Yikes, I had been considering asking aloud whether the drones could be remotely hijacked and sent to attack other things than our targets, but I thought I’d be laughed down for underestimating the technology’s sophistication.

But this story shows that we’re at least halfway there.

The encryption would pretty much have to be weak (for the same reasons that wifi encryption is), but JFC people! How the hell does it just get left out? This is not a difficult thing to fix.

Spencer gave you the one word answer to your question: arrogance.

If you’re in command, you damn well better assume that your enemy is smart and therefore you need to be smarter. You don’t assume they’re dumb and try to get by. As Spencer said, that’s how folks under your command get killed.

But this seems typical of the BushCo mindset, especially as practiced by Cheney, Rumsfeld, and Bush himself. Believing your own PR folks about American military exceptionalism makes for a very large blind spot. I’m not saying this originated with Bush & Co, but they surely encouraged it and enforced it at the DOD for eight years.

I know. I guess I just still had some hope that, down at the lower levels where things actually get done, somebody still had enough pride in their workmanship to take care of things like this, no matter how sure they were that it wouldn’t be a problem.

SkyGrabber = Stingers

With Decider Bush as Commander-In-Chief, what passed for smart wasn’t really all that smart.

My army major efriend told me years ago that all the GPS systems that the military uses can be hacked by a Radio Shack purchase. That includes “smart” bombs.

Thanks for picking up this story Spencer.

It’s a similar arrogance that pervades throughout the DoD… A Marine General pointed out significant flaws in our Navy’s defense of the Arabian Sea… Gaming out an Iranian response to an Israeli and/or American attack on Iran… The bulk of the 5th Navy would’ve been the ‘most expensive artificial reef in history’…! Quote/Unquote…! That Achilles’ heel is still unresolved…!

It’s the excessive fire power and being the world’s greatest superpower evah that gives them arrogance.

Same as it always was. Charlie always figured out ways to use out high tech shit to their advantage. Read “The Tunnels of Cu Chi” for a great read about dumb shit we tried to develop in that cluster fuck.

Encryption? We don’t need no steenkin’ encryption!

My god, that something this basic got dropped from the tech requirement specs…

Was that the war game that the U.S. lost?

We’re the US Army, we’re 10-1!

Badly, M’dear…! 8-(

Which means militants have the ability to see through the eyes of all kinds of combat aircraft — from traditional fighters and bombers to unmanned spy planes. The problem is in the process of being addressed. But for now, an already-enormous security breach is even larger than previously thought.

Great. So, by doing so they evade our capture, and can anticipate where we will be. Just great. [walks away muttering and shaking head]

I no longer remember accurately, but I think the hacking of smart bombs means they can redirect them. If not to a particular place, to at least a random place rather than the target.

Next thing you know we’ll hear that 19 guys with box cutters could attack the heart of the US financial, political and military structures on a shoestring budget.

Pride goeth before the fall.

-G

The first word in the acronym IED is Improvised, meaning that some clever people have figured out how to compensate for their own lack of a multi-billion dollar munitions budget. Such clever people can be automatically assumed to know everything there is to know about the gaps in the adversary weapons systems.

You have to be fucking kidding me. I can’t even get away with pushing customer contact information unencrypted between an e-commerce platform and a back-office CRM system.

When is the DOD going to discover the flaw that causes the predator drones to kill hundreds and hundreds of innocent civilians?

They’re working on it in the Oval Office, right?

I just got out of the Army where I worked in a UAV unit that deployed twice to Iraq. I can say that this problem is way overblown.

First of all, you can’t control a UAV by intercepting the downlink. You can just see what it sees, IF you have the right channel and frequency, and IF you are in range with an adequate receiving system. Whoever said you can seize control and hijack a UAV with Radio Shack purchasing is full of BS.

Secondly, encrypting every downlink a UAV trasmits would be hugely expensive and risk exposing more encryption equipment to enemy access. The reason why most UAVs are not encrypted is because they crash sometimes and can’t be recovered, and if there is encryption inside the system it can be stolen and used with even greater adverse impact. I would rather the enemy see my video feed than have a chance to steal an encrypted device. I agreed then, and I agree now, that it isn’t worth doing.

Thirdly, please don’t insult people in the military by assuming their attitudes about these issues comes from George Bush. To say the decision whether or not to encrypt a UAV downlink is due to American arrogance and misunderstanding of foreign culture is insulting.

Besides, as 9/11 showed us, sometimes you want the enemy to inflict some damage.

