Help - Search - Members - Calendar
Full Version: Insurgents hack U.S. drones
Dumpshock Forums > Discussion > Shadowrun
explorator
Hacked Drones. Seems the bad guys are using SkyGrabber software from Microsoft to grab the satellite signal. Most interesting line= ""the Predator UAV is designed to operate with unencrypted data links." Really? Not to smart.
hobgoblin
they probably never suspect anyone would bother trying to grab a sat link wink.gif

i am sure we will now see someone do the same, using open source software...
ravensmuse
"What idiots would use an unencrypted line ever? Everyone would be pumped full of encryption! Wireless hacking is soooo unrealistic."

Just sayin'. wink.gif
AngelisStorm
QUOTE (ravensmuse @ Dec 17 2009, 10:07 AM) *
"What idiots would use an unencrypted line ever? Everyone would be pumped full of encryption! Wireless hacking is soooo unrealistic."

Just sayin'. wink.gif


Apparently early 90's idiots.
Daddy's Little Ninja
I think they underestimated their enemy. The Wall Street Journal says it believe Iran provided the aid. How do you read these headlines and not think of SR? Clearly we need more geeks in the military.
PBTHHHHT
darn, people beat me to posting this article. wow, I just can't believe they were doing unencrypted, it was only a matter of time.
Fix-it
QUOTE (explorator @ Dec 17 2009, 08:38 AM) *
Hacked Drones. Seems the bad guys are using SkyGrabber software from Microsoft to grab the satellite signal. Most interesting line= ""the Predator UAV is designed to operate with unencrypted data links." Really? Not to smart.


I almost face-palmed myself out of my chair when I read this. unencrypted? REALLY?

what the fark do we pay general atomics so much for?

PS: misleading thread title. they didn't "hack" the drones. they merely tapped their datastream. big difference.
hobgoblin
i wonder what codecs where used wink.gif
Malachi
QUOTE (ravensmuse @ Dec 17 2009, 09:07 AM) *
"What idiots would use an unencrypted line ever? Everyone would be pumped full of encryption! Wireless hacking is soooo unrealistic."

Just sayin'. wink.gif

I was thinking exactly the same thing: "The wireless tech in SR is so unrealistic it would never happen!"

Has anyone driven around with a laptop and seen how many unsecured wireless networks exist? Has anyone seen those scripts you can download from the Internet that will break WEP encryption in under 5 minutes?
Warlordtheft
You would hope the US military uses something a little more sophisticated than WEP encryption. But then again, it is the federal government.
Casper
QUOTE (Daddy's Little Ninja @ Dec 17 2009, 03:23 PM) *
I think they underestimated their enemy. The Wall Street Journal says it believe Iran provided the aid. How do you read these headlines and not think of SR? Clearly we need more geeks in the military.


Nice to see that Rupert Murdoch is putting his ownership of the Wall Street Journal to good use furthering his Fox News agenda.
Warlordtheft
QUOTE (Casper @ Dec 17 2009, 01:41 PM) *
Nice to see that Rupert Murdoch is putting his ownership of the Wall Street Journal to good use furthering his Fox News agenda.

Name a news source that isn't politically motivated in some way or another. Washington Post, CNN? Hah! In some respects, SR is already here dystopian wise as most people accept the reported news as the truth. Not to repost something but all major media outlets do at least one of listed http://www.strategypage.com/htmw/htiw/articles/20051129.aspx



My favorite propaganda technique:

# 10. Not Talking at all about Something Of course the biggest recent example of this are the Moslem riots in France. The fact that the rioters were still burning more than one hundred cars EACH NIGHT was suppressed and avoided, rather we were fed the line that the riots were over. The media went days and days not reporting on the riots which were revealing the complete failure of French social, economic, and immigration policy. However, France, being a socialist country, is favored by the socialist media, so the country's failings were not reported. When you're aware of a major issue underway, but see no coverage on it, then you can be sure the media is against the ideas which discussing that topic would raise.


