Ah, the epic fail abounds today. Now, having formerly worked for the DoD as a contractor I can say there are good contractors and others that should be given a cigarette and a blindfold.
I wonder where I’m leaning on this story.
From the WSJ:
Militants in Iraq have used $26 off-the-shelf software to intercept live video feeds from U.S. Predator drones, potentially providing them with information they need to evade or monitor U.S. military operations.
Senior defense and intelligence officials said Iranian-backed insurgents intercepted the video feeds by taking advantage of an unprotected communications link in some of the remotely flown planes’ systems. Shiite fighters in Iraq used software programs such as SkyGrabber — available for as little as $25.95 on the Internet — to regularly capture drone video feeds, according to a person familiar with reports on the matter.
Now, first off this isn’t hacking. Transmission was/is in the clear. It’s just piss poor design and I’m rather amazed that this one made it into the field without someone catching it. Or maybe they did and were told to hush up in favour of meeting deadlines?
If you send data, or anything else for that matter in clear text, you have zero expectation of privacy. Zilch, zip, nada and bubkiss.
Just to put this firmly in perspective for our non-technical readers this is as secure as…
Or this…
For more on this story please follow the link to the WSJ article.
Article Link (Thx Brooks)
UPDATE: More information on this story from Wired. Apparently, this clear text problem affects more than just drone aircraft.
In terms of security, the sandwich looks lackluster to say the least. If we are talking in terms of deliciousness…that’s a different story.