[time-nuts] Ships fooled in GPS spoofing attack suggest Russian cyberweapon

Bob kb8tq kb8tq at n1k.org
Mon Aug 14 13:42:00 EDT 2017


> On Aug 14, 2017, at 11:38 AM, Clint Jay <cjaysharp at gmail.com> wrote:
> All very true and yes, for a capable programmer and hardware tech it's not
> going to be an impossible task.
> I would still expect a turnkey solution to exist though as I can see many
> applications for not just state actors.

There have been multiple “turn key” solutions out there for at least 10 years now.
It’s a bit like buying a couple hundred pounds of heroin. You just need to know 
where to shop ….


> On 14 Aug 2017 4:32 pm, "Attila Kinali" <attila at kinali.ch> wrote:
>> On Mon, 14 Aug 2017 10:26:13 +0100
>> Clint Jay <cjaysharp at gmail.com> wrote:
>>> That it can "so easily" be spoofed (it's not a trivial hack to spoof and
>>> would, as far as I can see, take good knowledge of how GPS works and
>> skill
>>> to implement) is worrying and it could have disastrous consequences if
>>> anyone decided to use it for malicious means but I'd be surprised if
>> there
>>> wasn't a turnkey solution available to anyone who has the funds.
>> You don't need a turnkey solution. If you start from zero and are working
>> alone, it probably will take you a month or two to write the code to spoof
>> GPS L1 C/A. If you start from one of the GnuRadio based GPS simulators,
>> you can do it in a weekend.
>> If you want to spoof L2C and L5 as well and also Galileo OS E1/E5,
>> it will take a bit longer, but not that much, as 90% of the code shared.
>> Not only is this very simple. All the documentation you need is readily
>> available and packaged such, that you don't need to know anything about
>> GNSS systems before you start and it will not slow you down significantly.
>> (e.g. Pick up the book from Hegarty and Kaplan and you can just write
>> the code as you read it).
>> The most difficult part of this is not creating the signals, but figuring
>> out a way what PRN's and fake position to choose, such that the tracking
>> loop of the target doesn't go completely bonkers and needs to do a
>> re-aquisition on all signals. But even that is not that difficult, if
>> you have some estimate of the target's location. Or you can simply not
>> care about it, if you have a slow moving target, like a car or a ship,
>> as the re-aquisition will take less than a minute.
>> There have been discussions on adding authentication to GNSS services
>> for quite some time (at least 10 years, probably longer). And it
>> culminated in the CS and PRS services of Galileo. I.e. they are a
>> restricted and/or paid-for service. I am pretty sure that this will
>> change at some point and the OS serivces (including the free services
>> of GPS) will provide some basic authentication system as well.
>> In the meantime, people who rely on GNSS heavily have monitoring
>> facilites that check the on air signals for degradation or spoofing.
>> As this requires multiple monitoring stations over the whole area
>> covered, to ensure that no spoofing or jamming attempt goes unnoticed,
>> this is rather expensive. The only use of this kind of system, that I
>> am aware of, are airports. And yes, this is not fool-proof. A narrow
>> beam spoofer pointed at some airplane will go unoticed, as all the
>> monitoring stations are on the ground.
>>                                Attila Kinali
>> --
>> It is upon moral qualities that a society is ultimately founded. All
>> the prosperity and technological sophistication in the world is of no
>> use without that foundation.
>>                 -- Miss Matheson, The Diamond Age, Neil Stephenson
>> _______________________________________________
>> time-nuts mailing list -- time-nuts at febo.com
>> To unsubscribe, go to https://www.febo.com/cgi-bin/
>> mailman/listinfo/time-nuts
>> and follow the instructions there.
> _______________________________________________
> time-nuts mailing list -- time-nuts at febo.com
> To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts
> and follow the instructions there.

More information about the time-nuts mailing list