Sometimes a news story appears which leaves me flabbergasted. This report from the Wall Street Journal describes how "the enemy" in Iraq and Afghanistan have been able to use a simple piece of off-the-shelf software (costing $26) to capture video feeds being broadcast by Predator and presumably other UAVs working in the theater.
This reported incident, if true, seriously beggars belief. It has been more than 20 years since commercial satellite TV has deployed effective encryption for both analog and digital video signals to protect commercial interests. And yet the military planners singularly failed to specify simple encryption for sensitive information -- the live video feed of the drone.* Most likely this was done to speed up time-to-market, or to reduce costs--but most security experts would consider this a false economy.
The article clearly indicates that this problem was known since the Bosnian conflict in the 1990's -- but military leaders felt that "local adversaries wouldn't know how to exploit it". This is a perfect storm of stupidity, with two basic blunders: a) assuming that the enemy isn't as smart as we are, and b) relying on security through obscurity. One wonders if this decision means that there are similar weaknesses in the command-and-control channel of the drone's avionics or weapons platforms?
---
*Subsequent reportage suggested this was not a live feed directly from the Predator, but rather a rebroadcast of said feed via a satellite from the local groundstation uplink. It's still a COMSEC issue however.
A cynical view of Information Security and Risk Management, along with smatterings of philosophy, metaphysics, suspect writing and good science fiction. For more about me, see http://www.gillingwater.org/.
17 December 2009
16 December 2009
Rant of the day: DHL is seriously flawed
I recently had to send an important document from Austria to New Zealand.
I went to the local Austrian Post, and selected the EMS (Express Mail Service), which cost me 59 Euros to send a letter weighing 70 gm. I knew that this was outsourced to DHL, so assumed it should reach the destination reasonably quickly -- and I could follow it with the tracking number.
So, imagine my surprise when I learned that an item I had submitted in Vienna on Friday 11th of December had only reached London Heathrow by Wednesday 16th of December.
Thats FIVE DAYS to go from Vienna to London. And it still hasn't left on the plane for New Zealand!
I am seriously unhappy with the service from DHL, and plan to avoid using them in future. I've asked them for an explanation, but I doubt one will be forthcoming.
To see for yourself, check the URL:
http://www.dhl.at/publish/g0/en/eshipping/track.high.html?pageToInclude=RESULTS&AWB=9653805361&type=fasttrack
The AWB number is 9653805361. Is this some kind of record for tardiness?
DHL, please fix your broken system!
/rant ends
Update: the package arrived on 21 December -- a total of TEN DAYS after I sent it on 11 December. I think this is the last time I use DHL, or the Austrian EMS which resells their service.
I went to the local Austrian Post, and selected the EMS (Express Mail Service), which cost me 59 Euros to send a letter weighing 70 gm. I knew that this was outsourced to DHL, so assumed it should reach the destination reasonably quickly -- and I could follow it with the tracking number.
So, imagine my surprise when I learned that an item I had submitted in Vienna on Friday 11th of December had only reached London Heathrow by Wednesday 16th of December.
Thats FIVE DAYS to go from Vienna to London. And it still hasn't left on the plane for New Zealand!
I am seriously unhappy with the service from DHL, and plan to avoid using them in future. I've asked them for an explanation, but I doubt one will be forthcoming.
To see for yourself, check the URL:
http://www.dhl.at/publish/g0/en/eshipping/track.high.html?pageToInclude=RESULTS&AWB=9653805361&type=fasttrack
The AWB number is 9653805361. Is this some kind of record for tardiness?
DHL, please fix your broken system!
/rant ends
Update: the package arrived on 21 December -- a total of TEN DAYS after I sent it on 11 December. I think this is the last time I use DHL, or the Austrian EMS which resells their service.
Subscribe to:
Posts (Atom)