then we can get back to who knows what they're talking about, K? Such is journalism and the reality of people 'hacking' something ... without having any fucking clue what they actually did.

Re: What latency overhead?

[sumdumass]

Start getting lag when the weather isn't perfect and you will start losing the drones due to not being able to control their flight or even the ability of the drone to stabilize it's own flight.

They have processors with realtime encryption support capable of avoiding these issues. Your suggested reason was likely the justification to use a less capable processor to save money. I think the decision was probably made before the police had any say in the matter.

Re:What latency overhead?

What kind of crap do they use? 1MHz 6510? Even 8bit Atmel AVRs are powerful enough to decrypt and encrypt data fast enough on any block cipher.

Re: What latency overhead?

Thank you for saving me the trouble of having to post a similar post. Clearly most slashdot readers are ignorant of the actual systems used I most drones. As I have a similar set of hardware, am an embedded so engineer and was the person that set up the original code repository for th AdruPilot for 3DR I agree with everything you've said and encourage readers to attempt to educate themselves on the topic. All I would add is that most quad/multi rotors run at a 400hz refresh rate. Encryption would certainly be a hindrance since it will introduce latency on input.response cycles causing things like PIO. This instance however is related to telemetry which 1) runs much slower usually 10hz and 2) can be asynchronous with nearly no issues. Finally with XBee devices you can define network parameters that while not encryption make it much more difficult for others with XBee devices to "join" your mesh.

Re:What latency overhead?

[Stewie241]

Right... because you can reasonably run a multi-core Intel CPU in an application like this. Power usage is probably a much more significant factor.

Re: What latency overhead?

[Hognoxious]

What would you rather have, a little lag or a chance that your $28k drone gets hijacked and stolen?

Er, whose drone? We've got your money already, go pound sand.

Signed,
    A.Corporation

Re: What latency overhead?

How do you compensate for wind drift? Or away from that window? Telephone poles, wiring, yes if visable, but at night?

Re:What latency overhead?

yea that's unfortunately quite common behavior with embedded software developers. they tend to think that their systems are not vulnerable because who could possibly be interested. I once worked for a medical device startup and suggested to them perhaps security and data privacy should be built-in from the get go. nah they said nobody cares about our patient's health data. what a joke.

Re: What latency overhead?

Wrong. The encryption has to be strong, or the unit is able to be diverted by someone else. There is a delay introduced in encryption. That delay may be in picoseconds, but it is there. A plain sent signal, sent to a receiver is routed to a servo, and acted on, you introduce an encryption, it has to wait for the end of the signal to act, just to see if the signal is valid. Then act if valid. Now you are sending a signal xxx instead if two cycles down to create a movement.

Re:What latency overhead?

You can always implement the encryption in software on a CPU that doesn't have it. Slower, certainly, but for the telemetry uplink of a UAV that shouldn't matter at all. Eg for AVR: https://github.com/BertoldVdb/AVR-AES

Re: What latency overhead?

[whopis]

Are you kidding? Most non-hobby flight controllers are already running multi-core or even multiprocessor systems. The power draw for the processor is very small compared to that of the motors.

Re: What latency overhead?

You're close. It's not debug, but introducing unauditable failure modes. If the encryption is good, then you have part of the command link that has random noise thrown in ... Bit errors are real and happen on digital links. So now, you're injecting random data into the C2 links, which is not good. This is accommodated by a variety of protocols, which all add latency because they're sending more data. This is not good. Additionally, we really want Aircraft systems to be, say, audit able and verifiable. Crypto is Damon near the opposite. There are less than a few hundred people, and only about 7 private organizations that can do a good job of validating crypto.

Re:What latency overhead?

The CPU could support basic authentication pretty easily. A key is sent along with the take off command and all further messages either way must contain a valid hash with that number and the packet. A hash is low enough overhead to be done an Arduino in real time.

Sure anyone could still listen in as nothing is encrypted but the machine would only accept commands from the controller that told it to start up and the controller would know that any incoming data came from that machine. This could be made more complicated where the key is remembered after the first use and only reset via some button but there is no excuse for the complete lack of any security.

Re: What latency overhead?

Bit errors will also happen without encryption. What encryption would likely do is spread a single bit error to more bits (if it is a block cipher) but even if it didn't you wouldn't want the flight controller executing a command with a corrupt bit.

