Another problem with using the captured satellite as a weapon against another satellite is that the hijacker would need to know where the target(s) is/are PRECISELY. These puppies are moving at a minimum of 7.5 kps -- that's DAMN fast. Miscalculate where they are by just a split-second and you miss your target by kilometers.
Maneuvering in orbit also takes time as well as fuel -- I think the US military would notice something like this and take protective action for the potential targets. Remember that NASA has maneuvered the space shuttle to avoid space junk, what, a dozen times now?
Making the satellite's command and control protocols widely available is ridiculous. There's a big difference between relying on obscurity for your security and using it to enhance your security. There's also a big difference between a computer that sits on the Internet to be probed with all responses available for digital capture and a system that can only be accessed through RF transmission, probably using frequency hopping and digital spread spectrum.
The public doesn't have a need to know everything as long as the company(ies) involved don't rely on that obscurity alone to protect them.
It's widespread because the cryptanalytic community seems to consider the fact that anything (useful) that can be done can be undone. Ciphers and codes that can only encrypt but not be decrypted are useless. If a client can decipher it, then someone else can too. The one possible exception to this is if you use quantum encryption since the very act of reading the data stream changes it.
To prevent hacking, you have to eliminate access. This can be done with hardware--best you can do with software is make access incredibly hard. The scenario in "War Games" couldn't happen because even if the US were to configure missiles for automatic launching by computer, the US military would never let that computer be linked to the outside world.
1. Yes, someone can execute a DOS attack. It's called jamming and was done in the 80s to HBO by Captain Midnight. You need to check on the specific satellite design and see how the receiver would handle it but bear in mind that generally they will look for the best SNR and go with that. If the transmitter is higher power than you are, the receiver will see your signal as simply noise.
2. How many of you think that you could decipher the structure of the command (given the motivation)?
2. Deciphering the structure of the command is not going to be easy but it can be done. This is not something for script kiddies but the true hackers with sufficient motivation will eventually figure the problem out. Remember, with Real Hackers, simply the doing of something neat is sufficient motivation -- but a Real Hacker also subscribes to the Hacker Ethic of doing no harm.
3. I think the simple cool factor of getting into a "NASA Satellite" would be sufficient motivation for some of the budding anti-social geeks. Satellites are extremely high-value assets and should better security than how we protect our webpages. However, securing them also goes counter to the way most scientists want to work. Luckily, the command and data streams should be using different signalling systems and freqs so you CAN have the best of both worlds.
4. I would not assume your network security works. I seem to remember something about someone getting into ESA's system; it was postulated as a possible reason for one of the Ariane failures resulting from bad design. Personally, I think the French just wanted to toss the blame off on someone else but the more the US government relies on Microsoft systems, the less secure your system will be and your security is only as good as the weakest point of entry.
Slashdot Mirror
Another problem with using the captured satellite as a weapon against another satellite is that the hijacker would need to know where the target(s) is/are PRECISELY. These puppies are moving at a minimum of 7.5 kps -- that's DAMN fast. Miscalculate where they are by just a split-second and you miss your target by kilometers.
Maneuvering in orbit also takes time as well as fuel -- I think the US military would notice something like this and take protective action for the potential targets. Remember that NASA has maneuvered the space shuttle to avoid space junk, what, a dozen times now?
Making the satellite's command and control protocols widely available is ridiculous. There's a big difference between relying on obscurity for your security and using it to enhance your security. There's also a big difference between a computer that sits on the Internet to be probed with all responses available for digital capture and a system that can only be accessed through RF transmission, probably using frequency hopping and digital spread spectrum.
The public doesn't have a need to know everything as long as the company(ies) involved don't rely on that obscurity alone to protect them.
It's widespread because the cryptanalytic community seems to consider the fact that anything (useful) that can be done can be undone. Ciphers and codes that can only encrypt but not be decrypted are useless. If a client can decipher it, then someone else can too. The one possible exception to this is if you use quantum encryption since the very act of reading the data stream changes it.
To prevent hacking, you have to eliminate access. This can be done with hardware--best you can do with software is make access incredibly hard. The scenario in "War Games" couldn't happen because even if the US were to configure missiles for automatic launching by computer, the US military would never let that computer be linked to the outside world.
1. Yes, someone can execute a DOS attack. It's called jamming and was done in the 80s to HBO by Captain Midnight. You need to check on the specific satellite design and see how the receiver would handle it but bear in mind that generally they will look for the best SNR and go with that. If the transmitter is higher power than you are, the receiver will see your signal as simply noise.
2. How many of you think that you could decipher the structure of the command (given the motivation)?
2. Deciphering the structure of the command is not going to be easy but it can be done. This is not something for script kiddies but the true hackers with sufficient motivation will eventually figure the problem out. Remember, with Real Hackers, simply the doing of something neat is sufficient motivation -- but a Real Hacker also subscribes to the Hacker Ethic of doing no harm.
3. I think the simple cool factor of getting into a "NASA Satellite" would be sufficient motivation for some of the budding anti-social geeks. Satellites are extremely high-value assets and should better security than how we protect our webpages. However, securing them also goes counter to the way most scientists want to work. Luckily, the command and data streams should be using different signalling systems and freqs so you CAN have the best of both worlds.
4. I would not assume your network security works. I seem to remember something about someone getting into ESA's system; it was postulated as a possible reason for one of the Ariane failures resulting from bad design. Personally, I think the French just wanted to toss the blame off on someone else but the more the US government relies on Microsoft systems, the less secure your system will be and your security is only as good as the weakest point of entry.