Why waste dev time on a SDR TX when you can buy a used transponder off ebay for cheap or just steal one?
Just sayin its not all that practical.
Because the SDR TX took one evening in Gnuradio to implement.
Third is data gathering from multiple sites. You cannot generate enough power / altitude from the ground to knock out a substantial range. Talk to some microwave RF guys. So use the ring of airports/radars around the transmitter.... Of course this sucks AT o'hare if the jammer is in the o'hare parking lot...
For ground purposes why can the ADS RX be on a narrow beam antenna? HMm a network of them just triangulated on you.
We aren't jamming. We're spoofing. Your idea regarding triangulation is generally correct, although they use multilateration, not direction of arrival. However, if your signal is only loud enough to be heard by a single station (or two stations), you can't multilaterate, and since 1090MHz is very much line of sight, the odds multiple stations will hear a ground-based spoofer are slim.
They HAVE To maintain it. Otherwise my learjet full of coke gets the "cloaked ship" star trek effect if I flip the transponder circuit breaker off. They're never, ever, going to give up on skin painting. Maybe some phb who's never ATC'd or piloted a plane made up some story, but...
I'm totally with you here. The problem is the FAA initially appeared not to recognize this; it appeared they wanted to maintain PSR/SSR in congested areas, but shut down some primary sites in less-trafficked areas. I am as glad as you are that they seem to understand the necessity of maintaining complete PSR/SSR.
Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there.
Talk to a pilot. The first thing you do is visual the incoming. So that limits it to IFR only conditions right off the top.
A successful attach is going to be pretty ineffective and very dangerous to attempt. I just don't see it as an issue.
If these attacks become popular, planes will just pop the tcas circuit breakers on order of ATC (probably in the ATIS/AWOS message?) and fly "pre-tcas" which works just fine.
I don't agree with this. Disabling TCAS is a hazard in itself, ESPECIALLY in IFR condx. This is a problem.
Unfortunately, transmitting live spoofed data into the real ATC system is Guantanamo fodder, and I'm trying to avoid becoming a domestic terrorist if at all possible.
That said, this wasn't merely a simulation: real ADS-B frames were transmitted by a low-cost SDR (into a dummy load) based on the position of a simulated aircraft flying in FlightGear. Those transmitted frames were received by the same SDR (alongside real frames from real aircraft), and the resulting tracks plotted in Google Earth.
The demonstration used a COTS SDR to transmit ADS-B squitters from positions derived from an aircraft flying in FlightGear. The same SDR was simultaneously receiving ADS-B frames from real aircraft, *including* the spoofed frames being transmitted locally. The combined frames were brought into the Google Earth display for viewing. Criticism suggesting that "it's just a flight simulator, it's not real" is incorrect: these are valid, correct ADS-B frames, transmitted (into a dummy load), which will be received and decoded by ADS-B IN hardware. There is a spec (DO-260B), and the transmissions meet that spec.
The purpose of the demonstration was to show that valid ADS-B frames can be generated and transmitted by low-cost SDR hardware. This capability raises a number of interesting possible attack vectors, which were discussed in the presentation. The secondary purpose of the presentation was to get the FAA to clarify the countermeasures they plan on using to detect, identify, and eliminate spoofed transmissions from the data which controllers see. Specifically, there are two other sources of data they can use: multilateration, which depends on time-difference-of-arrival to calculate the originating position of a transmission (same principle as GPS); and maintaining a network of primary surveillance radar. Prior to this week (Steve Henn of NPR was the first to get the memo from the FAA), the FAA had not stated that they planned to maintain a full radar network, or to use multilateration to vet reports. In fact, reading older documentation, explicit mention is made of *shutting down* PSR to save money after ADS-B implementation is complete. So, you understand our concern.
Additionally, ADS-B IN implementation aboard aircraft (rather than ground stations) provides no facility for validating reports via TDOA; this means that you can inject false reports into aircraft which are listening to other ADS-B reports. Currently few aircraft support this capability, but for those that do, you can squit fake aircraft right into their traffic display.
