×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Researchers Find Crippling Flaws In Global GPS

samzenpus posted about a year ago | from the where-in-the-world dept.

Security 179

mask.of.sanity writes "Researchers have developed attacks capable of crippling Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unamed drones. The novel remote attacks can be made against consumer and professional-grade receivers using $2500 worth of custom-built equipment. Researchers from Carnegie Mellon University and Coherent Navigation detailed the attacks in a paper. (pdf)"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

179 comments

Misleading Summary (5, Informative)

KeithIrwin (243301) | about a year ago | (#42238391)

The paper isn't really about attacking GPS infrastructure. It's about attacking GPS receivers. Some of these receivers may be part of other sorts of infrastructure. I was at CCS when the paper was presented. It's all about sending fake GPS satellite signals to receivers to exploit bugs in the software in the receivers. The work is interesting and includes attacks which can desynchronize the clocks on some devices and there was one device you could essentially brick by telling it at the satellite was at radius 0 (center of the earth) resulting in a divide by 0 overflow. I liked the paper and thought it was neat, and it could do serious damage to particular systems which rely on GPS if they have the right type of flaws in their software to be exploited by this attack, but it was not an attack against the GPS satellites or anything like that.

Re:Misleading Summary (5, Informative)

KeithIrwin (243301) | about a year ago | (#42238421)

Err, I just meant divide by 0 error, not overflow. The fun bit of that attack is that the reason it effectively bricks it is that the divide by zero error crashes it and it reboots, but it logs its data into flash, so as soon as it finishes rebooting, it starts reprocessing the stored data, thus it reads the 0 again and crashes and it just gets stuck in a loop like that forever. It's a fairly fun and clever paper.

Poorly Edited Summary Too (-1, Flamebait)

Anonymous Coward | about a year ago | (#42238901)

Researchers have developed attacks capable of crippling Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unamed drones.

What happens if they run "uname -a" then?

Seriously though Slashdot management must have zero concern about low quality, sloppy, careless editing. I would fire in a heartbeat any so-called "editor" who can't even bother to run a spell-checker at least once in a while.

What an insult to everyone else who is expected to actually perform and do a good job to earn their paycheck. In this economy there are PLENTY of people who would do a better job and possibly for less money than what Slashdot staff are currently making. Perhaps they should start contacting Slashdot management and making offers? The current crop of "editors" would be no competition at all.

Re:Poorly Edited Summary Too (2, Funny)

Anonymous Coward | about a year ago | (#42239007)

Researchers have developed attacks capable of crippling Global Positioning System infrastructure critical to the navigation of a host of military and civilian technologies including planes, ships and unamed drones.

What happens if they run "uname -a" then?

Seriously, you had to go that far, when they had "Global GPS" (yep, Global Global Positioning System) right in the headline?

Seriously though Slashdot management must have zero concern about low quality, sloppy, careless editing. I would fire in a heartbeat any so-called "editor" who can't even bother to run a spell-checker at least once in a while.

Yeah? YMBNH...

What an insult to everyone else who is expected to actually perform and do a good job to earn their paycheck. In this economy there are PLENTY of people who would do a better job and possibly for less money than what Slashdot staff are currently making. Perhaps they should start contacting Slashdot management and making offers? The current crop of "editors" would be no competition at all.

It is widely suspected that the current crew of /. do not receive a "paycheck" at all, but are paid in bananas, peanuts, or some such simian treat. But if you want them put away, feel free to contact the local zoo with a tip about their missing baboons....

Re:Misleading Summary (1)

Jeremiah Cornelius (137) | about a year ago | (#42239913)

I'm pretty certain that this is how Ian has intercepted and captured at least two US drones - including one of the "stealth" variety.

Remember CDMA networks, as developed by Qualcomm, were the product of a couple Iranian researchers, living and working in the US.

The Iranian ability to redirect America's cutting edge of battlefield technology back into the face of the aggressor is something that may well take the ignorant by surprise, should it happen.

But I'd rather more so, if they didn't manage the feat - especially given the 0day possibilities in low-bid GPS software for Lockheed Martin or whoever.

Re:Misleading Summary (0)

Anonymous Coward | about a year ago | (#42240125)

I'm pretty certain that this is how Ian has intercepted and captured at least two US drones

Who is this drone-intercepting and capturing Ian ?