Since it cannot be known if an error in transmission is just bad luck or an actual attack attempt good encryption will also offer a message authentication code. This works like a checksum, but with authentication. It will verify that the message is correct as-sent, and also is sent by someone with the key.

Any crypto system will introduce latency, but in practice this is less than a few ms on old processors, and almost zero on more powerful CPUs. Many UAV remotes only send the updates from the sticks on the controller to the drone once per 20ms. Adding even 5ms will make no practical difference. Maybe for a racing drone with a very skilled pilot it would reduce performance, but a police drone is likely to be flown very calmly (knowing that it costs 28k$),

As for auditing, if you trust the system because it is encrypted and otherwise would not, then bad crypto will cause harm. In this case the UAV will be used anyway, so any form of encryption/security, even if it can be hacked by experts, is better than a wide open system.

Re:What latency overhead?

you've been boted my friend, im noticing them more and more on here....

Re: What latency overhead?

[Immerman]

A valid point. But as someone pointed out in another branch above, you don't actually need an encrypted signal to secure the device, just securely signing the packets would be sufficient. Somebody monitoring the signal is not that big a deal, you just don't ant them to be able to spoof it. A hashed signature would also allow you to respond immediately while still waiting to confirm it's validity - a single spoofed packet, or even a handful, are unlikely to cause much problem, so long as the spoofed signal is ignored after that.

Noise would still be a bit of an issue, but a high-redundancy error-correcting encoding would eliminate most of that at the cost of a bit of bandwidth, without introducing lag. You probably want that anyway - undetected faults in a digital signal can result in *really* incorrect behavior. Further fault tolerance could be introduced by not requiring *every* packet to properly signed - default to a "come-home" or other behavior if it hasn't received a valid packet in the last N seconds.

Re:What latency overhead?

[Immerman]

A couple of xor operations? Seriously? Just what sort of "encryption" are you imagining you could get with that? One-time pads are the only one that would be even remotely secure with that little overhead, and good luck trying to avoid coordination problems in the presence of incompetent users, a noisy data line, and malicious attackers.

It might be doable, but it would be really challenging to come up with something that was both just as reliable and more than a minor nuisance to an attacker.

Re: What latency overhead?

[drinkypoo]

Start getting lag when the weather isn't perfect and you will start losing the drones due to not being able to control their flight

Nope. Even open source MultiWii has GPS failsafe. With a "big" antenna (e.g. ~25mm) a drone floating above the city tends to have great reception even in poor weather. A 10mm antenna is good enough for adequate reception on a nice day, but presumably we're talking about fairly large drones for which a sizable GPS antenna is a minor issue. If they lose GPS positioning momentarily, they can reasonably hold position on their other sensors until they get it back. The only real danger is if you can jam their GPS signal for an extended period, at which point they will probably come straight down.

or even the ability of the drone to stabilize it's own flight.

Nope. Stable flight modes prevent any such problems, and if you're not trying to play acrobatic tricks, there's no good reason not to use them.

Re: What latency overhead?

[chiefmojorising]

The police (municipality, whoever) had their say when they wrote the check to buy them.

Re: What latency overhead?

You can do encryption in 100 bytes of code and about the same amount of RAM.

Re: What latency overhead?

[sumdumass]

Lol.. the lag will not be in the transmission latency it will be in the commands processed. The inputs from the GPS and flight stabilizer will stack right behind the others. It will have the same effect as driving when someone drifts onto a soft shoulder and over corrects to return to the road then shoots further than expected when good traction is reestablished. This often ends up with the vehicle running off the other side of the road if not striking another vehicle or object first.

Re: What latency overhead?

[buck-yar]

From open source flight control software I've seen, the scheduler runs the main loop and tertiary loops at set frequencies, and the CPU utilization is not near 100%, so it is ok to add more calculations. CPU utilization is actually somewhat low, other than when logging is set at verbose.

Servos and motors are on per wire modulation (PWM). They wait for a signal at a set frequency, in many cases 490hz (though the trend is new protocols which are higher rates).

So implementing encryption is just a matter of making sure the algorithms runs in its allotted time. Which brings up the next question, what encryption runs in x time and cannot be cracked within n time?

