×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

How To Hijack a Drone For $400 In Less Than an Hour

Soulskill posted about 5 months ago | from the step-1:-buy-$400-shotgun dept.

Security 161

Trailrunner7 writes "The skies may soon be full of drones – some run by law enforcement agencies, others run by intelligence agencies and still others delivering novels and cases of diapers from Amazon. But a new project by a well-known hacker Samy Kamkar may give control of those drones to anyone with $400 and an hour of free time. Small drones, like the ones that Amazon is planning to use to deliver small packages in short timeframes in a few years, are quite inexpensive and easy to use. They can be controlled from an iPhone, tablet or Android device and can be modified fairly easily, as well. Kamkar, a veteran security researcher and hacker, has taken advantage of these properties and put together his own drone platform, called Skyjack. The drone has the ability to forcibly disconnect another drone from its controller and then force the target to accept commands from the Skyjack drone. All of this is done wirelessly and doesn't require the use of any exploit or security vulnerability."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

161 comments

I'm working on a SkyJack jacker.... (-1)

Anonymous Coward | about 5 months ago | (#45590165)

I call it the JackOff!

Here we go... (0)

Anonymous Coward | about 5 months ago | (#45590171)

When drones are outlawed, only outlaws will operate drones.

Re:Here we go... (2, Funny)

craigminah (1885846) | about 5 months ago | (#45591255)

They'll only outlaw "assault drones", regular drones with the same capabilities as assault drones but who look less scary will be legal.

Re:Here we go... (1)

slick7 (1703596) | about 5 months ago | (#45592011)

They'll only outlaw "assault drones", regular drones with the same capabilities as assault drones but who look less scary will be legal.

Says the CIA (Criminals In Action).

No, this will not work on Amazon's drones. (5, Insightful)

Anonymous Coward | about 5 months ago | (#45590191)

In TFA he is hacking a Parrot AR wifi drone. If Amazon ever gets off the ground (ahem) with their drones, they will likely be autonomous, using GPS to guide them to their location. Monitoring and flight plan changes would likely occur by satellite as well. That's not to say that they are immune from attack, but none of the types of drones described in the summary (law enforcement, intelligence agencies, Amazon) are going to be susceptible to his attack.

Without a security vulnerability? (5, Insightful)

sheetsda (230887) | about 5 months ago | (#45590199)

"All of this is done wirelessly and doesn't require the use of any exploit or security vulnerability"

"...detects the wireless signal sent out by a target drone, injects WiFi packets into the target’s connection, de-authenticates it from its real controller and then authenticates it to the Skyjack drone"

Uhh... for what definition of "security vulnerability" is this not a "security vulnerability"?

Re:Without a security vulnerability? (2, Interesting)

plover (150551) | about 5 months ago | (#45590251)

A security vulnerability implies that at some level, there had to have been the faintest vague attempt at being secure.

He exploited a vulnerability, to be sure, but he seems uncomfortable calling it a security vulnerability.

Re:Without a security vulnerability? (1)

viperidaenz (2515578) | about 5 months ago | (#45591411)

Because the product is designed to behave this way. If it's documented, it's a feature, not a bug.

Re:Without a security vulnerability? (1)

gl4ss (559668) | about 5 months ago | (#45591889)

so there is no option to use wpa or any wifi security at all? that's what it implies.

breaking wpa would imply a security vulnurability.

and dunno how it could be "like those used by amazon" since amazon doesn't yet use or have any.

No vulnerabilities? Really? (4, Insightful)

Anonymous Coward | about 5 months ago | (#45590203)

All of this is done wirelessly and doesn't require the use of any exploit or security vulnerability.

Between me and the author of this sentence, I think we have two different definitions of "security vulnerability".

Aquire a drone for even less? (0, Insightful)

Anonymous Coward | about 5 months ago | (#45590209)

You could also get a drone by robbing a Best Buy with a $10 knife... Is it no longer stealing just because there's a cool hack involved?

