Slashdot Mirror

← Back to Stories (view on slashdot.org)

$40 Hardware Is Enough To Hack $28,000 Police Drones From 2km Away (theregister.co.uk)

Posted by BeauHD on from the sneak-attack dept.

mask.of.sanity writes: Thieves can hijack $28,000 professional drones used widely across the law enforcement, emergency, and private sectors using $40 worth of hardware. The quadcopters can be hijacked from up to two kilometers away thanks to a lack of encryption, which is not present due to latency overheads. Attackers can commandeer radio links to the drones from up to two kilometers away, and block operators from reconnecting to the craft. With the targeted Xbee chip being very common in drones, IBM security guy Nils Rodday says it is likely many more aircraft are open to compromise.

58 of 97 comments (clear)

  1. What latency overhead? by Anonymous Coward · · Score: 1

    I never heard encryption causing latency overhead that matters for RC....more like serious negligence overhead

    1. Re:What latency overhead? by Anonymous Coward · · Score: 5, Informative

      Read the article...they went cheap and the CPU doesn't properly support encryption. Saved a few bucks in parts cost, but now have a completely insecure system...hah

    2. Re:What latency overhead? by booboo · · Score: 2

      It creates cashflow latency overhead.

    3. Re:What latency overhead? by ArchieBunker · · Score: 1

      More like management wanted to save $2 per unit and went with the cheaper CPU.

      --
      Only the State obtains its revenue by coercion. - Murray Rothbard
    4. Re:What latency overhead? by NotInHere · · Score: 1

      Or they are just idiots who think that nobody would ever want to hack their product, and that its much easier to debug without encryption.

    5. Re:What latency overhead? by NotInHere · · Score: 1

      Not for embedded CPUs, they are considerably less powerful, and if there isn't dedicated support for the algorithms there is considerable lag.

    6. Re:What latency overhead? by BitZtream · · Score: 1

      No, they went stupid. The chips they are using DO have encryption built in. All XBee chips do, as an example.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    7. Re:What latency overhead? by BitZtream · · Score: 5, Informative

      I have 3 racing quads (Naze32 based controllers), 2 photography quads (with full auto pilot, navigation (ArduPilot)), 2 traditional RC Helis and 2 RC Seaplanes (These use COTS parts from Futaba for competition purposes), all of which have some sort of autopilot or 'assistance' on them. The CPUs in NONE of them support encryption.

      You do realize that you can FLY an aircraft with full auto navigation on an Arduino, right? I don't think you understand how easy it is to write compact software that will do amazing things on tiny CPUs, probably due to dealing with bloated ass PCs where no one gives a fuck about writing decent software.

      Flying an aircraft doesn't require a lot of CPU horse power. Standard servos and speed controllers operate at 50 hertz. They've changed speed controllers for quads because the APs can do much higher refresh rates, which when coupled with the way quads work makes a noticeable stability difference, So you see, even a little Arduino has CPU power to spare for flying the aircraft ... but it doesn't have encryption.

      The CPU in all 5 of my quads cost less than a dollar each. You can get encryption instruction sets in all of them (The cpus that is) ... but that'll put the chip at $3-5/each instead of $0.75

      In the embedded world, you don't bring shit you don't need with you, it wastes power and space, generates heat, and introduces additional complexity and unknowns. Even if they included encryption for no monetary cost, you wouldn't buy a chip with it unless you knew you were going to use it. Do you want your aircraft to crash because of some weird Errata that only occurs on chips with X feature that you don't use?

      HOWEVER, All XBee chips DO support encryption so that the CPU DOESN'T have to know anything about it. All they would have had to do was flip a bit with the configuration tool and add figure out how to manage keys in the production environment/end user space.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    8. Re: What latency overhead? by houghi · · Score: 1

      Define 'little lag'. With something that is flying around with 'a little lag' is not really a good thing. Try driving a car where your steering wheel has 'a little lag'.