Re:Misleading Summary (3, Funny)

KeithIrwin (243301) | about a year ago | (#42240287)

I'm pretty certain that this is how Ian has intercepted and captured at least two US drones

Who is this drone-intercepting and capturing Ian ?

Well, as you likely know, most bagpipes have two or three drones, and Ian is a common Scottish name, so I'm pretty sure he's a Scotsman who managed to hijack some American bagpipes in transit. Clearly, the US needs to protect them better when they're transiting through the UK.

Re:Misleading Summary (0)

Anonymous Coward | about a year ago | (#42240857)

Scottish bagpipers would probably call themselves Iain, Ian is just a lazy sassenach shortening of a proud name. As for the drones, they'd only be captured if they couldn't be mistuned correctly to assult the ears of said sassenachs!

(I'm still trying to get my head around the concept of a "stealth" drone. Have you ever heard them in full, err, "drone"???)

Re:Misleading Summary (2)

fermion (181285) | about a year ago | (#42238569)

So that is interesting. Some GPS receivers have software errors that all bad input to brick them. It is no surprising because on thing that too many automated systems do not protect against is malicious input. This is, however, the sort of thing that be handled by a software update, if a GPS is capable of such a thing.

I guess win one for smartphones.

Re:Misleading Summary (5, Funny)

ne0n (884282) | about a year ago | (#42238605)

If it was news you'd see it on Carver Media first. We saw this attack used in 1997 to start open hostilities between China and Britain. Luckily we had a man in the area and he managed to stop it before anybody went nuclear.

Re:Misleading Summary (1)

Anonymous Coward | about a year ago | (#42239207)

Interesting I guess, but it looks like specific attacks are targeted at specific receivers and whatever vulnerabilities exist in those designs. The story is somewhat lacking on detail, but it sounds like an attack on a Trimble system wouldn't necessarily work on a Garmin, and even an attack on a Garmin 5xx might not work on a Garmin 7xx. Also, given LOS and antenna positioning, the effective radius of such an attack would most likely be limited, maybe to only a few 10's of miles.

Re:Misleading Summary (1)

AlphaWolf_HK (692722) | about a year ago | (#42239439)

How much do you know about the workings of GPS? I ask because I wonder if there is anything in the current implementation that would prevent adding a digital signature to the tracking signals without breaking compatibility with existing devices?

Basically if the packet isn't signed, we just ignore it. I imagine for mission critical devices (e.g. commercial aircraft relying on IFR) they could upgrade the devices rather quickly. Consumer devices would of course be screwed in the current generation, but I don't really think a terrorist would benefit if somebody made a left turn instead of a right turn to find the nearest KFC.

A hitman maybe, but I think somebody would look into the dark alley that it is pointing into and say "damn iOS maps" and find it the old fashioned way.

Re:Misleading Summary (1)

Heretic2 (117767) | about a year ago | (#42239713)

They've been working on a GPS replacement for awhile, I would be surprised if it wasn't already fielded by the military.

Re:Misleading Summary (1)

AlphaWolf_HK (692722) | about a year ago | (#42240029)

They've always been phasing in new birds to replace older ones, each with a new set of features, pretty much non-stop since they started, using the old ones as spares until they were retired. I believe the phase 2 birds rolling out before the phase 1 deployment even had the full intended coverage. Most civilian implementations probably have a limited feature set (all we really need is mapping) but I don't know if there is any kind of packet signing.

Re:Misleading Summary (1)

Guignol (159087) | about a year ago | (#42240205)

"Researchers Find Crippling Flaws In Global GPS" is misleading ?
Oh I see the flaw is not really in the global GPS system, thanks a lot for your post, I don't even have to read the fucking TFA thanks to you
(I had mod points for you but you are already at +5 (twice) so...)

Re:Misleading Summary (3, Informative)

KeithIrwin (243301) | about a year ago | (#42240273)

Well, thanks for the kind words anyway. Honestly, I thought that modding up my second comment (which was mostly just meant as an error correction) was excessive. If I'd known it would've been modded up, I might've not made it as I don't want to be a karma whore. But, oh well, I guess I shouldn't look a gift horse in the mouth.

Re:Misleading Summary (0)

Anonymous Coward | about a year ago | (#42240497)

Reminds me on the fighter jets rebooting if they cross the date line in the wrong direction.

