Either the WSJ hasn’t taken their anti-crazy pills or there is something severely wrong with the military industrial complex. I’m betting on both.
The story says, essentially, that insurgents in Iraq are “taking control” of our pilotless drones with a $25 piece of software called SkyGrabber. By “take control” the WSJ means “download video feeds from” and by “software” I mean essentially a satellite network snooper.
Now I’m not a rocket scientist, but it looks like what is happening here is that Iraqis are pointing their satellite dishes into the air and watching for downloads. This would be approximately equivalent to packet or token sniffing that, if I’m not mistaken, is popular with teen l33t haX0rz.
See, all of the “*Grabber” programs – there’s also a LAN program – sniff packets on the Internet and intercept downloads. If you were on my LAN downloading a copy of the Spiderman over an unencrypted connection, I would, in theory, be able to watch this and grab the download alongside you. The same, in theory, can be said of satellite connections apparently used by the freaking US military. This suggests either they’re storing video on MegaUpload or that the US military has a plaintext, uncoded FTP server set up in NORAD for the quick and dirty uploading of images from Predator Drones… you now, because the IT staff wanted to rock some Quake 2 instead of using quantum-encrypted connections for matters of national security.
Declan McCullagh notes that:
This apparent security breach, which had been known in military and intelligence circles to be possible, arose because the Predator unmanned aerial vehicles do not use encryption in the final link to their operators on the ground. (By contrast, every time you log on to a bank or credit card Web site, or make a phone call on most modern cellular networks, your communications are protected by encryption technology.)
This suggests that the final link between the drone and the operator is between a satellite flying around in space and that that final link is unencrypted for reasons unfathomable to anyone with even cursory knowledge of network communications. Maybe they wanted to save on bandwidth costs?
We’ll follow this but I’m kind of flabbergasted.