      --
      Don't fight for your country, if your country does not fight for you.
    9. Re:What latency overhead? by scsirob · · Score: 2

      Any ARM processor can encrypt and decrypt data at plenty speed and next to no latency. A Raspberry Pi Zero at $5 is more than enough. The processor in your smartphone is plenty. Even if it isn't and they had to 'splurge' for a multi-core Intel CPU it would be like $100 or so. There is no excuse, none whatsoever, to leave encryption out to save a few bucks.

      --
      To Terminate, or not to Terminate, that's the question - SCSIROB
    10. Re:What latency overhead? by Anonymous Coward · · Score: 1

      HOWEVER, All XBee chips DO support encryption so that the CPU DOESN'T have to know anything about it. All they would have had to do was flip a bit with the configuration tool and add figure out how to manage keys in the production environment/end user space.

      As does TFA say.
      TFA even says encryption was enabled.
      There is a non-subtle difference between WEP and WPA, and if someone who broke into the device says WEP was used rather than WPA for performace reasons, I think it is fair to assume that person knows what they are talking about? Yes, I would have liked to understand the technical issues better too. But such is journalism.

    11. Re:What latency overhead? by BitZtream · · Score: 1

      Lets start by establishing that they don't use either WEP or WPA, then we can get back to who knows what they're talking about, K? Such is journalism and the reality of people 'hacking' something ... without having any fucking clue what they actually did.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    12. Re: What latency overhead? by sumdumass · · Score: 2

      Start getting lag when the weather isn't perfect and you will start losing the drones due to not being able to control their flight or even the ability of the drone to stabilize it's own flight.

      They have processors with realtime encryption support capable of avoiding these issues. Your suggested reason was likely the justification to use a less capable processor to save money. I think the decision was probably made before the police had any say in the matter.

    13. Re:What latency overhead? by Stewie241 · · Score: 1

      Right... because you can reasonably run a multi-core Intel CPU in an application like this. Power usage is probably a much more significant factor.

    14. Re: What latency overhead? by Hognoxious · · Score: 1

      What would you rather have, a little lag or a chance that your $28k drone gets hijacked and stolen?

      Er, whose drone? We've got your money already, go pound sand.

      Signed,
          A.Corporation

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    15. Re: What latency overhead? by whopis · · Score: 2

      Are you kidding? Most non-hobby flight controllers are already running multi-core or even multiprocessor systems. The power draw for the processor is very small compared to that of the motors.

    16. Re: What latency overhead? by Anonymous Coward · · Score: 1

      You're close. It's not debug, but introducing unauditable failure modes. If the encryption is good, then you have part of the command link that has random noise thrown in ... Bit errors are real and happen on digital links. So now, you're injecting random data into the C2 links, which is not good. This is accommodated by a variety of protocols, which all add latency because they're sending more data. This is not good. Additionally, we really want Aircraft systems to be, say, audit able and verifiable. Crypto is Damon near the opposite. There are less than a few hundred people, and only about 7 private organizations that can do a good job of validating crypto.

    17. Re: What latency overhead? by Anonymous Coward · · Score: 1

      Bit errors will also happen without encryption. What encryption would likely do is spread a single bit error to more bits (if it is a block cipher) but even if it didn't you wouldn't want the flight controller executing a command with a corrupt bit.

      Since it cannot be known if an error in transmission is just bad luck or an actual attack attempt good encryption will also offer a message authentication code. This works like a checksum, but with authentication. It will verify that the message is correct as-sent, and also is sent by someone with the key.

      Any crypto system will introduce latency, but in practice this is less than a few ms on old processors, and almost zero on more powerful CPUs. Many UAV remotes only send the updates from the sticks on the controller to the drone once per 20ms. Adding even 5ms will make no practical difference. Maybe for a racing drone with a very skilled pilot it would reduce performance, but a police drone is likely to be flown very calmly (knowing that it costs 28k$),

      As for auditing, if you trust the system because it is encrypted and otherwise would not, then bad crypto will cause harm. In this case the UAV will be used anyway, so any form of encryption/security, even if it can be hacked by experts, is better than a wide open system.