Re:Aquire a drone for even less? (1)

Anonymous Coward | about 5 months ago | (#45590567)

Is it no longer stealing just because there's a cool hack involved?

Is anybody suggesting that it's no longer stealing just because there's a cool hack involved?

Re:Aquire a drone for even less? (1)

Anonymous Coward | about 5 months ago | (#45590835)

If someone is flying a drone that's programmed to follow any unauthenticated instructions broadcast to it from anyone, and someone takes the drone up on that offer and broadcasts instructions to it, what are they doing wrong?

Re:Aquire a drone for even less? (2)

Garridan (597129) | about 5 months ago | (#45591135)

Your honor, the child entered my van of its own volition, and received the free candy that it sought. What did I do wrong?

Sending instructions? Nothing (on the surface) wrong with that... but the content of those instructions is crucial to an ethical evaluation of them. Steal a drone / kidnap a kid? Bad. Make the drone do a little dance upon delivering a package / teach the kid a funny joke? Not bad.

Simple: just turn off the wireless (4, Interesting)

Neo-Rio-101 (700494) | about 5 months ago | (#45590217)

For something like Amazon's purported drones... all you'd have to do is to hardcode the delivery address and HQ into the drone before flying, and make sure it doesn't accept any incoming signals by turning the wireless off. Now, if we want to talk about trying to get the drone's GPS systems confused, that would be something else! (Actually I'm still wondering if the drone would be smart enough to land on pavement or miss entirely and drop packages on a customer roof or balcony.)

Re:Simple: just turn off the wireless (0)

Anonymous Coward | about 5 months ago | (#45590291)

Technology being what it is on a clear day they can probably navigate by aerial mapping imagery and inertial sensors if GPS is compromised.

Re:Simple: just turn off the wireless (1)

plover (150551) | about 5 months ago | (#45590319)

I was wondering about that, too. Maybe they'll have the drone autonomously fly to the target's address, then have a human pilot land it on the doorstep, guiding it via GPRS, 4G, or something similar.

Re:Simple: just turn off the wireless (1)

Anonymous Coward | about 5 months ago | (#45590507)

It would likely be a Destination Landing Pad. I suspect the optimal setup would be a subscription service, and the landing pad would be part of the subscription.

Re:Simple: just turn off the wireless (1)

sjames (1099) | about 5 months ago | (#45590521)

I don't think they're smart enough to reliably drop packages on the roof or even in the pool, but I understand they're motion capturing paper boys on their routes to see if they can learn the secret.

Re:Simple: just turn off the wireless (3, Interesting)

Zwergin (572487) | about 5 months ago | (#45590537)

(Sorry, did not realize I was not signed in. ) It would likely be a Destination Landing Pad. I suspect the optimal setup would be a subscription service, and the landing pad would be part of the subscription. ~Zwergin

Re:Simple: just turn off the wireless (1)

Neo-Rio-101 (700494) | about 5 months ago | (#45591859)

That's a pretty good idea. That way you could ensure that the drone lands in your backyard so that the package and drone doesn't get swiped from your front door by a passerby.

Re:Simple: just turn off the wireless (3, Funny)

Fnord666 (889225) | about 5 months ago | (#45590767)

Actually I'm still wondering if the drone would be smart enough to land on pavement or miss entirely and drop packages on a customer roof or balcony

Hopefully they don't use the code that delivers care packages in Call of Duty then.

Re:Simple: just turn off the wireless (1)

wvmarle (1070040) | about 5 months ago | (#45590883)

GPS is not reliable or accurate enough for doorstep deliveries, will need some human controller.

The max. accuracy of normal GPS is about 1m, which is already a bit coarse for doorstep delivery and in urban areas receivers may get confused by reflections off of buildings. And even if GPS were accurate enough, you'd need to know really accurate coordinates of that doorstep, or that park bench where the person ordering the pizza is.

So certainly a human operator will have to do the last part of the trip.

