Reply to post: Very Low Impact

Sweet TCAS! We can make airliners go up-diddly-up whenever we want, say infosec researchers

bazza Silver badge

Very Low Impact

As with spoofing of other open unsecured radio systems of this type, this one is not really something to worry about.

First, as the article references, pilots are actually pretty good at sifting the crap from the normal.

To have an impact a spoofing transmitter would have to be in range. So to make the spoofing work you either go somewhere near the take off / landing flight paths of an airport (where you'd need to transmit some power), or you'd have to sit underneath a known flight lane (and transmit more power). For both, reports of duff TCAS activations is quite likely to result in OFCOM's surveillance aircraft (they have one) being launched pretty quickly, and they've got a track record of pinpointing annoying transmitters to within meters. That's if the numerous military aircraft capable of doing the same thing don't get involved first.

So second, someone actually trying this out is going to get noticed and found pretty quickly. And if they keep trying it on, that could be within seconds of them switching on their transmitter.

Third, whilst it would be possible for a nation state to do this within their own territory (they're in control of their version of OFCOM) they're unlikely to do so; countries get money from flights passing over their territory.

All in all, unlikely.

I'm fully anticipating that their next piece of pointless research will be spoofing maritime AIS, "causing ships to crash". Well, they'd have to spoof the ship's nav radar, and unless they're doing this from another vessel they'd have to do it somewhere like the Straits of Dover; there's a whole load of traffic monitoring radar systems round that area too, so those too would have to be spoofed. And anyone trying AIS spoofing is as likely to be geolocated pretty quickly these days too; AIS validation is a topic these days. The only hard part about that is having the signal collection assets in place (e.g. waking up OFCOM or the RAF); the processing is easy.

I don't know whose funding this bunch, but I'd suggest that they consider whether or not they're getting value for money. There is some merit in the occassional poke at such radio systems to remind people that they're intended to supplement the Mark I eyeball / brain, not replace it, but funnily enough the regulators and practitioners in various fields of transport are already pretty hot on that.

A far more valuable area of concern is GPS spoofing / denial, but there's already a load of other researchers working on that. There's even a properly thought out solution, it's just a matter of persuading countries to fund it.

For the record the solution is a combination of 1) GNSS systems, possibly enhanced to improve resilience, 2) eLORAN to provide an alternative location and timing source (pretty accurate, and usable by all but the smallest applications i.e. it might not fit in a mobile phone), 3) use the existing radio clock transmitters like MSF for another source of timing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021