While merely embarrassing on the surface, one has to consider the strong likelihood that the intelligence-gathering operations of other countries have probably known this for years and could by now have accumulated a vast amount of data on the disposition and tactics of US forces in multiple theaters. What an enormous strategic blunder.
That sounds somewhat overwrought. You can get much more and higher quality data on 'the disposition and tactics of US forces' from satellites, traffic analysis, reading the official sites of US military units and soldier's blogs than you can from terabytes of narrow-field grainy footage of the Hindu Kush or Sadr city. It might be of some tactical use to someone engaged in 'asymmetrical warfare' against US forces and is probably even more useful as a propaganda tool. The intelligence-gathering operations of other countries probably have more storage space dedicated to episodes of The Simpsons than intercepted US UAV video.
I would expect more rigorous reporting from ars. The reason that encryption techniques protecting DVDs and games fail is that the thing doing the decrypting is the thing that the enemy possesses: the game machine or dvd player. The machine has to have the decryption key in it somewhere, thus the whole stack of cards is a sham.
This is totally the opposite. The drones need only have the capacity to encrypt their video and decrypt command/control information from the host.
Both drone and host are unique devices that could (given their incredible pricetag) easily have unique public/private key pairs for each drone and each control station. Before takeoff each could be paired by an exchange of fresh keys. The only attack is brute-force with an as yet unavailable amount of computing power.
That they failed to do something like this for so long, well, words fail me.
Do they trust their soldiers/Marines with these encryption keys? Don’t know that.
It's interesting to see how the Army and the MPAA respond differently to the same problem - it only takes one person to crack the code (or leak the secret keys) to render the whole scheme useless. The MPAA builds ridiculously complex encryption schemes in the hopes of slowing people down, and sues the downloaders it can find. The Army doesn't bother with encryption because it's too much of a burden, and kills the downloaders it can find.
While it's momentarily surprising that the video feeds aren't encrypted, remember that the lead time on this type of equipment is often measured in decades. The drones deployed right now were probably designed in the early 90s, using early 90s computers.
No video feed back then was encrypted --- military or otherwise --- because the computers with the power even to digitize video in real time, let alone digitize it and then encrypt the digital stream, would have been huge.
It was a common selling point for satellite receivers back then that you could buy them and use them to watch the raw feed of just about everything being broadcast, because it was all analog streams being relayed in the clear. There's actually a pretty good movie floating around the internet called "Feed," [1] made by a guy recording satellite feeds of the 1992 election coverage.
I disagree on the point that digital video is required for scrambling the feed. Commercial feeds such as HBO have been scrambled since 1986, albeit with analog schemes.
http://en.wikipedia.org/wiki/Videocipher
While it may have been difficult to fully-encrypt the video with airborne hardware in the early 1990's, they certainly could have made some effort to scramble it. And by now, it should have been updated to 2002-era webcam technology.
Most of the surprise is people confusing the NSA with the military. While the NSA may have the latest and greatest tech, the military is always much farther behind.
Exactly. I believe that people in third-world countries can be a lot more motivated when it comes to learning and harnessing new technologies, simply because they might have a lot more at stake.
Unlike in the past, nowadays it is relatively easy to gain access to technical knowledge. If someone has access to the web and knows enough English they are basically at the same distance from information (=1) as someone in a developed world. All it takes is a lot of time and persistence.
So there might be third-world countries but there are no third world people.
This isn't really news to the satellite feed community. The military and private military contractors have been broadcasting unencrypted feeds of operations for a long time.
I am wondering if we don't have a bit of an overreaction to this story here. The presence of the drones is not a secret, nor are their locations.
It wasn't until the recent upgrade of Air Force 1 that the communications between ground and the president's airplane were encrypted. Anyone with a short wave radio could listen in.
What exactly is the risk that they are reading this?
Don't mistake what I mean here, General Atomics should be embarassed about this whole entire ordeal...
But.
Is it really necessary that they encrypt the video streams? The people these aircraft are surveiling, for the most part, know of the plane's presence. Are they really gaining THAT much of an advantage of being able to see their own position?
Beyond that--not to go into full tinfoil-hat mode, but maybe this non-encryption is intentional? Letting the surveilled see SOME of the footage, then playing LOTS AND LOTS more would only serve to confuse/frighten them.
You are assuming everyone on the ground is Taliban. In Afghanistan, besides the Taliban, Afghan government, regional warlords and drug traffickers, there are at least tens of intelligence agencies watching America wage war, and they're taking notes.
A dedicated foreign-intelligence adversary can at a minimum wikileak pirate footage of American drones they have setup to bomb funerals and weddings. The propaganda value of that is huge.
Al-Qaeda themselves might be interested in this footage. They would want to see how the Americans wage remote-controlled Aerial warfare, and the footage helps them look for clues on how to best fight the drones in their other/future encounters with the U.S. in other theaters.
In Afghanistan we have other intelligence agencies helping us; British, Saudi, Israeli, Egyptian, Pakistani, neighboring ex-Soviet Republics, etc. While our interests overlap for now, you can bet that every one of them has their own national interests in mind and they're all eager to swipe some knowledge from us while we're "friends". The biggest US/Soviet intelligence swap and counter-influence actually happened during their alliance against Germany. And you can bet that we ourselves spy on our friends as well, and constantly monitor and anticipate their capabilities (sometimes even volunteer to build these capabilities, because arming someone yourself and training them goes along way towards keeping them under your surveillance; why spy when you can just read your own export-lists?)
Usually if you're conducting surveillance, you don't want other people to know that you know their position. Something tells me that getting access to this type of information would... lessen.. its strategic use.
But hey, this means I can start sending user logins in cleartext and add in the product page that we have "military-grade security."
Not that I really know, but in defense of the contractor I'm guessing that the Predator-to-satellite uplink and satellite-to-HQ downlink protocols were dictated by the Pentagon in the RFP and statements of work to use existing military signal protocols and the contractors really didn't have a lot of choice in the matter.
While merely embarrassing on the surface, one has to consider the strong likelihood that the intelligence-gathering operations of other countries have probably known this for years and could by now have accumulated a vast amount of data on the disposition and tactics of US forces in multiple theaters. What an enormous strategic blunder.