    18. Re: What latency overhead? by Immerman · · Score: 1

      A valid point. But as someone pointed out in another branch above, you don't actually need an encrypted signal to secure the device, just securely signing the packets would be sufficient. Somebody monitoring the signal is not that big a deal, you just don't ant them to be able to spoof it. A hashed signature would also allow you to respond immediately while still waiting to confirm it's validity - a single spoofed packet, or even a handful, are unlikely to cause much problem, so long as the spoofed signal is ignored after that.

      Noise would still be a bit of an issue, but a high-redundancy error-correcting encoding would eliminate most of that at the cost of a bit of bandwidth, without introducing lag. You probably want that anyway - undetected faults in a digital signal can result in *really* incorrect behavior. Further fault tolerance could be introduced by not requiring *every* packet to properly signed - default to a "come-home" or other behavior if it hasn't received a valid packet in the last N seconds.

      --
      --- Most topics have many sides worth arguing, allow me to take one opposite you.
    19. Re:What latency overhead? by Immerman · · Score: 1

      A couple of xor operations? Seriously? Just what sort of "encryption" are you imagining you could get with that? One-time pads are the only one that would be even remotely secure with that little overhead, and good luck trying to avoid coordination problems in the presence of incompetent users, a noisy data line, and malicious attackers.

      It might be doable, but it would be really challenging to come up with something that was both just as reliable and more than a minor nuisance to an attacker.

      --
      --- Most topics have many sides worth arguing, allow me to take one opposite you.
    20. Re: What latency overhead? by drinkypoo · · Score: 2

      Start getting lag when the weather isn't perfect and you will start losing the drones due to not being able to control their flight

      Nope. Even open source MultiWii has GPS failsafe. With a "big" antenna (e.g. ~25mm) a drone floating above the city tends to have great reception even in poor weather. A 10mm antenna is good enough for adequate reception on a nice day, but presumably we're talking about fairly large drones for which a sizable GPS antenna is a minor issue. If they lose GPS positioning momentarily, they can reasonably hold position on their other sensors until they get it back. The only real danger is if you can jam their GPS signal for an extended period, at which point they will probably come straight down.

      or even the ability of the drone to stabilize it's own flight.

      Nope. Stable flight modes prevent any such problems, and if you're not trying to play acrobatic tricks, there's no good reason not to use them.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    21. Re: What latency overhead? by chiefmojorising · · Score: 1

      The police (municipality, whoever) had their say when they wrote the check to buy them.

    22. Re: What latency overhead? by sumdumass · · Score: 1

      Lol.. the lag will not be in the transmission latency it will be in the commands processed. The inputs from the GPS and flight stabilizer will stack right behind the others. It will have the same effect as driving when someone drifts onto a soft shoulder and over corrects to return to the road then shoots further than expected when good traction is reestablished. This often ends up with the vehicle running off the other side of the road if not striking another vehicle or object first.

    23. Re: What latency overhead? by buck-yar · · Score: 1

      From open source flight control software I've seen, the scheduler runs the main loop and tertiary loops at set frequencies, and the CPU utilization is not near 100%, so it is ok to add more calculations. CPU utilization is actually somewhat low, other than when logging is set at verbose.

      Servos and motors are on per wire modulation (PWM). They wait for a signal at a set frequency, in many cases 490hz (though the trend is new protocols which are higher rates).

      So implementing encryption is just a matter of making sure the algorithms runs in its allotted time. Which brings up the next question, what encryption runs in x time and cannot be cracked within n time?

    24. Re: What latency overhead? by drinkypoo · · Score: 1

      Lol.. the lag will not be in the transmission latency it will be in the commands processed.

      What?

      The inputs from the GPS and flight stabilizer will stack right behind the others.

      Flight stabilizer? What? No. The code loops, every so often. The main loop contains tests to see if enough time has elapsed between flight control events and when it has, it kicks one off. Another timer check tests to see if there is incoming controller data, and engages failsafe if not. Another test in the loop, which ISTR also being on a timer, checks for GPS input and parses sentences when present. In the flight control, there is a call to check the IMU hardware, which is typically done through SPI. This happens many times per second, much more rapidly than the time between GPS sentences, which is anywhere from .5 to 4 seconds, usually somewhere between .5 and 1.5. Even in the case of a defect in the GPS unit that caused it to spew garbage filled with newlines, there would still be multiple calls to the flight control code in between attempts to parse GPS data. It also takes spectacularly little time to parse the GPS data, so even if you had many spurious sentences per second, it would have little or no affect on flight stability.

