Commercial Flights Are Experiencing ‘Unthinkable’ GPS Attacks and Nobody Knows What to Do::New “spoofing” attacks resulting in total navigation failure have been occurring above the Middle East for months, which is “highly significant” for airline safety.
TL:DR: Israel and Iran are the source of the spoofing.
Edited*
And Iran, according to the article
Israel Iran and Russia be like
Lemmy is starting to feel like Discord with people dropping lazy images like this in every damn thread.
Literally couldn’t even bother to edit the image so the country names are in the image.
Yeah on my phone in hospital waiting room, didn’t have time.
has enough literacy skills to pick up on humor in more than just the shared image
I thought it was funny, anyway…
I hope everything turns out ok!
Thanks yeah one of my kids had a chronic condition so it’s not really anything unexpected but also not fun and just a ton of waiting.
Wow. The state of Israel is really piling on the reasons to hate it these days.
It was doing this for decades but Western countries only start hearing about it.
Social media have prevailed over classic media, and this time they have proven to be harder to steer.
And Russia was doing it just a few years ago, too.
The article says the spoofing was first recorded in September from Iran, then Israel started doing some after the October Hammas attacks
The planes first received spoofed GPS signals, meaning signals designed to fool planes’ systems into thinking they are flying miles away from their real location. One of the aircraft almost flew into Iranian airspace without permission
Tomorrow Never Dies continues to be bizarrely relevant.
Is that the one with Jonathan Pryce as the villain? That was a good one
Johnathan Pryce as the mad, egocentric head of a mass media and tech empire with an inordinate amount of reach and influence on the world stage, who is chiefly concerned with becoming the sole source of media in a post-CCP China.
Which sounds funny and ridiculous in a 1997 spy movie, but in the last 20 years, we’ve seen just how much power mass media companies wield, how they can manipulate sizable percentages of a population, and how being the exclusive source of news for an entire country (China, no less) would give a media mogul incredible power and influence.
I’m not nervous, you’re nervous
So basically the plot of citizen Kane with some tweaks
deleted by creator
I must have missed the bit of Citizen Kane where he spoofs a British warship into sailing into Chinese waters then attacks both sides from a stealth submarine.
Director’s cut
That was a badass videogame on PS1. Core memory unlocked
Fucking serves them right, the aviation industry have been buying GPS devices for decades that bleed outside and don’t explicitly filter down to their spectrum. There was a satellite internet startup in the US that went through the whole process, bought its spectrum and was ready to launch, then the aviation industry complained and had them shut down because their devices were all shit and “it would be too difficult to change everyone’s equipment”.
Do you have something I can read about this? It’s a little vague, so hard for me to search, and it sounds like something I would be interested in. Thanks
Pretty sure this is the story, rings true to my memory of the company name starting with “L”: https://arstechnica.com/tech-policy/2011/04/lightsquared-broadband-a-threat-to-gps/
Although this article doesn’t cover how the GPS systems used cheap filtering circuits that didn’t adequately filter out adjacent frequencies. This was done purely to save money, because there wasn’t anything using the adjacent frequencies. As a result, LightSquared went bankrupt in 2012.
Thanks I’ll give it a read.
Edited my last comment, I don’t think that article goes into much detail. It only really covers the objections by GPS device manufacturers against LightSquared, not the technical aspect ie poor filtering by cheap GPS devices.
This article covers LightSquared’s claims of poor filtering by GPS devices: https://www.networkworld.com/article/696602/wireless-lightsquared-says-gps-makers-ignored-filtering-rules.html
This article also covers some of it: https://www.cnet.com/tech/mobile/lightsquared-blew-it-and-heres-why/
TL;DR GPS devices cut corners, however because they were established and so endemic across the industry, there was no practical way to fix them all and LightSquared was sent down the toilet.
deleted by creator
That just means you can’t use autoland in low visibility conditions. Modern IRUs (inertial reference unit) are highly accurate laser gyros that can use GPS for correction, but will throw out the data if it doesn’t make sense. Navigation won’t be affected much, and autoland (if used) will still rely on VHF guidance.
Modern IRUs also take input from multiple sources (GPS, Navaids) to update their drift error. With spoofed GPS, bad drift corrections are made and when the navigation solution eventually fails the IRU is just as unusable.
