$26 of Software Defeats American Military 534
reporter writes "A computer program that can be easily purchased for $25.95 off the Internet can read and store the data transmitted on an unsecured channel by an unmanned drone. Drones are crucial to American military operations, for these aerial vehicles enable Washington to conduct war with a reduced number of soldiers. '... the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under US surveillance.'"
This is bullshit, guys. (Score:5, Informative)
The only question is, would this make more sense as an added option in wireshark, or GNU Radio?
Oh noes (Score:5, Informative)
So they recorded unencrypted OTA video feeds? While yes, they probably should have been encrypted in the first place and . . .
The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.
Yea that's kinda bad and lazy of them,
Senior military and intelligence officials said the U.S. was working to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but said it wasn't yet clear if the problem had been completely resolved.
they're fixing it.
Re:but what are the hardware costs? (Score:5, Informative)
Re:but what are the hardware costs? (Score:5, Informative)
No, demodulating a signal is not news. But not encrypting it in the first place ought to be.
(And TFA had a red herring in its focus on the software used to record the signal--the software is probably the easy part, once you've captured the signal).
We were using SINCGARS in the early 90's. SINCGARS is a frequency hopping, encrypted method of voice communication. We were just starting to use it to network military vehicles and personnel with HQ and each other. If SINCGARS could have been cracked, it would have put a beacon on every vehicle and soldier on and off the battlefield, not to mention eavesdropping. However, the inventor of SINCGARS could not decrypt the signal without the software and hardware keys. The software keys were changed at will. Usually weekly, but could easily be done daily. I am shocked that this signal does not use better encryption and/or frequency hopping. This type of communication is critical to tomorrow's battlefield.
Re:This is bullshit, guys. (Score:2, Informative)
Re:note to self: (Score:3, Informative)
The software CIA honeypot is Microsoft and people who use it networked.
Just as Enigma was and crypto ag was.
Skygrabber is a powerful filter system for a satellite dish. Passive and not networked.
Mb some version of Rivet Joint can spot the satellite dishes?
Re:Seriously would it have been difficult (Score:5, Informative)
It should've been encrypted, for sure. Agreed.
However, it does need to be encryption that works over a noisy channel, with possible gaps in the datastream. Your typical block-cipher using chaining thus doesn't qualify. (If you wonder why, try encrypting a one-megabyte file, then change a few characters randomly in the first half of the file, then decrypt it)
It's still not a hard problem mind you, just slightly more so than "grab AES, set it to CBC-mode"
Re:but what are the hardware costs? (Score:3, Informative)
True! So True!
Re:$26 is a lot (Score:1, Informative)
It's not even a particularly original strategy. The British used to employ almost identical tactics back in the late 19th/early 20th century. Back then, the prerequisite of a British campaign was that the enemy should under no circumstances carry guns -- even spears made us think twice. The kind of people we liked to fight were two feet tall and armed with dry grass.
Quoting Blackadder without giving credit makes you the opposite of witty and original.
Re:$26 is a lot (Score:4, Informative)
You really should attribute Blackadder when you quote it.
Anyway, it was written for comedic effect rather than accuracy, generally in colonial wars British fought against people with guns, Zulus being a prime example of a group often depicted inaccurately without firearms or military organization, an insult to both sides of that conflict.
security through obscurity... (Score:2, Informative)
Re:Sh..... (Score:1, Informative)
I'm still not convinced that killing dirt-poor tribes people on the other side of the world has a whole hell of a lot to do with national security. I'd like to see the US focus more on what is truly important to our security (i.e. borders) and stop trying to micromanage every damn spot and resource on the planet.
Re:Seriously would it have been difficult (Score:3, Informative)
Private companies were much better, until they started outsourcing to India. It's amazing how economy can work for you and against you at the same time isn't it?
Re:Gung ho (Score:3, Informative)
Re:All your drone are belong to us (Score:3, Informative)
I agree. I expect better from Slashdot, but they seemed to have turned their headline writing over to the DrudeReport.
What they don't say is that this report going back to January of this year, and that the military has been working on fixing the problem since then. They "hackers" can only pick up the video signal, not other info, and could not control the drones, which is what is implied from the headline.
I do think it is embarrassing and kind of hard to imagine that you couldn't see this coming, especially with North Korea regularly developing and selling anti-US technologies. This should have been in the design, or at least identified as a risk.
Re:but what are the hardware costs? (Score:2, Informative)
Oblig: http://xkcd.com/598/ [xkcd.com]
Re:Sh..... (Score:3, Informative)
They let just anyone fly jets too.
