Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
The Military News

$26 of Software Defeats American Military 534

reporter writes "A computer program that can be easily purchased for $25.95 off the Internet can read and store the data transmitted on an unsecured channel by an unmanned drone. Drones are crucial to American military operations, for these aerial vehicles enable Washington to conduct war with a reduced number of soldiers. '... the intercepts could give America's enemies battlefield advantages by removing the element of surprise from certain missions and making it easier for insurgents to determine which roads and buildings are under US surveillance.'"
This discussion has been archived. No new comments can be posted.

$26 of Software Defeats American Military

Comments Filter:
  • by Anonymous Coward on Thursday December 17, 2009 @08:50AM (#30472612)

    ...you observe uav

  • by Anonymous Coward on Thursday December 17, 2009 @08:50AM (#30472616)

    Well, demodulating an unencrypted digital signal is not news.

    I am more interested in what kind of RF equipment one would need to capture it off the air.
    It's not like you can do this with your WiFi card. ;)

    • by brusk ( 135896 ) on Thursday December 17, 2009 @08:58AM (#30472702)
      No, demodulating a signal is not news. But not encrypting it in the first place ought to be. (And TFA had a red herring in its focus on the software used to record the signal--the software is probably the easy part, once you've captured the signal).
      • by StatureOfLiberty ( 1333335 ) on Thursday December 17, 2009 @09:06AM (#30472768)
        Let me guess. GA-ASI (maker of the MQ-9 Reaper drone) makes voting machines too.
      • by ArcherB ( 796902 ) on Thursday December 17, 2009 @09:17AM (#30472878) Journal

        No, demodulating a signal is not news. But not encrypting it in the first place ought to be.

        (And TFA had a red herring in its focus on the software used to record the signal--the software is probably the easy part, once you've captured the signal).

        We were using SINCGARS in the early 90's. SINCGARS is a frequency hopping, encrypted method of voice communication. We were just starting to use it to network military vehicles and personnel with HQ and each other. If SINCGARS could have been cracked, it would have put a beacon on every vehicle and soldier on and off the battlefield, not to mention eavesdropping. However, the inventor of SINCGARS could not decrypt the signal without the software and hardware keys. The software keys were changed at will. Usually weekly, but could easily be done daily. I am shocked that this signal does not use better encryption and/or frequency hopping. This type of communication is critical to tomorrow's battlefield.

        • by sycodon ( 149926 ) on Thursday December 17, 2009 @09:29AM (#30472994)

          If they can prevent me from watching porn on cable and satellite, they should be able to prevent these guys from hijacking the video feeds from the UAVs.

        • by Anonymous Coward on Thursday December 17, 2009 @09:51AM (#30473294)

          Simple explanation here.

          Back in the early days of this design, someone designated drone-originated video as unclassified. Otherwise there's no way in hell it would be unencrypted.

          This isn't an oversight - there's guaranteed a loooong paper trail going back to a conscious decision regarding the classification level of the drone video here, and following conscious decisions regarding the design.

          If you use encryption in a military system that is not NSA Type 1 approved, there's a LOT of paperwork required to prove that your encryption is not being used to protect classified information.

          Type 1 approved crypto is a royal pain in the ass. - http://en.wikipedia.org/wiki/Type_1_encryption [wikipedia.org]

          It often proves significantly easier in terms of cost and paperwork to not encrypt than to prove that your encryption isn't being used to protect classified information. Security guys ask, "If it's unclassified, why are you encrypting it?", with "It's good design practice." resulting in massive beancounter agro.

          • Re: (Score:3, Informative)

            by hax4bux ( 209237 )

            That's right. I'm not sure this is even a problem. So you can see the video. BFD. You know, the fun really begins when we start broadcasting bogus video. Much cheaper than launching real platform and just as fun.

            I worked on a UAV system in the mid 80's and we didn't encrypt anything (everybody remain calm:that was then, this is now). I did the entire RF system using off the shelf packet radio systems at 1200 baud. Encryption adds overhead and we were just a POC demo.

