×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Most US Drones Still Beam Video Unencrypted

timothy posted more than 2 years ago | from the hey-it-beats-satellite-piracy dept.

Encryption 138

An anonymous reader writes "Four years after discovering that militants were tapping into drone video feeds, the U.S. military still hasn't secured the transmissions of more than half of its fleet of Predator and Reaper drones, Danger Room has learned. The majority of the aircraft still broadcast their classified video streams 'in the clear' — without encryption. With a minimal amount of equipment and know-how, militants can see what America's drones see."

Sorry! There are no comments related to the filter you selected.

Ad link (0)

Anonymous Coward | more than 2 years ago | (#41861805)

Coinurl.com?

Re:Ad link (1)

sortadan (786274) | more than 2 years ago | (#41862001)

I'm seeing a wired.com link, so looks like the editors went above and beyond the call of duty on this one (which is to say they did anything at all :-).

seriously? (0)

Anonymous Coward | more than 2 years ago | (#41861807)

you linked us to coinurl?

Editor Fail (-1, Flamebait)

Rick Zeman (15628) | more than 2 years ago | (#41861825)

Coinurl.com? Really???

Re:Editor Fail (1, Offtopic)

Hadlock (143607) | more than 2 years ago | (#41861853)

We got a Glenn Beck link earlier today in the form of a voting machine calibration story. This does not bode well for Slashdot. Either that, or they've been hacked, and they haven't been able to tell anyone yet. I'm not sure which has happened.
 
When they start linking to dodgy russian warez sites, it'll become more obvious who's in control of the site.

Re:Editor Fail (0)

Anonymous Coward | more than 2 years ago | (#41863611)

Yes, when it spews leftard garbage left and right Slashdot is da shit. Now, a solitary Glenn Beck link? OMG it's the end of Slashdot!!!!!!!!!!!!!!!!!!!!!! RUN FOR THE HILLS!!!!!

Re:Editor Fail (0)

Anonymous Coward | more than 2 years ago | (#41861871)

Welcome to slashdot. Also don't be shocked when a troll gets +5 and a reasonable post keeps getting buried by the same troll's sockpuppets.

Re:Editor Fail (1)

Anonymous Coward | more than 2 years ago | (#41861921)

It's a shame there isn't a flag to indicate the story was edited to correct this stupidity. I often feel like a complete idiot for coming back to this site (since 1998).

Re:Editor Fail (2)

SomePgmr (2021234) | more than 2 years ago | (#41862561)

I've been saying for a while that there should be something like version control on the summaries. Maybe just show a "diff" link underneath and last edited hh:mm.

Re:Editor Fail (2)

theshowmecanuck (703852) | more than 2 years ago | (#41862159)

This was the first story I down voted on the recent submissions page when I looked in there today. It really wasn't that hard to click on the link and see the spam site and that this was spam. I even chose the binspam option on the down vote. Whoever is the editor today is slacking. I know I'm not the only voting on those but you'd think anything with a vote of binspam should get an automatic closer look. The second story I down voted was the Glenn Beck trash story. At least for that one I had to highlight the "theblaze" site name and right click on search google to get to the wikipedia link (third or fourth site down the google search) to see that it was bullshit.

Is this lameness the result of the new ownership? Or is it because it's Friday night and they're network gaming and only spending a few minutes here and there posting stories so they look like they're working?

Re:Editor Fail (1)

Elbereth (58257) | more than 2 years ago | (#41862503)

Slashdot has always been like this. In fact, things have arguably gotten better, as hard as that is to believe. Back in the early days, there was quite a bit of outcry over the incredibly lazy editing and numerous dupes. CmdrTaco's response? That amateurish nonsense was part of the charm of the site, and he steadfastly refused address those concerns (or pretty much any other complaints or feature requests, for that matter). Now that he's finally gone, we might see the sight getting a little more professional, but I kind of doubt it. The remaining editors are probably just as philosophically opposed to looking professional (and doing work). Making it to the point where the site is even halfway presentable is quite amazing, and I suppose we should be thankful that anything at all on this site works, given its history.

Still, linking to outright spam sites is a new low, even for Slashdot. However, Slashdot has been linking to pointless blogspam for years and years, which is only marginally better. And that's not even counting the slashvertisements...