Lastly, the last couple of slides from the Defcon presentation discuss an attack vector against TCAS, the collision avoidance system aircraft use to maintain separation when ATC fails to do so. This attack vector is particularly concerning because it provides direct pilot guidance: a false aircraft on a collision course will create audio and visual warnings in the cockpit (a "resolution advisory"). Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there. Obviously, this is concerning, and I'm unaware of any way to combat this.
So yes, the presentation may have looked "FUDdy" without background into the problem, but there are real security issues here which need to be dealt with.
Incorrect. The lens itself does the stabilizing, with accelerometers and a movable lens element. Linear ultrasonic motors shift the lens in the X and Y axes, effectively shifting the center of field.
10cm on a side? The Analog Devices ADXRS150 is a relatively accurate MEMS gyro in 1cm x 1cm. Three of those give you a 3D gyro platform more than good enough for flight stabilization or image-stabilizing a camera. I've done both with them.
They aren't up on par with inertial-navigation-grade systems using fiber-optic gyros, so their drift tends to make them unusable for long-term navigation. You wouldn't fly a cruise missile or an ICBM on them. But for sensing motion, or for aiding navigation in conjunction with accelerometers or a GPS, they're just fine. And they're available now.
Like the previous respondent said, you need more DSP before you can comment appropriately.
Regarding 2) above:
The whole point of sampling theory is to recreate sine waves. ANY sound source, be it violins or voices, is not a perfect sinusoidal signal. However, these sources can be represented to the limit of human hearing as a sum of sinusoids (a Fourier series). So, by using a sampling rate at least twice the human range, you should be able to adequately reconstruct triangle and sine waves to the limit of your hearing.
IOW, the "harmonics" you're talking about are, in the frequency domain, representations of sine waves. If you can properly reconstruct those harmonic sine waves to the limit of human hearing, you've got a violin, for all intents and purposes.
If your argument is correct, then the thousands of Peltier-cooled devices that already exist, in fact, do not. They're all a hoax.
The whole point of heat exchange in a processor context is to move the heat far enough away so that it does not affect the processor. Who cares if your heat sink, which is attached to the 'hot' side of the cooler, is at 150 Celsius? The metal certainly doesn't. As long as the *chip* stays cool, there ain't a problem.
Granted, it's not gonna make laptops run cooler, but it just might let them run faster.
the difference is, as you would no doubt know if you actually HAD read the article, that this attack allows the reconstruction of the CRT image from reflected, diffuse light; the only information an attacker needs is the glow of the monitor on the walls of the room.
ever looked in a window down the street late at night and seen the whole room lit up by a television?
They're trying to learn how to improve the efficiency of the weapons. Early nukes, such as the infamous two dropped on Japan, fissioned only about 2% of the nuclear material they contained. By using different detonator explosive configurations, different neutron sources, and different case materials and arrangements scientists can improve the yield of these weapons without increasing the amount of fissionable material going into them. It's on the bleeding edge of physics, so testing is the only way to verify that the new technologies they use will actually work if, say, they need to drop these things on someone.
That said, the early nuclear tests were conducted in such an irresponsible and criminally negligent manner that hundreds of thousands of Americans were radiologically poisoned by iodine fallout from the atmospheric blasts in Nevada. The government sometimes has its own agenda, and that agenda need not involve the people.
A friend of mine has been tagged by the government's computers as well. Every time he flies, he is subjected to a thorough search of his luggage and carryons. So far he has been spared the indignity of a body search. He is a frequent flyer, and almost always flies alone. I guess he fits some sort of profile that EVERY BUSINESS TRAVELER fits.
Once, flying back from Virginia, he was pleasantly surprised that security did not single him out for searching at the checkpoint. Ten minutes after boarding the plane, however, he was asked to leave the plane because security had failed to properly search him.
