Re: OT: The Truth About Predator Drones
Le Chaud Lapin
> Hi All,
>
> This Christmas, I offer to the US Defense Advanced Research Projects
> Agency a reflection of truth about the Predator program:
>
> http://en.wikipedia.org/wiki/MQ-1_Predator
>
> As some of you have undoubtedly already seen, the live video feed was
> allegedly hacked using OTS*
*off the shellf software
> http://online.wsj.com/article/SB126102247889095011.html
Futhermore, these drones seem to crash a lot:
http://cursor.org/stories/dronesyndrome.htm
Earlier this year, when I spoke to DARPA program managers and prime
contractors about secure, mobile, wirless links, it seemed that that
"their bread was not fully baked" in this area. I asked a technical
director of a $11US+ billion program if this was the case, and he was
reluctant to admit that, after $5US billion already spent, they still
had not figured out how to do secure mobile links in a way that
actually made sense. His response was something like,
"Yes, before, we had some issues around 2000-2001, but recently we
have provided demonstrations that show that we have control of the
situation."
DARPA, please, you are impressing us toooo much!!!!
-Le Chaud Lapin-
Jerry Avins
The video down link is not encrypted. They say they're working on it.
Jerry
--
Engineering is the art of making what you want from things you can get.
�����������������������������������������������������������������������
Randy Yates
> http://cursor.org/stories/dronesyndrome.htm
Why is this article dated December 18th, 2009?
--
Randy Yates % "Bird, on the wing,
Digital Signal Labs % goes floating by
mailto://ya...@ieee.org % but there's a teardrop in his eye..."
http://www.digitalsignallabs.com % 'One Summer Dream', *Face The Music*, ELO
Malachy Moses
"Iraq insurgents hack into video feeds from US drones
"Insurgents in Iraq have hacked into live video feeds from unmanned
American drone aircraft, US media reports say."
See http://news.bbc.co.uk/2/hi/middle_east/8419147.stm among many
others.
Apparently, the insurgents have been using off-the-shelf software
called SkyGrabber to view the live video feeds from the drones. So
the word "hacked" in the article is not entirely accurate, since it
implies that effort was involved, whereas in actuality the SkyGrabber
software made it almost effortless.
a7yvm1...@netzero.com
> Le Chaud Lapin <jaibudu...@gmail.com> writes:
>
> >http://cursor.org/stories/dronesyndrome.htm
>
> Why is this article dated December 18th, 2009?
> --
> Randy Yates % "Bird, on the wing,
> Digital Signal Labs % goes floating by
Cuz that's the date and time in China.
Le Chaud Lapin
> Le Chaud Lapin wrote:
> > Earlier this year, when I spoke to DARPA program managers and prime
> > contractors about secure, mobile, wirless links, it seemed that that
> > "their bread was not fully baked" in this area. I asked a technical
> > director of a $11US+ billion program if this was the case, and he was
> > reluctant to admit that, after $5US billion already spent, they still
> > had not figured out how to do secure mobile links in a way that
> > actually made sense. His response was something like,
>
> > "Yes, before, we had some issues around 2000-2001, but recently we
> > have provided demonstrations that show that we have control of the
> > situation."
>
> > DARPA, please, you are impressing us toooo much!!!!
>
> The video down link is not encrypted. They say they're working on it.
Well, if you give me $100US million dollars, I will open a (non-Swiss)
bank account, deposit $99.5US million into the account, and use the
remaining $500,000US to hire two cryptographers for six months to get
the encryption right.
The Predator was not exactly a high-school science project.
Surely we can all agree that there is something ironic about a top-
secrete weapon lacking security that a 20-year-old computer science
student at a top engineering school could probably get right (almost)
on the first run.
What they did (not do), given rancid amounts of money given to them by
the general public, is inexcusable.
-Le Chaud Lapin-
Le Chaud Lapin
> Le Chaud Lapin <jaibudu...@gmail.com> writes:
>
> >http://cursor.org/stories/dronesyndrome.htm
>
> Why is this article dated December 18th, 2009?
Not sure. On my screen it says
"POSTED JANURARY 12, 2003"
-Le Chaud Lapin-
Le Chaud Lapin
> From today's newspapers (Dec 17, 2009):
>
> "Iraq insurgents hack into video feeds from US drones
> "Insurgents in Iraq have hacked into live video feeds from unmanned
> American drone aircraft, US media reports say."
>
> See
> others.
>
> Apparently, the insurgents have been using off-the-shelf software
> called SkyGrabber to view the live video feeds from the drones. So
> the word "hacked" in the article is not entirely accurate, since it
> implies that effort was involved, whereas in actuality the SkyGrabber
> software made it almost effortless.
Which makes one wonder what real crytographers in other countries are
thinking right now. I doubt if any of them are impressed.
Imagine:
The most powerful country in the world, your adversary, spending
enough money on their military technology annually to overwhelm your
entire GDP, only to have one of their more advanced systems "hacked"
by what are probably kids, since many older people in Afghanistan/etc.
have never used the Internet. In retrospect, the word "hacked" allows
DARPA & Company to save face, since the word "hacked", as you stated,
implies some effort by the adversary, whereas "listened in" would be
more indicative of the stupidity at play. Perhaps they should have
used "breached" instead of "hacked". The average person can appreciate
breaches.
This is not just embarrassing. It makes us look vulnerable, both in
the eyes of our adversaries, as well as our friends.
If it were not for the greediness/cockiness of DARPA and these prime
contractors who make this stuff...well, it would still be
intolerable.... but the greediness/cockiness added to it makes me want
to puke. I spent months listening to these military guys talk about
their "capability", a flowing stream of unending bombastic babble,
wasting millions (sometimes billions) of dollars.
I searched Google for "DARPA Wireless Security" and found one of the
first links that came up:
http://www.darpa.mil/STO/Solicitations/SN07-09/mod1.html
This solicitation talks about "breakthrough", "paradigm shift",
"revolutionary", "robust", and in the end, they give us Linksys.
All that money they spent to make a wireless link that my 14-year-old
niece could have set up!
-Le Chaud Lapin-
David Schwartz
> Surely we can all agree that there is something ironic about a top-
> secrete weapon lacking security that a 20-year-old computer science
> student at a top engineering school could probably get right (almost)
> on the first run.
Passing encrypted video over a satellite network built for unencrypted
analog video is not a trivial challenge. As far as I know, there
exists no scheme to do this that has not been broken already. The
problem is that encryption works partly by diffusing information so
that no part of the output looks like any part of the input. The
satellite link is filled with errors and distortion that have to be
contained to retain adequate video quality.
DS
Mark
>
> Passing encrypted video over a satellite network built for unencrypted
> analog video is not a trivial challenge. As far as I know, there
> exists no scheme to do this that has not been broken already. The
> problem is that encryption works partly by diffusing information so
> that no part of the output looks like any part of the input. The
> satellite link is filled with errors and distortion that have to be
> contained to retain adequate video quality.
>
> DS
um,, is that why General Instrument was able to do it did it 15 years
ago for HBO?
Mark
Jerry Avins
> On Dec 17, 3:07 pm, Jerry Avins <j...@ieee.org> wrote:
>> Le Chaud Lapin wrote:
>>> Earlier this year, when I spoke to DARPA program managers and prime
>>> contractors about secure, mobile, wirless links, it seemed that that
>>> "their bread was not fully baked" in this area. I asked a technical
>>> director of a $11US+ billion program if this was the case, and he was
>>> reluctant to admit that, after $5US billion already spent, they still
>>> had not figured out how to do secure mobile links in a way that
>>> actually made sense. His response was something like,
>>> "Yes, before, we had some issues around 2000-2001, but recently we
>>> have provided demonstrations that show that we have control of the
>>> situation."
>>> DARPA, please, you are impressing us toooo much!!!!
>> The video down link is not encrypted. They say they're working on it.
>
> Well, if you give me $100US million dollars, I will open a (non-Swiss)
> bank account, deposit $99.5US million into the account, and use the
> remaining $500,000US to hire two cryptographers for six months to get
> the encryption right.
What do you mean "get the encryption right"? I understood that there was
no encryption at all.
> The Predator was not exactly a high-school science project.
>
> Surely we can all agree that there is something ironic about a top-
> secrete weapon lacking security that a 20-year-old computer science
> student at a top engineering school could probably get right (almost)
> on the first run.
>
> What they did (not do), given rancid amounts of money given to them by
> the general public, is inexcusable.
It wasn't encryption that failed, but specification.
krw
wrote:
It can obviously be done. It just requires different, perhaps less
efficient, error correction algorithms which may mean lower S/N
required.
Le Chaud Lapin
> What do you mean "get the encryption right"? I understood that there was
> no encryption at all.
I just assumed that, since it is the US military, employing a drone to
do semi-stealth reconnaisance, that a basic requirement would be that
young kids who probably earn < $100/month should not be able to
intercept the stealth video. My bad.
Maybe they should leave it as it is. That way, the terrorists could
put it up on YouTube. Maybe there is a Hollywood show in it...
"So You Think You Can Out-Run A Hell-Fire Missile."
> > The Predator was not exactly a high-school science project.
>
> > Surely we can all agree that there is something ironic about a top-
> > secrete weapon lacking security that a 20-year-old computer science
> > student at a top engineering school could probably get right (almost)
> > on the first run.
>
> > What they did (not do), given rancid amounts of money given to them by
> > the general public, is inexcusable.
>
> It wasn't encryption that failed, but specification.
Hmmm...that's a bit like a surgeon leaving a person's gut open after
an appendectomy and saying,
"Well, technically, you never explicitly said to stitch him up, geez."
-Le Chaud Lapin-
Rick Jones
> > Passing encrypted video over a satellite network built for
> > unencrypted analog video is not a trivial challenge. As far as I
> > know, there exists no scheme to do this that has not been broken
> > already. The problem is that encryption works partly by diffusing
> > information so that no part of the output looks like any part of
> > the input. The satellite link is filled with errors and distortion
> > that have to be contained to retain adequate video quality.
> um,, is that why General Instrument was able to do it did it 15 years
> ago for HBO?
Is it "known" that the GI stuff (irony :) isn't cracked?
rick jones
--
No need to believe in either side, or any side. There is no cause.
There's only yourself. The belief is in your own precision. - Joubert
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...