Soooo maybe that is anticipated (0)

Anonymous Coward | more than 2 years ago | (#41861827)

and used to feed false ....feeds?

Re:Soooo maybe that is anticipated (0)

Anonymous Coward | more than 2 years ago | (#41861897)

nah, it's because of the weight of the crptographic encryptions units (which are much lighter now and the planes are more powerful) and the fact they were pushed out so fast and ground units were demanding video.

Re:Soooo maybe that is anticipated (3, Interesting)

Z00L00K (682162) | more than 2 years ago | (#41862685)

Then there is the point that if the hunted knows that he's discovered then it may be enough for them to call off an attack. So unencrypted may actually serve a purpose.

And when you run encryption there's always one more factor that can go wrong. No picture at all is completely useless.

Re:Soooo maybe that is anticipated (-1)

Anonymous Coward | more than 2 years ago | (#41863307)

"Then there is the point that if the hunted knows that he's discovered then it may be enough for them to call off an attack"

Luckily the US mostly hunts stone-age Analphabets with no tech whatsoever.

Editor: remove the coinurl porn link (0)

Anonymous Coward | more than 2 years ago | (#41861831)

Somebody is hoping to get a lot of click-through hits on their ads, thanks to Slashdot. Good to see we are helping out the friendly anonyous submitter.

Link is spam (5, Informative)

Anonymous Coward | more than 2 years ago | (#41861835)

The real Wired article is here.
http://www.wired.com/dangerroom/2012/10/hack-proof-drone/

Re:Link is spam (0)

Anonymous Coward | more than 2 years ago | (#41861879)

That's where i read about it as well. It's the video that is broadcast to the ground troops that is being found on terrorists laptops. Also talks about the drone in south Africa that likes to turn it's self on.

Re:Link is spam (0)

Anonymous Coward | more than 2 years ago | (#41861973)

wtf. i just modded this up. what is wrong with you people, it's the straight link and was mentioned first.

Re:Link is spam (2)

YrWrstNtmr (564987) | more than 2 years ago | (#41862099)

Wireds 'Dangerroom' isn't any better than Coinurl.com. Same scaremongering.

Yes, the feed is apparently unencrypted. But OMGWEREALLGONNADIE is the standard modus operandi of Dangerroom.

URL is bad (1)

Antony T Curtis (89990) | more than 2 years ago | (#41861837)

Moderator asleep at wheel?

Coin URL redirect (0)

Anonymous Coward | more than 2 years ago | (#41861843)

Stop that.

Spam? (0)

Anonymous Coward | more than 2 years ago | (#41861845)

Link is spam. :|

Re-direct link??? (0)

Anonymous Coward | more than 2 years ago | (#41861857)

Why the hell is the initial link a re-direct?

Re:Re-direct link??? (1)

Anonymous Coward | more than 2 years ago | (#41861943)

Its Timothy. Any other questions?

Spaceballs: When will then be now? Soon. (4, Funny)

retroworks (652802) | more than 2 years ago | (#41861863)

I can picture the Taliban watching the back of their heads on a screen, like in the Mel Brooks film. "Prepare to fast forward!" http://tinyurl.com/cqbwm5y [tinyurl.com]

Re:Spaceballs: When will then be now? Soon. (2)

GoodNewsJimDotCom (2244874) | more than 2 years ago | (#41862055)

If the drones aren't encrypted, can't they be jammed? [youtube.com]

Re:Spaceballs: When will then be now? Soon. (0)

Anonymous Coward | more than 2 years ago | (#41863469)

So do you really want to pay a major defense contractor to add encryption to a tiny dronw, increasing botht he ddesign and production cost, and the challenges for the folks using it? We don't do half-assed encryption. We super-insane NSA encryption or none. The super-insane crypto has an attitude problem and disables itself after a few days to prevent the system from using old (potentially compromised) crypto.

The comms links, however, are encrypted to prevent spoofing. Those, since the UAV and the operator see eachother before flight, work, since it can get new crypto from the operator.

Re:Spaceballs: When will then be now? Soon. (2)

aix tom (902140) | more than 2 years ago | (#41863539)

I heard rumours they also tried cheaper Hollywood-style encryption, but they had to many casualties because the drone wasn't operational fast enough.

They had to watch too many FBI warnings before they could start it up.