Well, duh. (4, Interesting)

girlintraining (1395911) | about a year ago | (#42238411)

This isn't news. The GPS signal is very, very weak. It's actually right at the noise floor and using some rather ingenious encoding to resolve the signal. The signal itself is fully-documented for consumer equipment. Given the weak signal strength and the protocol having no encryption or validation to speak of, of course jamming is possible; Receiver selectivity dictates it'll lock on to the strongest signal, the root square law dictates that just about any terrestrial source with line of sight will be stronger than the one in space. The only problem to work out then is processing; You have to figure out where the receiver is now, and then figure out where you want it to be, and adjust all the signals it could receive from the GPS satellites simultaniously to cause it to (falsely) lock on to the new position. And considering that the timing needs to be in fractions of a millisecond to have any value at all, you need to be very exact.

Most of the equipment is dedicated to computing what the signal needs to be.... the actual transmitter is dirt cheap.

You miss the point (2)

A nonymous Coward (7548) | about a year ago | (#42238511)

Spoofing the signals to make receivers mistake their position isn't the point of this report. It's the potential to brick the receivers which is new.

Re:You miss the point (4, Interesting)

sabri (584428) | about a year ago | (#42239315)

It's the potential to brick the receivers which is new.

Which is why I find it interesting that 60% of the authors of the paper (3 out of 5) are employees of a commercial entity that.... creates "coherent" navigation equipment.

Perhaps it's just one big advertisement for their solutions?

Re:You miss the point (1)

the_Bionic_lemming (446569) | about a year ago | (#42239435)

So if my GPS goes down I should commit suicide?

If some nitwit is going to invest 3 grand and take time to write code just to brick a cheap gps i'll be happy to help crowdsource some funds for my local police to equip some popo vehicles with cheap and basic spectrum checkers.

At the very least some of the big rigs that cranking out some serious wattage will get fined as well as finding the nitwit driving around with the gps bricker.

The point here is that the original article is just causing fud.

Re:Well, duh. (4, Interesting)

tylerni7 (944579) | about a year ago | (#42238557)

I don't think you looked at the paper really. GPS spoofing and jamming are nothing new (as is mentioned in the paper). The new aspect is that there are software attacks that can be done on the receivers. For example, one of the divide by zero errors will cause a denial of service attack on some receivers. This is vastly different from jamming, because the DoS continues even after the transmitter is shut off. Jamming would obviously stop as soon as the transmitter is turned off. That is the new, exciting, and dangerous part of all this.

Re:Well, duh. (1)

sjames (1099) | about a year ago | (#42239033)

Exactly. Exploiting a software bug will place much lower demands on the attacker for results nearly as useful.

Re:Well, duh. (5, Funny)

Anonymous Coward | about a year ago | (#42239063)

A new software attack to disable GPS functionality? - Apple maps was released months ago.

Re:Well, duh. (2)

AK Marc (707885) | about a year ago | (#42238579)

Satellite runs as close to the noise floor as possible. I've used some equipment that runs with SNR in the negatives (noise above signal).

Re:Well, duh. (-1)

Anonymous Coward | about a year ago | (#42238941)

Satellite runs as close to the noise floor as possible. I've used some equipment that runs with SNR in the negatives (noise above signal).

I am glad you included the parenthetical phrase to clear that up for us. We are all so stupid and you are so smart, we could never ever have figured that out on our own. I mean, it's not like it was plain and obvious or anything.

Re:Well, duh. (2)

tbird81 (946205) | about a year ago | (#42240085)

Thank you for your sarcastic comment on behalf of everyone else. We're all such complete cocks that we get offended when someone explains something we're proud of working out for ourselves, because it takes away one of the few tiny achievements we will manage in our sad pathetic lives.

(That above paragraph was sarcastic... the following paragraph is not.)

You're a dickhead AC. (That's a person who behaves in a selfishly annoying way for his own pleasure, not actually someone with a penis for a head. And I was not calling you the glans penis either [that's the medical term for the head of the penis].)

Re:Well, duh. (1)

jones_supa (887896) | about a year ago | (#42240609)

And I was not calling you the glans penis either [that's the medical term for the head of the penis].)

BTW the medical term for sperm is spermatozoa.

Re:Well, duh. .. Speaking of "DUH..." (5, Interesting)

Anonymous Coward | about a year ago | (#42238639)

Up until about 3 years ago we in North America had another electronic navigation system in-place and operational: LORAN C.