When was the last time on NBC that they covered the dropping of charges against the black panthers for voter intimidation (there's video of them carrying nightsticks at a polling station)? Why is the justice department stonewalling the congressional investigation into this matter by telling the attorney to keep his mouth shut. Won't find a thing about it on NBC.


PS: Keep in mind Dumpshock Forums TOS rule #4 regarding the discussion of politics except as they directly pertain to Shadowrun or another game. Discussions on these subjects will be watched closely, and any innapropriate posts may result in warnings or suspensions.
Draco18s
QUOTE (Malachi @ Dec 17 2009, 01:00 PM) *
Has anyone driven around with a laptop and seen how many unsecured wireless networks exist? Has anyone seen those scripts you can download from the Internet that will break WEP encryption in under 5 minutes?


Yes, and yes. Except that it's WPA, not WEP. It also requires one of a very specific list of wireless cards with a specific driver (I can't do it on my laptop).
hobgoblin
i think there are software and techniques that allow one to break even WPA now, no matter what hardware one is using...
Wounded Ronin
QUOTE (Fix-it @ Dec 17 2009, 12:17 PM) *
I almost face-palmed myself out of my chair when I read this. unencrypted? REALLY?

what the fark do we pay general atomics so much for?

PS: misleading thread title. they didn't "hack" the drones. they merely tapped their datastream. big difference.


I hate the news with a burning passion because they're always wrong in misleading ways. In this case hack versus tap.

Every time a journalist tries to write about weapons or violence but gets a detail wrong, he or she should be uppercutted in the groin.
Draco18s
QUOTE (Wounded Ronin @ Dec 17 2009, 07:37 PM) *
I hate the news with a burning passion because they're always wrong in misleading ways. In this case hack versus tap.

Every time a journalist tries to write about weapons or violence but gets a detail wrong, he or she should be uppercutted in the groin.


What about the recent BBC headline "Should homosexuals face execution"?

They've apologized for it, as the headline was taken out of context and now reads "Should Uganda debate gay laws?" One of the things up for debate in Uganda is some homosexual acts being punishable by death (or not), hence the headline.
Jericho Alar
QUOTE (hobgoblin @ Dec 17 2009, 02:34 PM) *
i think there are software and techniques that allow one to break even WPA now, no matter what hardware one is using...


yes but WEP encryptions of a certain minimum length are not breakable in the brute force sense - you'd need a known exploit that allows you to circumvent providing the correct key or causes the router to provide you with the key so you can feed it back and gain access.

to my knowledge neither is available for most WEP encrypted routers at this time.

WPA is a different story.
Draco18s
QUOTE (Jericho Alar @ Dec 17 2009, 09:28 PM) *
WPA is a different story.


Because a WPA secured network will reply back to certain messages that contain known data.

I forget exactly how it works, but the computer floods the router with--essentially unencrypted ping messages--and the router replies back with encrypted ones that contain some small amount of known data.

After about 10,000 packets received (about 5 minutes) you can do a data analysis on them and have about an 85% chance of first-guess guessing the key.
Orcus Blackweather
QUOTE (Jericho Alar @ Dec 17 2009, 07:28 PM) *
yes but WEP encryptions of a certain minimum length are not breakable in the brute force sense - you'd need a known exploit that allows you to circumvent providing the correct key or causes the router to provide you with the key so you can feed it back and gain access.

to my knowledge neither is available for most WEP encrypted routers at this time.

WPA is a different story.


Sorry wrong! Backwards actually.

