Iraqi insurgents using $26 software to monitor Predator video feeds
By Nilay Patel 
posted December 17th 2009 10:21AM
posted December 17th 2009 10:21AM
[Thanks to everyone who sent this in]
posted December 17th 2009 10:21AM
A look back on popular stories from today in a specific year.
Now that we've thrown 'em off the trail, use the form below to get in touch with the people at Engadget. Please fill in all of the required fields because they're required.
This is absolutely hilarious.
@(Unverified) I dunno, I think it's more sad than hilarious. If the DoD is spending over half a trillion dollars of our money every year, they damn well better make sure they encrypt sensitive data streams.
@sn1per , um, you really think this is a problem? Do you forget that video streaming is a two way street and that the military hasn't noticed how to control the traffic lights?
@(Unverified) Sorry, I don't find a major security breach that could possibly endanger our troops' lives funny at all.
@(Unverified) I think DoD leave it unencrypted purposely as a scare tactic for the insurgents - We know where you are, big brother is watching over you.
Hmm...I wonder if I can slingbox the feed to my iPhone. LOL
Multiple kills confirmed. Nice job.
@(Unverified) Now all your Predators are belong to us!!
This wouldn't happen if the DoD used Whitespace.
@(Unverified) I agree that it's hilarious. This war has been the secret third book of Don Quixote since it started.
@(Unverified)
What's even more hilarious is for $10 more bucks you can get the browser plug-in to target and fire it's weapons. Unfortunately you have to sign up for a WindowsLIVE ID account, which thankfully; no insurgent is willing to do. Hey, they may be insurgents, but they aren't stupid.
This isn't the big deal that it sounds like. First of all, it's just the video stream coming from the airplane's camera, it's not "sensitive data". Secondly, a video stream is pretty useless without knowing the coordinates or location. Lastly, it doesn't put our troops or pilots in any kind of jeopardy as someone suggested. The pilots fly the planes remotely from far away. The military hasn't made an effort to encrypt the video streams because they just are not very important.
@(Unverified)
Who wants to bet that they didn't pay for that software either?
@tonytiger619
So terrorists knowing if particular safe houses etc. are being watched is not gonna be of use to them? And about it being useless without coordinates .. that's bogus .. I'm sure many of them could recognize stuff if they see a landmark or distinguishing feature of buildings in the vicinity.
And it does put troops in jeopardy because it could help the insurgents avoid being caught. And in a battle situation it may even show troop locations or at least provide situational awareness.
@(Unverified) I agree with the op. Absolutely hilarious. The flaw has been known for 20 years and hasn't been addressed. Hilarious.
@tommy2468 That does sound like a good idea .. actually i could think of many scenarios by which insurgents thinking they have a live feed could actually help the troops. So I guess it may be part of a tactic after all. I guess the problem is when stuff like this leaks out in the media the public may hasten to "fix" the problem when actually there's some advanced tactic to why they did it.
@Kurian Yay, Modern Warfare 2!
@tonytiger619 "The military hasn't made an effort to encrypt the video streams because they just are not very important."
Apparently they changed their mind. At least we now have an idea why they never caught Bin Laden.
@Blackstar
oh my god! WHERE!!
@Brokinarrow Yah because there are tiny people sitting inside a Predator. Get real. This doesn't endanger anything other then the stealth of the Predator. If they know where its going they know where to aim a stinger or just shoot at.
@Blackstar im just waiting for the iphone app to pop up... :D
@Thedude88 Anyone for a Level playing field? it's a war after all.
@Thedude88
It's not funny at all. This puts our soldiers lives at risk.
@Thedude88
I don't find this hilarious at all.
@Bowsa
I could tell you, but then I'd have to kill you.
Someone will make one for the iPhone I'm sure. Then Apple will get pulled from the app store as soon as they find it. Not because it's a breach of national security and could put lives at risk or anything. They'll reject it cause it mentions the 'Droid' phone, it competes with iTunes, or has 'iPhone' in the title.
@Brokinarrow
Ever since I first learned of the USAF considering pilotless aircraft more than a decade ago, I immediately had concerns of something like this happening or an enemy hacking our signal and taking control of the UAV to use against our own forces.
It's is why I believe there will always be a need for manned fighters and bombers.