      It will have the same effect as driving when someone drifts onto a soft shoulder and over corrects to return to the road then shoots further than expected when good traction is reestablished. This often ends up with the vehicle running off the other side of the road if not striking another vehicle or object first.

      That happens to humans because our sampling rate is low. The sampling rate of a drone autopilot is very high. Just as a car is better than a human at detecting yaw, which is why all cars sold in the USA since 2010 have had legally-mandated active yaw control, a drone is better than a human at detecting yaw, roll, or pitch. A quadcopter (for example) can detect that it is rolling off of flat and level flight and start adjusting power levels before you can even see that it is happening. Now, what makes you think that losing GPS fix is going to cause the flight control algorithm to overcorrect? Have you even looked at any of the code in question, even where it is possible to do so (e.g. MultiWii)?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    25. Re: What latency overhead? by Cramer · · Score: 1

      Our race car was like that. I loved it like that -- turn the wheel, the car leans over, and then it turns. Yes, you have to plan accordingly. You cannot wait to the last second to turn the wheel. Yes, that can be a problem at night with no (read: very ineffective) lights.

  2. How hard can it be? by blindseer · · Score: 4, Interesting

    I admit I'm no crypto expert but I have had a few IT security certifications over the years. It seems simple enough to have a key exchange with the remote by a cable, so people can't sniff it out of the air, and then have the drone look for that key in every control packet. Of course there would need to be some computation on that key but we have special purpose chips that can do that with minimal delay or power. The algorithms are open source and highly secure so there is little risk or cost there.

    I guess adding a $1 port and a $2 codec chip on both the controller and drone is too much to ask for protecting a $28k drone from being stolen or destroyed by a prankster.

    The concern seems to be the delay. Perhaps the commands could be passed through and the commands verified after the fact. If the commands fail then the drone could go in a limited performance mode where every packet needs to be verified, or it goes into a "go home" mode and ignores some or all commands.

    No doubt this is what happens in the early development of almost every technology. I recall some similar security failings in the early days of long distance telephones. Some of those security holes may still survive today. People could make long distance phone calls without paying by using a whistle that came free with breakfast cereal. People could steal high end cars by shorting out the right wires.

    People that don't learn from history are doomed to repeat it.

    --
    I am armed because I am free. I am free because I am armed.
    1. Re:How hard can it be? by sexconker · · Score: 5, Insightful

      As a taxpayer paying for the $28,000 drones, I say hack away. Drop them all from the sky.

    2. Re: How hard can it be? by Anonymous Coward · · Score: 2, Interesting

      The company sells at the point the market allows them to. If they could sell it for 100k and still have buyers, they would, and I couldn't blame them for it.

      The police don't care about the price because the money is just coming from the taxpayers (not their own money). So they don't care how much they spend.

      So that's how this endless positive feedback loop happens.

    3. Re:How hard can it be? by BitZtream · · Score: 5, Interesting

      I guess adding a $1 port and a $2 codec chip on both the controller and drone is too much to ask for protecting a $28k drone from being stolen or destroyed by a prankster.

      The XBee radios they are using for communications support encryption out of the box. All you have to do is turn it on and give it a key and it does all the work.

      People could make long distance phone calls without paying by using a whistle that came free with breakfast cereal.

      Its only slightly more complicated now. I can safely say you have everything you need available to you RIGHT NOW to make all the free phone calls you want, only now you can do it without leaving your home and even make it practically untraceable while you sit at home!

      The PSTN is still based on the idea that all the connections are relatively trusted because people will 'never figure out how to do this and its a dedicated link' ... unfortunately, that is not now and never really was actually true.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    4. Re: How hard can it be? by epine · · Score: 1

      AC posts an anti-government spending screed demonstrating weak to non-existent comprehension of Economics 101.