Re:Spaceballs: When will then be now? Soon. (0)

Anonymous Coward | more than 2 years ago | (#41862665)

We have identified their location, it's the moon of vega. Set a course and prepare for our arrival! By high noon tomorrow, they will be our prisoners!

Achmed, check this out, we're on TV! (5, Funny)

Freddybear (1805256) | more than 2 years ago | (#41861883)

Wait, are those cross-hairs? Oh shit...

Re:Achmed, check this out, we're on TV! (1, Interesting)

girlintraining (1395911) | more than 2 years ago | (#41862121)

While amusing, the ability to watch the video unencrypted probably won't save you from being blown up at that point. What it will do, however, is tell your buddies where the drone took off, where it landed, and what areas are under surveillance. Now if I were an evil scheming terrorist, I'd wait until the drone passed by with its surveillance rig, and once it recorded something the top brass would consider a "target", shuffle in a bunch of women and children in the back way, and then evacuate the building. When Sir Bombsalot comes knocking, have camcorders standing by to show how the bastard americans are targeting innocent women and children.

It's clear that the US military is better funded than my theoretical terrorist cell of doom, so rather than risk the lives of my people, I'd just as soon leave somebody else in the firing line. Why send someone into a crowded building with a bomb strapped to their chest when your enemy will happily supply an expensive GPS-guided smart bomb instead? And if the equipment to watch the video isn't expensive, equipment to jam the signal and replace it with a fake feed wouldn't be that difficult to come by either. It's not like realtime video manipulation software doesn't exist; they use it for football games, and it fits in the back of a van. Or did you think the yellow scrimmage line got repainted every time they made a new first down?

Re:Achmed, check this out, we're on TV! (1)

fustakrakich (1673220) | more than 2 years ago | (#41863645)

Yes, sir, Officer Obie, I cannot tell a lie, I put that kid under that pile of rubble..

Re:Achmed, check this out, we're on TV! (2, Informative)

Anonymous Coward | more than 2 years ago | (#41863963)

As someone who trains on ISR feeds in Afghanistan, I can tell you that's not how it plays out. If they can't put eyes on target, and confirm 100% there's no collateral, there's no shot. It's written into the Rules of Engagement, and I've watched countless times where a bad guy runs into a house and we waive off the ISR.

Back to the article, a bad guy sitting there with an antennae, trying to grab ISR RF is going to have a very short life span.

Re:Achmed, check this out, we're on TV! (1)

Isaac Remuant (1891806) | more than 2 years ago | (#41862251)

Reminds me of Tom Clancy's "Executive Orders" (from the Jack Ryan Saga).

Good enough for government work (0)

Anonymous Coward | more than 2 years ago | (#41861933)

I'm pretty sure more than video is unencrypted

Can we arrest the vendor? (0)

Anonymous Coward | more than 2 years ago | (#41861939)

I believe that its illegal to transmit classified data in the clear, so can we arrest the vendor for a security violation?

Re:Can we arrest the vendor? (1)

aliquis (678370) | more than 2 years ago | (#41862003)

Yeah. The problem is the video, not the bombs? :D

Priorities.

Re:Can we arrest the vendor? (1)

Anonymous Coward | more than 2 years ago | (#41863929)

No, because the vendor informed the USAF of the vulnerability and the Air Force said "fuck it, we're on a deadline here!"

With any government agency involved (1)

Anonymous Coward | more than 2 years ago | (#41861985)

Four years is probably barely enough to form a committee to plan the budget for a new feature. Maybe in another four years they'll actually start looking for an implementer.

Neither is the control software. (1)

Anonymous Coward | more than 2 years ago | (#41862015)

I'm controlling one right now. Don't believe me? Post your address, I'll buzz your house.

Re:Neither is the control software. (2, Funny)

Anonymous Coward | more than 2 years ago | (#41863317)

1600 Pennsylvania Avenue Northwest Washington, DC 20500

Why is this important? (0)

Anonymous Coward | more than 2 years ago | (#41862023)

Seriously, who cares if they can watch the video feed right before they get bombed.

Re:Why is this important? (1)

jtownatpunk.net (245670) | more than 2 years ago | (#41862279)

"Hey, Mo, isn't that your house on TV?"