Good luck with that here, these remington raiders know everything

Using even generic stream encryption via certificate, wherein you just invalidate a compromised certificate, would be a massive improvement, and be trivially easy to employ.

If I’m not allowed to see Dick Cheney’s house on Google Earth, because it’s too secret, then I’m not sure how one can make an argument that the video feed from an active-duty Predator drone is essentially benign.

Arrogance. It’s the Amurrican way. From the expensive suits (some with flop-sweat) trying to convince us that the health care bill is a good thing to the medal-bedecked toy soldiers who are always crying for more toys tho they can’t make sure that what they have function properly.

Seems the Villagers have decided we progressives belong in the stupid slot as well.

Ha ha, looks like! Wasn’t trying to be pissy.

Do the hackers have a internet site where we all can look?

I think it would be fascinating to learn why they didn’t encrypt these data streams, even if all they did was use something free and off-the-shelf like Secure Shell.

Nate-

It’s not so much that it’s benign, it’s that the risk you are running of the enemy tapping into your feed without controlling just isn’t worth a major change in what you are doing. You are correct that there are different levels of encryption that are more or less sensitive than others, but overall it’s a minor risk. The enemy needs to know a list of things- when, where, what channel, what frequency, you are flying in order to download your feed, and then he is only looking at the same thing you are- he can’t control the camera or anything. If anything he’ll just be looking at himself (hopefully!)

Again, just saying this problem is way overblown. It’s not like Al-Qaeda will be turning the Predators around on Washington or something like that.

LOL!!!

heh

Heh… Having served in Another Damn Army… I wore the ‘erection in all directions’ brass… I agree with ya…! One question I do raise is why don’t they utilize SINCGARS…? It’s not like it would truly provide any viable encryption technology…! Too much data has to be synched…!

Your first point seems to be correct, according to the news reports I looked up. The software they used is only for the purpose of looking at the video and audio data, anyway. It looks like the trickiest thing it does is fool satellite relays into sending data to the user of this software.

Your second point is nonsense. There are several off-the-shelf public key products that could have been used to encrypt the stream adequately. Once you get into the 128-bit key range, the most important thing for security is proper key management. It would have done the bad guys no good at all if an intact UAV with all the software source code onboard. They still would have had virtually no chance of decoding the streams in time.

Ha ha true- SINCGARS gives everyone a hard time just to get the synching right.

But that’s kind of my point. Encryption is an added pain in the arse when the worst possible scenario of enemy interception isn’t really that bad. Again, I’m just speaking as someone who has directed and used these in combat, and it just is what it is.

Plus, come on- they are WAY too expensive as it is! Let’s not demand more bells and whistles in order to avoid an unlikely scenario.

SINCGARS is very complicated to operate correctly, unless you’re just using it like an ordinary radio, in which case it strikes me as still more complicated than it has to be.

Cujo- you are technically correct, but the Army has the same policy with our encrypted radios. If you lose a sensitive encrypted item like a radio that had encryption in it, it’s a BIG DEAL, even if the enemy has virtually no chance in exploiting it. We treat all encrytion as sensitive information, even if there is little or no risk of exploiting. We go way overboard in our precautions, but I’m just telling you how it is.

My main point, again, is this is why the policy is what it is. It isn’t that we arrogantly assume no stupid jihadist could figure it out. It’s basically to be in compliance with our own information protection standards.

Btw… Where’s my manners…? Aloha, SD and Raven…! ;-)

Sup dawg

What points you talkin bout Willis?

He meant my points.

It’s not really complicated to use ‘hopping’ or not…! You only have to be 10% smarter…! ;-)

Dude, you’re talking to us soldiers! Don’t make us do hard stuff now… :)

Hey, dude.

*fistbump* LOL…!!!

OK, and that is actually the gist of my question. They don’t seem to even recognize the utility of these OTS encryption components. Using them correctly would make it a bit harder to watch the stream NOTE: For the guys who are supposed to be able to look at it (you’d have to regen the keys rather often), but once you’re synced up, it works fine at any distance you can still have an IP connection. When you add that to all the other things you have to do to start and fly a UAV, it doesn’t strike me as added complexity. Yet the DoD won’t use them even in cases like this where the information has potential utility, and laments that “real” encryption is too expensive or potentially useful if captured.

Oops. Clicked “Reply” at the wrong spot. Looks like zeroguardian03 picked up on that, though. Sorry – false alarm.

Ten percent smarter than what??? I’m used to walkie-talkies.

