Categories

DEFCON 20: RenderMan on ADS-B aero radio

Posted on Thursday, February 28th, 2013 in digital radio data, RF, Videos by the machinegeek


Brad Haines (RenderMan) CISSP, is a Whitehat by trade, Blackhat by fashion, who presented this talk at DEFCON 20. For those of you unfamiliar with him, RenderMan has a history of hacking RF who’s rumored to be a member of the Church of WiFi. In this presentation he turns his attention to ADS-B (Automatic Dependent Surveillance-Broadcast), a common technology installed or being installed on a vast majority of commercial airliners that involves an unencrypted and unauthenticated radio broadcast. He explores the system’s features and weaknesses, noting what can happen when security is not built in from the beginning. He hopes that this serves tospur more research and investigation into this field.

This entry was posted on Thursday, February 28th, 2013 at 2:00 pm and is filed under digital radio data, RF, Videos. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

3 Responses to “DEFCON 20: RenderMan on ADS-B aero radio”

  1. Drone says:

    ADS-B is a disaster when it comes to system design and security. The Government made a real mess of this (so what else is new?) If your Government can’t even get something like ADS-B right – do you really want them running your health care system too? I don’t think so…

    Everyone should watch this video and pass the link on to your representatives in Congress (or equivalent if your country has such a thing).

    • the machinegeek says:

      Here in the US our Congress would “solve” the problem by criminalizing research such as RenderMan’s, with pretrial incarceration without bail, mandatory minimum sentences, etc., as well as outlawing the dissemination of this information.

      • Drone says:

        @the machinegeek, you make good points. Insidious Govt. gone wild…

        Back on topic,.. Check out the TCAS vulnerabilities at the end of the DEFCON 20 video link in the OP. One thing the presenter didn’t touch on is ACARS – which IMO suffers from similar vulnerabilities.

        I’m really surprised there hasn’t been more feedback on this DP post. This air traffic control protocol issue (issues) are very serious. Again, in my opinion…

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Recent Comments

  • Helge: Silicon Labs offer a powerful, unrestricted and completely free software development kit packaged with their Simplicity Studio IDE. It's built on Eclipse, and includes hundreds...
  • Sjaak: With development kit I ment software development kit. I couldn't (easily) find one back some time. Then I asked around and finally came up with...
  • Pranav gulati: I probably couldn't understand what you meant by ' ST doesn’t offer a development kit as I expected' There are numerous eval boards of STM32...
  • DP.: fixed, thanks
  • Bovine: Title of article has the wrong number for ESP8266 typed.