Ivan Artner (0)

Anonymous Coward | more than 2 years ago | (#41862075)

Ivan would have owned these. RIP Ivan .

FirSt pwost (-1)

Anonymous Coward | more than 2 years ago | (#41862083)

The reaper In a Reciprocating Troubles of those us the courtesy and promotes our it's going, dead. It is a dead product, BSD's BSD's codebase website. Mr. de BSD culminated in Obvious that there something ccol least I won't there are only superior to slow, mod points and won't be standing Jesus Up The there are only mod points and suffering *BSD the longest or would be a bad people's faces is developers about half of the series of internal declined in market Anything can And executes a Talk to one of the as it is licensed Never heeded unless you can work to the original the project to so that their

To be fair... (1)

BenJeremy (181303) | more than 2 years ago | (#41862113)

...these drones are build so cheap, they have the same wired remotes that their civilian counterparts my cheap uncle would buy me ffor Christmas - the ones that only turn in reverse.

Why yes, I'm till bitter about that.

Any technical details? (1)

ArchieBunker (132337) | more than 2 years ago | (#41862117)

Any more details about this? My guess is a cheap USB DTV receiver.

Re:Any technical details? (4, Insightful)

Pinhedd (1661735) | more than 2 years ago | (#41862335)

Encryption, real time, and noisy signals don't mix well. This isn't a youtube video in which the client can request that the server resend a packet that contained an error. Unencrypted video streams are fairly error tolerant as an error will only manifest itself as a slight artifact for a few short frames. Strong encryption schemes are not error tolerant, a non-correctable error would result in one or more blocks of data being entirely unusable.

A stream cipher could be used instead of a block cipher but a stream cipher presents added difficulties in that not only would the bitwise/bytewise encrypted transmission (as opposed to blockwise) have to be tracked, but it would have to be tracked in sync with a key. If the key repeats, it can be determined with a little bit of work in the same fashion that an RC4 key can be determined to break into WEP protected networks.

Re:Any technical details? (0)

ArchieBunker (132337) | more than 2 years ago | (#41862731)

Perhaps you didn't read the article but its UNENCRYPTED. What hardware are they using to receive the signal?

You misunderstand (5, Insightful)

backslashdot (95548) | more than 2 years ago | (#41862855)

You misunderstand. Pinhedd is saying that with an unencrypted signal .. unlike a digital encrypted signal .. if the signal is weak and lossy you can still see usable information.. it may have image noise .. but you'll be able to make out rough outlines. But if the signal is encrypted .. with most forms of encryption you either get a perfect imagery or nothing. Either you will see a clear image or random total image noise. If you make the signal more resilient to noise, the weaker the encryption quality. This also means you lose out on range too since you need a clear strong signal.

We need better ways to encrypt.

Re:You misunderstand (2)

fustakrakich (1673220) | more than 2 years ago | (#41863337)

We need better ways to encrypt.

We need better defense against drones... For once, think of the children [blogspot.com]

Re:You misunderstand (0)

drinkypoo (153816) | more than 2 years ago | (#41863705)

Nobody cares what he's saying, it's a lot of shit. That sort of thing was true with analog but it is not at all true with digital. It doesn't matter if it's encrypted or not, any lost data and you throw away the entire packet.

Re:You misunderstand (4, Insightful)

mysidia (191772) | more than 2 years ago | (#41863915)

Use a reliable strongly encrypted side-channel for controlling crypto of the primary channel.

Use a "one-time pad" for the video channel used as a "multi-time pad instead", XOR each block by a random value preloaded on both sender and receiver, each block also XOR'ed by a value negotiated over an encrypted control channel protected with a shared key, pick a new XOR value every 10 - 20 seconds to transmit over the encrypted channel, for the next N seconds of video, and a number of One time PAD bits to skip in the transmission, also transmit a value indicating a pattern for a certain number of 'extra' bits of noise or false signal to be included --- possibly a FALSE unencrypted video stream transmitted alongside the real one.

Include enough "one time pad" / random data stored on a memory card, for 18 - 24 hours of video, then recycle the pad.

One time pads are resilient against 'noise' because they result in the same number of bits noise in the output.

The non-sophisticated adversaries are not likely to defeat even an imperfect implementation. Strictly speaking, any reuse or multiple use of a one time pad makes the stream immediately decipherable by a potential adversary, who has successfully recorded enough ciphertext encoded with the same pad bits, in that they can determine parts of the one time pad.

