1997-07-07 - Re: Hack the Mars rover (fwd)

Header Data

From: Steve Schear <azur@netcom.com>
To: Dave Emery <die@pig.die.com>
Message Hash: 3d0ff0e291d1f7011e55eacf51563fd3b4ec623ebe22cbebb772513f0f491dbb
Message ID: <v03102803afe5e6c84462@[]>
Reply To: <199707061611.LAA18434@einstein.ssz.com>
UTC Datetime: 1997-07-07 00:41:22 UTC
Raw Date: Mon, 7 Jul 1997 08:41:22 +0800

Raw message

From: Steve Schear <azur@netcom.com>
Date: Mon, 7 Jul 1997 08:41:22 +0800
To: Dave Emery <die@pig.die.com>
Subject: Re: Hack the Mars rover (fwd)
In-Reply-To: <199707061611.LAA18434@einstein.ssz.com>
Message-ID: <v03102803afe5e6c84462@[]>
MIME-Version: 1.0
Content-Type: text/plain

>	Two very imprtant points.   The space path loss to and from Mars
>is very large.  So a very large dish is required to have sufficient G/T
>to see readable data.  Most NASA deep space stations use 85 foot dishes
>and some also have 300 footers.   Without that kind of antenna gain one
>is not going to see anything at all, and without that kind of gain on
>the command uplink as well as a multi KW high power microwave amplifier
>to feed the dish one is not going to be able to put enough signal into
>Mars to do anything.
>	There are essentially no 85 foot or larger dishes in the hands
>of anyone who might be attempting to hack a NASA spacecraft.   Such an
>antenna is simply not your back yard satellite dish....  they cost more
>than a million dollars and are major construction projects.

You're right, its beyond imagination that any amateur would have the
resources at their disposal to override NASA's uplink (unless ther's
another Capt'n Midnight lurking at a commercial uplink station ;-).

>	The second point is that the NSA has been supplying space
>hardened crypto chips and related ground equipment to every US satellite
>manufacturer and operator for at least the last 15 years for use in
>protecting the command uplinks against unauthorized access.   One can be
>quite sure that NASA has used these, or if they haven't has good reason
>to believe they don't have to.
>	The attack that is barely conceivable is for some cracker to
>break into a NASA terrestrial communications link associated with the
>Deep Space Network (some links use satellite communications for example
>and others microwave links) and access the command uplink systems of a
>NASA DSN site.  Whether they have fully secured all of these against
>such attack is unclear.  Obviously good old secret key encryption would
>work here, and there certainly is a lot of command validation done at
>the uplink before the command is sent, so whoever was doing this would
>have to have great in-depth knowlage of the command uplink system and
>the spacecraft itself.

Rather than trying to seize control of lander just do a DOS hack by keeping
the ground stations from hearing the lander signal.  You said yourself that
the path loss to Mars is very large (maybe around 200 dB), this means that
even with those huge antennas their link margins can't be too high.

I'll assume that in order to improve the margins they're using spread
spectrum techniques, trading bandwidth for spectral efficiency.  Without
getting into the specifics of jamming technology, unless they have a very
large process gain (like the 63 dB claimed for GPS), which is very unlikely
for a number of reasons, that a properly designed transmitter located near
their downlink stations would spill into the passband of their very
senstive receivers (probably liquid-He cooled LNAs) making receiption
difficult to impossible.  Of course, such transmitters would be relatively
easy to find so only intermittent operation might be practical.
>	And finally, demodulating the downlinks and recovering
>information from them is relatively easily accomplished once the hard
>part  (obtaining the G/T required) is somehow handled.  NASA tends to
>use very straightforward modulations and FEC and does not encrypt the
>downlinks.   And a fair amount of detail about the data formats is
>publicly available.

If the data formats and coding techniques are public and well documented
the task is simplified many fold.


PGP encrypted mail PREFERRED (See MIT/BAL servers for my PK)
PGP Fingerprint: FE 90 1A 95 9D EA 8D 61  81 2E CC A9 A4 4A FB A9
Steve Schear (N7ZEZ)     | Internet: azur@netcom.com
7075 West Gowan Road     | Voice: 1-702-658-2654
Suite 2148               | Fax: 1-702-658-2673
Las Vegas, NV 89129      |

        God grant me the serenity to accept the things I cannot change;
        The courage to change the things I can;
        The weapons that make the difference;
        And the wisdom to hide the bodies of the people that got in my way;-)

        "Surveilence is ultimately just another form of media, and thus,
        potential entertainment."
        --G. Beato

       "We've all heard that a million monkeys banging on a million
        typewriters will eventually reproduce the entire works of
        Shakespeare. Now, thanks to the Internet, we know this is
        not true."                           -- Dr. Robert Silensky