A "random selection" this is not. Basing your unfair profiling decisions on a computer's algorithm is no more fair than "The Bell Curve" was, and just as demeaning.
that's funny... FedEx did just that to me. they left a package on my front doorstep and the signature area said "Front door". i live in Boston. needless to say, I never saw the box again.
but, since they left it, they had to claim liability for it. i was told the shipper files a claim, and the shipper sent me a new order.
i agree -- but if the music industry lets piracy slip for too long, and piracy advances into (let's say) lossless formats, then the industry is effectively obsoleted. it might not be a question of protecting profits so much as protecting the long-term survival of the industry.
on the other hand, it's still an evil, underhanded tactic to use the government for one's private ends.
the big media corporations are all on unfamiliar ground, and they've had several years to catch up with the current state of technology. well, they haven't. they haven't because the state of technology has rendered them obsolete, and thus they must try to hang on as best they can.
they tried to restrict media distribution via encryption, and it failed as it was destined to do; it's theoretically impossible to devise a truly secure media distribution format. if YOU can read it, the guy sitting NEXT to you can, too. since that failed, their only option is legislation.
i don't condone it. it's evil. but the media companies are trying to survive the paradigm shift in content distribution that the internet has started. corporations are considered people under the law; like people, they're just trying to survive as best they can, and they'll do whatever it takes. thus, if they can get legislation passed that lets them live, they'll do anything they can to ensure it gets passed.
everyone keeps suggesting that media companies "revise their traditional methods of distribution". how are they supposed to do that? either you give the media away for free, or you restrict distribution any way you can. there's no room in Scott McCloud's pass-the-hat paradise for media companies.
so, the big question is: if YOU were a major media corporation's CEO, and YOUR family's livelihood depended on keeping your corporation afloat in the face of underground distribution channels, what would YOU do?
i'll bet your answers, if you're truthful, aren't that far from what's happening now.
One of the major drawbacks (or benefits, depending on how you look at it) to the bazaar model is that its success depends directly on its popularity. If you make a project, let's say ThneedView, that everyone needs, you'll have people clamoring to submit patches for improvement. The drawback to this, of course, is the amazing number of cluebies who have no idea what they're talking about. The signal-to-noise ratio on a popular open-source project is amazing. OTOH, if your program is of interest to you and no one else, nobody's going to help you. Of course, nobody's going to bitch at you and start flame wars for making pivotal decisions on the evolution of your project, either. This is why I like the Linux evolution model (for example), where everyone can contribute, but someone is ultimately responsible for deciding what goes into the project and what gets tossed.
Paid programmers don't necessarily have to have any interest in the program they're producing (though, admittedly, it helps). Therefore, their projects don't depend on their popularity with the community, and everyone involved (generally, PHB's excepted) has a clue. Then again, this model limits the number of minds working on the project, and thus can be detrimental.
This material can GENERATE 700 watts of electricity from only one square cm. (specifically under a 58 degree F tempature gradient).
there's not enough energy difference in a 58-degree gradient to account for 700W per cc. if this were true, i could power Boston by replacing my oven's door with this stuff & baking a batch of brownies.*
i exaggerate, but the energy figure given is still ridiculously large.
Since most users of public-key crypto are (presumably) technologically oriented, most of them are probably also aware that GnuPG offers the same functionality, but free, and open-sourced to boot. Why bother paying for PGP when GPG is free, integrates with your favorite email clients (an Outlook plugin is even available), and offers the same or better encryption? GPG effectively made PGP unprofitable. Nobody who knows better would use it.
And, like the poster above mentioned, since the tech is facing a serious risk of becoming illegal, investing too heavily in it might not be wise from an economic standpoint.
Slashdot Mirror
How about receiving aircraft transponder signals with one? Or marine traffic position reports? Both applications will work with this $20 dongle. There's quite a bit more to "radio" than Justin Bieber's latest track.
dammit render, you even have a slashdot uid lower than mine.
Why waste dev time on a SDR TX when you can buy a used transponder off ebay for cheap or just steal one?
Just sayin its not all that practical.
Because the SDR TX took one evening in Gnuradio to implement.
Third is data gathering from multiple sites. You cannot generate enough power / altitude from the ground to knock out a substantial range. Talk to some microwave RF guys. So use the ring of airports/radars around the transmitter.... Of course this sucks AT o'hare if the jammer is in the o'hare parking lot...