@sn1per
Agreed, but I blame the Military for this. Once again they underestimate the enemy... it's things such as this that go ignored in the long run that cause terrorist attacks.
@John Doe You sir, are an idiot. I was referring to the fact that insurgents may be able to escape to mame and kill our troops another day. Or they may be able to see troops coming and ambush them.
@John Doe What, those are UNMANNED aircraft?!?! WOOOWWW no way!! When did we invent that?! No but seriously, you're an idiot. Read the freaking comments, others have pointed out what I was referring to. Anyway, you do realize that predators aren't exactly SMALL right? Think about it: they carry full-sized missiles to destroy targets with. Here is a good photo to give you an idea of their size: http://en.wikipedia.org/wiki/File:Edw-2006-MQ1-061028-02-8.jpg
@Brokinarrow engadget, seriously guys, when are you going to fix the freaking comment system? And maybe the photo galleries while you're at it?
Forget fixing it. Just send out a fake feed as a tactical maneuver to flush them out, then gun them down! There -could- be a bright side to knowing what the enemy sees...
@Mmmm Donuts
I am sure that the Military can detect such breaches which would help them pin point the enemies position using triangulation.
So what the article is basically saying to me is that, if you spend $26,000 on a hack program, you get a /facepalm from our government.
@Mmmm Donuts
this could be intentitional, offering a false sence of seckurity.
everything you read in the news papaer in this area is never as it sems, trust me.
@epic Not $26,000. twenty six dollars and you just made a key military vehicle less effective..
So the Predator sends a video signal UP into space and a satellite up there sends it across to somewhere else then back down. Where are The Bad Guys intercepting the signal? Here in The States? In Germany?
Are the predator pilots local to their use? I don't think so.
Do we care if some bad guy in, say, Nevada is watching some random Predator video feed? What's he gonna do, shout (over a cell phone!?) "Look out behind ya!"?
@Freakin Ijit
The uplink from the predator is the unencrypted part. The communications between the satellites from that part aren't part of the 'Predator Infrastructure' solely. You would have to be LOS with the drone to intercept the video stream.
@Mmmm Donuts
You do realize that Iraqi insurgents read Engadget too .
@skola28 Yeah, that was sorta my point - where ARE the Bad Guys intercepting this - in space!?
Just because the signal is intended to be picked up by a satellite doesn't mean you can't listen to it from the ground.
@Ahmed Alzayani
Holy fuckity fuck, we're all dead!
/facepalm
@thethirdmoose x2
Typical U.S. approach, wait until something bad happens, then address the problem. (Yes I am an American, just one that's fed up with the idiots in the U.S. government).
@Xudd Kinda reminds me of Die Hard 4...
@Xudd
I'm more mad at the engineers. I'm not sure that its nearly as much the fault of the US gov't as it is the fault of the company (Boeing?) who deployed the system. It is a common research strategy to remove links that may cause failure, but any deployed system should be secure, both in terms of information and control.
I do robotics research at a major University. I developed a unsecure robot behind a firewall a few months ago. There was a lightweight TCP server (with root access... oops!) for handling sockets for remote control, that I forgot to protect. It took 30 minutes to have the server owned when I dropped the firewall.
@someguy7234
This is why engineers should leave the software to computer scientists. It's for the same reason computer scientists leave the engineering to the engineers; it's not that one can't do the others job (they very likely could), it's that they've been trained to remember to do certain things that non-CS people may overlook or never even think of. Note I said computer scientists, not programmers. That's another problem nowadays, but I digress.
@someguy7234
You assume that they also have control of the satellite and what system it employs, hell perhaps the maker of the drone has no access to the damn software at all, boeing is a commercial company and not secure so they probably have to face some walls because of that.
@r3loaded Kinda reminds me of airport security...
@Xenoterranos You really think that Boeing doesn't employ CSs in their weapon's divisions?
@someguy7234 Actually it's General Atomics that makes the Predators.....i know this because I work for General Atomics (not in the division that makes the Predators, though)
@TheAngryIntern - Grrrreat. I want a guy named "TheAngryIntern" working for a company that makes a remote-controlled stealth plane to bomb people. Anyone else this that this, too, is a bad idea?
BTW, ;)