The loran system -though not as precise as GPS- was in many respects much more difficult to jam. Upgrades were planned that would have improved the loran system; instead, in a spectacular case of "penny wise-pound foolish" the sysetm was turned off, and its infrastructure (think 'some of the tallest antenna masts ever built' ) quickly dismantled/destroyed.

http://en.wikipedia.org/wiki/LORAN [wikipedia.org]
From Wikipedia:
"In November 2009, the U.S. Coast Guard announced that the LORAN-C stations under its control would be closed down for budgetary reasons after January 4, 2010 provided the Secretary of the Department of Homeland Security certified that LORAN is not needed as a backup for GPS.[19]

On 7 January 2010, Homeland Security published a notice of the permanent discontinuation of LORAN-C operation. Effective 2000 UTC 8 February 2010, the United States Coast Guard terminated all operation and broadcast of LORAN-C signals in the USA...

[In the quoted Wikipedia article, the following paragraph was placed BEFORE the above]
  Originally completed 20 March 2007 and presented to the co-sponsoring Department of Transportation and Department of Homeland Security (DHS) Executive Committees, the report carefully considered existing navigation systems, including GPS. The unanimous recommendation for keeping the LORAN system and upgrading to eLORAN was based on the team's conclusion that LORAN is operational, deployed and sufficiently accurate to supplement GPS. The team also concluded that the cost to decommission the LORAN system would exceed the cost of deploying eLORAN, thus negating any stated savings as offered by the Obama administration and revealing the vulnerability of the U.S. to GPS disruption.[18]"

end of quoted Wikipedia material

Loran and its technological successor E-loran are still available in some more enlightened parts of the world (see linked article)

Note that I am a USian. The above is NOT one of my country's
more shining (dare I say 'brighter') decisions.

Re:Well, duh. .. Speaking of "DUH..." (1)

Bearhouse (1034238) | about a year ago | (#42240761)

Yup, rather dumb move, saving peanuts compared to most budgets, but the US Coastguard ran it, and they're really strapped for cash.

Shame, since as well as the benefits you note, the infrastructure was successfully used to broadcast data to augment GPS accuracy. This would perhaps been a more convincing arguement for keeping it in place, since it's true that in recent years usage was reported to have dropped considerably.

Re:Well, duh. (0)

alen (225700) | about a year ago | (#42238671)

The government can encrypt GPS if they want

They have done it before. It just makes the receivers report the wrong location

Military gps can take special keys to decrypt the signal

Re:Well, duh. (1)

Anonymous Coward | about a year ago | (#42238953)

Mod parent down. The paper has nothing to do with jamming or spoofing. It's about exploiting firmware/software bugs in receivers.

Re:Well, duh. (0)

Anonymous Coward | about a year ago | (#42239809)

You seem to like spouting misinformation about stuff.

GPS has had encryption, the US military can turn it on and off and make sure that everyone else could only use the lower accuracy signal. In the past "everyone else" got around it by using differential GPS systems. If there wasn't any encryption they wouldn't have needed to do that back then.

http://en.wikipedia.org/wiki/Differential_GPS [wikipedia.org]

Here is an application: (0)

Anonymous Coward | about a year ago | (#42239867)

On board GPS jamming so that any GPS tracker put in your car would show a random position. 1) you know where the receiver is 2) you want it to be far away at random place static, say white house who cares where

What a nonsense (2, Insightful)

angel'o'sphere (80593) | about a year ago | (#42238413)

Planes and Ships don't rely on GPS.

If you have a license to pilot any of them, you have learned how to navigate without.

Re:What a nonsense (5, Informative)

MichaelSmith (789609) | about a year ago | (#42238443)

Well okay but I work in air traffic control and there is a high level of relience on positonal information from GPS.

Re:What a nonsense (3, Interesting)

Kagato (116051) | about a year ago | (#42239265)

True, but it's a daily problem for ATC in some parts of the world. North Korea jams GPS around ICN on a regular basis. Even EWR had a GPS issue for some time. They figured a trucker was using a GPS jammer to block the logger on the truck. Every time the truck would drive near the airport it would create a hassle.

Re:What a nonsense (1)

TooMuchToDo (882796) | about a year ago | (#42239371)

Just wait until ADS-B/NextGen rolls out.