        • by gandhi_2 ( 1108023 ) on Thursday December 17, 2009 @10:22AM (#30473730) Homepage

          No kidding.

          The SINCGARS is the standard today, though a few versions later.

          I flew RQ-11A Ravens in Iraq, and even THOSE aren't plain text transmitions. WFT?

          I'm sure a small mod will be pushed out now and the other UAV's will be encrypted and freq-hoping like it's no big deal.

        • by acklenx ( 646834 ) on Thursday December 17, 2009 @11:49AM (#30475032) Homepage
          Just to be clear

          frequency hopping != encryption

          especially if you are the only transmitter in that spectrum nearby.

        • The Germans had great confidence in ENIGMA as well. But, the Allies could read it and it made us look stupid. Granted, cracking some of the current Allied codes would require a fundamental breakthrough in computing - like a proof that P=NP and the utility to solve these problems, but...

          What if the Chinese had it?

          We would be screwed.

    • by Anpheus ( 908711 ) on Thursday December 17, 2009 @09:00AM (#30472716)

      Turns out the drones use bluetooth. Just the other day my laptop asked me to sync to one when I was put a pringles can on the antenna.

      "Windows has found a MQ-9 Reaper, would you like to connect?"

      At this point I was (a.) terrified and (b.) glad that somebody with some clout was going to do something about the increased crime in the area.

    • by AlexiaDeath ( 1616055 ) on Thursday December 17, 2009 @09:10AM (#30472798)
      Reading the information in the article and deducting from the software used, all you need is satellite internet card, satellite dish and the SkyGrabber, a bit of software that records anything video like it finds in satellite data stream. Pretty much off the shelf hardware for a place with limited infrastructure.
  • Sh..... (Score:5, Funny)

    by jc42 ( 318812 ) on Thursday December 17, 2009 @08:52AM (#30472638) Homepage Journal

    Don't tell the DoD. They've been paying $7,000 per license for that software.

    • Re: (Score:2, Insightful)

      by gplus ( 985592 )
      Why are the military so goddam stupid? They have been transmitting video unencrypted ever since the Bosnia conflict. And apperantly they're still happily going on making same mistake as Joe Sixpack, setting up his new home wireless router.

      Don't they understand that even the weakest simplest encryption, is 1000 times better than none at all?
  • by fuzzyfuzzyfungus ( 1223518 ) on Thursday December 17, 2009 @08:55AM (#30472668) Journal
    We need an OSS option stat. Nobody should have to give up their software freedom just to make a mockery of America's finest tech toys.

    The only question is, would this make more sense as an added option in wireshark, or GNU Radio?
    • by j-pimp ( 177072 ) <(zippy1981) (at) (gmail.com)> on Thursday December 17, 2009 @09:22AM (#30472920) Homepage Journal

      The only question is, would this make more sense as an added option in wireshark, or GNU Radio?

      Well to keep with the unix philisophy of small reusable components the following should be done:

      • libUAVSniff should be created on github
      • libUAVSniff should be developed. It should include a simple command line program for sniffinf UAV traffic and spew to stdout
      • Wireshark will add a module that uses this library
      • GNURadio will add a module that uses this library
      • Someone will fork it on github and write an irc bot that will post UAV locations
      • Someone will fork it on github and write a twitterbot
      • github forks for perl modules, .net/java wrapper, etc
      • A codeproject article explaining how to track UAVs and plot their location using silverlight.
  • $26 is a lot (Score:5, Insightful)

    by gurps_npc ( 621217 ) on Thursday December 17, 2009 @08:56AM (#30472672) Homepage
    How much is a bullet to the brain of the General commanding the war? But you need a trained sniper and an awfully good insertion to get that bullet there.

    Counting the cheapest part of the machine is silly.

    Software is often free. $26 is a lot for software. The radio reception, etc. and knowing where to aim are all much more expensive and require skill.