ADIRUs will throw out bad GPS data if it disagrees with multiple IRUs, hence why there’s usually 3 on the aircraft. That being said, if the GPS is close enough to the three, then correction will still be applied.
If they’re using the older IRUs, the drift is corrected via redundancy and not GPS. Usually pilots will report drift based on their final IRU coordinates compared against GPS. Even then, they should still be checking their course with VOR.
How do IRUs work do to give you location?
Imagine you can’t see or hear anything but you can read a compass, and you have an internal map of your house and neighborhood. You also know how long your steps are with some amount of accuracy. You would probably be able to get out of your house and maybe to the corner store, but the inaccuracies in your compass and distance estimation would add up over time, and on a long walk you might overshoot the sidewalk and walk down the middle of a busy street by mistake.
“Give me a stopwatch and a map and I’ll fly the Alps in a plane with no windows?”
This was supposed to be a wild boast by the Russian navigator in Hunt for Red October but is apparently now standard piloting procedure.
They know where you took off from, and can detect your movement with precision.
It’s knows where it was and where it isn’t
They use gyroscopes and accelerometers to measure the aircrafts movement from the starting position at takeoff. That can then be used to plot the course the aircraft has taken to show the current location.
First, they have to align on the ground. You initialize them with your current known position (usually by GPS or your known airport/gate spot). Then, you wait for them to synchronize with the Earth’s rotation. If you’re far north, like in Alaska, this could take half an hour. If you’re close to the equator, it could take 5 minutes. Once they’re ready, from that point, any movement you make, it will know where you are and where you’ve been.
If you spin up a gyro and begin moving around, it will maintain it’s starting position. You can use this deflection to calculate direction. If you know how fast you are going and for how long, you’ll have your position.
Mechanical gyros drift. It’s the nature of a world with friction. Newer IRUs use laser gyros, so the only real drift they have comes from extremely minute rounding errors.
Well the article says it caused at least one plane to almost fly into Iran’s restricted airspace…
I’m glad I wasn’t the only one scratching my head at why was this an issue….(30 + years in aircraft maintenance just not avionics trade, airframes and engines)
deleted by creator
We need a backup for GPS. LORAN should never have been shut down.
I can’t see how omega and similar were not just as susceptible to this type of attack. Active outside in positioning almost always has this vulnerability.
Yet another reason to avoid the middle east
I’ve got an idea, how bout stop using the same technology from 20 years ago?
Huh what do you propose then, go back to the 1960s and ensure they are only using VOR and DME ground equipment. There isn’t a check sum to check on GPS/GNSS it just a bunch of satellites broadcasting what they think is the correct time. If you jam those and replace them with signals close enough but wrong values you can trick the math that’s used inside the GPS/GNSS receiver that computes the the position (and velocity), and it looks like this signal can be introduced slow enough to trick the receiver in real-world applications. One trick to protect yourself is to ensure the signals you receive are from the direction you expect but we aren’t going to attach directional antennas on every face of a civilian aircraft, to ensure the strongest signal is from the top of the plane and not the bottom. Essentially civil navigation equipment isn’t supposed to be messed with and if it is authorities are supposed to go over and arrest and fine the idiots doing things over the radio they shouldnt. When the bad guy is a government well yea I guess that plan doesn’t work and governing bodies such as ICAO should impose penalties like no commerical aircraft from companies from those countries are not allowed elsewhere.
Something that sounds like a production flaw to me is how the IRS gets corrupted. Sadly the article did not go too much into detail, but gyroscopes and accelerometers should not be affected by GPS data. Sure, if they do not sync up with current data, error propagation becomes a problem - especially on long flights. But i reckon gradually depreciating data is better than maliciously wrong data.
The article mentioned, that large plains have 2 GPS receivers. The spooving seems less traditional (sending wrong data with more power), but more sending a lot of incomplete data to confuse the receiver. This should introduce a desynchronization of the two receivers present, and alert the internal systems. Since it is detected, that something went wrong with the GPS, the 3 IRS can calculate the position from recorded data. This is a fallback and accuracy will depreciate. But if the pilot is aware it could still be valuable information. Additionally it is more scalable than air traffic control having to navigate affected planes.