Although it's not a jet, the top drone pilot is a 20 y/o kid whose only experience prior was video games.
Re:Seriously would it have been difficult (Score:4, Informative)
A Vigenère cipher generates ciphertext C(N) by passing plaintext symbol P(N) through the function E(P(N), K[N mod len(K)]), where N is the symbol number of the input, K is the key, K[Q] is the Qth symbol in K, and E is a function such that E(A,B) -> A', and E(A',B) -> A. Decryption simply applies the same function to the ciphertext, yielding the original plaintext.
This description clearly applies to XOR with a random pad. What makes a one-time pad secure is that the key is always longer than the input, so attacks that depend on correlation don't work. Conversely, Vigenère is insecure because the key repeats. Used with a random "key" as long as the message, Vigenère is equivalent to XOR, and is provably and perfectly secure.
Re:And What If Al-Qida Sees A Beat Cop Overhead? (Score:1, Informative)
A lot of that is actually being done in academia. I worked on a UAV (Underwater Autonomous Vehicle) for my senior project that was used to do marine research at the local bay. Also, many of my colleagues were working on aerial drones for fire detection (yeah, California) and traffic analysis for the public transit system. We were just students, but we would design and program peripheral systems for the commercial robots. Just remember that there is a whole other world out there that doesn't make the news.
Re:Appearantly, not much (Score:4, Informative)
Warning:
Comment in first link warns not to trust uploader. Possible nasty shit instead of actual App.
And, no, I am not going to find out...The last thing I want is the feds kicking in my door. Keeping the article in mind, I suspect the Government will be closely watching these torrents now (if they haven't already been doing so. Wouldn't surprise me if the whole story is a government plant to smoke out tourists...erm, terrorists).
I apologize for the self-response, but felt it was warranted.
Re:but what are the hardware costs? (Score:3, Informative)
That's right. I'm not sure this is even a problem. So you can see the video. BFD. You know, the fun really begins when we start broadcasting bogus video. Much cheaper than launching real platform and just as fun.
I worked on a UAV system in the mid 80's and we didn't encrypt anything (everybody remain calm:that was then, this is now). I did the entire RF system using off the shelf packet radio systems at 1200 baud. Encryption adds overhead and we were just a POC demo.
Re:Gung ho (Score:3, Informative)
The Navy does not have a rank called Major.
Quite right. Brain fart on my part. He's an O-4 which in the Navy is Lt Cmdr. Most of the military guys I know are in the other branches so I transposed...
Re:Sh..... (Score:3, Informative)
I have to take exception to this. I work for a military contractor and I take my job very seriously. I know that there are men and women who are trusting me with their lives to do my job properly. They require me to do my job error-free. On-time, on-budget are nice but are, and always will be, secondary concerns.
I get paid very well, I get a lot a nice benefits, and the atmosphere is excellent. (Hell, I even get to read /.!) The goal of any company is to make money, yes, but that's a fact of life. I expect to get paid. So does my mortgage company, my cable company, the water department, etc. I like my job and if I didn't have any expenses I'd do it for nothing. If I won the lotto, I'd still come in to work. (Which would be really weird since I don't buy tickets.)
The company likes loyal employees because we have to be trusted with (get this) military secrets, we have to go through background checks, and we have to be ready, willing, and able to do our best. It's expensive to hire someone -- it takes months and thousands of dollars before you even get to the point when they can sit at a desk. Greedy employees are the ones who wouldn't mind sending certain documents to people who would pay "Top Dorrar". You don't want those kind of people.
It's not a job that can be done by anyone. Yes, some of the stuff I'm doing can and likely will be used to kill someone. I spend a lot of time making sure that it's the bad guys and not the folks using the stuff. After all, if you've made the kind of choices where the military is shooting at you, it's probably not a big loss if we've got to kick you off the planet. If you've written the Blank Check to the government, then it's a terrible loss if I've fucked up and killed you by accident.
Re:Seriously would it have been difficult (Score:4, Informative)
Telling me the key length is a big hint. But 5,632 bytes is only about 11 repetitions of your key. That means I have 512 separate Caesar ciphers to crack, with a ciphertext of 10 or 11 characters each. Even Sherlock Holmes needed more than that to solve the puzzle of the Dancing Men.
Feel free to carry on using your not-so-one-time pad, though. The larger the data set relative to the key, the easier it gets. Once you give the attacker enough data to make frequency analysis possible on the 512 separate Caesar ciphers, then your Vigenere cipher is gone.