    • Tend to agree, especially since current strategy is to only pick fights with opponents one step above the stone age, then bomb them right back into it.
      • Re: (Score:2, Offtopic)

        by jimicus ( 737525 )

        It's not even a particularly original strategy. The British used to employ almost identical tactics back in the late 19th/early 20th century. Back then, the prerequisite of a British campaign was that the enemy should under no circumstances carry guns -- even spears made us think twice. The kind of people we liked to fight were two feet tall and armed with dry grass.

        • Re:$26 is a lot (Score:4, Informative)

          by donscarletti ( 569232 ) on Thursday December 17, 2009 @09:49AM (#30473262)

          You really should attribute Blackadder when you quote it.

          Anyway, it was written for comedic effect rather than accuracy, generally in colonial wars British fought against people with guns, Zulus being a prime example of a group often depicted inaccurately without firearms or military organization, an insult to both sides of that conflict.

  • by mysidia ( 191772 ) on Thursday December 17, 2009 @08:56AM (#30472674)

    Defeating them would be gaining control of the drones (a really scary proposition)

    This seems to be an information leak.. something that ought to be fixable by using some sort of encryption.

    Or even by making slight changes to the stream format, since SkyGrabber seems to just be off-the-shelf software.

    • by Dunbal ( 464142 )

      Defeating them would be gaining control of the drones (a really scary proposition)

            If the outgoing stream wasn't encrypted, what makes you think the control stream was? It probably wasn't encrypted either - apart from the fact that the commands themselves are a form of substitution cypher.

  • Oh noes (Score:5, Informative)

    by OverlordQ ( 264228 ) on Thursday December 17, 2009 @08:56AM (#30472682) Journal

    So they recorded unencrypted OTA video feeds? While yes, they probably should have been encrypted in the first place and . . .

    The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said.

    Yea that's kinda bad and lazy of them,

    Senior military and intelligence officials said the U.S. was working to encrypt all of its drone video feeds from Iraq, Afghanistan and Pakistan, but said it wasn't yet clear if the problem had been completely resolved.

    they're fixing it.

    • Re:Oh noes (Score:5, Insightful)

      by fuzzyfuzzyfungus ( 1223518 ) on Thursday December 17, 2009 @09:06AM (#30472766) Journal
      I'm frankly more worried about "But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said." than I am about this particular security vulnerability.

      Security vulnerabilities happen, and are unfortunate and need to be fixed, and we really should spend more time and resources on caring about them; but that is all manageable software/systems engineering stuff.

      Making important decisions on the basis of "Eh, our enemies are just ignorant mud farmers anyway, no problem", on the other hand, is colossally arrogant and extremely dangerous. Particularly, since the US currently has the world's highest tech and most expensive military, "Eh, they're just primitives, no problem" is a practically all-purpose dismissal of virtually any problem that you are too lazy to fix. That is a recipe for learning, the hard way, about every new asymmetric warfare trick.
      • Re:Oh noes (Score:5, Funny)

        by Minwee ( 522556 ) <dcr@neverwhen.org> on Thursday December 17, 2009 @11:26AM (#30474646) Homepage

        I'm frankly more worried about "But the Pentagon assumed local adversaries wouldn't know how to exploit it, the officials said." than I am about this particular security vulnerability.

        I believe that the technical term for that is "Security Through La-la-la-I'm-not-listening!"

        Although it has a long and glorious past filled with successes, it's still not a recommended way to secure anything more important than ordering a pizza.

    • Re:Oh noes (Score:5, Interesting)

      by couchslug ( 175151 ) on Thursday December 17, 2009 @09:15AM (#30472858)

      It could be a deliberate ploy to manipulate what the enemy "sees". Why not have a "leak"?
      It's a bit like leaving USB keys around for the unsuspecting to pick up...

  • by jsnipy ( 913480 ) on Thursday December 17, 2009 @08:57AM (#30472690) Journal
    Perhaps the US can put an IP copyright on the data then sue anyone who looks at it without a licesnce! More money!
  • ...why in the world wasn't all the data feeds sent to & from a drone encrypted ALREADY? It took someone sniffing the wireless feed for someone to realize this?!