Re:What a nonsense (2)

MichaelSmith (789609) | about a year ago | (#42239469)

Pretty much here in Australia. I have taken to hanging out beside runway 16/34 at Tullamarine in Melbourne, recording MODE-S data. Anything medium or heavy with a normal turbine engine has ADS-B. Many turboprops do and some rotorcraft. But I also found out that tulla is a great place to pick up garbage data, probably from the maintenance facilities. I got one track with lat=0.0,lon=0.0

You are wrong (1)

A nonymous Coward (7548) | about a year ago | (#42238497)

Planes especially very much rely on GPS, it's at the heart of all navigation systems in airliners. Even most private GA pilots use handheld ones if it's not part of the panel, unless they are intentionally flying by railroad tracks and highways. I believe LORAN was shut down a few years ago. The US Navy considers sextant use so useless that it was dropped from required study at the Academy some years ago, although it may still be taught as an elective.

GPS is also at the heart of many military precision guided missiles and shells.

You are a really misinformed troll.

Re:You are wrong (2)

viperidaenz (2515578) | about a year ago | (#42238561)

GPS is also at the heart of many military precision guided missiles and shells.

They also don't use civilian GPS receivers and employ anti-spoofing technology in every single deployment. No missile relies entirely on GPS.

Re:You are wrong (1)

Anonymous Coward | about a year ago | (#42239621)

Planes especially very much rely on GPS, it's at the heart of all navigation systems in airliners. Even most private GA pilots use handheld ones if it's not part of the panel, unless they are intentionally flying by railroad tracks and highways.

Speak for yourself, the AC here is a punk. While we have available all sorts of hot GPS equipment, flight training includes major time learning to work VORs, ADBs and yes, the extremely effective look out the damm window method. And we practice it.

The US Navy considers sextant use so useless that it was dropped from required study at the Academy some years ago, although it may still be taught as an elective.

This is a naval perspective, pilots are considerably more careful. You screw up on a boat, you go adrift, or ground. You screw up in the air, and It Will Be Bad(tm).

The old saying is absolutely true. There are old pilots, there are bold pilots, but there are no old, bold pilots. If GPS disappeared GA would be the -most- prepared to deal with it.

Re:What a nonsense (0)

Anonymous Coward | about a year ago | (#42238525)

Planes and Ships don't rely on GPS.

If you have a license to pilot any of them, you have learned how to navigate without.

I beg to differ - they DO rely on GPS. This has become MORE prodominant over time as computer-controlled/assisted flying as grown. I think what you mean is that pilots are not soley reliant on GPS.

Just because you learnt another method of doing something - say, telling the time by the sun, doesn't mean everyone stops using clocks. Nor does it mean that it is the best method, the used method, nor the one you are always going to be able to use in an emergancy.

Re:What a nonsense (4, Informative)

realityimpaired (1668397) | about a year ago | (#42238707)

Commercial airliners are still equipped with other navigation systems, but most of them are beacon systems that are only useful when you're close to an airport. These systems are still used for landing. For long distance navigation, the non-GPS systems are almost all a distant memory. It's *possible* to navigate a plane with a compass and a clock, and if you're flying low enough (and in an area with enough airports) it's possible to navigate by switching beacons, but I wouldn't want to hazard that in a plane the size of most commercial airliners. It's the kind of thing you do (and are trained to do, or at least were when I was taking lessons) in a Cessna, not a 767.

The real concern is that the occupants of the plane have no way of knowing that their GPS information is bad in the first place. You can have a thousand backups available to you, but if you don't know that your primary system is being fed bad information, are you going to check/trust the backup that's based on technology developed a century ago (seriously... clock/compass is how Amelia Earhart and Fred Noonan were navigating)? And assuming that the GPS actually *crashed* (in the DoS way described in TFA), you'd still have Air Traffic Control to tell you where you were... they don't use GPS, they use radar.

Re:What a nonsense (1)

Anonymous Coward | about a year ago | (#42239619)

VOR/DME based navigation is still available in the US and many other nations and is much more than just "beacon", it is useable at high altitudes and long distances, and most airliners already use airways primarily defined between VOR's. It isn't difficult nor dangerous at all to work without GPS to a high degree of accuracy and flexibility.

Re:What a nonsense (1)

Alioth (221270) | about a year ago | (#42240615)

Large airliners also have inertial navigation (certainly if they are going trans-ocean). Works just fine with no GPS.

Also IFR-capable GPS receivers, whether they are in a small single engine plane or a state-of-the-art B787 have RAIM (receiver autonomous integrity monitoring). The pilots *will* know if the GPS is getting bad data, because the GPS will detect this condition.