Rick Jones
> I just assumed that, since it is the US military, employing a drone
> to do semi-stealth reconnaisance, that a basic requirement would be
> that young kids who probably earn < $100/month should not be able to
> intercept the stealth video. My bad.
It isn't as if the presumed young kids who earn < $100/month came-up
with the way to grab the feeds - they are simply using something that
someone else produced. Not too unlike say the potentially young kids
in the U.S. military who might be receiving the drone feeds "in the
field."
rick jones
--
oxymoron n, Hummer H2 with California Save Our Coasts and Oceans plates
krw
<jaibu...@gmail.com> wrote:
>On Dec 17, 7:44�pm, Jerry Avins <j...@ieee.org> wrote:
>> What do you mean "get the encryption right"? I understood that there was
>> no encryption at all.
>
>I just assumed that, since it is the US military, employing a drone to
>do semi-stealth reconnaisance, that a basic requirement would be that
>young kids who probably earn < $100/month should not be able to
>intercept the stealth video. My bad.
>
>Maybe they should leave it as it is. That way, the terrorists could
>put it up on YouTube. Maybe there is a Hollywood show in it...
Perhaps it was intentional. They can sell electronics to the
terrorists. Who knows what backdoors lurk...
>"So You Think You Can Out-Run A Hell-Fire Missile."
"Smile! You're on Candid Camera!"
glen herrmannsfeldt
(someone wrote)
>> Passing encrypted video over a satellite network built for unencrypted
>> analog video is not a trivial challenge. As far as I know, there
>> exists no scheme to do this that has not been broken already.
(snip)
> um,, is that why General Instrument was able to do it did it 15
> years ago for HBO?
He said "that has not been broken already". As far as I know,
both the analog in digital encryptions have been broken.
It slows down most people, though, so it still works.
The usual analog encryption reverses the polarity of some scan
lines and/or frames. It isn't hard to figure out fairly reliably
a polarity reversal.
-- glen
krw
<rick....@hp.com> wrote:
>In comp.protocols.tcp-ip Mark <mako...@yahoo.com> wrote:
>> > Passing encrypted video over a satellite network built for
>> > unencrypted analog video is not a trivial challenge. As far as I
>> > know, there exists no scheme to do this that has not been broken
>> > already. The problem is that encryption works partly by diffusing
>> > information so that no part of the output looks like any part of
>> > the input. The satellite link is filled with errors and distortion
>> > that have to be contained to retain adequate video quality.
>
>> um,, is that why General Instrument was able to do it did it 15 years
>> ago for HBO?
>
>Is it "known" that the GI stuff (irony :) isn't cracked?
I don't believe anyone suggested using civilian encryption for
military applications, though it would have been better than nothing.
Le Chaud Lapin
> Passing encrypted video over a satellite network built for unencrypted
> analog video is not a trivial challenge. As far as I know, there
> exists no scheme to do this that has not been broken already. The
> problem is that encryption works partly by diffusing information so
> that no part of the output looks like any part of the input. The
> satellite link is filled with errors and distortion that have to be
> contained to retain adequate video quality.
????
Data encryption of the kind that they need for someone who is
experienced in cryptography is near-trivial. The biggest problem,
which is not a problem in this particular case, is key distribution.
Maybe I misunderstand, but the system, based on this link:
http://www.skygrabber.com/en/skygrabber.php
...looks like it is entirely in the digital domain.
If that is true, encryption, under the scenarios required by US DoD,
would take maybe 3 weeks using Rijndael or other symmetric cipher for
a rough run, and maybe a month more by a crypto expert to remove the
fatal flaws.
The more I think about this, the more I find it hard to believe that
the people who designed the communications of the Predator could be
so...ahem....
A more plausible, conspiracy-theorist, explanation might be this:
The US Military realizes that al-Quaeda/Taliban are becoming more and
more sophisticated in their employment of technology such as laptop
computers, desktoop computers, networks, smartphones with Internet
connections, etc. Ideally, one could inject a nerd-mole into these
groups to infiltrate their computer systems, but that would be
expensive, hit-or-miss, and if he is caught, he would be surely
executed.
A much easier alternative would be to fake a breach of your own
security system, then publicize widely exactly how it was breached:
via software that is readily avaialble on Internet. Make the software
ridiculously cheap, since most terrorists do not have Bin Laden's
billions. Then wait for the fish.
Every terrorist and wannabe-terrorist who wants to be able to break
into US military satellite com's will visit the web site, whereupon IP
addresses and times of visit will be collected into a database,
creating a nice map (using Google Earth of course) of distribution of
terrorists. Furthermore, by clandestine agrement with author of
software, a root-kit will be built into the software. When terrorists'
computers become infected by the download, the military will be able
to receive highly valuable information from infected computers. If
military is fortunate, these computers will occasionally become
networked, in which case, the virus could propagate.
Yes, it's a long shot, but give me a break...a $10 million drone,
under a multi-billion-dollar program, designed by Ph.D's in electrical
engineering, computer science, and aero/astro, and they forget
something as simple as a little symmetric crypto? NSA, which has last
say in all crypto/data security matters, would have/should have never
allowed this.
Smells fishy.
-Le Chaud Lapin-
David Schwartz
> > Passing encrypted video over a satellite network built for unencrypted
> > analog video is not a trivial challenge. As far as I know, there
> > exists no scheme to do this that has not been broken already. The
> > problem is that encryption works partly by diffusing information so
> > that no part of the output looks like any part of the input. The
> > satellite link is filled with errors and distortion that have to be
> > contained to retain adequate video quality.
> Maybe I misunderstand, but the system, based on this link:
>
> http://www.skygrabber.com/en/skygrabber.php
>
> ...looks like it is entirely in the digital domain.
They're grabbing it later in the system, but if you want it encrypted
later in the system, you have to encrypt it earlier in the system.
> If that is true, encryption, under the scenarios required by US DoD,
> would take maybe 3 weeks using Rijndael or other symmetric cipher for
> a rough run, and maybe a month more by a crypto expert to remove the
> fatal flaws.
There is no place in the system to put such a cipher. The only
practical way to do is to encrypt the analog uplink. The satellite-
based system from the uplink from the Predator to the downlink to the
operator is simply not encryption-capable. Essentially, the problem is
basically that they chose a completely unsuitable system to handle the
image downlink to the operator.
DS
Le Chaud Lapin
> In comp.dsp Mark <makol...@yahoo.com> wrote:
> (someone wrote)
>
> >> Passing encrypted video over a satellite network built for unencrypted
> >> analog video is not a trivial challenge. As far as I know, there
> >> exists no scheme to do this that has not been broken already.
>
> (snip)
>
> > um,, is that why General Instrument was able to do it did it 15
> > years ago for HBO?
>
> He said "that has not been broken already". As far as I know,
> both the analog in digital encryptions have been broken.
>
> It slows down most people, though, so it still works.
When has 256-bit Rijndael been broken? Or 128-bit for that matter? Or
RC6? Or many other symmetric ciphers?
> The usual analog encryption reverses the polarity of some scan
> lines and/or frames. It isn't hard to figure out fairly reliably
> a polarity reversal.
Take a look at the SkyGrabber site. It looks like the whole thing is
based on satellite Internet access, which of course, is entirely in
the digital domain:
http://www.skygrabber.com/en/skygrabber.php
-Le Chaud Lapin-
krw
<jaibu...@gmail.com> wrote:
>On Dec 17, 7:15�pm, David Schwartz <dav...@webmaster.com> wrote:
>> Passing encrypted video over a satellite network built for unencrypted
>> analog video is not a trivial challenge. As far as I know, there
>> exists no scheme to do this that has not been broken already. The
>> problem is that encryption works partly by diffusing information so
>> that no part of the output looks like any part of the input. The
>> satellite link is filled with errors and distortion that have to be
>> contained to retain adequate video quality.
>
>????
>
>Data encryption of the kind that they need for someone who is
>experienced in cryptography is near-trivial. The biggest problem,
>which is not a problem in this particular case, is key distribution.
Even that is no problem for an experienced cryptographer. A little
public key magic and all done. ;-)
>Maybe I misunderstand, but the system, based on this link:
>
>http://www.skygrabber.com/en/skygrabber.php
>
>...looks like it is entirely in the digital domain.
>
>If that is true, encryption, under the scenarios required by US DoD,
>would take maybe 3 weeks using Rijndael or other symmetric cipher for
>a rough run, and maybe a month more by a crypto expert to remove the
>fatal flaws.
Likely wouldn't even need that. The video has a shelf life. It
needn't be secure for a generation.
>The more I think about this, the more I find it hard to believe that
>the people who designed the communications of the Predator could be
>so...ahem....
>
>A more plausible, conspiracy-theorist, explanation might be this:
>
>The US Military realizes that al-Quaeda/Taliban are becoming more and
>more sophisticated in their employment of technology such as laptop
>computers, desktoop computers, networks, smartphones with Internet
>connections, etc. Ideally, one could inject a nerd-mole into these
>groups to infiltrate their computer systems, but that would be
>expensive, hit-or-miss, and if he is caught, he would be surely
>executed.
>
>A much easier alternative would be to fake a breach of your own
>security system, then publicize widely exactly how it was breached:
>via software that is readily avaialble on Internet. Make the software
>ridiculously cheap, since most terrorists do not have Bin Laden's
>billions. Then wait for the fish.
That's my conspiracy theory of the day. ;-)
krw
<dav...@webmaster.com> wrote:
>On Dec 17, 6:33�pm, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
>
>> > Passing encrypted video over a satellite network built for unencrypted
>> > analog video is not a trivial challenge. As far as I know, there
>> > exists no scheme to do this that has not been broken already. The
>> > problem is that encryption works partly by diffusing information so
>> > that no part of the output looks like any part of the input. The
>> > satellite link is filled with errors and distortion that have to be
>> > contained to retain adequate video quality.
>
>> Maybe I misunderstand, but the system, based on this link:
>>
>> http://www.skygrabber.com/en/skygrabber.php
>>
>> ...looks like it is entirely in the digital domain.
>
>They're grabbing it later in the system, but if you want it encrypted
>later in the system, you have to encrypt it earlier in the system.
Why? A bit is a bit.
>> If that is true, encryption, under the scenarios required by US DoD,
>> would take maybe 3 weeks using Rijndael or other symmetric cipher for
>> a rough run, and maybe a month more by a crypto expert to remove the
>> fatal flaws.