      So that's how this endless positive feedback loop happens.

      In any given year, the police have a fixed budget. They almost certainly want more black-ops toys than their budget permits them to purchase, so they must then navigate their relative preference of one toy over another, which certainly does translate into a price sensitivity modulo substitution goods. (He who thinks that inter-departmental spending rivalries are less than ferocious has never attended a staff picnic after a "friendly" ball game.)

      Furthermore, budgets tend to segregate salary expenses from other expenses, so that 100% of the spend doesn't go on the pay stub, which is of course what the average officer really wants. My god, it's an interlocking mesh of preference constraints all the way down!

      I don't actually mind idiots that much. It gets on my nerves sometimes to see these things put forward without so much as displaying the comprehension that education exists (even if the AC doesn't wish to pursue it). Yes, indeed, Johnny Appleseed. Your unfamiliarity with substitution goods does indeed perpetuate a particularly rank form of anti-government bullshit.

      For my part, I've never lacked for ability to criticise government without needing to exaggerate the problem in any dimension. It's actually pretty pathetic to need to exaggerate the flaws of government in order to remonstrate against its deficiencies.

      As for inefficiencies in the private sector, we have Deepwater Horizon and the TARP bail-out. Looks like our inefficiency throw-down between government and the private sector is going into extra innings yet again.

      Over in mixed doubles, the cost of medical care delivery in the United States hasn't lost a single match in international competition over the past two decades.

  3. Re:security through prosecution by NotInHere · · Score: 1

    That's what the state does: it provides security for its people, by prosecuting the criminals.

    But yeah I know what you meant... This will just lead to DRMed (or criminalized) SDRs or something, totally the wrong approach IMO. Policemen may be trusting their lives on these devices, and the video footage may be used as proof in court. If the defendant can prove there is no encryption, then boom the proof may be void.

  4. Suck my drone by Anonymous Coward · · Score: 1

    Fuck the police

  5. Re:security through prosecution by jandersen · · Score: 1, Interesting

    It is not without irony that people here seem to feel, that when some member of the public breaks into police or governmenet systems, quite possibly to commit a crime, it is cool, but when the police break into systems of members of the public, usually to catch criminals, this is "gross violation of privacy". If it is wrong for anybody, then it is wrong for everybody, I would have thought.

  6. Hobby drone by Anonymous Coward · · Score: 1

    Funny that such an expensive drone uses hobby kit parts.

    1. Re:Hobby drone by blindseer · · Score: 2

      Perhaps that just shows what high quality "hobby" parts have achieved.

      That's the thing with mass production and economies of scale can do, improve quality while lowering costs. Things that no so long ago would have been an expensive custom item are now cheap enough and of a high enough quality that someone would be stupid to go back to that custom item.

      I suspect that it is quite possible that people will make passenger carrying craft with the same chips used in toys. The difference between an RC toy autopilot and a Boeing 787 autopilot is largely in the amount of technical review done on the code. If those chips are made in quantity then the cost of that review can be spread among more product. Sell the chips to hobbyists knowing that they'd want bragging rights that the code it runs is the same as on a Boeing 787.

      --
      I am armed because I am free. I am free because I am armed.
    2. Re:Hobby drone by llzackll · · Score: 1

      lost me at economies of scale but i know im not some drone that always needs to be aware of some evasive bs or whatever or whatever should not be evading anything because it should not be felt there is anything to hide due to history and all that stuff, so am i posting like this just to validate myself because i could care less if people are narcissistic. everybody is but its nothing to make a big deal out of. im not even trying to outsmart anyone but having to constantly defend yourself sh ouldnt be necessary hasnt anyone ever seen double jeopardy, i mean god damn how many times do i have to reinvent the wheel as if science never existed nor did english nor dictionaries? I dont even want to post this due to slashdot being imho a much better web site and not obsessed with comparing the size of everyones

    3. Re:Hobby drone by Feral+Nerd · · Score: 2

      Funny that such an expensive drone uses hobby kit parts.