Re:What a nonsense (1)

QuantumRiff (120817) | about a year ago | (#42238921)

Right.. Not like the FAA is trying to move to a new way of tracking planes using GPS or anything.. (http://www.faa.gov/nextgen/implementation/programs/adsb/) Or that Alaska Air already uses it on all its planes..

Re:What a nonsense (0)

Anonymous Coward | about a year ago | (#42239019)

When I'm several nautical miles off the coast down-rigging for Snapper until dusk, without land in sight, GPS is quite important thank you very much.

Re:What a nonsense (1)

Jubedgy (319420) | about a year ago | (#42240177)

If you were a prudent mariner you would be DRing on your paper chart at a reasonable interval. Aids to navigation (buoys/lighthouses/etc...) aren't affected by your GPS unit and also provide a good means to determine your position. If all else fails and you are that worried about where you are, a sextant and sight reduction tables still work. If you can't handle all that, then you should NOT be out at sea at night.

Hell, here's a quick procedure that will get you in the general vicinity of your destination (close enough to use the aforementioned nav aids) which doesn't require any knowledge of sight reductions (assuming you're in the northern hemisphere):

1. Determine the latitude of your destination
2. Measure the elevation (angular distance) of Polaris above the horizon using your sextant
3. Determine the local variation to convert your magnetic compass heading to true heading based on your estimated location on your chart
4. Compare the Polaris angle to the latitude of your destination. If the star is too low on the horizon, head due north (true). If it's too high, head due south (true)
5. Once Polaris is at the proper altitude in the sky, turn due west or due east (true) depending which coast you're on
6. Don't get lost at sea like a retard next time

Boffins (2)

PvtVoid (1252388) | about a year ago | (#42238417)

What the fuck is with the science press in Britain / Australia about the word "boffins"? Why does every single science article, without fail, have to have some supposedly clever pun or alliteration around the word? (Extra points for using the word astro-boffins [theregister.co.uk] .)

I've gotten to the point that if I see the word "boffins" in a science article, I immediately click away. Please make it stop!

Re:Boffins (1)

cheesybagel (670288) | about a year ago | (#42238531)

A boffin is slang for scientist, engineer or someone in a similar position. It seems they have used this slang ever since WWII when they used to show scientists in white lab coats working on some sort of radical new technological development. The word as used today is mostly derisive which is somewhat representative of what happened to R&D in Britain since I guess.

Re:Boffins (2)

mister2au (1707664) | about a year ago | (#42238961)

Why is that any different to researcher or expert or scientist? They are just as useless or even less useful terms

It is an Australian article using "Australian English" or "British English" ... the term is well understood to define an academic/researcher with a very strong but narrow focus in a typical theoretical area.

It is no more problematic than terms like futurist (who has a broader focus) or your typical engineer/scientist labels (for those who are more problem solving focused).

Re:Boffins (1)

grcumb (781340) | about a year ago | (#42239605)

What the fuck is with the science press in Britain / Australia about the word "boffins"?

Because if it didn't exist, the tech pundits wouldn't know how to tell the gurus from the wonks.

Vocabulary: Get used to it.

Re:Boffins (0)

Anonymous Coward | about a year ago | (#42239843)

I am glad that I am not the only one to think this. I am Australian and I can not stand the use of the word boffin.

I have removed a whole series of news sources from my google news page that continue to use the word.

Re:Boffins (1)

Inda (580031) | about a year ago | (#42240877)

Fuck yeah bro!

We should'll use words like, you know, axed, irregardless, regift, and toileting.

Those limies and convicts should speak like they know the good words like, you know, compartmentalize, operationalize, overexaggerate, professionalization, rationalize, utilize

Make them special people talk good, ya'll.

Please NO! (0)

Anonymous Coward | about a year ago | (#42238439)

OMG not the unnamed drones. I hate the named ones....take them!

Unnamed drones (0)

Anonymous Coward | about a year ago | (#42238441)

Drones are unmanned, not unnamed

Re:Unnamed drones (2)

taiwanjohn (103839) | about a year ago | (#42239719)

They wrote a "uname" daemon that's hosted on aerial drones. But of course there's a flame war over whether to use Kdrone or Gdrone... .

BEWARE THE UNNAMED DRONE !! (0, Funny)

Anonymous Coward | about a year ago | (#42238449)

Those dornes without names are dangerous !!

Re:BEWARE THE UNNAMED DRONE !! (-1)

Anonymous Coward | about a year ago | (#42238847)

From unnamed to now

              unamed drones

Editors, eat your own shit (and die) !!