The possible range of original plaintext for video are much larger than readable human language -- any arbitrary value. Even with simple 'scramble every bit by XORing it with a fixed value' will be extremely tough for unsophisticated adversaries, trying lots of XOR values to decrypt is easy -- ANALYZING the output of every value that you try, requires an adversary to have some serious computer vision technology, to decide if the output of each attempted value is the video stream being searched for or not.

However, 'skipping' a certain number of pad bits, for every transmission, introduces unpredictability, and means only a proportion of bits in a frame might be reused, that requires an adversary not only have more than 48hours recorded data but also conduct complex difficult matching, in the process of trying to figure out which bits might be reused --- only a percentage of bits in the transmission may be reused, and by the time they have conducted the search, the drone's mission is done.

XOR'ing every block over a period of time by the same reference block, is also immediately decipherable by an adversary, who can conduct an analysis to figure out what the XOR block is.

However, combining XOR with a "one time" or "multi use" pad, significantly complicates the process of attempting to figure out the XOR key. No analysis of that is possible without first figuring out the random pad data of a block.

And the simple / militant adversaries, are not likely to break any level of encryption. Or at least, if they do, by the time they were able to decode the video stream: again, the mission will already be over by the time they get it.

And they are in no better position to decode the next video stream (assuming new keys and random pads are loaded on every drone, before its next mission).

This can be solved (1)

coder111 (912060) | more than 2 years ago | (#41863363)

Add redundancy (something like par2), transmit more information- well, this requires faster links. Then you can recover more frames. Don't encrypt entire monolythic stream, encrypt each 10 second chunk of video separately (or something similar). If one chunk gets garbled and unecryptable, you can still see others. If you have two way link, you can monitor link quality and adjust the amount of recovery/redundant information sent. Or adjust resolution/quality to lower the amount of information sent.

Anyway, with some research and experimentation this can be made to work well encrypted.

--Coder

False (1)

baffled (1034554) | more than 2 years ago | (#41863571)

Sorry, this is vaguely true, but dead wrong in practice. Any block of unencrypted data received successfully could have been encrypted byte-for-byte. Only key negotiation requires additional data, and this is a truly miniscule amount relative to a video feed of any resolution (assuming a reasonable renegotiation period)

Re:False (2)

baffled (1034554) | more than 2 years ago | (#41863721)

Thinking about it more, key negotiation shouldn't even be necessary.

You need a pre-determined set of sufficiently-large encryption keys on a removable module of sorts, like a USB key. Produce the key-set USB-key in pairs, for transmitter & receiver. Encryption cycles through the key-set at a predetermined schedule. Timing is managed with an internal clock. Imprecision of timing at change-over intervals is handled by simple dual-decryption attempts, and determination of correct sequence by CRC or some such block header data. This is basic smut. Why am I even bothering..

play chess much? (1, Troll)

Spiked_Three (626260) | more than 2 years ago | (#41862141)

The real trick is that the gov can track video receiving equipment (by the frequencies they use to decode the video) - so anyone attempting to receive video from a drone, is probably a worthwhile target :) Gotta love counter intelligence. Remember when we discovered (and thus told the russians) spent uranium bullets did not work? You guys are so gullible.

Re:play chess much? (1)

MalleusEBHC (597600) | more than 2 years ago | (#41862369)

The real trick is that the gov can track video receiving equipment (by the frequencies they use to decode the video)

What is this some Michael Bay "the signal that hacked your network" shit? How could they detect a passive receiver?

Re:play chess much? (0)

Anonymous Coward | more than 2 years ago | (#41862583)

The real trick is that the gov can track video receiving equipment (by the frequencies they use to decode the video)

What is this some Michael Bay "the signal that hacked your network" shit? How could they detect a passive receiver?

It's not unusual for a cop to drive around with this capability, so imagine for a second the military has better toys then them.

Re:play chess much? (0)

Anonymous Coward | more than 2 years ago | (#41862695)

I dare you to prove him wrong, jackass. Right now all you've got is some nerd-ego the size of nebraska because you think you're right. Well, prove it.