WEP encryption is the older standard. Takes seconds to minutes to crack a WEP key. WPA is only crackable with weak implementations or dictionary cracks. WPA2 is just a bit stronger, again dictionary crack is the only real way to bypass it. Several version of WEP use hopping technology to make it harder (PEAP and LEAP from Cisco), but they are still not as secure as WPA.


http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy
Sengir
QUOTE (Warlordtheft @ Dec 17 2009, 08:02 PM) *
the socialist media

Sure, as every runner knows AA corps want nothing more than nationalization of all their assets and breadline wages even for the upper management. wink.gif


Anyway, back to topic: Orcus is right, WEP is the old standard which can be cracked in a matter of minutes these days. If you want to go silent you can even just sniff a fair ammount of traffic from the network and then run aircrack over it, no need to even send any suspicious packets to the AP. WPA was the answer to that problem and can still be considered secure, as long as your password is not 12345...you wouldn't believe how realistic that scene from Spaceballs is...
Warlordtheft
QUOTE (Sengir @ Dec 18 2009, 02:36 AM) *
Sure, as every runner knows AA corps want nothing more than nationalization of all their assets and breadline wages even for the upper management. wink.gif


Depnds-is there profit in the corp for it? I mean, cheap labor, bribable politicos to make it easier to get contracts.

And your post is a perfect example of #3 Misinformation-as you only took one bit out of context to guide others to your opinion. If you went to the Article and read the thing you would have realized this.

Note that the example in #10 is from the article, and that example was about three or four years ago regarding the riots from the youth in muslim communities in France and France's difficulties in assimilating their muslim immigrant populations into mainstream society. I think they mention it somewhat in Shadows of Europe (to get back to SR), I wounder how many immigrant Muslims are still in those enclaves after Euro Wars I and II. In Eurowars II it was the Islamic invasion of southeast europe, were there internment camps (I wouldn't put it past the dystopian nature of SR fo those to be Z zones at this point)?


Draco18s
QUOTE (Orcus Blackweather @ Dec 18 2009, 12:58 AM) *
WEP encryption is the older standard. Takes seconds to minutes to crack a WEP key. WPA is only crackable with weak implementations or dictionary cracks. WPA2 is just a bit stronger, again dictionary crack is the only real way to bypass it. Several version of WEP use hopping technology to make it harder (PEAP and LEAP from Cisco), but they are still not as secure as WPA.


News I'd heard: http://blogs.zdnet.com/security/?p=2133
News I just found looking for new I'd heard: http://blogs.zdnet.com/BTL/?p=23384
News on WEP: http://lifehacker.com/5305094/how-to-crack...-with-backtrack

WPA: 60 seconds
WEP: 10-30 minutes
Orcus Blackweather
I routinely crack WEP keys significantly faster than that, and WPA is hit or miss depending on implementation. I won't claim to be an expert, but my experience is the way I would bet.
darthmord
I've basically got the equivalent of wi-fi inhibiting paint in my case. I use WPA, non-broadcast SSID, long non-dictionary key, MAC filtering, & IP address filtering.

The nature of the materials in my house have such a dappening effect on the wireless signal that if you wanted to sniff my traffic, you'd have to be sitting on my front porch humping my front door. That's less than 20 feet from my wireless router.

So between logical access controls listed above (plus a few I've not mentioned, not giving away all my secrets) and the physical measures in place, hacking my wi-fi isn't going to be easy. Which is fine. Only the most determined will be able to do so and they'll by nature, be obvious about it. biggrin.gif
hobgoblin
do you work as a spider?
Sengir
QUOTE (Draco18s @ Dec 18 2009, 04:01 PM) *
News I'd heard: http://blogs.zdnet.com/security/?p=2133
News I just found looking for new I'd heard: http://blogs.zdnet.com/BTL/?p=23384

That's what happens if a complex technical topic like cryptography gets dumped down to the level of an average PC user, enriched with a few buzzwords...no, I don't blame you for it because you could not have known any better.

What this attack can do is decrypt single, small packets where almost all content already known to the attacker and only ~10 bytes have to be guessed. The only type of packet which meets this criteria are management packets, so no actual data is reavealed.
Furthermore, this attack really only decrypts that one single packet, it does not reveal the key used for other packets. The worst thing (yet) possible is capturing a management packet and resending a manipulated version for ARP poisoning


WEP, by contrast, is broken in the sense of "I can decrypt every single bit that goes over the air. After 15 minutes, and by just passively sniffing traffic without anything wich might show that I'm even there". And if the attacker is willing to actually send manipulated packets into the network, this is possible in well under five minutes.