Yes !! I am aware of dornes !! I am not an editor !!

The Navy still teaches navigation by the stars (1)

Anonymous Coward | about a year ago | (#42238465)

GPS is a nice alternative, but the Navy (US and Royal at least) still spends a lot of time teaching navigation by the stars, dead reckoning, etc. The nautical charts and star location books are still published and issued to ships. Tomahawk cruise missiles and nuclear ballistic missiles are capable of not using GPS. A pain, not having GPS, but their are ways around not having it.

Re:The Navy still teaches navigation by the stars (1)

queazocotal (915608) | about a year ago | (#42238621)

GPS was essential in 1989.
Today, your average smartphone (without GPS) just using the camera, onboard sensors, and a few tens of gigs of stored imagery can get really accurate position tracking, at least in good weather. Less ideal in broken cloud.

$2500 Spoofing Transmitter (2)

PPH (736903) | about a year ago | (#42238469)

Also known as a HARM [wikipedia.org] target.

Re:$2500 Spoofing Transmitter (0)

Anonymous Coward | about a year ago | (#42240353)

Also known as a HARM [wikipedia.org] target.

Well, according to your link, HARM has a unit cost of $284,000. The spoofer here costs $2500, and would be trivial to operate remotely, so you would not risk your life. (Or assholes would put it on a children's hospital for maximum collateral damage hand-wringing). Nicely assymetrical. You might even be able to separate the transmitter from the rest of the system. Then you spend even less for every HARM you attract.

Iran could easily set up 100 of these, with failover. How many HARMs are available to the US in the area, and how many aircraft/ships would be kept busy while they were deployed? Plus, there should be spares ready for the actual SAM sites.

Not to mention that if your adversary is not the US, they may not even have HARMs. This sounds like an eminently practical tool in warfare to me.

Worst case (2)

viperidaenz (2515578) | about a year ago | (#42238491)

Some poor bugger drives to the wrong destination.

GPS isn't trusted. It's already known to be hackable.
It would be news if they hacked the anti-spoofing [wikipedia.org] system the military has been using for the last 6 years

Re:Worst case (0)

Anonymous Coward | about a year ago | (#42238553)

Or an aircraft with 300 souls on board crashes while on a GPS approach (landing).

Re:Worst case (0)

Anonymous Coward | about a year ago | (#42238629)

you should probably stop using missiles that rely on it then...

what could go wrong (0)

Anonymous Coward | about a year ago | (#42238527)

All testing was done using the latest IPhone5.

Apple (0)

Anonymous Coward | about a year ago | (#42238555)

Who needs to cripple a GPS, when an iPhone can leave you stranded [vicpolicenews.com.au] all by itself!

Re:Apple (0)

Anonymous Coward | about a year ago | (#42238993)

Who needs to cripple a GPS, when an iPhone can leave you stranded [vicpolicenews.com.au] all by itself!

That's called natural selection and the police are wrong to interfere with it.

See how fat and stupid and childish most Americans are? That's what happens when you don't allow natural selection to run its course. Australia doesn't need that.

Only GPS? (1)

ikaruga (2725453) | about a year ago | (#42238611)

Does it work for Glonass too? The paper didn't mention anything about alternative positioning systems. Lots of modern chips come with support for at lest GPS+Glonass nowadays. If you're serious about terrorism you probably going to take down both systems.

Re:Only GPS? (0)

Anonymous Coward | about a year ago | (#42239321)

These are software attacks on receivers, which probably use the same code paths to compute GLONASS solutions (and maybe Galileo too, when it goes live)

reply (-1)

Anonymous Coward | about a year ago | (#42238785)

Shanghai Shunky Machinery Co.,ltd is a famous manufacturer of crushing and screening equipments in China. We provide our customers complete crushing plant, including cone crusher, jaw crusher, impact crusher, VSI sand making machine, mobile crusher and vibrating screen. What we provide is not just the high value-added products, but also the first class service team and problems solution suggestions. Our crushers are widely used in the fundamental construction projects. The complete crushing plants are exported to Russia, Mongolia, middle Asia, Africa and other regions around the world.
http://www.sandmaker.biz
http://www.shunkycrusher.com
http://www.jaw-breaker.org
http://www.jawcrusher.hk
http://www.c-crusher.net
http://www.sandmakingplant.net
http://www.vibrating-screen.biz
http://www.mcrushingstation.com
http://www.cnstonecrusher.com
http://www.cnimpactcrusher.com
http://www.Vibrating-screen.cn
http://www.stoneproductionline.com
http://www.hydraulicconecrusher.net