>
>There is no place in the system to put such a cipher. The only
>practical way to do is to encrypt the analog uplink. The satellite-
>based system from the uplink from the Predator to the downlink to the
>operator is simply not encryption-capable. Essentially, the problem is
>basically that they chose a completely unsuitable system to handle the
>image downlink to the operator.
I'm not buying what you're selling.
Jerry Avins
"Hacking" is the wrong term for that. Am I hackinf usenet with Thunderbird?
Le Chaud Lapin
> On Thu, 17 Dec 2009 18:05:15 -0800 (PST), Le Chaud Lapin
> >put it up on YouTube. Maybe there is a Hollywood show in it...
>
> Perhaps it was intentional. They can sell electronics to the
> terrorists. Who knows what backdoors lurk...
Check out the list of PCI adapters required by PC to receive satellite
feed at bottom of page:
http://www.skygrabber.com/en/skygrabber.php
If I were to design a backdoor, I would put it in the hardware. Of
course, this would mean that:
1. One of the listed manufacturers is actually a wolf in sheep's
clothing: DoD posing as a legitimate company.
2. DoD has contracts unders some Homeland Security act with all the
manufacturers to put in backdoors for units sold to regions inhabited
by terrorist.
#2 is more likely, as #1 would depend on getting lucky that terrorist
chose your adapter and not someone else's.
A hardware-resident virus on PC can pretty much do anything it wants
with the PC.
-Le Chaud Lapin-
Jerry Avins
Exactly like.
krw
<jaibu...@gmail.com> wrote:
>On Dec 17, 8:14�pm, krw <k...@att.bizzzzzzzzzzz> wrote:
>> On Thu, 17 Dec 2009 18:05:15 -0800 (PST), Le Chaud Lapin
>> >Maybe they should leave it as it is. That way, the terrorists could
>> >put it up on YouTube. Maybe there is a Hollywood show in it...
>>
>> Perhaps it was intentional. �They can sell electronics to the
>> terrorists. �Who knows what backdoors lurk...
>
>Check out the list of PCI adapters required by PC to receive satellite
>feed at bottom of page:
>
>http://www.skygrabber.com/en/skygrabber.php
>
>If I were to design a backdoor, I would put it in the hardware. Of
>course, this would mean that:
>
>1. One of the listed manufacturers is actually a wolf in sheep's
>clothing: DoD posing as a legitimate company.
>2. DoD has contracts unders some Homeland Security act with all the
>manufacturers to put in backdoors for units sold to regions inhabited
>by terrorist.
Those models suddenly become available in Kabul and Islamabad markets.
;-)
>#2 is more likely, as #1 would depend on getting lucky that terrorist
>chose your adapter and not someone else's.
>
>A hardware-resident virus on PC can pretty much do anything it wants
>with the PC.
Also remember the printer ruse used in DS1. Spy-vs-Spy.
OTOH, it's the US government. I'm backing the dumb-as-a-rock
explanation.
Le Chaud Lapin
Sorry David, this does not make sense at all.
Based on my < 5 minutes review of
http://www.skygrabber.com/en/skygrabber.php
...it's nothing more than a satellite Internet sniffer. If that is
true, everything is possible.
From one perspective, the so-called "link" does not exist. Saying it
does is like saying that a spread-spectrum receiver is "analog". Yes,
it is, and no it ain't, depending on what you are talking.
1. Encrypt the data in the Predator before it leaves the Predator.
2. Send the encrypted digital data from Predator to satellite.
3. Receive encrypted digital data from satellite to ground-based
satellite receiver.
4. Decrypt the data after it enters PC, or whatever over-priced thingy
they have waiting for the encrypted data.
????
What I am I missing?
-Le Chaud Lapin-
Le Chaud Lapin
> Le Chaud Lapin wrote:
> > On Dec 17, 8:15 pm, glen herrmannsfeldt <g...@ugcs.caltech.edu> wrote:
> > Take a look at the SkyGrabber site. It looks like the whole thing is
> > based on satellite Internet access, which of course, is entirely in
> > the digital domain:
>
> >http://www.skygrabber.com/en/skygrabber.php
>
> "Hacking" is the wrong term for that. Am I hackinf usenet with Thunderbird?
Well, sure, there is no hacking, which, from a public relations
perspective, is worse than if there had been.
If you were head of tech ops for Predator program, would news report
would you rather see:
1. USA Predator data link empowered with 256-bit-Rijndael/elliptic
curve crypto broken in Afghanistan by massive super-computer in hands
of terrorists who received $50 million in funding from sympathetic
neighboring country that is hostile to the US military. The break was
lead by eminent team of crytographers, as well as specialists in
massively parallel super-computing and experts in information theory.
Break was aided by failure of field personnel to follow strict
protocols in the handling of key data on the ground.
-OR-
2. We got sniffed by some kids with $26 to spare.
-Le Chaud lapin-
Jerry Avins
You echo my point. But the press, probably echoing a Pentagon press
release, calls it hacking. It seems that some people here bought into that.
pnachtwey
> On Dec 17, 4:11 pm, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
>
> > Surely we can all agree that there is something ironic about a top-
> > secrete weapon lacking security that a 20-year-old computer science
> > student at a top engineering school could probably get right (almost)
> > on the first run.
>
> Passing encrypted video over a satellite network built for unencrypted
> analog video is not a trivial challenge. As far as I know, there
> exists no scheme to do this that has not been broken already.
in real time. If the video is decrypted a day or even hours latter it
is too late for the target.
Peter Nachtwey
Le Chaud Lapin
> On Dec 17, 5:15 pm, David Schwartz <dav...@webmaster.com> wrote:> On Dec 17, 4:11 pm, Le Chaud Lapin
> > analog video is not a trivial challenge. As far as I know, there
> > exists no scheme to do this that has not been broken already.
>
> Sure there is a way to encrypt the data so that it can't be decrypted
> in real time. If the video is decrypted a day or even hours latter it
> is too late for the target.
It should be noted that decrypting in non-real time, right now, in
December, 2009, is impossible using 256-bit AES.
It would take billions of quadrillions of trillions, of [insert -
illions as you please] of years.
A thought:
If the terrorists can see and interpret the video, that means:
1. The protocol is decipherable.
2. The protocol is encipherable.
3. It is theoretically possible to inject bogus data into the stream.
With some very clever software engineering, it would be possible to
feed the satellite with bogus images that are superpositions of actual
video images and computer-generated animations.
I just hope the image decompression software at the receiving end does
not have any buffer-overflow vunerabilities. But NSA is supposed to
catch things like that.
-Le Chaud Lapin-
David Schwartz
> > There is no place in the system to put such a cipher. The only
> > practical way to do is to encrypt the analog uplink. The satellite-
> > based system from the uplink from the Predator to the downlink to the
> > operator is simply not encryption-capable. Essentially, the problem is
> > basically that they chose a completely unsuitable system to handle the
> > image downlink to the operator.
> Sorry David, this does not make sense at all.
I'm not sure how I can explain it any clearer.
> Based on my < 5 minutes review of
>
> http://www.skygrabber.com/en/skygrabber.php
>
> ...it's nothing more than a satellite Internet sniffer. If that is
> true, everything is possible.
>
> From one perspective, the so-called "link" does not exist. Saying it
> does is like saying that a spread-spectrum receiver is "analog". Yes,
> it is, and no it ain't, depending on what you are talking.
Huh?
> 1. Encrypt the data in the Predator before it leaves the Predator.
> 2. Send the encrypted digital data from Predator to satellite.
Cannot be done. The satellite that the predator talks to only supports
analog video.
> 3. Receive encrypted digital data from satellite to ground-based
> satellite receiver.
> 4. Decrypt the data after it enters PC, or whatever over-priced thingy
> they have waiting for the encrypted data.
>
> ????
>
> What I am I missing?
You're missing that the link from the satellite to the ground station
is a completely different link from the link from the Predator. The
system was changed around from the one originally designed because it
turned out that the latency introduced by multiple geosynchronous
satellite links was too high for reliable operation.
DS
glen herrmannsfeldt
(snip, I wrote)
>> It slows down most people, though, so it still works.
> When has 256-bit Rijndael been broken? Or 128-bit for that matter? Or
> RC6? Or many other symmetric ciphers?
>> The usual analog encryption reverses the polarity of some scan
>> lines and/or frames. ?It isn't hard to figure out fairly reliably
>> a polarity reversal.
> Take a look at the SkyGrabber site. It looks like the whole thing is
> based on satellite Internet access, which of course, is entirely in
> the digital domain:
The original question was on analog video, which is somewhat
harder to encrypt without affecting the picture.
> http://www.skygrabber.com/en/skygrabber.php
It may not be 'broken', but if you can steal a key and duplicate it,
that is just as good. I haven't followed it lately, but I believe
that is how it is done. That is, forged key cards.
-- glen
robert bristow-johnson
>
> DARPA, please, you are impressing us toooo much!!!!
maybe they're including psychological warfare in this. so i'm some
kinda Iraqi insurgent watching my latest "Drone TV". and i see my
face on it. that would be soooo cool.
another thing is they could put some drones up there with video tape
of some other drone. they could be transmitting the "real" signal on
some other channel where no one is expecting it and broadcast the
video tape of some completely fictional place on the other.
or they could be putting some Tokyo Rose propaganda on it. that would
be cool.
or PORN!!! make these hardcore Islamists watch some hardcore porn!!!
titles like "Under the Burka" or something like that. or US daytime
TV hits like Genital Hospital. that would be *really* cool.
them DARPA guys are pretty clever.
r b-j
Le Chaud Lapin
Ok, I just did a more thorough investigation based on the original
article in the Wall Street Journal:
http://online.wsj.com/article/SB126102247889095011.html
as well as how the SkyGrabber software works:
http://www.skygrabber.com/en/skygrabber.php
And I am all but convinced that the problem has nothing to do with
analog links anywhere.
[By the way, I started my career developing wireless narrow-band
transceivers, and I can tell you that there is no way that they are
controlling those drones with analog links, either via the satellite
from remote, or via a ground unit that is closer to the drone. The
drones would have all crashed by now.]