One thing that I’ll say about SINCGARS is the fact that the ‘hopping’ does diminish the RF waves… Hence, it’d probably impact livewire control of the UAV’s… That said, Enough SINCGAR’s have been produced already to nullify ‘added expense’…!

Okay, I’ll accept your point- if we can demonstrate that there is a real reasonable threat of the enemy intercepting our feed, I would agree that we would be justified in installing an off the shelf, minimally sensitive encryption system that would prevent that. No biggie.

I guess what made me reflexively irked at this article is that it assumed that the cause of the decision was some kind of Cheneyesque arrogance, rather than a simple decision of trade-offs that turned out to be a bad call. I get just a little defensive when other progressives bash on America like this. Just… tacky, I guess. I kind of like my country.

Ya mean the Prick 77′s…? ;-)

Yes, I suspect so, and they’re supposed to be replaced soon, IIRC. Might as well use the durn things.

I remember when SINCGARS came out, that frequency hopping sounded like such a cool thing. Now, wireless microphones do it (they just don’t have variable hopsets).

Naw, civilian versions (UHF and VHF). In the most complicated of them, once someone programmed the frequency, the only thing you had to remember was what channel you were supposed to be on.

Yes, that irked me a bit, too. Sometimes things really can be explained by suboptimal choices or institutionalized foolishness. We need to remember that. Otherwise, you end up trying to fix the wrong problem, or wondering why things don’t work better once you have.

Aww, man, I was stuck with PRC-10s. Sheesh.

Well put! I am glad I am out of the Army, but as I left it I also had to recognize that seldom has such a HUGE organization with so many HUGE inefficiencies still worked pretty damn well. There are millions of things to criticize it for, but it is also extremely hard to run such an enormous institution well. It’s probably the biggest reason why most countries don’t even try- it’s hard. I wouldn’t want to have the job of building one from scratch, much less the best one that’s probably ever been created.

(they just don’t have variable hopsets)…

Therein is the nub of the problem Single Frequency coms… It will always be ‘hackable’ unless it’s scrambled in one way or another…!

Can’t rate it against other armies, but it works remarkably well, considering. My small observations of strictly civilian agencies suggests that most don’t work any better, and some work worse. There are the equivalents of inter-agency and inter-service rivalries at just about any government agency that has more than one department. Those rivalries explain a lot about why things don’t work well, and why people who ought to be communicating with each other can’t or won’t.

True, but I think the attraction for WiFi and wireless mikes is that interference on one frequency, or even a different transmitter using the same freq band for hopping, is that it will still work, just less well. I’ve never seen a civilian application that used hopping for security or to make it less detectable.

I’m really sorry because it is dangerous and it is war, but this is so laughably Pentagon from soup to nuts, it’s just mind numbing. Unencrypted because the adversary is gamed as too dumb to know how to hack an unencrypted video stream. Must have Iranian help because what, Iraqis don’t have $26 to buy software with and there is a liquidity crunch? And then the total Royal Pentagonness: Buy a whole new set of drones at umptymillion per drone because the software and/or hardware isn’t replaceable in any smaller unit.

And STILL, the Pentagon remains the only organ of our wonderful government that will fund research on subject after subject, so they are actually probably the smart ones in the whole mess. Makes you wonder what would have happened if DHS were running the thing. All of them would only have had one wing because the blueprint for the two-wing model violates the reduction of paperwork act or something.

Don’t apologize for anything. You’re right and I doubt that Spencer will hesitate to thank you for your info, should he ever actually read through the thread.

And STILL, the Pentagon remains the only organ of our wonderful government that will fund research on subject after subject, so they are actually probably the smart ones in the whole mess.

The thing is, most all of this “technology” has been years in R&D and testing leading up to any actual production. Given that, it’s a wonder sometimes any technology is worth a damn when it actually makes it to use in the field

I assume this ability, to see what the Predator is tracking, in no way improves its targets’ ability to evade it?

The arrogance is in the upgrade, and the reason for putting it off. The original decision is quite understandable, since it was streaming video in the 1990s, and therefore there was a trade-off that had to occur between the amount of processing you could do on the stream and the ability to provide the frames fast enough for video.

Two problems: One the lack of modularity that causes the replacement of the whole piece of equipment to upgrade software/hardward on a single modular component, and the resultant massaging of the meaning of not having encryption to the point trading a decision based on cost and poor planning for an explanation in terms of lack of sophistication of the enemy. The same thing was done on ABM systems from the originals to the Star Wars program. We could invent MIRVs with chaff and all sorts of decoys, but they could only lob a single missile with no distractions because that’s all our system could defend against. Add to that the fact that it’s always easier to get money for a totally new and unrelated system than money to upgrade something because the latter isn’t exciting, and you have it in a nutshell. Oh, and five will get you ten that the non-modularity is the result of two things acting simultaneously against it: Building too many one of a kind items, and building the whole thing as an inseparable whole so no piece can ever be contracted to somebody else.

