[HN Gopher] Receiving unintentional voice transmissions from GPS... ___________________________________________________________________ Receiving unintentional voice transmissions from GPS satellites Author : thcipriani Score : 120 points Date : 2023-07-15 17:49 UTC (5 hours ago) (HTM) web link (www.rtl-sdr.com) (TXT) w3m dump (www.rtl-sdr.com) | 1letterunixname wrote: | And possibly intentional misuse for criminal and perhaps non- | criminal activity too. | | 121.5 and 243 MHz are no longer officially monitored for voice | distress signals, but I wonder if they're still being gathered on | the fleet. | | Perhaps the best mitigation, I suppose a reduced set of these | signals are monitored for voice distress calls. The satellites | should support geofenced/location-selective rejection of signals | on 406 MHz and 1544.2 MHz identified as non-emergency traffic to | prevent misuse by pirates, drugs dealers, and warlords | coordinating attacks. | jcrawfordor wrote: | What you're proposing is an enormous increase in complexity of | equipment, which would have an impact not only on price but | also reliability of the space segment. A "bent-pipe" space | segment with minimal control logic is a well-established norm | in communications satellites for a few reasons, ranging from | reliability to making it possible to use existing transponders | with future modes. Even still, more and more communications | satellites use digital transponders that can authenticate | source messages, and so this issue mostly exists with legacy | satellites that can't be retrofitted. | | Besides, there's not really much motivation to mitigate this | problem. First, pirate satellite communications by SARSAT | transponders are rare compared to other satellite systems very | popular with pirates like legacy US Navy communications | satellites. Second, satellite piracy isn't that popular | overall. Mitigating the ability of criminal organizations to | communicate this way would require taking down a lot of | different satellite systems, and then they would just fall back | to HF radio, which is already the more popular approach. It's | doubtful there would be any major reductions in crime and the | type of crime that seems to motivate the most use of satellite | piracy---unlicensed fishing near the Phillipines---isn't super | high on the list of international priorities. | dweekly wrote: | What is your basis for a claim that 121.5 (guard) is | unmonitored? | | As a pilot I can say that claim is false - guard is very | actively monitored everywhere in the United States. Were you | referring to some other locations? | jcrawfordor wrote: | COSPAS-SARSAT no longer monitors 121.5, for various reasons, | so no satellite systems regularly monitor 121.5. This means | that 121.5-only ELTs are obsolete, and prohibited for | installation by the FAA since 2018. Modern ELTs are COSPAS- | SARSAT transponders like EPIRBs and PLBs with only minor | aviation-specific features. | | ATC does still monitor 121.5, but that's with an eye towards | voice transmissions, not radio beacon activations. COSPAS- | SARSAT has never carried voice traffic on 121.5, the | satellites attempted onboard Doppler direction finding of the | beacon tone (not very accurate at all, one of the reasons it | is obsolete). At the same time, ATC no longer has RDF | capability from most (all?) GATRs, so receiving the ELT | beacon tone is mostly useless to ATC, and ATC is unlikely to | receive it anyway since GATRs have very poor coverage down to | ground. ELTs do still transmit on 121.5 for convenience of | search aircraft, but it's becoming increasingly irrelevant | with high COSPAS-SARSAT coverage (if the ELT activated at | all, rescue coordinators already know the location by GPS | coordinates) and increasing rarity of direction finding | equipment (and pilot experience with RDF) on aircraft. | | One way to sum it up is this: 121.5 is monitored for distress | calls from aircraft in the air, but it is _not_ monitored for | distress calls from aircraft on the ground. The latter is the | goal of search and rescue systems, and the use of 121.5 has | been replaced by the much more modern COSPAS-SARSAT system | originally developed for maritime rescue. | doctor_eval wrote: | I had to look this up. Wow! | | https://en.m.wikipedia.org/wiki/International_Cospas- | Sarsat_... | | > The International Cospas-Sarsat Programme is a satellite- | aided search and rescue (SAR) initiative. It is organized | as a treaty-based, nonprofit, intergovernmental, | humanitarian cooperative of 45 nations and agencies (see | infobox). It is dedicated to detecting and locating | emergency locator radio beacons activated by persons, | aircraft or vessels in distress, and forwarding this alert | information to authorities that can take action for rescue. | Member countries operate a constellation of around 66 | satellites orbiting the Earth which carry radio receivers | capable of locating an emergency beacon anywhere on Earth | transmitting on the Cospas-Sarsat frequency of 406 MHz. | patrakov wrote: | Quick summary: | | > Many navigational and meteorological satellites carry a search | and rescue (SAR) repeater which is intended to receive UHF | emergency locator beacons and rebroadcast them in the L-band or | higher. However the repeaters appear to be picking up all sorts | of other signals from the ground, including voice transmissions. | somethingsaid wrote: | Shouldn't we link to the original YouTube video? This website | just reposts it with no analysis, a bunch of ads, and some janky | scroll hijacking. | superkuh wrote: | It's text and not video. Just speaking personally I wouldn't | have clicked on or commented on a youtube video link. rtl- | sdr.com is pretty decent aggregator as far as hobby SDR goes | despite their bias in promoting their custom rtl-sdr dongle. | somethingsaid wrote: | Yeah, I understand the preference for text, and I'm not | against the site itself for posting it (I don't have enough | knowledge to comment on its quality), but I think we should | give credit where credit (and ad revenue) is due, and link to | the original creator's work where possible. | Retric wrote: | In the vast majority of cases I prefer text, but in this | specific case the video is actually useful for all the little | details about what he's doing that aren't in this article or | the words he's using. | | https://www.youtube.com/watch?v=U_pCHTeamn8 | fortran77 wrote: | Submit the link and see if it gets voted to the front page. | [deleted] | runjake wrote: | Direct link to video: https://www.youtube.com/watch?v=U_pCHTeamn8 | scrum-treats wrote: | Alternative link to video: | https://invidious.tiekoetter.com/watch?v=U_pCHTeamn8. | bryancoxwell wrote: | A fun video and well explained. | acaloiar wrote: | Few things evoke feelings of the early internet like intercepting | unencrypted communications in the wild with off the shelf | hardware and software. | | It's some how comforting to realize this is still possible today. | charcircuit wrote: | Considering how much progress that has been made in encrypting | internet traffic radio seems painfully slow in evolving to be | more secure. | | Edit: specifically radio protocols not carrying internet | traffic | withinboredom wrote: | That's because there isn't a point. In order for encryption | to work, you need to exchange keys at some point. Doing that | half a world away is rather pointless. Doing it over the air, | how do I know Alice won't intercept and broadcast her keys | louder than me? Or just interfere and prevent me from sending | keys? | | As we all learned in WWII, a code is better than encryption | when you need complex PKI to achieve encryption. It's more | flexible, and can even convey nuances not intended. Ah, sorry | I mean a language, not a code. But still, code words and | phrases are still a thing. | charcircuit wrote: | You are ignoring HTTPS allows people half a world awaywo | exchange keys with a server and prevents other people | follow interfering other than DoS attacks. | | >As we all learned in WWII, a code is better than | encryption when you need complex PKI to achieve encryption | | I was never in WWII and I'm not sure what you mean by code | as typically that's just encryption but less formalized. | rootw0rm wrote: | Referring to Navajo code talkers I assume... | | https://en.m.wikipedia.org/wiki/Code_talker | withinboredom wrote: | Https works because there is a destination address that | goes to a physical network card. Over the air, there is | no 'routing'. Alice can intercept my transmission, then | literally, just use a more powerful radio to 'talk over | me' with her keys. Ergo, MITM. I worked with guys in the | military who did this for a living... | | Radio is like being able to packet sniff (and modify) | packets from anywhere. | jiggawatts wrote: | HTTPS is secure against man in the middle attacks and | will protect transmissions even over radio. | withinboredom wrote: | Yes, once you form the connection it is secure. The | handshake is the part that isn't secure on open airwaves. | This is how 'evil middle boxes' mitm connections from | corporate networks. | | Edit to add: yes, there are CA's to sign the bits on a | network. There is no CA for the radio, only proprietary | ones. These can be reverse engineered, subpoenaed, or | bought by state actors. Chances are, if you're | broadcasting loud enough to be heard by them, they're | going to start listening. | uw_rob wrote: | I think there is some confusion here. HTTPS is secure. | Even with MITM attacks. | | This is because the MITM will not have a valid | certificate to provide authenticity for the public key | returned. | | The reason why middle boxes in corp networks can MITM is | because the the corp owns the device and has installed | their own domain trust to the device. This means the MITM | can return a cert and public key that your device will | trust. This is because the cert returned will be signed | by the installed domain trust. | | Another way to think about why HTTPS is secure over | radio: HTTPS is at the highest level of the OSI | networking model. You could do HTTPS with pen and