Re: What latency overhead?

[drinkypoo]

Lol.. the lag will not be in the transmission latency it will be in the commands processed.

What?

The inputs from the GPS and flight stabilizer will stack right behind the others.

Flight stabilizer? What? No. The code loops, every so often. The main loop contains tests to see if enough time has elapsed between flight control events and when it has, it kicks one off. Another timer check tests to see if there is incoming controller data, and engages failsafe if not. Another test in the loop, which ISTR also being on a timer, checks for GPS input and parses sentences when present. In the flight control, there is a call to check the IMU hardware, which is typically done through SPI. This happens many times per second, much more rapidly than the time between GPS sentences, which is anywhere from .5 to 4 seconds, usually somewhere between .5 and 1.5. Even in the case of a defect in the GPS unit that caused it to spew garbage filled with newlines, there would still be multiple calls to the flight control code in between attempts to parse GPS data. It also takes spectacularly little time to parse the GPS data, so even if you had many spurious sentences per second, it would have little or no affect on flight stability.

It will have the same effect as driving when someone drifts onto a soft shoulder and over corrects to return to the road then shoots further than expected when good traction is reestablished. This often ends up with the vehicle running off the other side of the road if not striking another vehicle or object first.

That happens to humans because our sampling rate is low. The sampling rate of a drone autopilot is very high. Just as a car is better than a human at detecting yaw, which is why all cars sold in the USA since 2010 have had legally-mandated active yaw control, a drone is better than a human at detecting yaw, roll, or pitch. A quadcopter (for example) can detect that it is rolling off of flat and level flight and start adjusting power levels before you can even see that it is happening. Now, what makes you think that losing GPS fix is going to cause the flight control algorithm to overcorrect? Have you even looked at any of the code in question, even where it is possible to do so (e.g. MultiWii)?

Re: What latency overhead?

[Cramer]

Our race car was like that. I loved it like that -- turn the wheel, the car leans over, and then it turns. Yes, you have to plan accordingly. You cannot wait to the last second to turn the wheel. Yes, that can be a problem at night with no (read: very ineffective) lights.

It doesn't matter what you did

You called it "hacking", so now it's a felony.

Re: It doesn't matter what you did

Send the owner of lifehacker to jail. And anyone who uses hack in that way. Or anyone who even talks about hacks. For the children! Because some pedophiles and terrorists are hackers. Are you a pedophile or terrorist?

Re: It doesn't matter what you did

That is exactly how the law is written*. It's how judges think**. So yes, were the law applied consistently, that would happen.

You can thank the computer security industry for this. You should, in fact.

* "Computer hacking" criminalised without actually defining what it is. So it is what the prosecution says it is. Handy, no?
** Call yourself a hacker, lose 4th amendment rights. Whaddayamean constitution goes for everyone?

security through prosecution

Creating criminal justice jobs is good for people, because we the government say so.

Re:security through prosecution

[NotInHere]

That's what the state does: it provides security for its people, by prosecuting the criminals.

But yeah I know what you meant... This will just lead to DRMed (or criminalized) SDRs or something, totally the wrong approach IMO. Policemen may be trusting their lives on these devices, and the video footage may be used as proof in court. If the defendant can prove there is no encryption, then boom the proof may be void.

Re:security through prosecution

[jandersen]

It is not without irony that people here seem to feel, that when some member of the public breaks into police or governmenet systems, quite possibly to commit a crime, it is cool, but when the police break into systems of members of the public, usually to catch criminals, this is "gross violation of privacy". If it is wrong for anybody, then it is wrong for everybody, I would have thought.

Re: security through prosecution

[TheReaperD]

This is not a case of criminals breaking into police equipment. This is a group telling police and the public that these systems are vulnerable so they can fix the problem and prevent criminals from doing this in the future.

Re:security through prosecution

[houghi]

If you are able to pay a lawyer as a defendant to go that route, you will most likely get away free anyway, even when guilty. Otherwise you will go to prison.

Re: security through prosecution

Citizens own the government through their participation within. The government does not own its citizen.

Re:security through prosecution

I think you're joking, but you aren't wrong. In case you haven't noticed, the latest objectives being pushed top-down from the government are IT and Criminal Justice. America is losing millions of jobs every year to offshoring. Most of the manufacturing jobs left 10-20 years ago. What's left, and what ostensibly can't be offshored, is Criminal Justice, plumbers, and electricians.