      It's not really that surprising if you think about it. RC models are basically drones whose primary purpose is entertainment and fun, light military drones are RC models who have been repurposed for intelligence gathering and spotting for air and artillery strikes or police commando raids. The explosion in the development of light drones for military and police use is a pretty recent phenomenon driven by heavily miniaturised computers/cameras/GPS sensors (a product of the mobile device revolution) small enough to fit into a tiny airframe. However, when it comes to the airframe and control part of the equation kit hobbyists have been developing an entire industry around remote controlled craft of every conceivable kind since the 1940s that has even put mass manufactured micro jet engines that fit into the budget range of ordinary RC hobbyists. It is only natural that Police/Military light drone manufacturers would dip into such an extensive pool of existing industrial infrastructure and design knowledge to keep costs down.

    4. Re:Hobby drone by Sir+Holo · · Score: 1

      Perhaps that just shows what high quality "hobby" parts have achieved.

      That's the thing with mass production and economies of scale can do, improve quality while lowering costs. Things that no so long ago would have been an expensive custom item are now cheap enough and of a high enough quality that someone would be stupid to go back to that custom item.

      Indeed. In 2003, image-sensors for optical microscopes (in labs) cost from $2000-$8000.

      I built one for about $40, and it worked perfectly.

      Bought a Mattel QX3 'toy' USB microscope off ebay, ripped out the sensor, stuck it into a tuna can, and mounted that atop a high-quality compound microscope at the RFP. The toy's software worked just fine, enabling super-cheap 40x–1000x image-capture from top-end optics.

      Sure, CMOS sensors are noisy, so I just cranked up the illumination for good SNR. And 320x240 was enough—Stitching multiple shots is easy.

    5. Re:Hobby drone by drinkypoo · · Score: 1

      However, when it comes to the airframe and control part of the equation kit hobbyists have been developing an entire industry around remote controlled craft of every conceivable kind since the 1940s that has even put mass manufactured micro jet engines that fit into the budget range of ordinary RC hobbyists. It is only natural that Police/Military light drone manufacturers would dip into such an extensive pool of existing industrial infrastructure and design knowledge to keep costs down.

      The problem with this idea is that the only especially interesting parts of the code are the flight control parts. The rest is pretty boring. Equally, the off the shelf hardware is not all that interesting. The only thing that it has to recommend it is footprint. You're not saving any money by buying an off the shelf autopilot as compared to buying an Arduino (or whatever) and a 10dof board. It's natural that they'd want to dip into the community, but it's not clear what they're really getting out of the hardware or the code.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  7. Re: It doesn't matter what you did by Anonymous Coward · · Score: 1

    Send the owner of lifehacker to jail. And anyone who uses hack in that way. Or anyone who even talks about hacks. For the children! Because some pedophiles and terrorists are hackers. Are you a pedophile or terrorist?

  8. Encryption is still no good against jamming by Max_W · · Score: 4, Informative

    Drones are no good for a conflict encounter with peers or near peers. This technology should be left to the civil industry.

    1. Re:Encryption is still no good against jamming by llzackll · · Score: 1

      to the void said the paranoid android but the name of the band escapes me. is there an app for name that song or am i in the wrong forum? is ther a lgorithm to detect if your credit card may have been stolen due to unusual activity or some other pattern that is awry? i would figure that police drones would detect such things or any kind of drone not made from hobby kit parts that was to be used in such a way. do they not learn from history these pesky humans always asking for captchas to confirm you are a human or whatever? what happened to the internets?

    2. Re:Encryption is still no good against jamming by Hognoxious · · Score: 1

      It's like somebody cloned Joe_Dragon but due to a bug the brain got split instead of duplicated.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    3. Re:Encryption is still no good against jamming by dissy · · Score: 1

      Encryption is still no good against jamming

      Yes, because encryption is not a defense against one specific attack type, logically you shouldn't even bother trying to defend against all the other attacks you perfectly well can defend yourself against.

      Because logic!