For ground purposes why can the ADS RX be on a narrow beam antenna? HMm a network of them just triangulated on you.
We aren't jamming. We're spoofing. Your idea regarding triangulation is generally correct, although they use multilateration, not direction of arrival. However, if your signal is only loud enough to be heard by a single station (or two stations), you can't multilaterate, and since 1090MHz is very much line of sight, the odds multiple stations will hear a ground-based spoofer are slim.
They HAVE To maintain it. Otherwise my learjet full of coke gets the "cloaked ship" star trek effect if I flip the transponder circuit breaker off. They're never, ever, going to give up on skin painting. Maybe some phb who's never ATC'd or piloted a plane made up some story, but...
I'm totally with you here. The problem is the FAA initially appeared not to recognize this; it appeared they wanted to maintain PSR/SSR in congested areas, but shut down some primary sites in less-trafficked areas. I am as glad as you are that they seem to understand the necessity of maintaining complete PSR/SSR.
Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there.
Talk to a pilot. The first thing you do is visual the incoming. So that limits it to IFR only conditions right off the top.
A successful attach is going to be pretty ineffective and very dangerous to attempt. I just don't see it as an issue.
If these attacks become popular, planes will just pop the tcas circuit breakers on order of ATC (probably in the ATIS/AWOS message?) and fly "pre-tcas" which works just fine.
I don't agree with this. Disabling TCAS is a hazard in itself, ESPECIALLY in IFR condx. This is a problem.
A "cheap" aviation transponder that understands Mode-S/ADS-B? Which one is that?
I'm one of the authors.
Unfortunately, transmitting live spoofed data into the real ATC system is Guantanamo fodder, and I'm trying to avoid becoming a domestic terrorist if at all possible.
That said, this wasn't merely a simulation: real ADS-B frames were transmitted by a low-cost SDR (into a dummy load) based on the position of a simulated aircraft flying in FlightGear. Those transmitted frames were received by the same SDR (alongside real frames from real aircraft), and the resulting tracks plotted in Google Earth.
See my comment here: http://tech.slashdot.org/comments.pl?sid=3065807&cid=41088873 for more information.
Hi, I'm one of the authors.
The demonstration used a COTS SDR to transmit ADS-B squitters from positions derived from an aircraft flying in FlightGear. The same SDR was simultaneously receiving ADS-B frames from real aircraft, *including* the spoofed frames being transmitted locally. The combined frames were brought into the Google Earth display for viewing. Criticism suggesting that "it's just a flight simulator, it's not real" is incorrect: these are valid, correct ADS-B frames, transmitted (into a dummy load), which will be received and decoded by ADS-B IN hardware. There is a spec (DO-260B), and the transmissions meet that spec.
The purpose of the demonstration was to show that valid ADS-B frames can be generated and transmitted by low-cost SDR hardware. This capability raises a number of interesting possible attack vectors, which were discussed in the presentation. The secondary purpose of the presentation was to get the FAA to clarify the countermeasures they plan on using to detect, identify, and eliminate spoofed transmissions from the data which controllers see. Specifically, there are two other sources of data they can use: multilateration, which depends on time-difference-of-arrival to calculate the originating position of a transmission (same principle as GPS); and maintaining a network of primary surveillance radar. Prior to this week (Steve Henn of NPR was the first to get the memo from the FAA), the FAA had not stated that they planned to maintain a full radar network, or to use multilateration to vet reports. In fact, reading older documentation, explicit mention is made of *shutting down* PSR to save money after ADS-B implementation is complete. So, you understand our concern.
Additionally, ADS-B IN implementation aboard aircraft (rather than ground stations) provides no facility for validating reports via TDOA; this means that you can inject false reports into aircraft which are listening to other ADS-B reports. Currently few aircraft support this capability, but for those that do, you can squit fake aircraft right into their traffic display.
Lastly, the last couple of slides from the Defcon presentation discuss an attack vector against TCAS, the collision avoidance system aircraft use to maintain separation when ATC fails to do so. This attack vector is particularly concerning because it provides direct pilot guidance: a false aircraft on a collision course will create audio and visual warnings in the cockpit (a "resolution advisory"). Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there. Obviously, this is concerning, and I'm unaware of any way to combat this.