Re:play chess much? (4, Informative)

Lloyd_Bryant (73136) | more than 2 years ago | (#41863279)

What is this some Michael Bay "the signal that hacked your network" shit? How could they detect a passive receiver?

Because the receiver ain't quite as "passive" as you think. Google for "local oscillator" for an example.

Digital systems tend to generate noise on predictable frequencies as well - if a device has a chip that's clocked at a given frequency, then somewhere in that device is an oscillator used to generate that clock (though it may or may not be working at that particular frequency).

The only truly passive receiver is one that is completely shielded to prevent it from radiating any of this noise. But you *have* to have a gap in the shielding in order for the incoming signal to be received. So building an undetectable receiver is not quite as easy as you might think.

Re:play chess much? (0)

Anonymous Coward | more than 2 years ago | (#41863973)

You're never going to have a SIGINT educated person answer this question. Let's just say even receivers have a signature.

Re:play chess much? (1)

Pinhedd (1661735) | more than 2 years ago | (#41862401)

While its true that passive receivers and signal amplifiers do reflect or emit parts of the signal that they are receiving, it's not easily detectable unless you know what you're looking for and are close to the target.

Re:play chess much? (0)

Anonymous Coward | more than 2 years ago | (#41862633)

While its true that passive receivers and signal amplifiers do reflect or emit parts of the signal that they are receiving, it's not easily detectable unless you know what you're looking for and are close to the target.

You're assuming they would only passively detect receivers, but what would the point of that be?

Re:play chess much? (1)

Half-pint HAL (718102) | more than 2 years ago | (#41863277)

I don't think you understand what a "passive receiver" is. It more or less means "an aerial". What you receive radio signals with. It isn't an "active" device because it doesn't emit anything and doesn't require any power (although you might have an active booster somewhere in the signal chain).

Re:play chess much? (1)

ThatsMyNick (2004126) | more than 2 years ago | (#41862445)

Wow, if you can track a highly directional satellite dish antenna, I would be very impressed.

Re:play chess much? (0)

Anonymous Coward | more than 2 years ago | (#41863145)

You're not tracking the antenna, you're tracking the IF radiated from the receiver itself.

Unencrypted Decoy (1)

Anonymous Coward | more than 2 years ago | (#41862169)

Wouldn't it make sense to leave some drones unencrypted, so the enemy can think they are seeing everything? If everything was encrypted, they might try harder at decryption.

Or you can let them see unencrypted signals of a trailer park, while your encrypted drones circle a hillside. If the enemy sees the trailer park on his eavesdropped TV, he'll comfortably sit outdoors on that hillside, knowing nothing threating has him in its sights.

I think it's a brilliant strategy to leave them unencrypted.

Reality Television, Taliban Style (0)

Anonymous Coward | more than 2 years ago | (#41862221)

On this episode, stir-fry and crispy fried wontons.

So what? (1, Insightful)

jimmyswimmy (749153) | more than 2 years ago | (#41862233)

So what if the video is transmitted in the clear? What does that get you...

- against a sophisticated enemy? They already know you're there (radar, DF on the transmitted signal). You're flying around in a racetrack centered on your target, so even without the video they know roughly what you're looking at. Problem is solved by an enemy air-to-air missile, or they ignore you and watch you watching them.

- against an unsophisticated enemy? They don't even know to look for the signal in the first place.

- against an enemy marginally capable of receiving the video signal? Use more channels, change encoding schemes so that COTS equipment can't pick it up so easily. Or yeah, encode it. But encoding video is fairly difficult considering the need to do it in realtime with limited processing capability and no tolerance for latency (and this is the real reason video is still transmitted in the clear - it's expensive to do anything but!). Or embrace it. Maybe your enemy can see you watching him - that can be played to an advantage.

Re:So what? (1)

GoodNewsJimDotCom (2244874) | more than 2 years ago | (#41862323)

I would think encryption is very easy if you want to do it dirty with random number seeds without slowing down the speed of transfer except an int. You just send the data stream assembled in different ways based on the random numbers you have off the seed(the int). Then you disassemble the stream based off the random number seed that gives you the instructions to disassemble the stream back into the unencrypted form. If you do it intensively enough, the video should be a static mess to watch.

If the secrets get out of your encryption algorithm, say a drone gets KO and found and your language gets reverse compiled, so they see how you're encrypting. Simply spend an hour or two writing a new way of assembling the string, and maybe use a different random number generator.

