Forgot your password?
typodupeerror

Comment: Re:Doesn't know much about the system (Score 3, Interesting) 141

by Bistromat (#41089617) Attached to: FAA Denies Vulnerabilities In New Air Traffic Control System

Why waste dev time on a SDR TX when you can buy a used transponder off ebay for cheap or just steal one?

Just sayin its not all that practical.

Because the SDR TX took one evening in Gnuradio to implement.

Third is data gathering from multiple sites. You cannot generate enough power / altitude from the ground to knock out a substantial range. Talk to some microwave RF guys. So use the ring of airports/radars around the transmitter.... Of course this sucks AT o'hare if the jammer is in the o'hare parking lot...

For ground purposes why can the ADS RX be on a narrow beam antenna? HMm a network of them just triangulated on you.

We aren't jamming. We're spoofing. Your idea regarding triangulation is generally correct, although they use multilateration, not direction of arrival. However, if your signal is only loud enough to be heard by a single station (or two stations), you can't multilaterate, and since 1090MHz is very much line of sight, the odds multiple stations will hear a ground-based spoofer are slim.

They HAVE To maintain it. Otherwise my learjet full of coke gets the "cloaked ship" star trek effect if I flip the transponder circuit breaker off. They're never, ever, going to give up on skin painting. Maybe some phb who's never ATC'd or piloted a plane made up some story, but...

I'm totally with you here. The problem is the FAA initially appeared not to recognize this; it appeared they wanted to maintain PSR/SSR in congested areas, but shut down some primary sites in less-trafficked areas. I am as glad as you are that they seem to understand the necessity of maintaining complete PSR/SSR.

Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there.

Talk to a pilot. The first thing you do is visual the incoming. So that limits it to IFR only conditions right off the top.

A successful attach is going to be pretty ineffective and very dangerous to attempt. I just don't see it as an issue.

If these attacks become popular, planes will just pop the tcas circuit breakers on order of ATC (probably in the ATIS/AWOS message?) and fly "pre-tcas" which works just fine.

I don't agree with this. Disabling TCAS is a hazard in itself, ESPECIALLY in IFR condx. This is a problem.

Comment: Re:Doesn't know much about the system (Score 5, Insightful) 141

by Bistromat (#41089081) Attached to: FAA Denies Vulnerabilities In New Air Traffic Control System

I'm one of the authors.

Unfortunately, transmitting live spoofed data into the real ATC system is Guantanamo fodder, and I'm trying to avoid becoming a domestic terrorist if at all possible.

That said, this wasn't merely a simulation: real ADS-B frames were transmitted by a low-cost SDR (into a dummy load) based on the position of a simulated aircraft flying in FlightGear. Those transmitted frames were received by the same SDR (alongside real frames from real aircraft), and the resulting tracks plotted in Google Earth.

See my comment here: http://tech.slashdot.org/comments.pl?sid=3065807&cid=41088873 for more information.

Comment: Re:Doesn't know much about the system (Score 3, Interesting) 141

by Bistromat (#41088873) Attached to: FAA Denies Vulnerabilities In New Air Traffic Control System

Hi, I'm one of the authors.

The demonstration used a COTS SDR to transmit ADS-B squitters from positions derived from an aircraft flying in FlightGear. The same SDR was simultaneously receiving ADS-B frames from real aircraft, *including* the spoofed frames being transmitted locally. The combined frames were brought into the Google Earth display for viewing. Criticism suggesting that "it's just a flight simulator, it's not real" is incorrect: these are valid, correct ADS-B frames, transmitted (into a dummy load), which will be received and decoded by ADS-B IN hardware. There is a spec (DO-260B), and the transmissions meet that spec.

The purpose of the demonstration was to show that valid ADS-B frames can be generated and transmitted by low-cost SDR hardware. This capability raises a number of interesting possible attack vectors, which were discussed in the presentation. The secondary purpose of the presentation was to get the FAA to clarify the countermeasures they plan on using to detect, identify, and eliminate spoofed transmissions from the data which controllers see. Specifically, there are two other sources of data they can use: multilateration, which depends on time-difference-of-arrival to calculate the originating position of a transmission (same principle as GPS); and maintaining a network of primary surveillance radar. Prior to this week (Steve Henn of NPR was the first to get the memo from the FAA), the FAA had not stated that they planned to maintain a full radar network, or to use multilateration to vet reports. In fact, reading older documentation, explicit mention is made of *shutting down* PSR to save money after ADS-B implementation is complete. So, you understand our concern.