Re:Simple: just turn off the wireless (4, Insightful)

rk (6314) | about 5 months ago | (#45591211)

DGPS can get 10cm resolution if done right, and DGPS coverage is not a problem for most residences in the US and certainly not in the areas I'm sure Amazon will pilot (no pun intended) this system. Vision systems are getting more sophisticated and can probably find the front door reliably with sufficient accuracy once on the scene. I'm curious to know how it will handle apartments, though.

Re:Simple: just turn off the wireless (3, Funny)

Dan541 (1032000) | about 5 months ago | (#45591321)

I'm curious to know how it will handle apartments, though.

A cannon to launch the parcel through the window?

Re:Simple: just turn off the wireless (1)

Smauler (915644) | about 5 months ago | (#45591795)

The accuracy of GPS is not the problem. The problem is places where GPS is useless.

To be honest, if I can order something and it be in my drive in about 1/2 an hour, that is good enough, where I am living now. I can keep an eye out for it. I live in the middle of nowhere, and there's no chance of it being picked up by someone else. I have lived in towns and cities, though. Some of my previous residences had hundreds of people walking by the front door every hour. GPS does not work there, and it never will, no matter how accurate it is.

Re:Simple: just turn off the wireless (0)

Anonymous Coward | about 5 months ago | (#45591541)

There aren't going to be any Amazon drones. This is called PR, plant an intriguing story in the news and get everybody talking about your core business proposition for the christmas season.

christmas. amazon. delivery. christmas. amazon. delivery. christmas. amazon. delivery.

anybody not get the message yet?

Guns. (0)

Anonymous Coward | about 5 months ago | (#45590219)

Would you Americans please stop using guns to shoot each other, and aim them up at these things instead? Cheers.

Re:Guns. (-1)

Anonymous Coward | about 5 months ago | (#45590763)

Shooting people improves the world more. Darwin approves.

People who get shot are less likely to breed after being shot. This culls out people who pissed someone off enough to be shot.

It's a good thing.

Much ado about nothing (0)

Anonymous Coward | about 5 months ago | (#45590223)

He's basically saying that "hey, this consumer drone has no security", and the most powerful signal wins.

That's pretty much true of any consumer RC product.

Newer-generation control systems in commercial & law-enforcement drones will likely use encrypted communications.

Re:Much ado about nothing (0)

Anonymous Coward | about 5 months ago | (#45590323)

Even hobbyist grade consumer drones are not susceptible to this hack. This only affects a handful of "toy" drones like the Parrot AR which were never designed to be secure in the first place.

No security vulnerability (1)

Arancaytar (966377) | about 5 months ago | (#45590293)

Because accepting a wifi connection without authenticating its source is totally not a vulnerability.

In other news, you could own every single computer connected to the internet, without using any security vulnerabilities, as long as it runs an ssh server without a root password.

Stealing an Amazon Drone (2)

Metabolife (961249) | about 5 months ago | (#45590311)

What's to stop someone from forcefully taking down an Amazon drone, then placing it into a Faraday cage while they disassemble it and get the free hardware?

Re:Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45590379)

What's to stop someone hijacking a ups truck, then placing it into a chop shop while they yadda yadda.

Re:Stealing an Amazon Drone (5, Insightful)

Anonymous Coward | about 5 months ago | (#45590437)

a truck driver

Re:Stealing an Amazon Drone (3, Insightful)

umafuckit (2980809) | about 5 months ago | (#45590427)

What's to stop someone from forcefully taking down an Amazon drone, then placing it into a Faraday cage while they disassemble it and get the free hardware?

The fact that it's vapourware and will never see active service?

Re:Stealing an Amazon Drone (1)

14erCleaner (745600) | about 5 months ago | (#45590713)

There's also the fear of prison. These things will be transmitting live video feeds back to home base. If they actually existed, that is.

Re:Stealing an Amazon Drone (0, Troll)

Dunbal (464142) | about 5 months ago | (#45590769)

Yes, thank goodness we live in a crime free world where the fear of prison prevents all crimes.

Re:Stealing an Amazon Drone (1)

Anonymous Coward | about 5 months ago | (#45590857)

I hear that the security system protecting most current home deliveries (I think they call it "a human") breaks down if you point a simple kinetic projectile emitter at it!