Apparently, the link from Satellite to Predator is digital and follows
a standard format for such links, which the SkyGrabber software is
familiar with:
http://en.wikipedia.org/wiki/Satellite_Internet_access
The Wikipedia article does not say what modulation scheme is used, but
QPSK seems to be popular:
http://www.satsig.net/ivsatcos.htm
In any case, the link from drone to satellite is digital, and link
from satellite to ground station is almost certainly digital, as it
would make no sense at all to decode a digital bit stream arriving
from the drone into the satellite, decode that bitstream, convert it
to analog, then send it back to earth in some analog format, which
would be hopelessly inefficient in so many ways.
Also, the military itself implys in the WSJ article that they have
know about this for a while and simply goofed.
-Le Chaud Lapin-
Archimedes' Lever
Wrong. It just requires MORE FEC.
Steve Pope
>It should be noted that decrypting in non-real time, right now, in
>December, 2009, is impossible using 256-bit AES.
WTF are you talking about?
Steve
Michael A. Terrell
Rick Jones wrote:
>
> In comp.protocols.tcp-ip Mark <mako...@yahoo.com> wrote:
> > > Passing encrypted video over a satellite network built for
> > > unencrypted analog video is not a trivial challenge. As far as I
> > > know, there exists no scheme to do this that has not been broken
> > > already. The problem is that encryption works partly by diffusing
> > > information so that no part of the output looks like any part of
> > > the input. The satellite link is filled with errors and distortion
> > > that have to be contained to retain adequate video quality.
>
> > um,, is that why General Instrument was able to do it did it 15 years
> > ago for HBO?
>
> Is it "known" that the GI stuff (irony :) isn't cracked?
You do know there were two levels of Videocipher? VC-1 was designed
for military applications. VC-II was a very scaled down version done for
HBO in the early '80s. I installed one of the first VC-II units for
beta testing for HBO at United Video in Cincinnati, Ohio. That would
make it 25 years.
--
Offworld checks no longer accepted!
Michael A. Terrell
Videocipher-I was digital video & audio. Videocipher-II was analog.
Michael A. Terrell
Jerry Avins wrote:
>
> "Hacking" is the wrong term for that. Am I hackinf usenet with Thunderbird?
No, 'Coping' would be closer. :)
glen herrmannsfeldt
(snip)
> Videocipher-I was digital video & audio. Videocipher-II was analog.
And then there was the system that adds a sine wave to the
video signal such that the sync is not the lowest level anymore,
and wonders around enough that you won't try watch it.
-- glen
Michael A. Terrell
20 MHz analog bandwidth and 40 MB/s data rates have been available
for about 10 years for telemetry receivers with excellent Doppler
compensation.
Michael A. Terrell
krw wrote:
>
> On Thu, 17 Dec 2009 18:05:15 -0800 (PST), Le Chaud Lapin
>
> >On Dec 17, 7:44 pm, Jerry Avins <j...@ieee.org> wrote:
> >> What do you mean "get the encryption right"? I understood that there was
> >> no encryption at all.
> >
> >I just assumed that, since it is the US military, employing a drone to
> >do semi-stealth reconnaisance, that a basic requirement would be that
> >young kids who probably earn < $100/month should not be able to
> >intercept the stealth video. My bad.
> >
> >put it up on YouTube. Maybe there is a Hollywood show in it...
>
> Perhaps it was intentional. They can sell electronics to the
> terrorists. Who knows what backdoors lurk...
>
>
Hopefully, the video of them ramming a drone up a terrorist's ass as
he runs for his life will be leaked. It would be great for morale on
both sides. :)
Michael A. Terrell
Or videos of sexy women butchering hogs, while drinking lots of beer.
Sylvia Else
> Le Chaud Lapin wrote:
>>> Hi All,
>>>
>>> This Christmas, I offer to the US Defense Advanced Research Projects
>>> Agency a reflection of truth about the Predator program:
>>>
>>> http://en.wikipedia.org/wiki/MQ-1_Predator
>>>
>>> As some of you have undoubtedly already seen, the live video feed was
>>> allegedly hacked using OTS*
>>
>> *off the shellf software
>>
>>> http://online.wsj.com/article/SB126102247889095011.html
>>
>> Futhermore, these drones seem to crash a lot:
>>
>> http://cursor.org/stories/dronesyndrome.htm
>>
>> Earlier this year, when I spoke to DARPA program managers and prime
>> contractors about secure, mobile, wirless links, it seemed that that
>> "their bread was not fully baked" in this area. I asked a technical
>> director of a $11US+ billion program if this was the case, and he was
>> reluctant to admit that, after $5US billion already spent, they still
>> had not figured out how to do secure mobile links in a way that
>> actually made sense. His response was something like,
>>
>> "Yes, before, we had some issues around 2000-2001, but recently we
>> have provided demonstrations that show that we have control of the
>> situation."
>>
>> DARPA, please, you are impressing us toooo much!!!!
>
>
> Jerry
<sigh>
Everytime one thinks developers of systems know what they're doing,
something like this comes out, and one realises that they didn't.
Sylvia.
PeterD
wrote:
>
>>
>> Passing encrypted video over a satellite network built for unencrypted
>> analog video is not a trivial challenge. As far as I know, there
>> exists no scheme to do this that has not been broken already. The
>> problem is that encryption works partly by diffusing information so
>> that no part of the output looks like any part of the input. The
>> satellite link is filled with errors and distortion that have to be
>> contained to retain adequate video quality.
>>
>> DS
>
>um,, is that why General Instrument was able to do it did it 15 years
>ago for HBO?
>
>Mark
>
They didn't do the video, just the audio. Video was a very simple
inversion technique, that was trivial to break. The audio was DES (so
they said) encrypted, but there were several holes in the system that
rendered it a bit less secure.
Michael A. Terrell
That was 'On TV' or the 'Hamlin' scrambling system on Cable TV. That
was '70s technology.
David Schwartz
> Apparently, the link from Satellite to Predator is digital and follows
> a standard format for such links, which the SkyGrabber software is
> familiar with:
Where did you find something that says that the video link to the
Predator is the one that's being grabbed?
> In any case, the link from drone to satellite is digital, and link
> from satellite to ground station is almost certainly digital, as it
> would make no sense at all to decode a digital bit stream arriving
> from the drone into the satellite, decode that bitstream, convert it
> to analog, then send it back to earth in some analog format, which
> would be hopelessly inefficient in so many ways.
It is my understanding that it was the link to the ground station that
was digital and being intercepted, not the link from the Predator. If
you can point to some reliable source that says otherwise, let me
know. I'll be mightily surprised.
DS
Le Chaud Lapin
> Le Chaud Lapin <jaibudu...@gmail.com> wrote:
>
> >It should be noted that decrypting in non-real time, right now, in
> >December, 2009, is impossible using 256-bit AES.
>
> WTF are you talking about?
This is precisely a question I have asked myself with regard to a few
of the other posts.
I work with digital communication 5 days a week, 3+ hours a day,
including symmetric and assymetric cipher systems of the kind that
might be used by the military, so some of the responses are just as
perplexing to me as mine is to you.
-Le Chaud Lapin-
Joel Koltner
news:e53174eb-234b-4682...@a32g2000yqm.googlegroups.com...
> I work with digital communication 5 days a week, 3+ hours a day,
> including symmetric and assymetric cipher systems of the kind that
> might be used by the military, so some of the responses are just as
> perplexing to me as mine is to you.
To add more fuel to the fire:
http://www.wired.com/dangerroom/2009/12/not-just-drones-militants-can-snoop-on-most-us-warplanes/
IMO the lack of encryption was a failure in management. I would bet you a
nickel that when the systems were being developed, the contractors said,
"sure, we can add encryption, but it will add years and millions to the
development schedule," and someone made the Executive Decision to skip it.
This is a major problem with many military and commercial contracts today:
Often the people with the high-dollar decision-making authority don't have the
technical background to know if someone pitching them a huge schedule and cost
increase are doing so because what's being asked for really is a Hard Problem
or just because the contractor doesn't happen to be very good in that area.
---Joel
Le Chaud Lapin
> On Dec 17, 10:54 pm, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
>
> > Apparently, the link from Satellite to Predator is digital and follows
> > a standard format for such links, which the SkyGrabber software is
> > familiar with:
>
> Where did you find something that says that the video link to the
> Predator is the one that's being grabbed?
Haven't found anything. All the articles on the subject are too vague.
They are merely regurgitations of what the WSJ wrote, without any
reliable specifics.
> > In any case, the link from drone to satellite is digital, and link
> > from satellite to ground station is almost certainly digital, as it
> > would make no sense at all to decode a digital bit stream arriving
> > from the drone into the satellite, decode that bitstream, convert it
> > to analog, then send it back to earth in some analog format, which
> > would be hopelessly inefficient in so many ways.
>
> It is my understanding that it was the link to the ground station that
> was digital and being intercepted, not the link from the Predator. If
> you can point to some reliable source that says otherwise, let me
> know. I'll be mightily surprised.
I took a quick look, and did not find any specifics, but once the
information is digital, it is a done deal, as the only excuses
remaining would be:
1. Not enough power for cipher operations.
2. Overhead of padding consumes too much bandwidth for data link.
We know it is not #1, because a $100 PDA can easily do 128-bit
symmetric cipher at reasonable rate for Wi-Fi link without killing the
battery, which I tried several years ago.
We know that it is definitely not #2, because one video frame, at even
low-res black-and white (not even grayscal) would swamp the 16-byte
padding required for typical 128-bit symmetric block ciphers.
I think DARPA simply got lazy and punted on this one.
-Le Chaud Lapin-
Mark
>
> - Show quoted text -
That was Videocypher, I'm talking about DigiCypher, which was
transmitted over "analog" satellite transponders...
Mark
Le Chaud Lapin
wrote:
> To add more fuel to the fire:http://www.wired.com/dangerroom/2009/12/not-just-drones-militants-can...
>
> IMO the lack of encryption was a failure in management. I would bet you a
> nickel that when the systems were being developed, the contractors said,
> "sure, we can add encryption, but it will add years and millions to the
> development schedule," and someone made the Executive Decision to skip it.
>
> This is a major problem with many military and commercial contracts today:
> Often the people with the high-dollar decision-making authority don't have the
> technical background to know if someone pitching them a huge schedule and cost
> increase are doing so because what's being asked for really is a Hard Problem
> or just because the contractor doesn't happen to be very good in that area.
