Friday, August 21, 2015

It's Surprisingly Simple to Hack a Satellite

Source: VICE Motherboard

During a Camp presentation entitled "Iridium Hacking: please don't sue us," hackers Sec and schneider demonstrated how to eavesdrop on Iridium pager traffic using the Camp badge.
...
"The problem," Sec explained, "isn't that Iridium has poor security. It's that it has no security."
...Iridium pager traffic is sent in cleartext by default, and most pager traffic remains unencrypted.
...
Frequency shifts as satellites go overhead have historically made it difficult to capture Iridium traffic. But with cheap, ubiquitous software-defined radio—like the rad1o badge or HackRF—eavesdropping becomes trivial. "You say, ok, give me all the frequencies at once, and in the received signal search for the Iridium [traffic] afterwards," Sec explained.
...Once collected, the data needs to be analyzed for Iridium traffic. ... "A Raspberry Pi 2 is just beefy enough to process the traffic," Sec said.