Re:Stealing an Amazon Drone (1)

wvmarle (1070040) | about 5 months ago | (#45590843)

And after taking control over that thing, what's stopping you from disconnecting the video stream as well?

Re:Stealing an Amazon Drone (2)

physicsphairy (720718) | about 5 months ago | (#45590499)

Jeff Bezos circling above in an Apache attack helicopter.

Re:Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45591231)

COME ON MODS THAT WAS FUNNY. Apache is software, and an attack helicopter, and a helicopter that attacks with software.

Its funny because Apache means both 'attack helicopter' (http://en.wikipedia.org/wiki/Boeing_AH-64_Apache) AND software (http://www.apache.org/). It activates two regions of the brain simultaneously, leading to a humor response.

http://www.youtube.com/watch?v=EkSwszgdfNw

Re:Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45591247)

http://www.youtube.com/watch?v=mgIsd7q0SI4

Re: Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45591703)

So... For every â10 worth of stuff I order... I get a FREE Amazon Dron

Re:Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45590603)

What's to stop someone from stealing a UPS truck while the driver is busy taking a package to the door?

Re:Stealing an Amazon Drone (0)

Anonymous Coward | about 5 months ago | (#45590689)

When I read the story about Amazon's drone delivery, my first thought was: "Will it be able to escape when I throw a blanket on it?"

Slashdot needs a better "Stupid Submission" filter (0)

Anonymous Coward | about 5 months ago | (#45590313)

Any company that leaves their drones susceptible to a simple hijack deserves to go bankrupt buying drones.

Let's see... Just put a GPS / visual flight plan in the thing that cannot be replaced without a secure connection or a physical connection.

Skyjack only works for WiFi drones! (4, Informative)

cciRRus (889392) | about 5 months ago | (#45590327)

While pro-grade multicopters like those to be deployed by Amazon operate at 2.4GHz, they do not use WiFi as their radio system! Typically, these multicopters are fitted radio systems such as Futaba, JR, Spektrum or 9X, and therefore Skyjack will not be able to take them down.

Re:Skyjack only works for WiFi drones! (1)

Anonymous Coward | about 5 months ago | (#45590389)

Maybe not. But I'm willing to bet many will be lost to .308 or .30-06 rounds...

Re:Skyjack only works for WiFi drones! (1)

Omega Hacker (6676) | about 5 months ago | (#45590401)

I *highly* doubt the Amazon drones will be operated by some hobbyist Futaba or Spektrum protocol. Doing such a thing would be absolutely ludicrous from just about every angle possible. First of all, such protocols are nothing more than "stream-of-servo" positioning commands, and very badly suited to autonomous drone control. Honestly they're pretty badly suited to manual drone control IMO. Second, they are even less secure than WiFi. I'm going to take a wild guess and say that the Amazon drones will be cellular-controlled, with high-end SSL used to send the drone a set of GPS coordinates (waypoints, etc.), and the drone will handle *every* control aspect from there on out, as it should.

Re:Skyjack only works for WiFi drones! (2)

drinkypoo (153816) | about 5 months ago | (#45590941)

and the drone will handle *every* control aspect from there on out, as it should.

I don't think so. I think they'll plot the entire route, waypoint by waypoint, down to delivery of the actual package. The drone will do waypoint following and collision avoidance, but that's it. That's a lot cheaper in terms of power budget, because your drone doesn't have to be quite so clever.

Re:Skyjack only works for WiFi drones! (0)

Anonymous Coward | about 5 months ago | (#45590465)

if you're operating anything that can kill people on unlicensed spectrum, you ought to be convicted and imprisoned.

Re:Skyjack only works for WiFi drones! (1)

asmkm22 (1902712) | about 5 months ago | (#45591427)

It doesn't really matter what the various drones use. They will get hacked, because they're convenient targets designed to accept remote communications from someone.