Putting other citizens in jail is one of the few markets left for people who want a job that doesn't involve wading in human shit, or risk of death by electrocution. Mark my words, the criminalization of internet activity will continue to get much worse, because "cyber justice" is the next employment wave in the United States.

Re:security through prosecution

[drinkypoo]

It is not without irony that people here seem to feel, that when some member of the public breaks into police or governmenet systems, quite possibly to commit a crime, it is cool, but when the police break into systems of members of the public, usually to catch criminals, this is "gross violation of privacy".

1) The cops are public servants, the drones are public property, while that doesn't give us the right to use them as toys it does give us the right to demand that they be used responsibly.

2) The cops have rights that the rest of us lack, and the power to fuck up our lives, so we have to keep closer track of their activities.

Re: security through prosecution

[jandersen]

Ah, I see - "The ends justify the means", right?

How hard can it be?

[blindseer]

I admit I'm no crypto expert but I have had a few IT security certifications over the years. It seems simple enough to have a key exchange with the remote by a cable, so people can't sniff it out of the air, and then have the drone look for that key in every control packet. Of course there would need to be some computation on that key but we have special purpose chips that can do that with minimal delay or power. The algorithms are open source and highly secure so there is little risk or cost there.

I guess adding a $1 port and a $2 codec chip on both the controller and drone is too much to ask for protecting a $28k drone from being stolen or destroyed by a prankster.

The concern seems to be the delay. Perhaps the commands could be passed through and the commands verified after the fact. If the commands fail then the drone could go in a limited performance mode where every packet needs to be verified, or it goes into a "go home" mode and ignores some or all commands.

No doubt this is what happens in the early development of almost every technology. I recall some similar security failings in the early days of long distance telephones. Some of those security holes may still survive today. People could make long distance phone calls without paying by using a whistle that came free with breakfast cereal. People could steal high end cars by shorting out the right wires.

People that don't learn from history are doomed to repeat it.

Re:How hard can it be?

On the one hand, companies shouldn't be selling drones for $28k with obvious flaws like this, on the other hand, why are people hacking police drones? What is wrong with these douches that they would attack something like this when there's so much more important infrastructure that is poorly protected? This is not the type of flaw that needed to be disclosed publicly. The appropriate people would be the specific decision makers in a position to buy such a drone. Warn them. Don't tell tons of criminals how to cause havoc when the only possible thing that can cause is more costs (for immediate and unscheduled replacement), or suffer the consequences of extra security risk.

Re:How hard can it be?

[sexconker]

As a taxpayer paying for the $28,000 drones, I say hack away. Drop them all from the sky.

Re: How hard can it be?

The company sells at the point the market allows them to. If they could sell it for 100k and still have buyers, they would, and I couldn't blame them for it.

The police don't care about the price because the money is just coming from the taxpayers (not their own money). So they don't care how much they spend.

So that's how this endless positive feedback loop happens.

Re:How hard can it be?

So essentially you're proposing $28,040 piles of burning plastic?

Re:How hard can it be?

[BitZtream]

I guess adding a $1 port and a $2 codec chip on both the controller and drone is too much to ask for protecting a $28k drone from being stolen or destroyed by a prankster.

The XBee radios they are using for communications support encryption out of the box. All you have to do is turn it on and give it a key and it does all the work.

People could make long distance phone calls without paying by using a whistle that came free with breakfast cereal.

Its only slightly more complicated now. I can safely say you have everything you need available to you RIGHT NOW to make all the free phone calls you want, only now you can do it without leaving your home and even make it practically untraceable while you sit at home!

The PSTN is still based on the idea that all the connections are relatively trusted because people will 'never figure out how to do this and its a dedicated link' ... unfortunately, that is not now and never really was actually true.

Re:How hard can it be?

You should ask for a refund of any money you paid for your security certifications -- you were ripped off.

"I recall some similar security failings in the early days of long distance telephones. Some of those security holes may still survive today. People could make long distance phone calls without paying by using a whistle that came free with breakfast cereal."

You could make any type of toll call, including local calls, if you so desired.