So yes, the presentation may have looked "FUDdy" without background into the problem, but there are real security issues here which need to be dealt with.
Incorrect. The lens itself does the stabilizing, with accelerometers and a movable lens element. Linear ultrasonic motors shift the lens in the X and Y axes, effectively shifting the center of field.
10cm on a side? The Analog Devices ADXRS150 is a relatively accurate MEMS gyro in 1cm x 1cm. Three of those give you a 3D gyro platform more than good enough for flight stabilization or image-stabilizing a camera. I've done both with them.
They aren't up on par with inertial-navigation-grade systems using fiber-optic gyros, so their drift tends to make them unusable for long-term navigation. You wouldn't fly a cruise missile or an ICBM on them. But for sensing motion, or for aiding navigation in conjunction with accelerometers or a GPS, they're just fine. And they're available now.
There are plenty of lenses that are image-stabilized with gyros and moving lens elements. Look up the Panasonic Lumix series, or Canon's "IS" lenses.
Like the previous respondent said, you need more DSP before you can comment appropriately.
Regarding 2) above:
The whole point of sampling theory is to recreate sine waves. ANY sound source, be it violins or voices, is not a perfect sinusoidal signal. However, these sources can be represented to the limit of human hearing as a sum of sinusoids (a Fourier series). So, by using a sampling rate at least twice the human range, you should be able to adequately reconstruct triangle and sine waves to the limit of your hearing.
IOW, the "harmonics" you're talking about are, in the frequency domain, representations of sine waves. If you can properly reconstruct those harmonic sine waves to the limit of human hearing, you've got a violin, for all intents and purposes.
And that is why sine waves are awesome.
Sorry, you're wrong. It's legit.
If your argument is correct, then the thousands of Peltier-cooled devices that already exist, in fact, do not. They're all a hoax.
The whole point of heat exchange in a processor context is to move the heat far enough away so that it does not affect the processor. Who cares if your heat sink, which is attached to the 'hot' side of the cooler, is at 150 Celsius? The metal certainly doesn't. As long as the *chip* stays cool, there ain't a problem.
Granted, it's not gonna make laptops run cooler, but it just might let them run faster.
--nick
the difference is, as you would no doubt know if you actually HAD read the article, that this attack allows the reconstruction of the CRT image from reflected, diffuse light; the only information an attacker needs is the glow of the monitor on the walls of the room.
ever looked in a window down the street late at night and seen the whole room lit up by a television?
They're trying to learn how to improve the efficiency of the weapons. Early nukes, such as the infamous two dropped on Japan, fissioned only about 2% of the nuclear material they contained. By using different detonator explosive configurations, different neutron sources, and different case materials and arrangements scientists can improve the yield of these weapons without increasing the amount of fissionable material going into them. It's on the bleeding edge of physics, so testing is the only way to verify that the new technologies they use will actually work if, say, they need to drop these things on someone.
That said, the early nuclear tests were conducted in such an irresponsible and criminally negligent manner that hundreds of thousands of Americans were radiologically poisoned by iodine fallout from the atmospheric blasts in Nevada. The government sometimes has its own agenda, and that agenda need not involve the people.
From their patents list:
115. 6,323,837 11/27/01 Method and Apparatus for Interfacing an Elongated Object With a Computer System.
for those lonely, lonely nights with CUSeeMe...
A friend of mine has been tagged by the government's computers as well. Every time he flies, he is subjected to a thorough search of his luggage and carryons. So far he has been spared the indignity of a body search. He is a frequent flyer, and almost always flies alone. I guess he fits some sort of profile that EVERY BUSINESS TRAVELER fits.
Once, flying back from Virginia, he was pleasantly surprised that security did not single him out for searching at the checkpoint. Ten minutes after boarding the plane, however, he was asked to leave the plane because security had failed to properly search him.