Law Enforcement Drones? (3, Insightful)

codegen (103601) | about 5 months ago | (#45590355)

The articles describe a wifi hack. Last I checked wifi has a range of 300 feet. There are some ways in which this can be extended to several miles but that involves large (i.e. 10ft) antennas. If you honestly think that law enforcement and amazon are using wifi to control their drones then I think you need to look a bit closer.

Re:Law Enforcement Drones? (0)

Anonymous Coward | about 5 months ago | (#45590439)

Last I checked wifi has a range of 300 feet. There are some ways in which this can be extended
to several miles but that involves large (i.e. 10ft) antennas.

You must have old data...

Patch and Yagi Antenna(s?) are quite assuredly not 10ft tall... and dishes are very... very likely not to exceed a couple feet across and will operate up to a (theoretical maximum) of 20 miles... give or take a radio troll or two.

Re:Law Enforcement Drones? (1)

cdwiegand (2267) | about 5 months ago | (#45590895)

Wha? Yagi wifi antennas are certainly NOT 10 feet tall. 18" long - http://www.mfjenterprises.com/Product.php?productid=MFJ-1800 [mfjenterprises.com]. 15 dbi (so if your current antenna is 3 dbi this is a 12 dbi increase, or say 100x+ish). Very directional, though.

And no one sane running a drone "program" would use normal wifi - they'd get a control frequency from the FCC and go that route.

Re:Law Enforcement Drones? (1)

asmkm22 (1902712) | about 5 months ago | (#45591441)

I think he's talking about building for about $400, then flying that drone close enough to another drone where the wifi magic works, and take control of it that way.

How To Hijack UPS For $200 In Less Than 5 minutes (1)

Anonymous Coward | about 5 months ago | (#45590367)

A gun.
Illegal will still be illegal.

Re:How To Hijack UPS For $200 In Less Than 5 minut (1)

rmdingler (1955220) | about 5 months ago | (#45590791)

Sure. But. The number of people willing to steal remotely is an order of magnitude greater than the number of people willing to do up close and personal armed robbery. Mira! A car analogy: It's like killing a person with your pickup instead of with a knife.

Re: How To Hijack UPS For $200 In Less Than 5 minu (0)

Anonymous Coward | about 5 months ago | (#45590845)

God knows I wouldn't have murdered all those people if I had to use a knife instead of my car. I would have had to cut back to four, maybe five, murders a day if I were so inconvenienced.

Not too advanced, but cool concept. (0)

Anonymous Coward | about 5 months ago | (#45590409)

This only affects parrotAR drones, which specifically are meant to be easy to use and have no security. Something like an Amazon drone or military drones will most likely have some authentication mechanism. But still, this is something to consider in popular drone design.

So if you have a toy drone... (1)

Stewie241 (1035724) | about 5 months ago | (#45590419)

So if you have a toy drone you can take over other toy drones? Could be great fun at a toy drone party but I don't see how it has anything to do with law enforcement drones or Amazon drones.

I'm sure it would never cross the minds of intelligence agencies, law enforcement agencies or Amazon to authenticate the controller.

"High-power"? (1)

zooblethorpe (686757) | about 5 months ago | (#45590433)

The target range of the Skyjack drones is limited by the range of the WiFi card, but Kamkar said he uses a very powerful WiFi adapter called the Alfa AWUS036H, which produces 1000mW of power.

So this "very powerful" Wi Fi outputs 1000 milliwatts ... which equals one watt.

Am I missing something, or is this just bad reporting?

Re:"High-power"? (1)

Actually, I do RTFA (1058596) | about 5 months ago | (#45590481)

So this "very powerful" Wi Fi outputs 1000 milliwatts ... which equals one watt.

Am I missing something, or is this just bad reporting?

That's the highest power WiFi you can broadcast without violating FCC regulations. With a highly directional antenna, it should reach pretty far.

Re:"High-power"? (1)

aXis100 (690904) | about 5 months ago | (#45591471)

Normal wifi transmitters are only 30mW - and can still achieve 10km using a high gain directional antenna. So yeah, 1W is pretty powerfull.