"People could steal high end cars by shorting out the right wires."

It worked for "low end" cars and "shitboxes" too. Still does.

Re:How hard can it be?

this is not hard. exchange a few gigibytes of random data with the controller and drone (each will have the same random data) before each mission. During the mission XOR each command byte with the next byte of random numbers. You'll need a few more parts, but that's the core.

Any cpu can do this, and it's totally secure (assuming the by random bytes are reasonable random).

Re:How hard can it be?

You must be a special kind of stupid

Re:How hard can it be?

And you must suck LEO dick at every opportunity.

Re:How hard can it be?

I admit I'm no crypto expert but I have had a few IT security certifications over the years. It seems simple enough to have a key exchange with the remote by a cable, so people can't sniff it out of the air, and then have the drone look for that key in every control packet.

no duh you're no crypto expert... you just want to send a "key" with every "control packet"... sure, hun. that will work. no one could sniff that "key" from your "control packets" and reuse it... surely they couldn't.

you're not even not a crypto expert, you haven't even begun to talk about crypto. you're an idiot.

Re:How hard can it be?

I understand there are issues (concerns, fears?) with government surveillance. I'm not suggesting those issues be ignored. But on the other hand the benefits of drone technology are amazing, and I believe could save lives. One example: Suspect walking around a park alone with a reported gun (no hostages, etc.)? Send in the drone instead of a flesh and blood police officer who otherwise is going to fear for their life - justifiably or not. Optionally - drone has two way voice speaker system, NO Hellfire missiles here obviously. Just maybe we can get the engineering AND legal aspects figured out and save some lives?

Re: How hard can it be?

[epine]

AC posts an anti-government spending screed demonstrating weak to non-existent comprehension of Economics 101.

So that's how this endless positive feedback loop happens.

In any given year, the police have a fixed budget. They almost certainly want more black-ops toys than their budget permits them to purchase, so they must then navigate their relative preference of one toy over another, which certainly does translate into a price sensitivity modulo substitution goods. (He who thinks that inter-departmental spending rivalries are less than ferocious has never attended a staff picnic after a "friendly" ball game.)

Furthermore, budgets tend to segregate salary expenses from other expenses, so that 100% of the spend doesn't go on the pay stub, which is of course what the average officer really wants. My god, it's an interlocking mesh of preference constraints all the way down!

I don't actually mind idiots that much. It gets on my nerves sometimes to see these things put forward without so much as displaying the comprehension that education exists (even if the AC doesn't wish to pursue it). Yes, indeed, Johnny Appleseed. Your unfamiliarity with substitution goods does indeed perpetuate a particularly rank form of anti-government bullshit.

For my part, I've never lacked for ability to criticise government without needing to exaggerate the problem in any dimension. It's actually pretty pathetic to need to exaggerate the flaws of government in order to remonstrate against its deficiencies.

As for inefficiencies in the private sector, we have Deepwater Horizon and the TARP bail-out. Looks like our inefficiency throw-down between government and the private sector is going into extra innings yet again.

Over in mixed doubles, the cost of medical care delivery in the United States hasn't lost a single match in international competition over the past two decades.

Suck my drone

Fuck the police

Hobby drone

Funny that such an expensive drone uses hobby kit parts.

Re:Hobby drone

[blindseer]

Perhaps that just shows what high quality "hobby" parts have achieved.

That's the thing with mass production and economies of scale can do, improve quality while lowering costs. Things that no so long ago would have been an expensive custom item are now cheap enough and of a high enough quality that someone would be stupid to go back to that custom item.

I suspect that it is quite possible that people will make passenger carrying craft with the same chips used in toys. The difference between an RC toy autopilot and a Boeing 787 autopilot is largely in the amount of technical review done on the code. If those chips are made in quantity then the cost of that review can be spread among more product. Sell the chips to hobbyists knowing that they'd want bragging rights that the code it runs is the same as on a Boeing 787.

