this post was submitted on 23 Nov 2023
427 points (98.9% liked)

Technology

57918 readers
7061 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
427
Commercial Flights Are Experiencing 'Unthinkable' GPS Attacks and Nobody Knows What to Do (www.vice.com)
submitted 9 months ago by L4s to c/technology
123 comments fedilink hide all child comments
 

Commercial Flights Are Experiencing 'Unthinkable' GPS Attacks and Nobody Knows What to Do::New "spoofing" attacks resulting in total navigation failure have been occurring above the Middle East for months, which is "highly significant" for airline safety.

you are viewing a single comment's thread
view the rest of the comments
[–] nixcamic 19 points 9 months ago (25 children)

Do none of the systems, GPS, glonass etc. use encryption or authentication of any form?

[–] AreaKode 14 points 9 months ago (14 children)

The problem is with the way GPS works. Your device gets telemetry from the satellites. A fake signal can screw up the whole system.

[–] [email protected] 6 points 9 months ago (2 children)

But if they had authentication you would know that the message doesn't come from a legitimate satélite.

[–] [email protected] 8 points 9 months ago* (last edited 9 months ago) (1 children)

If their isn't then there's a big problem with implementing that now, which would require a retrofit of every single GPS system currently in use and likely a replacement of all GPS satellites

Edit: I'm slightly mistaken, the military uses encryption but they don't have that open for public use.

[–] [email protected] 2 points 9 months ago (3 children)

I would hope whoever designed the satellites had the foresight to allow remote software updates.

[–] [email protected] 7 points 9 months ago

They're talking about the millions of receivers around the world, not the satellites.

[–] [email protected] 2 points 9 months ago

Nah we just need a satellite mechanic astronaut

[–] x4740N 0 points 9 months ago

Software updates become useless if you hit hardware limitations

[–] [email protected] -2 points 9 months ago (1 children)

you can't have authentication in a one way system. satellites send days, planes receive it, but never send anything.

[–] [email protected] 6 points 9 months ago (2 children)

You can have a digital signature, so the recievers know it's legit

[–] [email protected] 1 points 9 months ago (1 children)

yes of course, but that isn't authentication.

[–] [email protected] 2 points 9 months ago

Playing with semantics a little, it can be thought of as the satellite authenticating with the client using the signature as password.

load more comments (11 replies)
load more comments (21 replies)