  • it is generally a bad idea to piss off people who have access to thermonuclear weapons and killer robots when I don't.

    since this is /. I'll throw in a conspiracy theory + dumb meme: is the program really a CIA honeypot which just reports fake data? in the post 9/11 era, does your tracking software track you?

    • Re: (Score:3, Informative)

      by AHuxley ( 892839 )
      The US is known for in the clear intel gathering. They only encrypt the stuff they are interested in after sorting, that way they can sort a lot of info, very fast. If the US had to fill the sky with crypto computers on sats the flow would slow. Best just to push raw packets to a safe area.
      The software CIA honeypot is Microsoft and people who use it networked.
      Just as Enigma was and crypto ag was.
      Skygrabber is a powerful filter system for a satellite dish. Passive and not networked.
      Mb some version
  • Why did nobody slap AES or blowfish block ciphers around the video packets? I admit I am assuming the video is digital. There are inexpensive (in terms of the cost of a drone) silicon implementations of both for the planes and BSD licensed software for the stations. If they just used preshared keys its would have been trivial to do and probably would have prevented this.

    • by Eivind ( 15695 ) <eivindorama@gmail.com> on Thursday December 17, 2009 @09:29AM (#30472998) Homepage

      It should've been encrypted, for sure. Agreed.

      However, it does need to be encryption that works over a noisy channel, with possible gaps in the datastream. Your typical block-cipher using chaining thus doesn't qualify. (If you wonder why, try encrypting a one-megabyte file, then change a few characters randomly in the first half of the file, then decrypt it)

      It's still not a hard problem mind you, just slightly more so than "grab AES, set it to CBC-mode"

  • by Clovis42 ( 1229086 ) on Thursday December 17, 2009 @08:59AM (#30472710)
    I doubt a "terrorist" is the kind of person who would actually spend money on software. I know perfectly reasonable teenagers who access software for free all the time on this thing called the internet.
  • Anonymous Coward (Score:2, Insightful)

    by Anonymous Coward

    Perhaps the smart play would be to quietly encrypt actual data, while continuing to broadcast placebo or manipulated data in the clear.

  • by a_nonamiss ( 743253 ) on Thursday December 17, 2009 @09:10AM (#30472806)
    why didn't the DoD just start passing a fake feed from the drone? They could have added another encrypted channel for the real feed, which I would assume is trivial given the military's budget. Then pass fake data over the unencrypted channel. Sometimes disinformation to the enemy is far more valuable than real intelligence. I can see a bunch of jihadis sitting around watching a tv screen. "Look at those infidels. They are going to blow up the wrong building! Our secret base is 100 kilometers away! Say, does anyone else hear that noi..." [BOOM]
  • Hubris (Score:5, Insightful)

    by mruizcamauer ( 551400 ) on Thursday December 17, 2009 @09:11AM (#30472814) Homepage
    "U.S. military personnel in Iraq discovered the problem late last year when they apprehended a Shiite militant whose laptop contained files of intercepted drone video feeds. In July, the U.S. military found pirated drone video feeds on other militant laptops, leading some officials to conclude that militant groups trained and funded by Iran were regularly intercepting feeds." The Germans did not think the Poles could break their codes. The Japanese did not think the US and the Australians would break their codes. The British did not think Argentina would finish assembling the Exocets on their own without the French manuals or use them in a way differently than designed. The Afghan and Iraqi insurgents have the money and the brains to break into Western weapon systems, don't underestimate them (or the probable help from Iran, Syria, Korea, etc...) The prospect of getting killed is a powerful motivator.
    • Re: (Score:3, Insightful)

      by querist ( 97166 )
      Never underestimate your opponent. Anyone who forgets that rule is doomed to failure. The safe rule is always to assume that your opponent is AT LEAST as well trained and capable as you are. You may be able to make intelligent suppositions regarding supplies and equipment, but never underestimate training, intelligence, and skill.
    • Re:Hubris (Score:5, Interesting)

      by westlake ( 615356 ) on Thursday December 17, 2009 @12:26PM (#30475540)

      The Germans did not think the Poles could break their codes. The Japanese did not think the US and the Australians would break their codes.