paper | and the mail if you wanted. Think about starlink! The | internet today is literally going over radio waves. | | This is likely why there isn't progress on encrypting old | fashion radios! There is no need to encrypt old fashioned | radios -- you'll just use internet over radio instead if | you wanted encryption. | | You bring a good point through. Since it's radio, anyone | can jam your transmissions, but, they won't be able to | spoof your intended friend if you are using https via | radio. | withinboredom wrote: | > I was never in WWII and I'm not sure what you mean by | code | | I ignored this part in my original reply. I don't know if | you're just being an ass, never paid attention in school, | or just simply don't know through no fault of your own. | I'm going to assume the latter. | | Check it out: | https://simple.wikipedia.org/wiki/Code_talker | | It's pretty wild. | niij wrote: | I'd take it easy with the name calling. Your replies in | this thread have shown a pretty fundamental | misunderstanding of the OSI model, PKI, and encryption in | general. | fortran77 wrote: | > In order for encryption to work, you need to exchange | keys at some point. | | Not since 1976. | | https://en.wikipedia.org/wiki/Public-key_cryptography | withinboredom wrote: | You still need to exchange keys. You can't get around | that. Otherwise, how do I know the public key you sent me | over the radio is YOUR public key and not someone else | with a more powerful radio? | krisoft wrote: | By having the key signed by someone who you trust. Which | in a military typically means the central command. | kelnos wrote: | Sure, but then you need the central command's public key | in order to verify that signature. How do you get that? | | Ultimately it boils down to you needing to bootstrap your | web/chain of trust somehow. In a military it might be | easier; radios would be distributed to field troops with | the needed trusted keys already present. | | But more "public" radio? We don't have a sort of "radio | CA", and there are no radios that know how to deal with | such a thing. I suppose we could reuse the TLS CAs, | though, and build SDRs to use it, which wouldn't rely on | any particular hardware. But the point is that this just | isn't set up at all. | stevezsa8 wrote: | I watched some documentary where the US were monitoring | enemy communications but didn't know what a specific code | word was referring to. If I recall correctly, the US staged | a fake transmission that one of their islands had some | issue or other... and suddenly they picked up enemy | broadcast with the code word in question. So then the US | knew what the code word referred to. | Y_Y wrote: | AF meant Midway | | https://www.history.navy.mil/content/dam/museums/nmas/edu | cat... | | It's very easy to look these things up. | TechBro8615 wrote: | Aren't there FCC regulations that forbid encryption over non- | military radio? | mirashii wrote: | For amateur radio, but no in general. | tarxvf wrote: | And it's not even actually illegal for amateur radio | though there continues to be debate on the topic due to | the phrasing. | | I do think that encryption is firmly outside of the | amateur culture in most cases, but legality is well | covered here: https://www.n5dux.com/ham/files/pdf/Data%20 | Encryption%20is%2... | warble wrote: | It's legal to encrypt as long as anyone can decrypt as I | understand it. | warble wrote: | Sorry, has the means to decrypt it. | charcircuit wrote: | Well there are radio protocols like wifi and 5g which are | encrypted, so I doubt it's illegal. | ajsnigrutin wrote: | Most of them are pretty secure, a few really old or | intentionally open (ham radio) are not, but the rest, are | (wifi, 5g, ...) | mananaysiempre wrote: | Does 5G finally use some sort of viable cryptosystem? 3G | and below are hopeless and IIUC LTE is theoretically | possible to secure but in practice the implementations | suck. | toast0 wrote: | IIRC, LTE is mutually verified encryption. The SIM | contains a private key for the subscriber and a public | key for the network. I'd expect 5G to also have that. | userbinator wrote: | Some of those voices sound like Chinese... and I wouldn't be | surprised if cheap walkie-talkies and the like are used over | there, which are either actually using a frequency that gets | picked up by these satelllites, or have poor/nonexistent | filtering that their signal harmonics are. | libpcap wrote: | What did the conversation overheatd in that video say? | OnlyMortal wrote: | "People of Earth, your attention, please. This is Prostetnic | Vogon Jeltz of the Galactic Hyperspace Planning Council. As you | will no doubt be aware, the plans for development of the | outlying regions of the Galaxy require the building of a | hyperspatial express route through your star system. And | regrettably, your planet is one of those scheduled for | demolition. The process will take slightly less than two of | your Earth minutes. Thank you." ___________________________________________________________________ (page generated 2023-07-15 23:00 UTC)