    4. Re:Encryption is still no good against jamming by llzackll · · Score: 1

      only response i could thiunk of is some casino game with a dual name, what a shame

    5. Re:Encryption is still no good against jamming by llzackll · · Score: 1

      only tree fiddy? such a pity

  9. Re: security through prosecution by TheReaperD · · Score: 4, Informative

    This is not a case of criminals breaking into police equipment. This is a group telling police and the public that these systems are vulnerable so they can fix the problem and prevent criminals from doing this in the future.

    --
    "Be particularly skeptical when presented with evidence confirming what you already believe." -
  10. do these even exist yet? by llzackll · · Score: 1

    do they even have these in use yet ? or is this just some headline to scare people. have to ask because of the way the summary is written

  11. Re:security through prosecution by houghi · · Score: 1

    If you are able to pay a lawyer as a defendant to go that route, you will most likely get away free anyway, even when guilty. Otherwise you will go to prison.

    --
    Don't fight for your country, if your country does not fight for you.
  12. because of latency? by bloodhawk · · Score: 1

    I have to call BULLSHIT on the latency statement. The amount of latency added from decent encryption would be unnoticeable on any modern processing platform. WTF sort of mickey mouse crap are they using in these $28k drones? even a raspberry Pi could handle encryption without noticeable latency.

  13. I am thinking... by toonces33 · · Score: 2

    That if you want to encrypt the video stream from the drone back to ground, that you might have a lot of latency as that could take some horsepower. But encrypting the navigation signals ought not create any problems with latency.

    1. Re:I am thinking... by Sir+Holo · · Score: 1

      That if you want to encrypt the video stream from the drone back to ground, that you might have a lot of latency as that could take some horsepower. But encrypting the navigation signals ought not create any problems with latency.

      Their comm link should probably be encrypted. But I do not want their video stream encrypted.

      Any citizen can buy a "Police Scanner" to listen to their chatter. This should be no different. Watch the watchers.

    2. Re:I am thinking... by drinkypoo · · Score: 1

      Any citizen can buy a "Police Scanner" to listen to their chatter. This should be no different. Watch the watchers.

      Alas, most cop shops have moved on to encrypted digital radio, and they only give scanners to their trusted media toadies.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  14. All the circumstances by bugs2squash · · Score: 1

    I definitely don't know all the circumstances so it's hard to judge, but perhaps CPU processing capacity was not the limiting factor.

    I imagine most likely it was because the builder wanted to use off-the shelf components, but it might also be because the communications links are low bandwidth and they did not want to incur the overhead of encryption or they thought that they needed to send data in blocks (CBC I think) rather than adopting a streaming form of encryption (there are lots to choose from) And they may have been deterred by the risk of losing control if they had a communication glitch and the crypto had to recover.

    Anyhow, I can see it being more complicated than just having cheaped out on the CPU. They woudl be justified in thinking that this is a complex choice and they may have recognized that they were not qualified to make it. Finally, if they say the link is encrypted and it gets hacked I can see them being far more liable than they are if they never encrypted it, plus they get the contract to add encryption later. Heck, they probably planted this story.

    --
    Nullius in verba
  15. Drone The Bohemian Grove 2016! by igobyjoshua · · Score: 1

    Wait... I forgot...... Does Obama dump the screaming new born kids in the fire @ Bohemian Grove during the Cremation of Care Ritual , OR Just the High Priest? Drone The Grove 2016! Yes Grandma, for the last time there will be countless wave after wave of Drones flying above the Bohemian Grove streaming the Cremation of Care Ritual to YouTube and CNN, get over it and take your pills silly...

  16. Re:security through prosecution by drinkypoo · · Score: 1

    It is not without irony that people here seem to feel, that when some member of the public breaks into police or governmenet systems, quite possibly to commit a crime, it is cool, but when the police break into systems of members of the public, usually to catch criminals, this is "gross violation of privacy".

    1) The cops are public servants, the drones are public property, while that doesn't give us the right to use them as toys it does give us the right to demand that they be used responsibly.

    2) The cops have rights that the rest of us lack, and the power to fuck up our lives, so we have to keep closer track of their activities.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  17. Re: security through prosecution by jandersen · · Score: 1

    Ah, I see - "The ends justify the means", right?