Or, it could be that
1. The management is technically imcompetent
2. The drones working for them are technically compotent [sorry, could
not resist :)]
3. The people holding purse strings at DARPA as not as competent as
they should be.
4. The drones inform management that it "would not be too hard to add
encryption"
5. The management sees an opportunity to stretch the schedule.
After all, management at these contractors are judged not by how well
they hit the bulls-eye, but how much bacon they bring home. They last
thing they want to hear is for one of their own people to say, "We
don't really need $15 million to do this...a team of four of us could
probably have a prototype in a month for $100,000."
One prime contractor that I spoke with during my utterly-depressing
communications with DARPA & Company in 2008 boasted that "a single
individual at DARPA" was solely responsible for giving his group $200
million over 8 years. It was sickening, because the "thing" they were
making was simply pathetic. Not only that, we had a conference call
one day, with three of their Ph.D's at the table, and I could swear
that one of the things they were asking for was a compressor that
could magically compress any data. I gently reminded them that there
was no such thing, as well as the fact that it was was not even the
topic on the agenda, and they kept coming back to it..."If you could
find a way to compress our already-compressed data...we might be able
to work with you." I tried to tell them that there was a limit beyond
which it is theoretically and provably impossible, but they didn't
want to hear that.
They have been using the same Microsoft Powerpoint slides to sell and
resell the same piece of wood to DARPA and appropriations committees.
-Le Chaud Lapin-
Eric Jacobsen
The SkyGrabber site implies it works with DVB-S and DVB-S2 standards. I
think it's dumb to use a standardized air interface on things you want
to be very secure for warfighting, but that's just me.
Because satellite links are inherently power limited the modulations
tend to be low, with QPSK being arguably the most common. 8-PSK is used
sometimes, and DVB-S2 has some weird stuff in it IIRC, but nothing very
high-order.
> In any case, the link from drone to satellite is digital, and link
> from satellite to ground station is almost certainly digital, as it
> would make no sense at all to decode a digital bit stream arriving
> from the drone into the satellite, decode that bitstream, convert it
> to analog, then send it back to earth in some analog format, which
> would be hopelessly inefficient in so many ways.
>
> Also, the military itself implys in the WSJ article that they have
> know about this for a while and simply goofed.
>
> -Le Chaud Lapin-
>
>
>
>
--
Eric Jacobsen
Minister of Algorithms
Abineau Communications
http://www.abineau.com
Eric Jacobsen
I think he meant cracking it in real time. Certainly decryption in
real-time isn't a big deal. Why any of it would be a problem in
non-real time is anybody's guess.
Le Chaud Lapin
> Everytime one thinks developers of systems know what they're doing,
> something like this comes out, and one realises that they didn't.
I have spent an some time pondering the process that yields this
result, and each time I arrive at the conclusion: It is all driven by
self-preservation and/or ego.
Deceit and manipulation are the tools that are employed by those who
are trying to self-preserve or protect their egos.
Let's take aconcrete example:
Thomas Edison.
He was one of the first promiment thinkers to enter the world of DARPA-
like organizations. Actually, it was they Naval Consulting Board,
precursor to Navy Research Laboratory. If you read the blurb at NRL's
site about their relationship with Thomas Edison:
http://www.nrl.navy.mil/content.php?P=HISTVISION
... it gives the appearance than Thomas Edison, along with its
sightful director, lead breakthroughs in technology, yada, yada...It's
crap.
So many people, in all walks of life, public and private, really,
really, want to believe that this is how the comos works...that an
insightful business leader gathers superbright people into a think-
thank to realize revolutionary breakthroughs while being unfettered by
the mundane.
The truth is quite different.
Even at the most promiment, most noble of institutions, intellectual
capital has real and signifcant value, and people fight for it,
sometimes viciously. They cheat, lie, steal, etc. for it. The best
recent example of The Establishment being absolutely incensed by an
individual who "not only had his cake but ate it too" by shrewdly
climbing over the walls of the petri dish and working in isolation
until he got the junk,, is Griogori Perelman of Poincaré's Conjecture:
http://en.wikipedia.org/wiki/Grigori_Perelman
There are quite a few people who would love to have taken some credit
for his work, but cannot, because he preempted all the typical means
by which the rapacious might have preyed upon him.
But getting back to NRL, what they do not mention in their rosy
portrayal of their relationship with Thomas Edison was that, in the
end, it was toxic.
1. They never used a single invention of his that he made at NRL while
he was there.
2. He was utterly disgusted with them after a while, and quit, and
told both his wife, as well as wrote about it in public.
Why leave this part out? Why is it ok to invoke the prestige of his
association, but not mention that the guy was utterly disgusted with
you and denigrated you in public?
This is what goes on with DoD everyday. They hide the truth, twist the
truth, euphemize damning truths that leak ("we're working on it -
right - you *already* worked on it)...and the cost for getting away
with this game: $100US billion / year for the US taxpayer.
-Le Chaud Lapin-
Joel Koltner
view on it all. It's not "all" driven by self-preseveration or ego -- plenty
of people really are trying to do the best job they can, and are confident
enough in their abilities to not have to worry about politics too much. Of
course, there are also people who are doing the best job they can and just
aren't good enough to do what they've been tasked with very well, but that's a
managerial problem again.
There will always be some costs involved due to imperfections in humans, and I
believe that a lot of what drives politics in the world is just how much
imperfection we, as a society, are willing to accept in any given area. Of
course, in the case at hand, unless there's a lot of mitigating circumstances
that haven't been revealed, it certanily *appears* that not using an encrypted
video signal is a larger imperfection than anyone should consider acceptable!
---Joel
Steve Pope
>On 12/18/2009 1:55 AM, Steve Pope wrote:
>> Le Chaud Lapin<jaibu...@gmail.com> wrote:
>>> It should be noted that decrypting in non-real time, right now, in
>>> December, 2009, is impossible using 256-bit AES.
>> WTF are you talking about?
>I think he meant cracking it in real time. Certainly decryption in
>real-time isn't a big deal.
Thanks, that makes sense. I (as usual) was reading the sentence
too literally.
Steve
Rick Jones
> I took a quick look, and did not find any specifics, but once the
> information is digital, it is a done deal, as the only excuses
> remaining would be:
> 1. Not enough power for cipher operations.
> 2. Overhead of padding consumes too much bandwidth for data link.
> We know it is not #1, because a $100 PDA can easily do 128-bit
> symmetric cipher at reasonable rate for Wi-Fi link without killing the
> battery, which I tried several years ago.
> We know that it is definitely not #2, because one video frame, at even
> low-res black-and white (not even grayscal) would swamp the 16-byte
> padding required for typical 128-bit symmetric block ciphers.
I don't seek to excuse the US. DoD and/or their contractors but...
It is my understanding that as wizzy as "things military" are, they
tend to be built from components that rather lag in performance
compared to what is available to civilians. That is, "mil spec"
processors and what not are not at the forefront of the performance
curve.
http://en.wikipedia.org/wiki/Predator_drone
suggests the first ones at least entered service in 1995, which means
they were probably prototypes a couple years earlier, which suggests
they were designed with stuff from the late '80s.
Could a late 1980's PDA do 128-bit symmetric cipher at a reasonable
rate?
Now, there is still the question of "Well, why not upgrade the
things?!? This is the 21st century!" Indeed a very good question,
probably one that is deeply ensconced in what one might consider
analogs to layers 8 and 9 of the 9 layer model:
https://www.isc.org/files/9layer.thumb.png
(which should slightly bring it back OT for comp.protocols.tcp-ip :)
The main point though is that by and large, at least to my
understanding, military technology tends to lag, which means making
comparisons to contemporary civilian tech somewhat complicated.
rick jones
--
denial, anger, bargaining, depression, acceptance, rebirth...
where do you want to be today?
these opinions are mine, all mine; HP might not want them anyway... :)
feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...
Le Chaud Lapin
> The SkyGrabber site implies it works with DVB-S and DVB-S2 standards. I
> think it's dumb to use a standardized air interface on things you want
> to be very secure for warfighting, but that's just me.
Some argue that security by obscurity not good, which I tend to agree
with:
http://en.wikipedia.org/wiki/Security_through_obscurity
I guess you know that the military has committed to moving toward IP-
based, commoditized components, to their credit, IMO. One of the
things they kept telling me was, "Whatever you give us, it has to run
over IPv4."
They have some outstanding solicitations with promising-yet-misleading
names like "Military Network Protocol:
http://www.darpa.mil/STO/Solicitations/sn09-04/index.html
...which gives the impression that it is a new protocol for the
military, but that is not what MNP is. Speculatively speaking,
soldiers in the field have been tying up precious downlinks by
downloading "unscrupulous" material, frustrating higher-ranking
officers who are trying to get real work done, or, perhaps, download
their own unscruplous material :D. The purpose of MNP is to allow
prioritized access to the inbound/outbound trunk based upon parameters
that at least includes the rank of the officer trying to use the link.
So if a rear admirer...pardon me....admiral, is hoping to download the
lastest from http://www.fhm.com/, he would simply start download, and
all captains and lieutenants would get booted off the trunk until he
is done.
There was another soliiciation which basically said, "Look..IPv4 is
great, and we are thoroughly convinced that packet switching is
superior to circuit switching, commoditization is good, yada...but now
we would like to take all the concepts of computer networking that we
have learned over the past 30 years and formalize them into a new
networking protocol that is both useful for public and military. Give
us Version II of The Internet, and make sure every ingredient is in
the soup pot, including security and mobility, maybe some multicast.
We do require that it be compatible with IPv4/6, so long as you give
us something revolutionary."
The program manager who was in charge of this soliciation mysteriously
disengaged not long after it was published.
-Le Chaud Lapin-
biject
>
> It is my understanding that it was the link to the ground station that
> was digital and being intercepted, not the link from the Predator. If
> you can point to some reliable source that says otherwise, let me
> know. I'll be mightily surprised.
>
> DS
The sad thing is at one time the government had good
laboratories like China Lake that could for pennies on
the dollar fix this problem in less than a month. But
the dumb people running the show in DC would rather keep
spending millions of dollars getting nothing done than
actually fix the problem. Contractors also seem to get
more money by promising to fix things and then even more
money when they fail. This country is in big trouble if
it still has minor problems like this. Bring back the
good labs where the only requirement is to get the job
done. Forget all the EEO rules and crap just hire competent
people who can get the work done. I know the team I
worked with could fix this problem if they had a chance
and no pain in the ass bureaucrats slowing us down.