      The problem was never breaking the codes.

      The problem was breaking the codes more or less instantaneously.

      You need time to frame and execute an appropriate response - and far too often the correct response will be to do nothing.

      Since to do anything will invite suspicion.

      Eavesdropping on the Rising Sun [americanheritage.com]
        The Code War [americanheritage.com]
      The Edison of Secret Codes [americanheritage.com]

  • So they were able to intercept the unencrypted, a more important question is why weren't these communications encrypted?

    • by Fieryphoenix ( 1161565 ) on Thursday December 17, 2009 @09:26AM (#30472964)
      From what I could make out, it's just the video stream transmitted by the drone that's unencrypted, not communications that control the drone. The obvious reason this might be done is to save on the computational requirements onboard the drone by not making it encrypt the presumably immense data stream of the video. Decrypting the rest of the communication the drone receives is probably an order of magnitude less processing load, or even two.

      If received and understood by the enemy in a timely manner, very useful information. But if it is just the image unencrypted and not GPS coordinates, etc, the enemy would have to have enough people watching the feeds to recognize the terrain that was being photographed... it's easy to see why this might not be considered likely and lead to the poor judgement to leave it unencrypted when the drones were designed, many years ago with less powerful processors available.
  • If the data feed coming _from_ the drone is cleartext, what about the commands being sent to it? TFA says there's "no evidence" that insurgents have been able to commandeer the drones yet, but doesn't say whether that's because the channel is secure, or that they just haven't reverse-engineered the protocol yet. O_o

  • Are you trying to lose the fucking war?

  • Yes, keep looking at the unencrypted channel playing a video loop of some clouds, while those watching the encrypted channel see the drone get closer and closer to you...
  • by Kupfernigk ( 1190345 ) on Thursday December 17, 2009 @09:31AM (#30473018)
    Really this is a huge fuss over nothing, and some of the more wacko conspiracy theories about CIA honeypots and the like (above) are just as silly as the "shoot General Atomics" mob.

    Is there any real security risk in this? I suspect it is very small. The Russians never bothered to encrypt the telemetry on their ICBM tests, because after all even assuming someone was reading it, they had no way of stopping the thing. Even if you know where the drone is, it is going to be very hard to shoot down; RPGs and IEDs really aren't much use. And given that this is a video feed, how do you ray trace back to the actual position of the camera?

    Unfortunately there are plenty of assholes out there who will exaggerate anything in order to claim that they are more security conscious than the next person (and perhaps hope to get a contract for their company). But this is surely small war, no-one dead, move along please.

    • by Registered Coward v2 ( 447531 ) on Thursday December 17, 2009 @09:53AM (#30473314)

      Unfortunately there are plenty of assholes out there who will exaggerate anything in order to claim that they are more security conscious than the next person (and perhaps hope to get a contract for their company). But this is surely small war, no-one dead, move along please.

      And those same people don't know (or remember) the first rule of intelligence:

      Those who know, don't talk. Those who talk, don't know.

    • by OzPeter ( 195038 ) on Thursday December 17, 2009 @10:10AM (#30473536)

      Is there any real security risk in this? I suspect it is very small.

      The risk to this is not a danger to troops. The risk of this is having a completely un-edited video source available to people who would have a field day if the official US proclamation of what happened was visibly different from the recorded video stream

      • by Mr 44 ( 180750 ) on Thursday December 17, 2009 @12:40PM (#30475728)

        The risk to this is not a danger to troops. The risk of this is having a completely un-edited video source available to people who would have a field day if the official US proclamation of what happened was visibly different from the recorded video strea

        Awesome point! And of course, since they've had access to these feeds for over a year, can we then assume that there hasn't been an incident where showing the footage would have disproved the US version of events?

        Of course, they would be hestitant to tip thier hand that they've got access to the footage, but if they really caught us in a lie, don't you think they'd show it?

