Commercial Flights Are Experiencing ‘Unthinkable’ GPS Attacks and Nobody Knows What to Do::New “spoofing” attacks resulting in total navigation failure have been occurring above the Middle East for months, which is “highly significant” for airline safety.

  • AreaKode@lemmy.world
    link
    fedilink
    English
    arrow-up
    14
    ·
    1 year ago

    The problem is with the way GPS works. Your device gets telemetry from the satellites. A fake signal can screw up the whole system.

    • jormaig@programming.dev
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      1 year ago

      But if they had authentication you would know that the message doesn’t come from a legitimate satélite.

      • Gormadt@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        1 year ago

        If their isn’t then there’s a big problem with implementing that now, which would require a retrofit of every single GPS system currently in use and likely a replacement of all GPS satellites

        Edit: I’m slightly mistaken, the military uses encryption but they don’t have that open for public use.

      • Creat@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        7
        ·
        1 year ago

        you can’t have authentication in a one way system. satellites send days, planes receive it, but never send anything.

        • Nailbar
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          You can have a digital signature, so the recievers know it’s legit

            • Nailbar
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 year ago

              Playing with semantics a little, it can be thought of as the satellite authenticating with the client using the signature as password.

          • x4740N@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            5
            ·
            1 year ago

            That still would be easily defeated, they can just copy the signatures

            • randombullet@feddit.de
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              1
              ·
              1 year ago

              That’s not how PKI works?

              Unless you know how digital signatures work better than me

            • Nailbar
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              You can’t copy a signature, since it is different every time the signed content is different. You need to have the correct key in order to make a valid signature.

            • zalgotext@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              If you’ve figured out how to do that, a lot of governments would pay you a lot of money for your solution