Sorry, but a system that has a flaw is as you say, a bad call. A system that still has the same flaw 15 years later and requires a multi-milliion dollar fix for something that should be fixable for less than a million total, and an explanation based on everybody else in the world being stupid? Inexcusable.

Well, sure, but think about it- you are afraid of American Predators, so you buy a receiver and monitor to receive the feed of said Predator. If you succeed in receiving the downlink, you have a monitor that is showing the current video feed of what the Predator is monitoring (keep in mind, in Iraq we usually had at least 2 or 3 Predators in flight at one time, so this is assuming you are monitoring all channels of all Predators for complete information.) If you actually see your own location in that feed, how much time do you think you have to clear your location before you are fired upon, assuming the Predator is actually going to fire on you? Probably seconds, if you are really the target of the mission.

My point is, the usability of receiving American Predator feed for an enemy on the group is more minimal than you would think. If I was fighting on the other side, I wouldn’t waste the time and hassle trying to monitor American video feeds, watching them scan the landscape of Iraq and guessing what they are trying to look for or do.

From 5,000 miles away, this seems like a huge problem that would devastate our fighting capability. From 5 miles away, it isn’t a problem that I found alarming when I was in the fight. I would be far more alarmed to hear they were intercepting our radio transmissions or human intelligence networks.

But like Cujo pointed out, it’s probably not a hard problem to fix, so I’m not against fixing it. I just think the attitude of the article is one of, “Oh, SO TOTALLY like our ARROGANT DoD to make this mistake!” and it’s kind of overwrought. My only point.

Probably not. Judging from pictures, most of the guided bombs used seem to be the GPS-guided variety. To control such a bomb, they would have to overpower the signal from the GPS satellite, which is probably not easy compared to scanning for an unencrypted video feed from space.

The datalinks that control the UAV are also encrypted, supposedly. I don’t think they could be easily interfered with, barring a major bug in the system.

Robspierre-

You are correct. The uplink, not the downlink, is what controls the UAV, and those are not only encrypted, they cannot be changed midflight. You cannot seize control of a UAV midflight until the controlling station releases control of it. At least that was true for the systems we flew.

The worst case scenario in this situation is the enemy being able to recieve the video feed transmitted from the UAV. A problem, sure, but not the same as an infiltration of our command and control of the systems.

What astonishes me is the military mindset that seems to see Afghans and Pakistanis as quaint little brown people from a 1930s Kipling movie. Anyone who has actually worked in a high-tech field in the last 15 years should know that such people fill half the cubicles in any US software-development firm.

I guess that the cube dwellers look more intelligent and advanced because they shave and dress Amurruhcun (none of those funny hats and those long shirt things). Makes all the difference.

Sure, there are probably a dozen reasons why the system costs so much and takes so long to upgrade and improve. I would be the last one to defend the acquisition process in the DoD- it’s as convoluted and inefficient as hell (not to mention some corruption in there too, I’m sure). But let’s make sure we blame the right things- Spencer’s assumption is that the arrogant Pentagon officials assumed the foreign jihadist would be too stupid to ever download a video signal. I don’t think that’s the reason why this happened. Some problems are ideological, but I don’t think this was is.

Which military people are you referring to? The ones who have been there, or the ones who haven’t?

Thanks for the confirmation. Still, this seems like a pretty bad oversignt bordering on dereliction of duty somewhere.

It sounds like the downlink would, at a minimum, be easy to jam. Is the insecure downlink video used by the remote pilot or only by those using the reconnaissance imagery?

If it is used by the pilot, couldn’t one at least momentarilly interfere with control of the UAV by blinding the operator at a crucial moment–during launch of a weapon for instance or when flying close to the ground?

If the link is for ground troops only, surely jamming could cut the troops off from UAV imagery when they need it most, during an attack or an ambush?

And what about a more elaborate possibility: could an opponent mount a man-in-the-middle attack against the downlink video? That is, could you overpower the downlink and insert deceptive imagery? For instance, could you hide an ambush by feeding back last week’s saved video with doctored timestamps?

The video feed is used by both- both the remote pilot, who has to confirm what the user on the ground is looking for, and by the user on the ground, who is looking for it.