  • by RealErmine ( 621439 ) <commerce.wordhole@net> on Thursday December 17, 2009 @09:45AM (#30473212)

    From TFA:

    The difficulty, officials said, is that adding encryption to a network that is more than a decade old involves more than placing a new piece of equipment on individual drones. Instead, many components of the network linking the drones to their operators in the U.S., Afghanistan or Pakistan have to be upgraded to handle the changes.

    As an engineer in the defense industry and with experience integrating communication systems, I can't even think of one military data radio system in use that doesn't have encryption ability. Even if they are using off-the-shelf wifi (doubtful) they wouldn't need to change hardware to at least have some encryption. Either this quote is a lie, or someone did something monumentally stupid.

    • by decsnake ( 6658 ) on Thursday December 17, 2009 @10:40AM (#30474042)

      As an engineer in the defense industry you probably also know how long defense systems live and how hard it can be to get upgrades pushed out into the field. It wouldn't surprise me at all if it wasn't technically feasible to encrypt the video stream at the time this system was first deployed and since then upgrading it has never been a priority for anyone with enough clout to make it happen. Now that its on SecDef's radar how long do you think its gonna take before this gets fixed?

  • by DarthVain ( 724186 ) on Thursday December 17, 2009 @09:48AM (#30473248)

    "Hey I can see my house from here! Oh Wai..."

  • Proprietary software (Score:4, Interesting)

    by pmontra ( 738736 ) on Thursday December 17, 2009 @09:56AM (#30473348) Homepage
    From TFA:

    Predator drones are built by General Atomics Aeronautical Systems Inc. of San Diego. Some of its communications technology is proprietary, so widely used encryption systems aren't readily compatible, said people familiar with the matter.

    No more words needed.

    • Re: (Score:3, Insightful)

      by MrMickS ( 568778 )

      Must be good to live in a world where all life's problems can be solved by OSS software. Sadly, life just isn't that simple.

      • Re: (Score:3, Insightful)

        by TubeSteak ( 669689 )

        Must be good to live in a world where all life's problems can be solved by OSS software. Sadly, life just isn't that simple.

        They didn't have to use OSS.
        How about using established standards?
        Then the Army can drop in some off the shelf fix instead of having
        to pay their sole vendor to custom code/design new software/hardware.

  • Yawn (Score:3, Insightful)

    by mea37 ( 1201159 ) on Thursday December 17, 2009 @10:05AM (#30473458)

    $26 software defeats American military? OMG, we've been beaten?

    Oh, wait... you're just saying that insurgents have a tactical advantage in some missions because they've exploited a security vulnerability using $26 software. So maybe $26 software used as weapon aganist US military?

    Ah... but the military discovered the problem in the field, and is working to plug the security hole. $26 software annoys American military temporarily.

  • by LifesABeach ( 234436 ) on Thursday December 17, 2009 @10:22AM (#30473718) Homepage
    Why not use the Drones as a way to help folks? Afghanistan does not need an Aggressor Sniper Team for every flat tire problem. How about applications like Snow Fall Levels? Lake Levels? Traffic? Crop Pests? River and Lake Levels? Civil Engineering Project Completions? Sometimes just walking up to the person and saying, "Would you please stop flipping off the Reapers as they fly by. To Americans it means 'I going to empty my bladder'."
  • by Locke2005 ( 849178 ) on Thursday December 17, 2009 @12:15PM (#30475374)
    1) Spread rumors that cheap software can defeat Predator drones.
    2) Offer software for sale on the internet.
    3) Include tracking device with every copy of software sold.
    4) Trace every shipment to it's destination.
    5) Send Predator drone to attack destination.

    Yep, sounds like a winning plan to me!
  • by Interoperable ( 1651953 ) on Thursday December 17, 2009 @12:30PM (#30475580)
    that's quite worrisome. I really hope that they only receive encrypted data or, at the very, very least, need some sort of secure authentication that can't be easily falsified. If you could transmit to the drones with $30 software and have them listen, I would be absolutely terrified.

Parts that positively cannot be assembled in improper order will be.

Working...