@Warlord:
QUOTE (Warlordtheft @ Dec 18 2009, 03:11 PM) *
Depnds-is there profit in the corp for it? I mean, cheap labor, bribable politicos to make it easier to get contracts.

With what money are you giong to bribe them? It's not like socialism advocates nationalization by taking over the shareholder majority and then negotiating a nice financial settlement with the CEO, a socialist revolution would simply confiscate whatever assets it needs and also make sure that all the former large-scale capitalists become good socialist peasants. wink.gif
And this has nothing to do with taking things out of context, the idea that large companies are "socialist" simply makes zero sense in ANY fictional or non-fictional context...just look at what happened when the Azzies threw every other company out of Aztlan, the Corporate Court issued an Omega Order because a strong state, which controls companies and even takes them over, would be completely antithetical to the corps' goals.
Warlordtheft
QUOTE (Sengir @ Dec 18 2009, 03:05 PM) *
@Warlord:

With what money are you giong to bribe them? It's not like socialism advocates nationalization by taking over the shareholder majority and then negotiating a nice financial settlement with the CEO, a socialist revolution would simply confiscate whatever assets it needs and also make sure that all the former large-scale capitalists become good socialist peasants. wink.gif
And this has nothing to do with taking things out of context, the idea that large companies are "socialist" simply makes zero sense in ANY fictional or non-fictional context...just look at what happened when the Azzies threw every other company out of Aztlan, the Corporate Court issued an Omega Order because a strong state, which controls companies and even takes them over, would be completely antithetical to the corps' goals.


Yeah, your right. no socialist country has ever had to deal with corrupt politicians. nyahnyah.gif

PS:ORO was a drug cartel that became a corp, which took over Mexico, not a socialist paradise.

PSPS: A large corp would support a nationalization if it could be constructed in their best interests (which is essentially what aztechnology did).
Sengir
QUOTE (Warlordtheft @ Dec 18 2009, 09:22 PM) *
PSPS: A large corp would support a nationalization if it could be constructed in their best interests (which is essentially what aztechnology did).

Only that not Aztech was taken over by Aztlan and every exec was replaced by a politician, but that the Azzies took over the country and replaced every politician with an excec wink.gif
hobgoblin
i would say that corporations are more feudal then socialist, especially if they are privately owned.

but even when publicly traded, the CEO can to some degree run it like a regent if he can dodge the board.

hell, as the CEO of a publicly traded company only have a loyalty to his paycheck and bonuses, his incentive will be to get the board to pay out as much as possible, and then get the hell out of the area before the house of cards collapses...

pump and dump, boardroom style, in other words...
Wounded Ronin
QUOTE (Draco18s @ Dec 17 2009, 09:48 PM) *
What about the recent BBC headline "Should homosexuals face execution"?

They've apologized for it, as the headline was taken out of context and now reads "Should Uganda debate gay laws?" One of the things up for debate in Uganda is some homosexual acts being punishable by death (or not), hence the headline.


The BBC guys should get uppercutted in the groin by a muscular Japanese man who screams "SHORYUKEN!"
Draco18s
QUOTE (darthmord @ Dec 18 2009, 02:10 PM) *
The nature of the materials in my house have such a dappening effect on the wireless signal that if you wanted to sniff my traffic, you'd have to be sitting on my front porch humping my front door. That's less than 20 feet from my wireless router.


We (that is, my parents) aren't that cinched down, but the router is inside the old, stone farmhouse portion of our place*, which is situated 150+ feet from the property line in all directions. I think we're good.

*Heck, I can barely pick up signal in the kitchen, one room over.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Dumpshock Forums © 2001-2012