What about GLONASS, Galilleo, or BDS? Are they all being equally jammed? Why wouldn’t they sync with all of them and use a consensus to determine accuracy? Like having multiple ntp servers.
The latest generations of gnss receivers have spoofing and jamming mitigation and detection features included with the chip, and multi-band rx technology to sync to more constellations simultaneously and do exactly what you’re talking about. Before then, the spoofing/jamming detection would likely need a software implementation after the receiver. There are different types of spoofing/jamming, all of which are detected and mitigated in different ways.
I don’t know the commercial aircraft industry standards for updating technology, but I wouldn’t be surprised if most commercial aircraft don’t have what you’re talking about.
This sounds rather dangerous. GPS was originally opened up to civilian use for the purpose of keeping flights on course, after the disaster of Korean Air Flight 007 straying into Soviet airspace and being shot down back in the 1980s.
I can’t understand what is to be gained by deliberately trying to knock civilian airliners off course.
Holy shit, that really happened? Just finished watching “For All Mankind” and recognized some events, but had no idea this one was real.
Do none of the systems, GPS, glonass etc. use encryption or authentication of any form?
The problem is with the way GPS works. Your device gets telemetry from the satellites. A fake signal can screw up the whole system.
But if they had authentication you would know that the message doesn’t come from a legitimate satélite.
you can’t have authentication in a one way system. satellites send days, planes receive it, but never send anything.
You can have a digital signature, so the recievers know it’s legit
yes of course, but that isn’t authentication.
Playing with semantics a little, it can be thought of as the satellite authenticating with the client using the signature as password.
deleted by creator
You can’t copy a signature, since it is different every time the signed content is different. You need to have the correct key in order to make a valid signature.
If you’ve figured out how to do that, a lot of governments would pay you a lot of money for your solution
Yes Galileo supports encryption. But as far as I know it’s not in use. Has been trialled only. But I know all Airbus aircraft only support GPS satellites and nothing else (yet). I assume Boeing, being American would be the same then.
As far as solutions go, an aircraft can navigate fine without GPS. It can update its position from ground navigation aids and if they are not available it can still Dead Reckon very well. The navigation error very slowly grows until it’s out of the black spot and can use GPS or navigation aid to increase its accuracy. But this navigation error on the time frame of say an hour is a matter of kilometers at most, not dozens.
Nope. And more importantly, it looks like nobody considered what might happen if the signal gets spoofed. The backup systems that are supposed to keep working if GPS breaks also break due to these spoofed signals.
GPS is encrypted, it’s just that the US military won’t share the encryption keys so the rest of us have to use the unencrypted channels. They’ve clearly thought about it and decided against making it public.
If they shared the encryption keys, then it wouldn’t be safe from spoofing anymore. The whole point of encryption is to not share the keys.
Also, before someone tries to point out PKI, the satellites don’t use PKI. So that’s not relevant. You can’t share the current keys without jeopardizing the system.
PKI? I assume you mean asymmetric encryption? That’s been available long before the GPS system was launched. Why do you think it isn’t relevant? They could have designed it into the protocol if they wanted to.
The military didn’t design it for civilian use. That’s really all there is to it. The commenter I was replying to made it sound like theres an easy solution here. There isn’t.
I’m the commenter you originally replied to. If the US military wanted unspoofable GPS available to everyone then it would be available to everyone. They only want the public to have unencrypted GPS, so that’s all we get.
The military is as concerned with civilian gps as much as they are with anything else that isn’t military-related: not their issue to solve. They won’t stop anyone from using encrypted gps. They really won’t. The only branch in the us that actively tries to prevent public encryption is the NSA. (Even then, they wouldn’t block something like gps). For the record, I’m a security engineer (DDI, private sector), previously worked for the DOD, and used to work in satcom.
Removed by mod
I generally don’t believe in an isolationist American policy except for Israel. They always drag us into stupid shit like this.
Easy solution: homing rockets that seek out the strongest signal using that band. Whitelist the sources that are official and proper.
GPS is passive so the rockets won’t go for the plane… it’ll go for the transmission tower.
Use less destructive devices if you’d rather risk sending humans to do the job.
It’s called a HARM, Homing Anti Radiation Missile.
boosting the stereotype
Nobody knows what to do?
How they did between 1890 and 1980? Maybe with paper maps and their eyes? It needs investigating!