What I fear will happen (2)

mysidia (191772) | about 5 months ago | (#45590663)

If Amazon can make a drone to deliver packages ---- then someone else can make a drone to "tail" Amazon drones, and grab the package after delivery; taking it off to some prescribed location for reappropriation.

Re:What I fear will happen (0)

Anonymous Coward | about 5 months ago | (#45591591)

Just like someone can currently tail a UPS or FedEx driver and grab the packages after delivery?
Of course since these drones initially are planned for 30 minute delivery you can be sure someone is probably waiting at the door for this stuff and if they see a drone attempting to swoop down for their shit I'm sure they could easily stop it.

real drone/plane? (0)

Anonymous Coward | about 5 months ago | (#45590673)

is that for a real drone or one of those remote controlled copters?

The assumption (0)

Anonymous Coward | about 5 months ago | (#45590809)

Hate to tell the author but any decent drone wouldn't use WIFI for communication

Everything old is new again (4, Insightful)

roc97007 (608802) | about 5 months ago | (#45590831)

Ok, so hang on, In a previous life as a military contractor, I used to do this with 1980's technology. This (TFA) sounds like a cheap, brute force approach, that actually works fairly well. You overwhelm the subject with a much stronger signal, and depend on the receiver's automatic gain control to limit the amplitude, putting the "real" control signal down in the noise. You then have the drone's full attention.

The usual countermeasure is to encrypt the control signal. Then, you can still do a DOS (in today's terminology), but you can't get the drone to obey your commands.

The counter-counter measure to this is to break the encryption so you can control the craft. Flash back to those supercomputers that hobbyists were building by clustering lots and lots of game consoles. Just saying'.

Then, there's counter-counter-counter measures like hopping between frequencies and so forth, but for every technique there's a counter-technique, and I suspect computers have gotten fast enough to analyze tricky incoming signals and mimic them fairly quickly.

Someone brought up GPS -- Amazon's little copters can't be hacked because they're autonomous, using GPS for navigation. Well guess what -- GPS is just another signal. As we learned in the middle east, it is possible to spoof those signals and get a drone to land in a place it didn't expect.

The counter to *that* is inertial guidance. But realistically, Amazon and most government agencies probably won't have the budget for that.

Optical guidance? (and optical surveillance in general) Green lasers with automated tracking and aiming triangulating by noise, or emitted RF, or visual recognition. Anyone with robotics experience should be able to at least theorize a solution.

Wow, the next few years are going to be *fun*.

Re:Everything old is new again (1)

drinkypoo (153816) | about 5 months ago | (#45590945)

The counter to *that* is inertial guidance. But realistically, Amazon and most government agencies probably won't have the budget for that.

An off-the-shelf IMU costing less than $100 as a completed product gives you enough information to tell if your position is shifting in the way that the GPS claims, with a little software trickery. You can certainly detect something like that, and then start retracing your steps. One or two retries and the drone just flies home.

Re:Everything old is new again (1)

roc97007 (608802) | about 5 months ago | (#45591143)

The counter to *that* is inertial guidance. But realistically, Amazon and most government agencies probably won't have the budget for that.

An off-the-shelf IMU costing less than $100 as a completed product gives you enough information to tell if your position is shifting in the way that the GPS claims, with a little software trickery. You can certainly detect something like that, and then start retracing your steps. One or two retries and the drone just flies home.

I wasn't aware that IMUs had gotten that cheap. (I haven't done this stuff in many years.) But that just takes us to the next level, where IMU accumulated error and gradual GPS draw-off techniques are employed. More difficult, but still possible.

Re:Everything old is new again (1)

Overzeetop (214511) | about 5 months ago | (#45591345)

So you spoof the GPS to be within the dead reckoning band of the IMU and wind allowances (which can't easily be accounted for). It takes longer to hijack and transfer to a safe spot for collection, but not out of the bounds of possibility.

Re:Everything old is new again (0)

Anonymous Coward | about 5 months ago | (#45591677)

>So you spoof the GPS to be within the dead reckoning band of the IMU and wind allowances

Yeah, a slow walk. The drone would run out of gas before you got it anywhere useful. Not to mention that both the sender and receiver would notice it was overdue.