David A. Scott
--
My Crypto code
http://bijective.dogma.net/crypto/scott19u.zip
http://www.jim.com/jamesd/Kong/scott19u.zip old version
My Compression code http://bijective.dogma.net/
**TO EMAIL ME drop the roman "five" **
Disclaimer:I am in no way responsible for any of the statements
made in the above text. For all I know I might be drugged.
As a famous person once said "any cryptograhic
system is only as strong as its weakest link"
Le Chaud Lapin
> There was another soliiciation which basically said, "Look..IPv4 is
> great, and we are thoroughly convinced that packet switching is
> superior to circuit switching, commoditization is good, yada...but now
> we would like to take all the concepts of computer networking that we
> have learned over the past 30 years and formalize them into a new
> networking protocol that is both useful for public and military. Give
> us Version II of The Internet, and make sure every ingredient is in
> the soup pot, including security and mobility, maybe some multicast.
> We do require that it be compatible with IPv4/6, so long as you give
> us something revolutionary."
* do not
Eric Jacobsen
I was addressing the link, not the cryptography. Most security people
I've worked with recognize that layering barries is usually a good
thing, so why use a standardized link that anybody can buy a receiver
for when it's not hard at all to obscure the link protocol? That'd
make the barrier to just getting the signal MUCH higher, and require
some pretty specialized research to figure out. That's a step that'd
need to be done before one could even begin to address the decryption,
which is a different issue entirely.
But that's just me, what do I know? ;)
Eric Jacobsen
> On Dec 18, 5:18 am, Sylvia Else<syl...@not.at.this.address> wrote:
>> Everytime one thinks developers of systems know what they're doing,
>> something like this comes out, and one realises that they didn't.
>
> I have spent an some time pondering the process that yields this
> result, and each time I arrive at the conclusion: It is all driven by
> self-preservation and/or ego.
Or, perhaps more likely, budget and schedule realities. When you have
to meet a budget and a schedule, and the primary task (i.e., getting the
UAV flying properly) is consuming most of the resources (as it should)
then the links become a "get it working" task. I doubt in the 90s any
manager would think it wise to use up a big fraction of a budget to make
a UAV work on getting the link more secure.
Been there many times, it's not unusual. The fact that it's been that
way for so long is disturbing, but also not all that unusual in the
military/government management and procurement system. It usually comes
down to budget and bureaucracy limitations and priority setting. There
may have been other things in the program that were deemed (perhaps very
properly so) to have needed the attention more.
It's easy to be an armchair quarterback.
Jerry Avins
The need to guard against cyberattacks on power stations and military
installations is a clear indication of bad -- make that stupid --
design. Critical facilities shouldn't share wire networks with
internet-at-large, and there would ideally be no radio links. Those who
don't like other people reading over their shoulders shouldn't build
glass houses.
Jerry
--
Engineering is the art of making what you want from things you can get.
�����������������������������������������������������������������������
Randy Yates
> [...]
> It's easy to be an armchair quarterback.
Amen, brother.
I suspect the biggest problem is that people here don't know what
they're talking about. It is virtually impossible for a product of this
type and application to have such a glaring oversight. For example,
perhaps the DOD made a tactical decision that, not only do they not CARE
if someone sees the video, it is actually encouraged. After all, if the
end effect is that the bad guys stop being bad, isn't that just as good
as them being dead?
--
Randy Yates % "And all that I can do
Digital Signal Labs % is say I'm sorry,
mailto://ya...@ieee.org % that's the way it goes..."
http://www.digitalsignallabs.com % Getting To The Point', *Balance of Power*, ELO
Joel Koltner
news:%wSWm.5633$eH1....@newsfe16.iad...
> I was addressing the link, not the cryptography. Most security people I've
> worked with recognize that layering barries is usually a good thing, so why
> use a standardized link that anybody can buy a receiver for when it's not
> hard at all to obscure the link protocol?
I think the usual argument is the "chain is only as strong as its weakest
link" and "time is money" approach -- if you've selected, e.g., AES-256 as the
encryption algorithm, if there's someone who can manage to crack it in
real-time, you kinda have to assume they'll find decoding your proprietary
link protocol to be utterly trivial as well. Hence, it may not be worth the
extra time and expense to cook up your own new protocol -- especially when
you're paying for it with the taxpayer's money. :-)
The other problem of is that there are plenty of cases where someone coming up
with a proprietary protocol unintentionally weakens the overall system
security by embedded something in plaintext that correlates with something in
the encrypted portion of the data packet. If you stick with well-known public
standards, there's usually a long track record of their vulnerabilities to
consider.
If you have really good crypto guys and plenty of money, I'd agree that
layering provides extra security. With the U.S. military, it seems to me that
the later is still usually not a problem, whereas the former sometimes is.
---Joel
casual observer
>The need to guard against cyberattacks on power stations and military
>installations is a clear indication of bad -- make that stupid --
>design. Critical facilities shouldn't share wire networks with
>internet-at-large, and there would ideally be no radio links. Those who
>don't like other people reading over their shoulders shouldn't build
>glass houses.
Agreed. Get rid of the wireless links on the Predator drones and use
wired connections. Wait....huh? ;-)
Vladimir Vassilevsky
Jerry Avins wrote:
> The need to guard against cyberattacks on power stations and military
> installations is a clear indication of bad -- make that stupid --
> design.
Big design can't be without stupid flaws, especially if that design is
done by big company. This is just the law of big numbers. Only the
simple things that were in production in large quantities and for many
years, can be cleaned to perfection.
> Critical facilities shouldn't share wire networks with
> internet-at-large, and there would ideally be no radio links. Those who
> don't like other people reading over their shoulders shouldn't build
> glass houses.
Recently I read that "Boeing 787 Dreamliner is safe against intended or
unintended cyberatacks, as its entertainment network is software
firewalled from the flight controls". Isn't it wonderful?
Vladimir Vassilevsky
DSP and Mixed Signal Design Consultant
http://www.abvolt.com
Eric Jacobsen
Yet again, I'm not addressing the encryption, but the link (i.e., air
interface) protocol. Even in DVB-S and DVB-S2, the air interfaces are
completely independent from the transport layer and the encryption. If
you make the air interface just a bit pipe, it CAN'T expose the
encryption any more than any using a standardized air interface.
Making it difficult to even demodulate the signal, however, provides an
additional barrier to a would-be eavesdropper in that they must,
somehow, figure out how to demodulate the signal. This includes
figuring out the modulation type, the polynomial of the entropy
scrambler (NOT the same as encryption), the FEC, including any
polynomials, interleavers, or code matrices, any framing, etc., etc.,
etc. It's a monumental task if you don't also have a modulator with
which to perform detailed experiments, and even if you do the investment
and expertise required make it a pretty high hurdle.
Instead, they used DVB-S or DVB-S2, for which receivers are commonly
available.
Which is easier for eavesdropping?
Le Chaud Lapin
> Or, perhaps more likely, budget and schedule realities. When you have
> to meet a budget and a schedule, and the primary task (i.e., getting the
> UAV flying properly) is consuming most of the resources (as it should)
> then the links become a "get it working" task. I doubt in the 90s any
> manager would think it wise to use up a big fraction of a budget to make
> a UAV work on getting the link more secure.
>
> Been there many times, it's not unusual. The fact that it's been that
> way for so long is disturbing, but also not all that unusual in the
> military/government management and procurement system. It usually comes
> down to budget and bureaucracy limitations and priority setting. There
> may have been other things in the program that were deemed (perhaps very
> properly so) to have needed the attention more.
>
> It's easy to be an armchair quarterback.
Hmm...under different circumnstances like launching a spacecraft to
Jupiter, this would be a reasonable argument. But I swim in this stuff
all day, and if you knew how ridiculously easy it is to add symmetric
encryption to a digitized link....[based on your comp.dsp posts I
would presume you do]
Let me put it another way. If anyone, anywhere, offers me and three
other people of my choosing, $100 million, or even $1 million, to "get
it right", there will be no excuses. Not one.
What they did was inexcusable.
Also, as I mentioned before, I spent about 18 months of my life going
back and forth with these people, and the problem is hardly money, as
they have plenty of that, and it is not time, as they themselves admit
that they are in no rush.
IMO, it all comes back to ego/greed/self-preservation/politics.
If any of you are engineers (most of you are) and think this is false,
I encourage you to spend 5 or 6 hours of your life trying to engage
DARPA and/or the US military in a meaninful way to see for yourself.
The environment is toxic to rationale thinking.
You might start with this $37 billion fiasco:
http://en.wikipedia.org/wiki/Joint_Tactical_Radio_System
http://mobiledevdesign.com/hardware_news/program_costs_billions/
http://fcw.com/articles/2005/05/16/troubled-jtrs-hits-another-roadblock.aspx
In a nutshell, someone during the late 1990's tricked a senate
appropriations committee into funding software defined raidos (SDR's),
which you Eric, of all people, know something about. :)
The idea was that, if the radios were under software control, every
radio would be able to communicate with every other radio, as well as
any other software-enabled device on the Internet, which is pretty
much most of them. The senators who got behind this project where
duped into believing this nonsense, not understanding that, it is not
enough for the radios to simply be under software control. The radios
~need~ to form a network.
Imagine, one radio using QAM, other using OFDM, both under software
control. Now what? Nothing, that's what. What you would get is two
radios under software control, and not talking to each other, one
using QAM, the other using OFDM. Lovely. But the senators were duped
because they figured that, "Hey, if it is software, anything is
possible."
The people running JTRS took 6 years to realize that SDR does not
automatically translate into a packetized universal network. They
realized this *after* they had made grandiose promises of bit rate,
using relatively low frequency spectrum, almost all under 1GHz, with
performance on par with, or better than Wi-Fi. Meanwhile, companies
like Boeing, Honeywell, General Dyamics, etc...gouged huge chunks of
the overall $230 billion program, and as of 2009, it's still a mess:
http://www.washingtonpost.com/wp-dyn/content/article/2008/04/07/AR2008040702604.html
Not surprisingly, when the U.S. senators asked why the original
program has balloned into costing 1/4th of $1US trillion dollars, look
what they write:
"The military and its contractors concede past problems but say they
have corrected each program so that they are on schedule, close to
budget and developing technologies as expected. Dennis A. Muilenburg,
until early February the program manager of Future Combat Systems at
Boeing, the lead contractor, said he expects the high-speed radios and
the wireless network to be finished on time and to "dovetail very
nicely with" Future Combat Systems."
