[time-nuts] Time security query
Graham / KE9H
TimeNut at austin.rr.com
Mon Aug 24 20:17:26 UTC 2009
Bill Hawkins wrote:
> Spoofing the time from a remote location seems impossible. Or is it just
> difficult? Security by obscurity is not secure. Continual time changes could
> confuse a control system that had scheduled activities, as well as mess up
> the trends and logs that record the history of the process.
>
>
Bill:
Spoofing a GPS receiver should not be too hard. I would record the GPS
spectrum off the
air, then play it back, delayed by some sufficient time to confuse
whatever you are trying
to confuse. By playing back actual signals, the GPS receiver would hear
a self consistent
set of signals, just shifted in time. You would have to be close enough
to the target GPS,
so that your spoofing signal was much stronger than the off the air
signals. Playing back
signals recorded at another location may or may not help the confusion.
It all depends on
how smart the target GPS receiver is, and what it has been programmed to
alarm, versus just
accept and reset itself. As another email commented, most consumer GPS
receivers
have almost no protection against this kind of attack.
--- Graham
==
More information about the Time-nuts_lists.febo.com
mailing list