I read the paper. In brief... (1)

Anonymous Coward | about a year ago | (#42238789)

In brief, the paper basically says engineers who build GPS receivers often write crappy firmware that doesn't do good bounds or sanity checking on the data contained within the GPS signal. (This should hardly be a surprise given how crappy firmware and device drivers are in general.) Fake a GPS signal with bad data that fits within the parameters of normal GPS signal and you can get these badly designed GPS receivers to freak out. And, of course, since crappy engineering is more or less a universal constant, the same would apply to other GNSS systems.

Dammit! (0)

Anonymous Coward | about a year ago | (#42238821)

Why do they have to go and build these jammers?
When I'm traveling and need cash, I need my Global GPS to be able to find ATM Machines!

Demoed at TEDxAustin (1, Informative)

HizookRobotics (1722346) | about a year ago | (#42239003)

Novel attack... demoed at TEDxAustin back in February and posted online for everyone to see ;-) http://www.ted.com/talks/todd_humphreys_how_to_fool_a_gps.html [ted.com]

Re:Demoed at TEDxAustin (2)

tylerni7 (944579) | about a year ago | (#42239077)

The TEDxAustin talk you mentioned is focused on GPS spoofing to make a receiver think that it is somewhere else. Spoofing in that sense has been around for a long time, and while it is very cool and everything, it isn't what is novel about this paper/attack.
This paper goes from just making a GPS receiver think it is located somewhere else to actually exploiting software vulnerabilities in GPS receivers to cause them to crash and things like that. The attacks are related, but the position based spoofing is just a subset of this work.

Too easy... (0)

Anonymous Coward | about a year ago | (#42239005)

I was hoping to read that the attack vector was swapping the systems with an iPhone....

Wait a second... (0)

Anonymous Coward | about a year ago | (#42239239)

Iran could have been telling the truth about spoofing GPS coordinates?

The US government would never lie to me, would it?

Encrypted P-Code (1)

billybob_jcv (967047) | about a year ago | (#42239441)

Isn't this exactly why the P-Code is encrypted in the military signal? Spoofing the C/A data has been a known vulnerability in the system since day 1. The rest of the problems are simply bad programmers. That's not a limitation or vulnerability in the GPS system - it's a problem with the receiver manufacturers and the BS test & validation done by the civilian side of the government when they put those receivers in the CORS stations. I saw the code in some of the old reference receivers (in the 90s) - it was complete shit. No software design, no real architecture, no configuration management, it was a bunch of crap hacked together by the engineers. Full of debug code, obsolete comments and large sections of code that were bypassed with a "aaa =0; if (aaa == 1) {....a bunch of test code....} As long as it passed the acceptance testing, and it fit on the flash card, no one cared what it looked like inside the flash.

A little flat but still interesting (1)

WaffleMonster (969671) | about a year ago | (#42239467)

For me "middle of the earth" attack was a new and interesting idea... otherwise this paper would have read a heck of a lot better had the hyperbole been left at home.

The contorted attempt to say changing time is not "spoofing" or including offtopic segways such as hacking web servers and perl CGI scripts was a little too much to stomach.

No mention at all of RAIM and similiar technologies.

US hacking Iranian websites? (0)

Anonymous Coward | about a year ago | (#42239645)

We hear of Chinese hackers attacking American websites, now we have Americans hacking Iranian websites. What does this have to do with GPS? Why of course, the loss of American Drones over Iran, with the loss suspected due to hacking GPS signals making the drones think they are somewhere else (both location and altitude). This has only happened twice, but highlights what can happen to JDAM style bombs and drones.

If anyone thinks what consumers use for GPS ... (1)

tyrione (134248) | about a year ago | (#42239953)

is what the Navy and the rest of the Military/Covert Ops use they are sorely misled. In fact, general researchers would be required to have top secret classified clearance and most certainly would not be publishing their findings. NASA has several levels of GPS solutions. We lowly consumers use very old tech for GPS/GIS.

Peace! (0)

Anonymous Coward | about a year ago | (#42240327)

Finally a way to stop the USA raining it's bombs down on innocent people all over the world.

Global GPS? (0)

Anonymous Coward | about a year ago | (#42240537)

I use it to get to my local Automated ATM.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...