Additionally, ADS-B IN implementation aboard aircraft (rather than ground stations) provides no facility for validating reports via TDOA; this means that you can inject false reports into aircraft which are listening to other ADS-B reports. Currently few aircraft support this capability, but for those that do, you can squit fake aircraft right into their traffic display.

Lastly, the last couple of slides from the Defcon presentation discuss an attack vector against TCAS, the collision avoidance system aircraft use to maintain separation when ATC fails to do so. This attack vector is particularly concerning because it provides direct pilot guidance: a false aircraft on a collision course will create audio and visual warnings in the cockpit (a "resolution advisory"). Therefore, you could potentially cause an aircraft to maneuver to avoid an intruder which isn't actually there. Obviously, this is concerning, and I'm unaware of any way to combat this.

So yes, the presentation may have looked "FUDdy" without background into the problem, but there are real security issues here which need to be dealt with.

Space

+ - Scientists propose liquid lunar telescope

Submitted by jcgam69
jcgam69 (994690) writes "Scientists have proposed using a liquid compound to craft a giant disc-shaped mirror that would be capable of reflecting objects that are undetectable by other telescopes, according to a paper published this week in the journal Nature. With much less expense than transporting a solid mirror, the liquid would be carried in a drum and poured over a disc-shaped mesh that unfurls robotically, according the paper. Surface tension on the mesh would prevent the liquid from dripping through its small holes, according to the scientists. The result would be an optical-infrared telescope with a 66-foot to 328-foot aperture, which could reflect faint objects in dwarf or normal galaxies."
Math

+ - AES may be breakable (and/or have a trapdoor!)->

Submitted by nodrog
nodrog (31300) writes "A preprint at the International Association for Cryptologic Research (IACR) claims that AES may be susceptible to a new cryptanalysis technique. From the article abstract: — We describe a new simple but more powerful form of linear cryptanalysis. It appears to break AES (and undoubtably other cryptosystems too, e.g. SKIPJACK). The break is "nonconstructive," i.e. we make it plausible (e.g. prove it in certain approximate probabilistic models) that a small algorithm for quickly determining AES-256 keys from plaintext-ciphertext pairs exists — but without constructing the algorithm. Even if this break breaks due to the underlying models inadequately approximating the real world, we explain how AES still could contain "trapdoors" which would make cryptanalysis unexpectedly easy for anybody who knew the trapdoor. If AES's designers had inserted such a trapdoor, it could be very easy for them to convince us of that. But if none exist, then it is probably infeasibly difficult for them to convince us of that."
Link to Original Source
Republicans

+ - Cheney Exempts Self From Presidential Orders-> 1

Submitted by
cybermage
cybermage writes "Even in the face of Cheney's office's involvement in the leaking of information related to national security, such as the Valerie Plame incident, vice president Cheney has exempted his office from complying with a presidential order that sets out procedures for the safe handling of national security information."
Link to Original Source
Enlightenment

+ - Pioneer in Global Warming Reasearch Now Skeptical

Submitted by The Underwriter
The Underwriter (1042080) writes "Article from Canada's National Post, March 2, 2007

"Claude Allegre, one of France's leading socialists and among her most celebrated scientists, was among the first to sound the alarm about the dangers of global warming.

"Fifteen years ago, Dr. Allegre was among the 1500 prominent scientists who signed 'World Scientists' Warning to Humanity' (Wikipedia), a highly publicized letter stressing that global warming's 'potential risks are very great' and demanding a new caring ethic that recognizes the globe's fragility in order to stave off 'spirals of environmental decline, poverty, and unrest, leading to social, economic and environmental collapse.'"

In light of the volumes of research conducted since then, Dr. Allegre recently renounced his previous views. He now believes global warming is "over-hyped and an environmental concern of second rank."

" 'The cause of this climate change is unknown,' he states matter of factly. There is no basis for saying, as most do, that the 'science is settled.' "

Part 13 of the National Post's "Deniers" series, about scientists who contradict the majority opinion on climate science."

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...