Re:Hobby drone

[llzackll]

lost me at economies of scale but i know im not some drone that always needs to be aware of some evasive bs or whatever or whatever should not be evading anything because it should not be felt there is anything to hide due to history and all that stuff, so am i posting like this just to validate myself because i could care less if people are narcissistic. everybody is but its nothing to make a big deal out of. im not even trying to outsmart anyone but having to constantly defend yourself sh ouldnt be necessary hasnt anyone ever seen double jeopardy, i mean god damn how many times do i have to reinvent the wheel as if science never existed nor did english nor dictionaries? I dont even want to post this due to slashdot being imho a much better web site and not obsessed with comparing the size of everyones

Re:Hobby drone

[Feral+Nerd]

Funny that such an expensive drone uses hobby kit parts.

It's not really that surprising if you think about it. RC models are basically drones whose primary purpose is entertainment and fun, light military drones are RC models who have been repurposed for intelligence gathering and spotting for air and artillery strikes or police commando raids. The explosion in the development of light drones for military and police use is a pretty recent phenomenon driven by heavily miniaturised computers/cameras/GPS sensors (a product of the mobile device revolution) small enough to fit into a tiny airframe. However, when it comes to the airframe and control part of the equation kit hobbyists have been developing an entire industry around remote controlled craft of every conceivable kind since the 1940s that has even put mass manufactured micro jet engines that fit into the budget range of ordinary RC hobbyists. It is only natural that Police/Military light drone manufacturers would dip into such an extensive pool of existing industrial infrastructure and design knowledge to keep costs down.

Re:Hobby drone

[Sir+Holo]

Perhaps that just shows what high quality "hobby" parts have achieved.

That's the thing with mass production and economies of scale can do, improve quality while lowering costs. Things that no so long ago would have been an expensive custom item are now cheap enough and of a high enough quality that someone would be stupid to go back to that custom item.

Indeed. In 2003, image-sensors for optical microscopes (in labs) cost from $2000-$8000.

I built one for about $40, and it worked perfectly.

Bought a Mattel QX3 'toy' USB microscope off ebay, ripped out the sensor, stuck it into a tuna can, and mounted that atop a high-quality compound microscope at the RFP. The toy's software worked just fine, enabling super-cheap 40x–1000x image-capture from top-end optics.

Sure, CMOS sensors are noisy, so I just cranked up the illumination for good SNR. And 320x240 was enough—Stitching multiple shots is easy.

Re: Hobby drone

No, the design rigor is all done before the code is written. We are completely comfortable with paying Northrop to throw away the demo code and restart from requirements because we've seen what shit happens when programmers fail to design software. Start with the engineering requirements, decompose them, write small pieces, test, and then audit. Much better then the shit software with no engineering rigor in consumer and pro-Sumer grade drones.

Re:Hobby drone

[drinkypoo]

However, when it comes to the airframe and control part of the equation kit hobbyists have been developing an entire industry around remote controlled craft of every conceivable kind since the 1940s that has even put mass manufactured micro jet engines that fit into the budget range of ordinary RC hobbyists. It is only natural that Police/Military light drone manufacturers would dip into such an extensive pool of existing industrial infrastructure and design knowledge to keep costs down.

The problem with this idea is that the only especially interesting parts of the code are the flight control parts. The rest is pretty boring. Equally, the off the shelf hardware is not all that interesting. The only thing that it has to recommend it is footprint. You're not saving any money by buying an off the shelf autopilot as compared to buying an Arduino (or whatever) and a 10dof board. It's natural that they'd want to dip into the community, but it's not clear what they're really getting out of the hardware or the code.

Encryption is still no good against jamming

[Max_W]

Drones are no good for a conflict encounter with peers or near peers. This technology should be left to the civil industry.

Re:Encryption is still no good against jamming

[llzackll]

to the void said the paranoid android but the name of the band escapes me. is there an app for name that song or am i in the wrong forum? is ther a lgorithm to detect if your credit card may have been stolen due to unusual activity or some other pattern that is awry? i would figure that police drones would detect such things or any kind of drone not made from hobby kit parts that was to be used in such a way. do they not learn from history these pesky humans always asking for captchas to confirm you are a human or whatever? what happened to the internets?

Re:Encryption is still no good against jamming

[Hognoxious]

It's like somebody cloned Joe_Dragon but due to a bug the brain got split instead of duplicated.

Re:Encryption is still no good against jamming

[dissy]

Encryption is still no good against jamming

Yes, because encryption is not a defense against one specific attack type, logically you shouldn't even bother trying to defend against all the other attacks you perfectly well can defend yourself against.