A "random selection" this is not. Basing your unfair profiling decisions on a computer's algorithm is no more fair than "The Bell Curve" was, and just as demeaning.
that's funny... FedEx did just that to me. they left a package on my front doorstep and the signature area said "Front door". i live in Boston. needless to say, I never saw the box again.
but, since they left it, they had to claim liability for it. i was told the shipper files a claim, and the shipper sent me a new order.
i agree -- but if the music industry lets piracy slip for too long, and piracy advances into (let's say) lossless formats, then the industry is effectively obsoleted. it might not be a question of protecting profits so much as protecting the long-term survival of the industry.
on the other hand, it's still an evil, underhanded tactic to use the government for one's private ends.
the big media corporations are all on unfamiliar ground, and they've had several years to catch up with the current state of technology. well, they haven't. they haven't because the state of technology has rendered them obsolete, and thus they must try to hang on as best they can.
they tried to restrict media distribution via encryption, and it failed as it was destined to do; it's theoretically impossible to devise a truly secure media distribution format. if YOU can read it, the guy sitting NEXT to you can, too. since that failed, their only option is legislation.
i don't condone it. it's evil. but the media companies are trying to survive the paradigm shift in content distribution that the internet has started. corporations are considered people under the law; like people, they're just trying to survive as best they can, and they'll do whatever it takes. thus, if they can get legislation passed that lets them live, they'll do anything they can to ensure it gets passed.
everyone keeps suggesting that media companies "revise their traditional methods of distribution". how are they supposed to do that? either you give the media away for free, or you restrict distribution any way you can. there's no room in Scott McCloud's pass-the-hat paradise for media companies.
so, the big question is: if YOU were a major media corporation's CEO, and YOUR family's livelihood depended on keeping your corporation afloat in the face of underground distribution channels, what would YOU do?
i'll bet your answers, if you're truthful, aren't that far from what's happening now.
One of the major drawbacks (or benefits, depending on how you look at it) to the bazaar model is that its success depends directly on its popularity. If you make a project, let's say ThneedView, that everyone needs, you'll have people clamoring to submit patches for improvement. The drawback to this, of course, is the amazing number of cluebies who have no idea what they're talking about. The signal-to-noise ratio on a popular open-source project is amazing. OTOH, if your program is of interest to you and no one else, nobody's going to help you. Of course, nobody's going to bitch at you and start flame wars for making pivotal decisions on the evolution of your project, either. This is why I like the Linux evolution model (for example), where everyone can contribute, but someone is ultimately responsible for deciding what goes into the project and what gets tossed.
Paid programmers don't necessarily have to have any interest in the program they're producing (though, admittedly, it helps). Therefore, their projects don't depend on their popularity with the community, and everyone involved (generally, PHB's excepted) has a clue. Then again, this model limits the number of minds working on the project, and thus can be detrimental.
This material can GENERATE 700 watts of electricity from only one square cm. (specifically under a 58 degree F tempature gradient).
there's not enough energy difference in a 58-degree gradient to account for 700W per cc. if this were true, i could power Boston by replacing my oven's door with this stuff & baking a batch of brownies.*
i exaggerate, but the energy figure given is still ridiculously large.
that this comment got +1, Insightful proves beyond doubt that irony is dead.
Since most users of public-key crypto are (presumably) technologically oriented, most of them are probably also aware that GnuPG offers the same functionality, but free, and open-sourced to boot. Why bother paying for PGP when GPG is free, integrates with your favorite email clients (an Outlook plugin is even available), and offers the same or better encryption? GPG effectively made PGP unprofitable. Nobody who knows better would use it.
And, like the poster above mentioned, since the tech is facing a serious risk of becoming illegal, investing too heavily in it might not be wise from an economic standpoint.
--nick
shouldn't it be called the T-1000 instead of the p690?
"Holy shit! It's healing itself!"
"Have you seen this boy?"
selling your computer?! what, the greatest source of free porn ever created? what, are you nuts?
er, i've seen combination GPS + cell phone units, but unless you have one of those, your cell doesn't have a GPS in it. don't make stuff up.
they can, however, track you by triangulating your position based on what base stations it is talking to.