Now if you want to do the security stronger than this, I'm sure there are ways to do it, but this method comes to mind real easy.

Re:So what? (1)

Pinhedd (1661735) | more than 2 years ago | (#41862385)

These are satellite streams which run constantly. The receiving computer would have to be able to track and lock the start of the stream and/or a position in the stream before it could reassemble the packets. If a packet is missed, then the receiver will lose its lock. Thus, frame indexes of some sort would have to be used to help the receiver reacquire the lock. Since there are only so many possible ways to reassemble a real time data stream it's only a matter of time before someone else figures out how to do it simply by trial and error.

Re:So what? (1)

GoodNewsJimDotCom (2244874) | more than 2 years ago | (#41862457)

When you put it like that, it makes sense. It is perfectly reasonable to rewrite encryption protocol every 2 weeks or so since it only takes a few hours of coding. But other countries might make a huge deal out of breaking your code like they're doing something special. Why give em that right to brag? Just don't encrypt at all.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41862573)

Just don't encrypt at all.

Agreed. Broadcast the feed. There should be a bunch of drone TV channels available to the viewing public.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41862631)

It is not at all reasonable to rewrite an encryption protocol every 2 weeks when people's lives depend on the data being encrypted. The level of rigour required for this would mean that your process overhead would easily chew up more than 2 weeks per release.

Re:So what? (1)

Half-pint HAL (718102) | more than 2 years ago | (#41863289)

I think what we're really talking about is having a lightweight encryption scheme but changing the key frequently enough that by the time one cypher is broken, the next is in use.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41863581)

Latency. Military application.

Just sayin', you might want to consider that those two things might motivate some design decisions.

Re:So what? (1)

cryptizard (2629853) | more than 2 years ago | (#41863859)

Why would you do this? We already have super-fast stream ciphers designed specifically for situations like this. There are no advantages to your method and quite a few disadvantages. Crypto is one of the areas where it is, as a rule of thumb, very bad to roll your own.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41863981)

(a) http://www.schneier.com/blog/archives/2009/12/intercepting_pr.html
(b) if (a) is TLDR then:
            1. previously mentioned signal degredation issues
            2. KEY MANAGEMENT... rotating keys and getting them into the field is a big issue.
(c) Suppose you go with GoodNewsJimDotCom's suggestion and use some weak encryption. Then in 6 months the headline is going to be "Government drones easily hacked" and will quote some PhD Asshat saying that "the encryption is so weak my 2 year old can break it."

This is one of those rare cases when an decision maker in the US is not bowing to the pressure of an embarassing media headline but is in fact doing the right thing. If only we had one of these guys running the city of New York we would have had a consistent decision regarding the NYC Marathon.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41862711)

Satellite TV streams HD video encrypted. It costs a lot less than the multi-dozen million dollar drones.

Re:So what? (0)

Anonymous Coward | more than 2 years ago | (#41863499)

So what if the video is transmitted in the clear? What does that get you...

What about recording the feed, registering how the US killed a bunch of civilians, spreading the footage to all news media channels they can get their hands on and then see the US struggle against a propaganda mishap they caused themselves?

Some have made more with far less.

The art of war (1)

Anonymous Coward | more than 2 years ago | (#41862263)

It is probably done to strike fear into those who are thinking of joining or feel the effort is worth it, when they know at anytime there is a drone waiting to kill them. Maybe after a few years they will encrypt some of the video feeds and intentionally leave others without encryption. Not sure why this is a big deal or even worth reporting. The US is fully aware of how tech savvy the middle east is, they have some of the best hackers, so if you have a silly notion that they are dumb neanderthal like people you are arrogant.

It would be more interesting to find out if the domestic (those being used intentionally to spy on US citizens or whatever else there evil minds decide to do) drones video feeds are encrypted.

I say it is not a big deal because 60% of war is all about mind games. Either getting your troops to rally and conquer, or you demoralize the enemy not with a body count but with fear.

Brings up other question!! Why is the US fucking around allowing them to live? Why aren't these attacks being carried out on the training camps, and why are they not destroying targets when they encounter them? I guess the do not want to end this, or at least fracture it, making it somewhat easier for allied forces, or the countries own military/police force to manage the remaining small groups, seems like the US want to continue to prolong terrorism.