Because logic!

Re:Encryption is still no good against jamming

[llzackll]

only response i could thiunk of is some casino game with a dual name, what a shame

Re:Encryption is still no good against jamming

[llzackll]

only tree fiddy? such a pity

do these even exist yet?

[llzackll]

do they even have these in use yet ? or is this just some headline to scare people. have to ask because of the way the summary is written

because of latency?

[bloodhawk]

I have to call BULLSHIT on the latency statement. The amount of latency added from decent encryption would be unnoticeable on any modern processing platform. WTF sort of mickey mouse crap are they using in these $28k drones? even a raspberry Pi could handle encryption without noticeable latency.

Re: because of latency?

Perhaps they misunderstood block encryption and thought that they had to wait untill they had 128 bits of commands before it could be encrypted?

I am thinking...

[toonces33]

That if you want to encrypt the video stream from the drone back to ground, that you might have a lot of latency as that could take some horsepower. But encrypting the navigation signals ought not create any problems with latency.

Re:I am thinking...

[Sir+Holo]

That if you want to encrypt the video stream from the drone back to ground, that you might have a lot of latency as that could take some horsepower. But encrypting the navigation signals ought not create any problems with latency.

Their comm link should probably be encrypted. But I do not want their video stream encrypted.

Any citizen can buy a "Police Scanner" to listen to their chatter. This should be no different. Watch the watchers.

Re:I am thinking...

[drinkypoo]

Any citizen can buy a "Police Scanner" to listen to their chatter. This should be no different. Watch the watchers.

Alas, most cop shops have moved on to encrypted digital radio, and they only give scanners to their trusted media toadies.

If not encryption, what about

At least using frequency agility? Much harder to hack the control signal if it's constantly changing in an unpredictable way.

They won't hire smart people

Because they are fucked.

You can implement AES on any 8mhz chip especially with messages that short. Hire me I'll do it.

All the circumstances

[bugs2squash]

I definitely don't know all the circumstances so it's hard to judge, but perhaps CPU processing capacity was not the limiting factor.

I imagine most likely it was because the builder wanted to use off-the shelf components, but it might also be because the communications links are low bandwidth and they did not want to incur the overhead of encryption or they thought that they needed to send data in blocks (CBC I think) rather than adopting a streaming form of encryption (there are lots to choose from) And they may have been deterred by the risk of losing control if they had a communication glitch and the crypto had to recover.

Anyhow, I can see it being more complicated than just having cheaped out on the CPU. They woudl be justified in thinking that this is a complex choice and they may have recognized that they were not qualified to make it. Finally, if they say the link is encrypted and it gets hacked I can see them being far more liable than they are if they never encrypted it, plus they get the contract to add encryption later. Heck, they probably planted this story.

I can jam my quadcopter with a microwave oven

I built something that's even cheaper and entertaining. Take a magnetron from an old microwave oven... build up a feed horn tuned for the 2ghz band. point the feedhorn to the sky and fly your drone over the feed horn. I placed my feedhorn on the ground pointed it straight up in the sky, flew over the feedhorn and according to my flight log I was 75ft up. > Crash!

Duh?

Anyone who intends to operate remote-control vehicles in a priori adversarial situations, probably had this as question number two: "What if they jam it?" It's unthinkable that it's not on the agenda any time you have an us-vs-them situation.

But of course, question number one is: "what if they commandeer it?"

We are talking about some very incompetent cops here. I mean highly-unusual incompetence to a degree that you have to wonder for whom they're working. This is not mere below-average competence.

(It's the people who don't consider all the ways they may be in adversarial situations, that we're all having to learn to worry about. e.g. grandma getting onto the Net of a Thousand Lies, or poor little Billy flying his new toy near the swimming pool, not realizing the naughty prankster kid is watching across the street, snickering and waiting.)

Drone The Bohemian Grove 2016!

[igobyjoshua]

Wait... I forgot...... Does Obama dump the screaming new born kids in the fire @ Bohemian Grove during the Cremation of Care Ritual , OR Just the High Priest? Drone The Grove 2016! Yes Grandma, for the last time there will be countless wave after wave of Drones flying above the Bohemian Grove streaming the Cremation of Care Ritual to YouTube and CNN, get over it and take your pills silly...