This is comical. You go off and waste $11 billion, then gouge $3 more
billion, and you write something like this, and people are supposed to
believe you? ??????
Time? It took me all of 12 seconds to realize how stupid this SDR-but-
no-network was. When I began to hint to the top tech guy over the JTRS
program that they could have forseen that this notion from day one if
they actually had a real network engineer in the room, of course, he
defended himself and his team. When I implied that, because they
wasted time up until 2006, that they will basically have to rethink
the bandwidth, and do what IEEE 802.11 committee did, he tacitly
agreed, but again defended the extra two years wasted by saying "We
demonstrated a prototype recently."
Well, I got bits and pieces of their "prototype" through the
grapevine. The thing was some hack put together by a university not so
far away from the JTRS office.
Money? If you give me $5.8 billion, I will take $5.7 billion of it,
put it in my personal bank account, , and use the rest to hire a buddy
of mine who can do the rest for for $100 million. He'll likely keep
$90 million from himself, and hire 20 other people to with the
remaining $10 million, and get it right.
The only thing I can give credit for is that they now have a form on
their web site which essentially says, "Ok, we know we wasted $11
billion...We're sorry. Tell us how we screwed up, and how to make it
better."
Here's is the form:
http://jpeojtrs.mil/files/org_info/Lessons_Learned_Submittal_Form.doc
From this page:
-Le Chaud Lapin-
Andrew Swallow
> On Fri, 18 Dec 2009 02:08:44 +0000 (UTC), Rick Jones
> <rick....@hp.com> wrote:
>
>> In comp.protocols.tcp-ip Mark <mako...@yahoo.com> wrote:
>>>> Passing encrypted video over a satellite network built for
>>>> unencrypted analog video is not a trivial challenge. As far as I
>>>> know, there exists no scheme to do this that has not been broken
>>>> already. The problem is that encryption works partly by diffusing
>>>> information so that no part of the output looks like any part of
>>>> the input. The satellite link is filled with errors and distortion
>>>> that have to be contained to retain adequate video quality.
>>> ago for HBO?
>
> I don't believe anyone suggested using civilian encryption for
> military applications, though it would have been better than nothing.
AES encryption would have probably beaten the Taliban and the Iranians.
Available in a single chip, or you can use software.
Andrew Swallow
Joel Koltner
meant be tempted to call "link layer" but that's probably not correct) and not
the actual "physical" level link. My apologies.
> Which is easier for eavesdropping?
DVB-S, certainly, although if they had used AES (ok, probably not available
when it was designed -- maybe 3DES?), they still would probably have been OK.
---Joel
Jerry Avins
I didn't write about drones, but about power stations. As far as I know,
few distribute wireless power. Eat your heart out, Tesla! It should be
physically impossible to reach NORAD's computers from the web, let alone
hack into them.
glen herrmannsfeldt
(snip)
> Yet again, I'm not addressing the encryption, but the link (i.e., air
> interface) protocol. Even in DVB-S and DVB-S2, the air interfaces are
> completely independent from the transport layer and the encryption. If
> you make the air interface just a bit pipe, it CAN'T expose the
> encryption any more than any using a standardized air interface.
> Making it difficult to even demodulate the signal, however, provides an
> additional barrier to a would-be eavesdropper in that they must,
> somehow, figure out how to demodulate the signal. This includes
> figuring out the modulation type, the polynomial of the entropy
> scrambler (NOT the same as encryption), the FEC, including any
> polynomials, interleavers, or code matrices, any framing, etc., etc.,
> etc. It's a monumental task if you don't also have a modulator with
> which to perform detailed experiments, and even if you do the investment
> and expertise required make it a pretty high hurdle.
How many have crashed or been shot down (but not completely destroyed)
and been recovered? That is, assume that they have the hardware and
algorithms.
-- glen
Jerry Avins
Groovy!
Andrew Swallow
{snip}
>
> OTOH, it's the US government. I'm backing the dumb-as-a-rock
> explanation.
Front line tactical radio communication has traditionally been
unencrypted. This is just a continuation of that. However being
digital they are changing that. Also high speed off the shelf
portable encryption may not have been available.
Andrew Swallow
Le Chaud Lapin
wrote:
Or RC6. I remember playing around with its predecessor, RC4, in the
early 90's. I have chunks of code still on my hard disk for RC6 that I
wrote a while ago (attached).
template <unsigned int w, unsigned int r, unsigned int b> bool
Cipher<w, r, b>::encipher (void *buffer, unsigned int length)
{
if (length % sizeof(Block))
return false;
unsigned int block_count = length / sizeof(Block);
for (unsigned int k = 0; k < block_count; ++k)
{
struct
{
unsigned long int A : w;
unsigned long int B : w;
unsigned long int C : w;
unsigned long int D : w;
} block = {0};
unsigned int m;
for (m = 0; m < (w / 8); ++m)
{
block.A |= unsigned long int (*((unsigned char *)
buffer + 0 * w / 8 + m)) << (m*8);
block.B |= unsigned long int (*((unsigned char *)
buffer + 1 * w / 8 + m)) << (m*8);
block.C |= unsigned long int (*((unsigned char *)
buffer + 2 * w / 8 + m)) << (m*8);
block.D |= unsigned long int (*((unsigned char *)
buffer + 3 * w / 8 + m)) << (m*8);
}
....
It's 5:40 P.M. where I am. Using this code, and a spec of whatever
format exists for their data stream, assuming they will allow me up to
16 bytes per packet of padding, I could have a secure link done by
11:00 PM, while still not missing my favorite show on TV.
So the excuse that there was "not enough time" is not an an excuse,
IMO.
-Le Chaud Lapin-
Sylvia Else
> It's easy to be an armchair quarterback.
Perhaps, but it wouldn't surprise me if there was someone on the project
team saying that transmitting the video in the clear was just asking for
trouble. Such a person would likely have been seen as "negative" by the
project management, and the issue would never have been properly evaluated.
Sylvia.
Steve Pope
>So the excuse that there was "not enough time" is not an an excuse,
>IMO.
Probably encryption was not in the requirements. It would of
course be illegal for a defense contractor to add features
just because they thought those features were important...
they must trace back to a contractual requirement.
Steve
Le Chaud Lapin
Amen sista.
As I mentioned before, after speaking to various prime contractors and
DARPA, I was depressed for 4 days straight. I got the same feeling you
get when a long-lived pet suddenly dies - lump in throat, can barely
talk, in mild shock, you didn't think it would affect you that much.
People try to ask you what's wrong, and you cannot tell them, because
nothing you can say can convey what you feeling to them. They'd have
to experience it for themselves. Disillusionment is an understatement.
Shame, disgust, anger, discontent, surprise, guilt, alarm, rage...all
of it simultaneously, is speaking in codes to you, telling you he
understands that you might have some "misgivings" about the way they
do thing, but if you want to get paid, you have to play by their
rules, and I don't mean filling out forms.
Contrary to what DoD/DARPA claims, I have found the general culture of
these places, both DARPA and the prime contractors, to be toxic to
true innovation.
One might ask, if this is true, then why do we see stuff from them,
some of it good stuff? After all, we have patriot interceptors, the
F22, Hell-Fire missiles, Stealth bombers, etc.
I offer a simple answer:
$100 billion
You give anyone $100 billion, and they are likely to produce
~something~, whether it crashes or not. Those ~somethings~ are what
we see on the Military Channel, and because it is the first time we
see them, they look cool, but make no mistake:
1. They cost 20x, 30x, 100x, ....1000x? what they should cost.
2. If they happen to explode randomly, the director on the set of a
Military Channel episode will not say, "Call us back when you get
something that is technically sound." Instead, he will say, "Hmm...I
see, ok, well, we can work around that...just bring enough so that we
get sufficient footage to clip out the scenes where it doesn't work."
3. There are usually real scientists and engineers lurking who
actually know how to keep them from crashing, but as Sylvia pointed
out, these people are likely ostracized in favor of those who "play by
the rules".
Truth or fiction.
DARPA and prime contractors reveal whichever is more appropriate at a
particular instant on a case-by-case basis to portray themselves in
the most favorable light.
-Le Chaud Lapin-
Eric Jacobsen
A bunch, by my understanding, which may be how they figured out it was
DVB-S/S2. If, on the other hand, they find an FPGA (or some unknown
part) where the modulator goes, then they have to sort out what the heck
is going on.
Not trivial.
Le Chaud Lapin
I'll try to remember that the next time I'm designing a spacecraft for
NASA:
"Hey...Tyrone...I know they said Mars... but do you think they'd be OK
with a Saturn swing-around just for kicks?" :)
These guys have meetings ad nauseum. Things that would take you and me
to think about an make a decision in 4 hours, they discuss for four
months. Everything is deliberate. Everything is known. NSA and other
goverment agencies know all about what they are doing, as they are
doing it.
If crypto was not in the spec, the decision was deliberate. Since it
was not in the spec, the decision to not put it in was deliberate,
which is stupid, because it would have been easy, even in 1990, given
the amount of money involved.
Note that it does not take an entire team to do crypto. I could rattle
off the names of 10 (prominent) individuals who could have done the
crypto part single-handedly and likely not have made a mistake. My
guess is that such individuals would have been content with a
fraction, say, 1%, of the $1+ billion spent:
http://postmanpatel.blogspot.com/2006/04/global-hawk-uav-delays-cost-overruns.html
-Le Chaud Lapin-
krw
<OneBi...@InfiniteSeries.Org> wrote:
>On Thu, 17 Dec 2009 20:05:07 -0600, krw <k...@att.bizzzzzzzzzzz> wrote:
>
>>On Thu, 17 Dec 2009 17:44:12 -0800 (PST), Mark <mako...@yahoo.com>
>>wrote:
>>
>>>
>>>>
>>>> Passing encrypted video over a satellite network built for unencrypted
>>>> analog video is not a trivial challenge. As far as I know, there
>>>> exists no scheme to do this that has not been broken already. The
>>>> problem is that encryption works partly by diffusing information so
>>>> that no part of the output looks like any part of the input. The
>>>> satellite link is filled with errors and distortion that have to be
>>>> contained to retain adequate video quality.