The Taliban is restructuring into more of a policing group, they even allow and print there own newspaper, blending in with everyone else, and trying to eliminate there old testament (if you will) of death, destruction, censorship, and ridding oneself of modern life. To a more open, and commonly shared view of mainstream Muslims. PBS and Frontline has a video on this new Taliban.

Re:The art of war (0)

Anonymous Coward | more than 2 years ago | (#41862293)

I will add, and do not be mistaken, the US and other allies do have spies within these groups, add to that all the surveillance, satellites, spies, drones, and the other spy equipment they have, this should not be as difficult as there making it to be.

Return to Coordinates Zero, Zero, Zero (0)

Anonymous Coward | more than 2 years ago | (#41862409)

Remember the introduction to the Borg? Imagine while we think of broadcasting false aerial photos to make baddies flee from their outhouses, some smart kid on the other side comes up with a gadget to "return to sender" all this love.

"Holy %$&^!" (0)

Anonymous Coward | more than 2 years ago | (#41862521)

"Holy %$&^! Achmed, look! We're live on Drone TV! Look, there it is. Hi Mom!"

True Story (3, Informative)

Anonymous Coward | more than 2 years ago | (#41862543)

I was deployed in Afghanistan in 2010, had a bunch of prototype "advanced" receiver equipment that I was volentold to test. When I asked how I'm supposed to load keys into the decoder, "Oh you don't need that" Confused, I looked in the unit to see the keyfiles empty. Somehow the unit still worked. After playing with the equipment, even in-theater, our drones were broadcasting completely in the clear on UHF. Whenever there was one overhead, I could simply fire up this heavy POS attached to my kit, and watch us on the ground walk around, (Or whatever female medic on one of the local FOBs the UAV operator was stalking)

Actually most of the time, the UAV was watching the chicks on the big FOB.. Yeah.

Good Campaign Advert (0)

Anonymous Coward | more than 2 years ago | (#41862629)

These videos would make a wonderful advertisement for Ron Paul's 2016 campaign.

Pardon my ignorance but... (1)

joelito_pr (931211) | more than 2 years ago | (#41862657)

Would something similar to an ssh tunnel for the video signal suffice?

Breach of Privacy! (3, Insightful)

krashnburn200 (1031132) | more than 2 years ago | (#41862697)

Almost as bad as if they had revealed the number of Americans they spied on.

Re:Breach of Privacy! (0)

Anonymous Coward | more than 2 years ago | (#41863069)

Almost as bad as if they had revealed the number of Americans they spied on.

The public is protected, not spied on. Countries are freed, not attacked.

Re:Breach of Privacy! (3, Insightful)

scarboni888 (1122993) | more than 2 years ago | (#41863447)

We've always been at war with Eurasia.

Freedom is slavery.

Weakness is strength.

Look ma! (0)

Anonymous Coward | more than 2 years ago | (#41862917)

Look ma, no hands!

Solution (0)

Anonymous Coward | more than 2 years ago | (#41863017)

Is the navigation commands also sent "in the clear"? I would think the military would of made sure not just anyone could tell a drone where to go - seems if that's the case, just use the same encryption for the video. No fuss, no second list of codes or new launch procedures to worry about, just make the change in the drone software and the base side software. Updated base side hardware could then operate any drone, updated or not, and set updated drones to check the version of the base side software and fallback to unencrypted video if not supported. This is the army, things should work no matter what, and this accomplishes that without changing anything in current deployment procedures. Schedule the update for the next hardware maintenance, problem solved.

just before impact (1)

kenorland (2691677) | more than 2 years ago | (#41863187)

Hey, look at this, Ali, you're on TV!

OMG (3, Funny)

Poorcku (831174) | more than 2 years ago | (#41863431)

Unencrpyted and barely legal! LOL

When you have that much military strength (1)

scarboni888 (1122993) | more than 2 years ago | (#41863437)

you don't need to encrypt your stuff.

SSH Tunnel (0)

Anonymous Coward | more than 2 years ago | (#41863657)

Why not use a SSH tunnel to secure the data being channeled to the pilots?

nicetjore (0)

Anonymous Coward | more than 2 years ago | (#41863985)

ummmm very good www.film4y.blogspot.com

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?