It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Originally posted by Laxpla
reply to post by _R4t_
Thanks for correcting me, I was basing my information off that forum and some tidbits I picked up along the way. I was inferring about the RQ-170 and Iran's original claim of "hacking" it. I was always under the impression that in order to mimic the controller input signals is to access the sat-com antenna which means you need proper signal coding, wavelength, and protocols, the "access" transmitter has to be above the antenna to be in the proper position. If it was so cut and dry I would suppose Iran would be able to do it again for another propaganda trophy.
Your background, Very cool, you're similar to my friend who is into computer security. He maintains a site called infiltrated.net, and a lot of information about the Flame malware, China and everything in between and could pertain to this thread a lot. Something you might enjoy reading as its up your ally!
...pretty much one could "record" the data sent off the satelites and playback the couple seconds before it makes a left turn or a right turn and fool it into doing it as long as you over power the orbital sats you should be fine...
Originally posted by OccamAssassin
reply to post by _R4t_
...pretty much one could "record" the data sent off the satelites and playback the couple seconds before it makes a left turn or a right turn and fool it into doing it as long as you over power the orbital sats you should be fine...
It doesn't work like that.
For starters, the sat' link is usually secondary to the AWACS' connection and secondly, the data link is encrypted with an algorithm. Henceforth, the signal will always change and can't be imitated without knowing the algorithm.
If you try and over-power the control signal, the drone will just switch to auto-pilot until a new encrypted connection can be established.
How do you think you hack a wifi to get the "encryption key"... first you gather some "already encrypted" packets then you play then back on repeat at insane speed to force the wifi AP to reply to you... by generating a stream of data you can pickup IV's at 100 times faster pace than you would on an AP that would have low traffic... Same principle.. you DONT have the encryption cypher but you can force a response from the device by fooling it with data that it will trust since even though its not "legit" data so to speak it has the proper cypher so it fools the device...
Originally posted by OccamAssassin
reply to post by _R4t_
How do you think you hack a wifi to get the "encryption key"... first you gather some "already encrypted" packets then you play then back on repeat at insane speed to force the wifi AP to reply to you... by generating a stream of data you can pickup IV's at 100 times faster pace than you would on an AP that would have low traffic... Same principle.. you DONT have the encryption cypher but you can force a response from the device by fooling it with data that it will trust since even though its not "legit" data so to speak it has the proper cypher so it fools the device...
What kind of encryption system/algorithm are you talking about?
How long would it take to hack a WPA2 wi-fi access point, with a passkey of 30+ - mixed - characters?
Considering how long it takes to breakdown weak WPA keys, do you really think you could identify the encryption systems (remember that each frequency/channel used by the drone and yes there are many, both in & out, uses a unique, dedicated system) used by a drone and break it down whilst the drone is still in range?
edit on 30/9/2012 by OccamAssassin because: (no reason given)
Originally posted by _R4t_
reply to post by OccamAssassin
I'm sure you'll argue with an entire university research team that actually did highjack it spoofing said encrypted signal with a cheap ass built 1000$ transmitter..
www.ae.utexas.edu...
A replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet substitution (such as stream cipher attack).
Abstract
This paper presents a taxonomy of replay attacks on
cryptographic protocols in terms of message origin and
destination.
BTW.... I started in networking in the early 80's....
Replay attack against encryption STRAIGHT from a US Navy mil site... wanna argue more?
www.dtic.mil...
First 3 lines... Its strange the US naval labs spent time on researching attacks that you've proven impossible perhaps you should send them an email and explain them your theories...
Then if your oh so great care to explain the world how they did this?
www.ae.utexas.edu...
Originally posted by OccamAssassin
Originally posted by _R4t_
reply to post by OccamAssassin
I'm sure you'll argue with an entire university research team that actually did highjack it spoofing said encrypted signal with a cheap ass built 1000$ transmitter..
www.ae.utexas.edu...
Look at image # 8 from your link.
Now look at the image on the top right of this page .... en.wikipedia.org...
Can you spot any differences?
Originally posted by _R4t_
PS: we're arguing for no fkin reasons, I just read a paper on it and DHS isn't even using encryption in the GPS navigation system of the drones they have... they are using reg civilian GPS... unsure about the military ones but alot of suspicions are pointing toward that Iraq may have used spoofing too...