In June 2013, a group of graduate students from the University of Texas at Austin sent shock waves through the world of GPS technology when they successfully tricked (or “spoofed”) the GPS navigation system on a super yacht, causing the ship to go off course. Todd Humphreys, assistant professor, and his students carried on board a device no bigger than a briefcase that fooled the boat’s navigation system (and, therefore, also fooled the boat’s navigators) into thinking the boat was drifting off-course when, in fact, it was not. To correct the “error,” the navigators actually swerved the boat off course.
Why was this potentially a big deal in the GPS world? It showed that GPS technology is vulnerable to being spoofed, which could have huge ramifications if, for example, terrorists were to obtain or duplicate it. Does this mean military institutions could be at risk?
No, says Ian Farquhar, a security researcher from South Africa. He explains that GPS, which was invented by the American military, can be encrypted to make it difficult or impossible to hack, and that military GPS has such encryption. The problem is that civilian GPS does not come with that encryption.
There are encryption codes that the military can potentially use for its GPS technology. According to Farquhar:
- The Coarse/Acquisition Code (C/A Code) is used by nearly everyone already. It is vulnerable to GPS spoofing.
- The P(Y) Code is open only to military in the United States—and to US allies. Current attempts at spoofing would have no effect on it, so it is considered a secure system. However, it’s not available to the average citizen.
- The M-Code is a new code just being introduced by the military. We can assume it increases security, but very little is known about it at this time.
Farquhar stresses the importance of making civilian GPS spoof-proof, citing as an example the crash of Air France Flight 447 in June 2009. The crash was not the result of GPS spoofing, but it did occur because the crew was getting inconsistent readings from various onboard technologies. The same kind of confusion could result if someone were to spoof an airliner’s GPS.
GPS tracking technology has been around longer than most people realize, dating as far back as the 1970s. In fact, the initial meeting to discuss the possible creation of such a system was on Labor Day in 1973. That makes September 2013 the fortieth anniversary of the concept of GPS.
Google+
Civilian GPS Needs Increased Encryption Protection
No comments:
Post a Comment