I would also suggest that a reasonably simple Tesla coil could knock out communications to most radio-controlled things.

A friend of mine back in college got taken to court for hacking (ie. exposing a gaping security hole) in the campus ident card one swiped through coke machines to debit a student account. The card ID was the student’s SSN (very dumb- they’ve fixed that since then). Blackboard claimed the data transmission was encrypted- it wasn’t. His “hack” pretty much just involved routing the line through his laptop and listening.

Maybe the Pentagon should hire me as a consultant. I’m not too technical, but I could’ve told them to encrypt the transmission :)

(Never draw a gun unless you are sure you will use it. Too much risk of it being taken away and used against you.)

You need a sat dish.

I can’t believe they made the decision to leave it open though. It would have been easy enough to encrypt the video transmission, though the signal might have decayed non-gracefully. This does not take firewalls, it takes a nice long pre-shared key that would ideally differ for each sortie. I am sure they have some kind of authentication on the control… at least I really really hope they do… I suppose both of these data streams get beamed around via a network of satellites… bet those control signals might be subject to intentional interference, something that could possibly be much easier if you saw the transmitted video.

Regions
1. Syria
2. Libya
3. Algeria
4. Belarus
5. Iran
6. Tunisia
7. Russian Federation
8. Cyprus
9. Ukraine
10. Latvia

Sketchy. It seems the largest bulk of the searches happened way back in 2006, too! I love how presumptuous the American military was about ‘ow dem towl heads aint gonna have the smarts to intercept unencrypted data. Its like they assumed the enemy’s sole response was going to be to point at the sky with amazement and gesticulate in the direction of the flying object.

“The U.S. government has known about the flaw since the U.S. campaign in Bosnia in the 1990s, current and former officials said. But the Pentagon assumed local adversaries wouldn’t know how to exploit it, the officials said.”

Curing an unencrypted communications channel is relatively simple, on the large scale. A modest amount of money, and a few competent engineers will do the trick. Curing massive arrogance, though, is hard, and often very ugly. An “eh, the locals are just ignorant sand farmers” attitude is the short path to learning about every new asymmetric warfare trick the hard way, over and over again.

The Pentagon, providing desk jobs for people who aren’t competent enough to be trusted on the battlefield.

So as an operator you have a choice of Skype quality picture or broadcast video quality picture. Which do you watch?

Bear in mind that the drone is a giant radio-location beacon for anyone with a spectrum analyzer and directional antenna, so unless we are confusing things with lots of extra missions on random-but-plausible itineraries then the Red team can have a pretty good idea of what we are interested in anyway…

skygrabber software, a laptop, and a satellite dish. thats all you need.

Keep the sig-links for your profile, please.

To a technical person that understands it, sftp is a no-brainer. Explaining this to a neophyte boss that is afraid of changng the way “we’ve always done it” doesn’t get you very far.

Working with the application development team to use sftp rather than ftp is also another process that has it’s own special circle. They’ve done things the same way for years, and finding the person that knows where the transfer portion of the code is and how to modify that, and then find somebody that can admin the box and install all the proper libraries is mind numbing.

In a world with no process and full admin rights, I’d have just written a wrapper and alias that accepted ftp syntax, then buffered for username and password, and made the change transparent. Let the users think they’re using FTP, but fix my firewall and their process all at once. Until it breaks, at which point I catch holy hell and get fired. And one could argue that working at that position is worse than not working at all, but that’s a different discussion.

[The corrollary to this is that the same management that doesn’t want to move off of trusted systems reads up on HIPAA regs and comes up with some obscure corner case example and insists that the entire network be restructured to accomodate scenario X. One that could be completley avoided if the app were just tweaked to use HTTPS rather than HTTP, but hey, let’s turn it into a network problem.)

And this is just hospitals. They’ve got small-b bureauracracy, but Military? That’s Big B. Squared.