fuNctioN cReeP

Saturday, July 07, 2012

Hijacked Drones Just the Tip of GPS Hacking Nightmare Scenario

(wired)
On the evening of June 19, a group of researchers from the University of Texas successfully hijacked a civilian drone at the White Sands Missile Range in New Mexico during a test organized by the Department of Homeland Security.

The drone, an Adaptive Flight Hornet Mini, was hovering at around 60 feet, locked into a predetermined position guided by GPS. Then, with a device that cost around $1,000 and the help of sophisticated software that took four years to develop, the researchers sent a radio signal from a hilltop one kilometer away. In security lingo, they carried out a spoofing attack.

“We fooled the UAV (Unmanned Aerial Vehicle) into thinking that it was rising straight up,” says Todd Humphreys, assistant professor at the Radionavigation Laboratory at the University of Texas.

Deceiving the drone’s GPS receiver, they changed its perceived coordinates. To compensate, the small copter dove straight down, thinking it was returning to its programmed position. If not for a safety pilot intervening before the drone hit the ground, it would have crashed.

But for Humphreys playing the part of an evil genius in a thriller movie, everything worked exactly to plan. “It was beautiful,” he tells Danger Room.

The rogue takeover exploited a vulnerability in GPS to take control of the drone. It was, by Humphreys’ accounting, the first time somebody proved a civilian drone could be hijacked. Last year, when the CIA lost a drone in Iran, there were reports indicating the Iranians might have launched a spoofing attack and tricked it into landing, but we’ll never know for sure. Also, in September 2011, North Korea reportedly forced a U.S. spy plane to land with a jamming attack.

With the planned integration of civilian drones in the American airspace, these problems might be coming to the U.S. The FAA must come up with new rules to allow for a freer use of drones in America by 2015 and, apart from worrying about possible collisions between manned and unmanned aircrafts, now the FAA might have to worry about people hijacking drones with spoofing devices.

What’s worse, the experiment at White Sands shows that drone-jacking is “just the tip of the iceberg of a much bigger security issue we have in this country,” according to Logan Scott, a GPS industry consultant who has worked for defense giants like Lockheed Martin.

In other words, it’s not only about drones, it’s GPS in general that is not safe...
(more)

Written at 4:14 AM by rene - PermaLink

0 comments

0 Comments:

Post a Comment

<< Home

To get the oil price, please enable Javascript. To get the BRENT <a href="http://www.oil-price.net/dashboard.php?lang=en#brent_crude_price_tiny">oil price</a>, please enable Javascript.

Home
RSS

cryptogon.com
InfoWars
PrisonPlanet TV
The SCP
RFID Update
EFF
EPIC

TERMINOLOGY

fuNctioN cReeP: is what occurs when an item, process, or procedure designed for a specific purpose ends up serving another purpose for which it was never planned to perform.

Big Brother: an entity that is able to watch over all our actions in a unknown restrictive, controlling way with covert technology or other clandestine activities. It is commonly used to refer to a fear of the day when we will have zero privacy, due to government surveillance and personal accurate knowledge. The term was born from George Orwell's book "1984" where a government controls its citizens through continual surveillance.

The 4th Amendment: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

Panopticon: first used by Jeremy Bentham as an architectual model in designing a prison. The concept follows that you could save money by building a circular prison with a singular tower in the middle for the guard. By keeping the guard in the dark and all the prisoners in the light, those being guarded could not tell when they were being watched.

Surveillance: In the middle ages, Surveillance was a man on a horse who was called a "scout." Now surveillance includes satellite imagery and aerial photography, sometimes from unmanned aircraft, and computer network hacking. Some more common, everyday surveillance techniques include eavesdropping, dumpster diving, video monitoring, and RFID.

Biometrics: automated methods of recognizing a person based on a physiological or behavioral characteristic. Among the features measured are; face, fingerprints, hand geometry, handwriting, iris, retinal, vein, and voice. Biometric technologies are becoming the foundation of an extensive array of highly secure identification and personal verification solutions.

Iris Scanning is a method of biometric identification; pattern recognition is used to determine the identity of the subject. Iris scans create high-resolution images of the irides of the eye; IR illumination is used to reduce specular reflection from the cornea. The iris itself is a "good subject" for biometric identification, because it is an internal organ that is well protected, it is mostly flat and it has a fine texture that is unique even for identical twins.

RFID stands for Radio Frequency IDentification, a technology that uses tiny computer chips smaller than a grain of sand to track items at a distance. RFID "spy chips" have been hidden in the packaging of Gillette razor products and in other products you might buy at a local Wal-Mart, Target, or Tesco - and they are already being used to spy on people.

The VeriChip passive RFID device is the core of key VeriChip applications. About the size of a grain of rice, each VeriChip contains a unique verification number, which can be used to access a Subscriber-supplied database providing specific information. Once implanted just under the skin, via a quick, painless outpatient procedure (much like getting a shot), the VeriChip can be scanned when necessary with a proprietary VeriChip scanner. A small amount of radio frequency energy passes from the scanner energizing the dormant VeriChip, which then emits a radio frequency signal transmitting the individuals unique verification (VeriChipID) number.