This Week in Security: GPS Spoofing, Private Contacts, Cheap Books

Use GLONASS, Comrade

Whether we’re exploring a new city or directing autonomous drones, GPS has long been a staple of modern life. However, GPS spoofing research has progressed over recent years, demonstrating that someone with a few thousand dollars, the know-how and spare time can spoof GPS signals and redirect vehicles that rely on GPS for navigation.

Experts have speculated this trick was used by Iran to capture a U.S. UAV, and now they are raising the alarm over suspected Russian GPS spoofing in the Black Sea. In this incident, tanker ships approaching port in the Black Sea near Novorossiysk had their GPS units incorrectly indicate they were at an airport. Similar disruptions have been reported near the Kremlin.

With Putin’s travel itinerary matching up with the tanker GPS disruptions, experts have postulated that this is a test or deployment of anti-consumer-drone technology. Drone manufacturers implement geo-fencing to prevent their informed, responsible users from flying around airports, so convincing all nearby drones that they’re at an airport seems like a nice way to keep them on the ground.

However, it’s not all “Dude, where’s my drone?” Work is being done to secure GPS systems from both jamming and spoofing, using more powerful directed signals, and also exploring different cryptographic tools to secure signals.

But until these improvements are in orbit and our pockets, we may need to keep a paper map handy and wait until heads of state are out of the area before we fly a drone.

Signal Improves Private Contact Discovery

The private communication tool Signal is a favorite of privacy advocates for its security and ease of use. But, it’s constantly been critiqued for its reliance on phone numbers as identifiers, making it difficult to use anonymously, and making it possible for the (Read more...)

This is a Security Bloggers Network syndicated blog post authored by Cylance Research and Intelligence Team. Read the original post at: Cylance Blog