>>>>
>>>> DS
>>>
>>>um,, is that why General Instrument was able to do it did it 15 years
>>>ago for HBO?
>>
>>It can obviously be done. It just requires different, perhaps less
>>efficient, error correction algorithms which may mean lower S/N
>>required.
>
> Wrong. It just requires MORE FEC.
AlswasWrong is once again wrong. Surprise everyone!
krw
Real encryption is pretty cheap. The only complication anymore is key
management. No matter what you do that's a problem, so might just as
well make the encryption good. Rag heads aren't the only potential
enemy.
krw
Nonsense. It's been available for decades.
Andrew Swallow
True but tactical in the clear is still used.
Andrew Swallow
Jerry Avins
I uncovered a serious specification omission when, as a technician for a
subcontractor, I built hardware for the Mercury space capsule. The
contractor (Collins Radio) agreed that the omission could lead to
catastrophic failure, but determined that the amount of paperwork to
effect a change was prohibitive. (Just as I kicked it up to Collins,
they would have had to continue up the chain through McDonnell Douglas
to NASA.) The project manager at Collins agreed to push the matter after
I said that I would ask the astronauts what to do.
David Schwartz
> I took a quick look, and did not find any specifics, but once the
> information is digital, it is a done deal, as the only excuses
> remaining would be:
> 1. Not enough power for cipher operations.
> 2. Overhead of padding consumes too much bandwidth for data link.
3. No place to put the encryption devce.
The uplink from the Predator is analog. The downlink from the
satellite is digital. There is no accessible point between the two to
put the encryption device.
DS
David Schwartz
> It is my understanding that as wizzy as "things military" are, they
> tend to be built from components that rather lag in performance
> compared to what is available to civilians. That is, "mil spec"
> processors and what not are not at the forefront of the performance
> curve.
Not just that, but equipment that operates in space has to be space-
qualified. Last I checked, the fastest space-qualified CPUs were
comparable to 66MHz Pentiums. And power and heat budgets on a
satellite are tight.
> http://en.wikipedia.org/wiki/Predator_drone
>
> suggests the first ones at least entered service in 1995, which means
> they were probably prototypes a couple years earlier, which suggests
> they were designed with stuff from the late '80s.
The issue is that the design was changed. At first, it was assumed
that latency was not super-critical. The idea was that you would use a
direct link during takeoff and landing and for normal flight, a few
seconds of latency is tolerable. it was later discovered both that the
latency wasn't that tolerable and that you might not want to put your
operators where the Predator takes off and lands. This required a
"quick change" to the system with no ability to modify the satellites
already deployed.
DS
krw
<am.sw...@btopenworld.com> wrote:
For radio that's expected. For a Predator link it's stupid. It gives
up the Predator's main advantage; stealth.
Le Chaud Lapin
Where on the Internet/etc. does it say that?
Also, CNN is quoting a military official implying that encryption was
possible, but would have slowed the link:
http://www.cnn.com/2009/US/12/17/drone.video.hacked/index.html
"The official said that many of the UAV feeds need to be sent out live
to numerous people at one time, and encryption was found to slow the
real-time link. The encryption therefore was removed from many feeds."
This statement he makes, btw, is bogus. Symmetric ciphers, even in
1990, are so fast, they are hardly the bottleneck in system. Signing
the packets, OTOH, would have been problematic.
-Le Chaud Lapin-
Archimedes' Lever
<dav...@webmaster.com> wrote:
>On Dec 17, 6:33�pm, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
>
>> > Passing encrypted video over a satellite network built for unencrypted
>> > analog video is not a trivial challenge. As far as I know, there
>> > exists no scheme to do this that has not been broken already. The
>> > problem is that encryption works partly by diffusing information so
>> > that no part of the output looks like any part of the input. The
>> > satellite link is filled with errors and distortion that have to be
>> > contained to retain adequate video quality.
>
>> Maybe I misunderstand, but the system, based on this link:
>>
>> http://www.skygrabber.com/en/skygrabber.php
>>
>> ...looks like it is entirely in the digital domain.
>
>They're grabbing it later in the system, but if you want it encrypted
>later in the system, you have to encrypt it earlier in the system.
>
>> If that is true, encryption, under the scenarios required by US DoD,
>> would take maybe 3 weeks using Rijndael or other symmetric cipher for
>> a rough run, and maybe a month more by a crypto expert to remove the
>> fatal flaws.
>
>There is no place in the system to put such a cipher. The only
>practical way to do is to encrypt the analog uplink. The satellite-
>based system from the uplink from the Predator to the downlink to the
>operator is simply not encryption-capable. Essentially, the problem is
>basically that they chose a completely unsuitable system to handle the
>image downlink to the operator.
>
>DS
Real simple. Make it TCP/IP and use IP encryption, just like the
government and military does everywhere else.
As far as your claim of knowing what they did implement... I have
serious doubts that you do. Your simple, blanket statement that it "is
simply not encryption capable" is about as uninformed and stupid as it
gets.
ANY data stream can be EASILY encrypted, and that at a very strong
level.
Archimedes' Lever
<jaibu...@gmail.com> wrote:
>On Dec 17, 8:15�pm, glen herrmannsfeldt <g...@ugcs.caltech.edu> wrote:
>> In comp.dsp Mark <makol...@yahoo.com> wrote:
>> (someone wrote)
>>
>> >> Passing encrypted video over a satellite network built for unencrypted
>> >> analog video is not a trivial challenge. As far as I know, there
>> >> exists no scheme to do this that has not been broken already.
>>
>> (snip)
>>
>> > um,, is that why General Instrument was able to do it did it 15
>> > years ago for HBO?
>>
>> He said "that has not been broken already". �As far as I know,
>> both the analog in digital encryptions have been broken.
>>
>> It slows down most people, though, so it still works.
>
>When has 256-bit Rijndael been broken? Or 128-bit for that matter? Or
>RC6? Or many other symmetric ciphers?
>
>> The usual analog encryption reverses the polarity of some scan
>> lines and/or frames. �It isn't hard to figure out fairly reliably
>> a polarity reversal.
>
>Take a look at the SkyGrabber site. It looks like the whole thing is
>based on satellite Internet access, which of course, is entirely in
>the digital domain:
>
>http://www.skygrabber.com/en/skygrabber.php
>
>-Le Chaud Lapin-
The original "VideoCipher" was never broken.
There WERE decoding chips being sold by the fab house that made them,
out the back door at night, while they made legit chips during the day,
but that early MPEG2 encrypted stream has still yet to have been broken.
That goes double, triple, and quadruple for the subsequent
"Videocipher2" and the now in use "Digicipher I" and "Digicipher II"
None of you "any encryption method can be broken" IDIOTS have EVER even
come close. Look at the streams, and the "false keys" will throw you
every time, and that is just ONE of the mechanisms in place.
So your "any cipher can be broken" mindset is flawed and there is
proof.
There are at least ten current cipher modes out there that you dopes
will never even come close to EVER breaking.
HardySpicer
> On Dec 17, 8:14 pm, krw <k...@att.bizzzzzzzzzzz> wrote:
>
> > On Thu, 17 Dec 2009 18:05:15 -0800 (PST), Le Chaud Lapin
> > >Maybe they should leave it as it is. That way, the terrorists could
> > >put it up on YouTube. Maybe there is a Hollywood show in it...
>
> > Perhaps it was intentional. They can sell electronics to the
> > terrorists. Who knows what backdoors lurk...
>
> Check out the list of PCI adapters required by PC to receive satellite
> feed at bottom of page:
>
> http://www.skygrabber.com/en/skygrabber.php
>
> If I were to design a backdoor, I would put it in the hardware. Of
> course, this would mean that:
>
> 1. One of the listed manufacturers is actually a wolf in sheep's
> clothing: DoD posing as a legitimate company.
> 2. DoD has contracts unders some Homeland Security act with all the
> manufacturers to put in backdoors for units sold to regions inhabited
> by terrorist.
>
> #2 is more likely, as #1 would depend on getting lucky that terrorist
> chose your adapter and not someone else's.
>
> A hardware-resident virus on PC can pretty much do anything it wants
> with the PC.
>
> -Le Chaud Lapin-
That's assuming that your side ever even saw it before it blew
something up. I am surprised that terrorists haven't used drones - so
simple. Even model aircraft could od a little damage and they have
spread spectrum comms now.
Hardy
Archimedes' Lever
<jaibu...@gmail.com> wrote:
>A thought:
>
>If the terrorists can see and interpret the video, that means:
>
>1. The protocol is decipherable.
No, it means they (the idiots that claim to have hacked it) found an
open stream that was NOT ever encrypted. All they succeeded in doing was
finding a carrier. No technical prowess required whatsoever.
>2. The protocol is encipherable.
No. It is more likely not encrypted at all.
>3. It is theoretically possible to inject bogus data into the stream.
Absolutely not. The GPS timestamps are going to keep that from ever
happening. Just because the video is able to be seen, that doesn't mean
that there was not more data included with each frame. In fact, I am
sure that there is.
Archimedes' Lever
<jaibu...@gmail.com> wrote:
>
>With some very clever software engineering, it would be possible to
>feed the satellite with bogus images that are superpositions of actual
>video images and computer-generated animations.
No, it would be absolutely NOT possible.
Archimedes' Lever
<jaibu...@gmail.com> wrote:
>I just hope the image decompression software at the receiving end does
>not have any buffer-overflow vunerabilities. But NSA is supposed to
>catch things like that.
Considering all the other crap you have spewed, I doubt seriously that
you know a goddamned thing about what the NSA wants or does, much less
how they operate.
Archimedes' Lever
<dav...@webmaster.com> wrote:
>Cannot be done. The satellite that the predator talks to only supports
>analog video.
Are you sure?
General instrument was able to digitize, compress, and send no less
than 12 standard 6MHz wide analog video signals up to a bird that was
only for analog TV signals, and they effectively increased satellite
channel capacity ten fold.
I do not think that you have thought this through very well.
Digital signals can be passed over analog carriers, and are, every day,
no problem.
It is all analog at some point.