As for your scenarios,though: no, jamming a video signal wouldn’t interfere with an actual airstrike. Predators use GPS guidance for airstrikes, not visual aiming through the video system (that would be freaky!!), so a break in the video signal would not interfere with aiming the weapons system. And Predators don’t fly close to the ground- they hold constant altitudes very high above rotary wing aircraft, so they don’t rely on their video feeds to navigate. A break in video feed to the ground user is frustrating, but no actual ground strike that i’ve ever seen depends just on UAV feed- commanders are used to a multitude of issues preventing their video surveillance (weather being the biggest one!), so we always have a back-up plan.

Jamming is another issue than simply receiving, though, and requires another type of technology. Is there evidence that anyone has found a way to jam the video signal? I don’t know myself- I am just reacting to the articles that say the enemy has “hacked” the UAV systems. Receiving the video feed isn’t hacking. Jamming a signal would be, but I don’t think the enemy has ever successfully jammed our video signals. Doesn’t mean they can’t, but I don’t think as of now they have.

Again, my main point is that these issues all come down to trade-offs and cost/benefit analysis. Maybe this was a real problem that someone should have to answer for, and maybe it’s all just hype. But it’s not cultural arrogance. I am against the ideology-based assumption I think Spencer made in his article, and that’s really my main objection.

The video communication seems to be UAV-> Satelite -> ground station(s).

Interception of the UAV/Satelite portion is difficult. I suspect that inserting a spoof signal there is also difficult – satelite should authenticate the signal source even if it isn’t encrypted.

The latter of course. Theoretical people are always less sophisticated than the one on the corner (or in the next cube).

I have to say that assuming that “local adversaries wouldn’t know how to exploit” this vulnerability strikes me as arrogance–a familiar kind of arrogance, in fact. The IT world is awash in non-technical managerial types that believe implicitly in “security by obscurity”. I was once told that getting rid of a system admionistrator and instead giving the network superuser password to all of the data-entry clerks was OK, because the latter only had eigth-grade educations. My reaction was that, since the company made them clock out to use the toilet, they’d all know what the had within 20 minutes. An eigth-grade educated 40-something lady with 15 or 20 years on the job may be generally ignorant, but she still knows a hell of alot about the systems that touch her life directly. Paksitan was hardly a technically unsophisticated place even in the 1990s.

I do understand that engineering is always a compromise and military engineering even more so. So I could see that securing a video downlink might not seem to be a big deal when UAVs were modified high-end model airplanes. But Predators and Reapers are expensive, purpose-built military reconnaissance aircraft, not quick and dirty adaptations. Reapers are new. I’d have expected that securing the intelligence against jamming or enemy exploitation would be part of the requirements.

Afterall, even if tactical use of the imagery is as profitless as you suspect, gathering it and observing it ought to be a good way of analyzing our operations and tactics.

Thanks for the expert commentary, by the way. Very informative.

Sure, I don’t object to fixing this leak if it is being exploited to our detriment by the enemy. That’s really a practical decision based on practical factors, such as the ones we’ve been discussing.

What I am curious about is how you assume that arrogance is the reason for the decision. Intelligence analysts in the Army have to make estimates every day about what the enemy could or couldn’t do. Sometimes we get it wrong and sometimes we get it right. In this case they may have gotten it wrong, and the lesson should be learned.

The reason it bugs me is because it’s a bit of a condescending characterization of the military that I hear sometimes from others on the left, and it bugs me- that military folks are backwoods, provincial people who swagger around and misunderestimate the enemy. It’s like we’re projecting George Bush onto everyone in uniform. Just bugs me a bit, so sorry if I’m touchy on it. That is what I got from Spencer’s tone in this article.

When I see a story like this I think about the limited legitimate use of states secrets privileges and classification of information.

-When you’re talking about military hardware, troop deployments or strategic objectives the classification privilege is of course legitimate.

-When you’re talking about secret prisons, torture programs, domestic spying and politically motivated malfeasance (to name a few) the privilege should not be exerted, let alone considered legitimate by the reputedly balancing power of the courts.

So why is it that the vast majority of stories we hear about classification are from the second category, and why is it that judges always rule in favor of government agencies who are quite obviously breaking the law? And why is it that the government spends so much more effort protected the illegitimate secrets than those it really should?

The system is broken.

I’d just like to state that the earliest security in WiFi was specifically channel hopping. Don’t know how commercially available WAPS or WiFi routers were at the time (Pre-WEP days), but there it is.