Re:Everything old is new again (0)

Eskarel (565631) | about 5 months ago | (#45591001)

When they toss the first couple jackasses who do it as a joke into federal PMITA prison for the rest of their lives the joke will wear pretty thin. It's not even a case where it'd be a disproportionate response, anyone actually doing this for the lulz needs to be off the street for a long time.

Re:Everything old is new again (1)

roc97007 (608802) | about 5 months ago | (#45591097)

I'm not interested in people who do it for laughs. (Although, there will probably be some who do it just to see what kind of chaos they can create. The same morons who point laser pointers at commercial aircraft.) As soon as the profit/risk ratio is favorable, someone will do it, either to acquire the cargo, acquire the craft itself, or prevent the craft from doing whatever it was trying to do. Just pointing out that there are known techniques.

Re:Everything old is new again (1)

Eskarel (565631) | about 5 months ago | (#45591985)

There are, but there's always a risk of this sort of thing, as has been pointed out delivery drivers aren't immune from theft either.

Re:Everything old is new again (0)

Anonymous Coward | about 5 months ago | (#45591109)

"Optical guidance? (and optical surveillance in general) Green lasers..."

Works great until those leaves get in the way.

The solution is multimodal. A lot of systems already support it. The reason why it's not used often is bandwidth, most 2.4Ghz non-wifi chips have some AES capability and coupled with other measures, you can secure your system up to jamming attacks.

Re:Everything old is new again (1)

swillden (191260) | about 5 months ago | (#45591551)

The counter-counter measure to this is to break the encryption so you can control the craft. Flash back to those supercomputers that hobbyists were building by clustering lots and lots of game consoles.

If you use decent encryption in your counter measure, this counter-counter measure is useless. It doesn't matter even if the attacker has a cluster of real supercomputers.

Re:Everything old is new again (0)

Anonymous Coward | about 5 months ago | (#45591567)

>The counter to *that* is inertial guidance. But realistically, Amazon and most government agencies probably won't have the budget for that.

These aren't cruise missiles so there's no need for a self contained positional reference like inertial guidance. LIDAR and stereo camera terrain matching is enough. Let's see someone try to fake the physical signature of 10 square km of buildings remotely.

And, by the way, a compass would probably already be a self-contained enough measure of heading to tell you when your GPS is lying.

Re:Everything old is new again (1)

AHuxley (892839) | about 5 months ago | (#45591713)

The US gov handed out a lot of old 'mil' tech (~small tanks, weapons systems) and drones to a lot of "small" cities over the past 10 years. With FAA approval now more understood the drones will soon be watching more regional ports, truck movements, airports and main roads 24/7.
A lot of groups doing 'import/export' work are going to be spending big on counter-counter measures to ensure their shipments are not tracked :)

What the hell? (1)

BringsApples (3418089) | about 5 months ago | (#45591073)

“The only security on the Parrot drones is that when the owner is connected to it, no one else is able to control it. This is why I need to use a wifi chipset that allows me to inject packets as I need to exploit wifi and deauthenticate the true owner who is controlling it,” Kamkar said.

So I've gotta ask, what would stop someone from doing this same thing on either side. On one side, you've got those that could hijack your parrot using the same tactics that you are using to hijack the drone. On the other side, whatever you do to protect your parrot, could be implemented to protect the drone, right? Am I missing something? Also, what's to stop parrots from buzzing around doing the same "evil" that Google did with wireless routers.

lol (0)

Anonymous Coward | about 5 months ago | (#45591229)

What drones that are used for anything but hobby use actually use WiFi for their C2 link?

I think the author means "parrot AR drone" not "drone".

Bezos Butt Fucked 60 Minutes (0)

Anonymous Coward | about 5 months ago | (#45591975)

Bezos use a few 100k dollars cash to payola 60 Minutes Execs into letting him Butt Fuck 60 Minutes and America ... that he soooo loves.

QED

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...