this post was submitted on 21 Jul 2023
219 points (96.6% liked)
Technology
59468 readers
4901 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What people don't understand is that satellies don't run traditional OS. They run simple state machine firmares and real-time software. Also, you don't interact with them with something like a command line and general shell commands. So even if a bug or vulnerability were to be found in some library, driver or firmware and it's far from a vector for attack.
A way more plausible way of gaining control is to attack the ground equipment. Anothr method will be learning the command and telemetry dictionary by careful observation of the communication (not trivial, but lets assume possible).
Now you have the problem of what to do with the control. The usual fanciful doomsday scenario is diverting the satellite to hit another one. this is extremely unlikely, manoeuvring satellites isn't like making a car take a turn, it take careful planning and execution. Even then it's not fast, the other satellite operator can see it coming and do a small manoeuver to be able to dodge. On top of all that, lots of nano and small satellites have a very limited propulsion system if at all.
The other alternative is to hurt it's ability to operate, which is a way more easy. But again, there are simpler and easier ways to that - mostly by jamming and disrupting communication.
In conclusion, not that I think cyber security in satellites shouldn't be a thing, but that article, based on an academic study of the code of 3 firmwares from amateur to research level small-sats, doesn't impress me much.
Are you speaking from first hand experience? I don't have experience with commercial satellites, but I can say from direct experience that scientific satellites and other spacecraft absolutely run a (real-time) traditional OS these days (and even a decade ago). That said, we do take serious measures to secure our vehicles. I don't think I want to say any more than that given the nature of the discussion.
I guess I wasn't clear, real time OS absolutely are in use (I just said real-time software). my point was that they aren't the same as what most people know and experience. attacking them isn't like attacking some random IoT device or "hacking" some random server or PC.
In my experience, people don't have a good idea of how satellites operate and articles like this one don't help.
btw, love your username!