GPS Spoofing Attacks

Wired has a story about a possible GPS spoofing attack by Russia:

After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward says GPS data has placed ships at three different airports and there have been other interesting anomalies. “We would find very large oil tankers who could travel at the maximum speed at 15 knots,” says Goward, who was formerly director for Marine Transportation Systems at the US Coast Guard. “Their AIS, which is powered by GPS, would be saying they had sped up to 60 to 65 knots for an hour and then suddenly stopped. They had done that several times.”

All of the evidence from the Black Sea points towards a co-ordinated attempt to disrupt GPS. A recently published report from NRK found that 24 vessels appeared at Gelendzhik airport around the same time as the Atria. When contacted, a US Coast Guard representative refused to comment on the incident, saying any GPS disruption that warranted further investigation would be passed onto the Department of Defence.

“It looks like a sophisticated attack, by somebody who knew what they were doing and were just testing the system,” Bonenberg says. Humphreys told NRK it “strongly” looks like a spoofing incident. Fire Eye’s Brubaker, agreed, saying the activity looked intentional. Goward is also confident that GPS were purposely disrupted. “What this case shows us is there are entities out there that are willing and eager to disrupt satellite navigation systems for whatever reason and they can do it over a fairly large area and in a sophisticated way,” he says. “They’re not just broadcasting a stronger signal and denying service this is worse they’re providing hazardously misleading information.”

Tags: GPS, Russia, spoofing, transportation

Posted on September 25, 2017 at 8:23 AM • 72 Comments

Comments

dvv • September 25, 2017 8:43 AM

I liked the part where the ship “disappearedb from GPS” ????

Otherwise, it’s nothing new — the GPS signal has been spoofed in downtown Moscow for months, making unsophisticated GPS receivers think they’re dangerously close to Vnukovo airport. Works well to ground them pesky commercial drones.

stine • September 25, 2017 9:08 AM

Try driving to Alaska. Sometimes GPS will put you in the southern hemisphere, and then when it discovers its mistake, you’ll be doing Mach 4 across the globe as it trys to correct your map location.

Results of Increased Russia & China Cooperation • September 25, 2017 9:43 AM

Naval accidents in Pacific.
Encrypted GPS navigation is now proven UNSAFE and MUST be independently verified.

Clive Robinson • September 25, 2017 9:54 AM

Commercial GPS is not secure and I first demonstrated spoofing it last century.

To understand how simple it is to do, you need to understand the physical practicality of how it works.

Simply the satellites send a code that is synchronised to a refrence point. You work out where you are by looking at the time delays between satellites (you in effect use time as a distance measure and solve a bunch of triangles, where they cross is where you are).

Thus the position displayed on the GPS read out is where the antenna is not the rest of the GPS receiver.

The signal from the satellites is purposfully weak (their orbit is between MEO and GeoStat) thus they can be easily jamed by even quite a low power transmitter.

Thus if I receive the GPS signals at position A and band shift them (transponder) to another frequency and transmit that. I can at a remote location receive it band shift it back to the GPS frequencies amplify it and squirt it out of a directional antenna at your GPS receiver antenna. This overpowers the real Satellite signals at your receiver which will now display not the position of your antenna, but the position of my antenna at position A.

The advantage of this is the dorky idea of Smart Munitions using GPS to get high accuracy positioning. If I use radar or equivalent to detect incoming munitions (+100mm artillery or mortar rounds etc), simply turning on a strong transmitter that shifts the GPS position by even 20meters will generally render the incoming munition pointless.

That’s a simple and effectively low skilled attack and stopping it is all but impossible even using the highly encrypted and secretly keyed military high resolution position signals.

There are more complex attacks that gently change the position your GPS antenna thinks it is at, again these do not require the ability to be able to encrypt the signals so will still work against any level of secret encryption that might be used.

Then there are tricks using the encryption codes that might or might not be available (I won’t go into details as it’s fairly dull).

The fact that China, Iran, North Korea and Russia appear to have GPS spoofing ability should give people pause to think. Either about “how easy it is” or “how collaborative these countries are”.

The simple fact is most “Smart Weapons” are only of use against technically unsophisticated opponents. Because they can nearly all be lobotomized by even quite moderate sophistication, that can be “loaned” from another technically sophisticated country (or super power). The problem is that in general the “smarts” take up space thus reduce some asspect of a conventional munition. But worse the flight adjustment surfaces will make the munition less accurate than a conventional munition when the smarts have been lobotomized. Thus the attacker is actually worse off than if they had just used conventional munitions…

Whilst there are ways to make GPS Smart systems more robust they may not be practical due to various factors such as size computing power etc. Which might account for why some munitions manufacturers are looking at miniture “solid state” Inertial Navigation Systems (INS) to give their systems smarts that are not dependent on external sources of navigation reference.

Me • September 25, 2017 10:11 AM

UK Ports implemented this to get around GPS jamming
http://www.maritimejournal.com/news101/industry-news/a-new-alternative-to-gps4

Didn’t Iran steal drones using GPS position shifting?

MikeA • September 25, 2017 10:17 AM

Reminds me of a story I heard (third hand, so cum granum salis) in the 1980s. A historian was reading captains’ logs from the 19th century, and found that their daily celestial “position checks” when docked in/near Moscow differed from the current(?) published coordinates.

rj • September 25, 2017 10:22 AM

The correct term is “meaconing”; “spoofing” is the term used with internet packets. Meaconing is sending false navigation signals. The technique dates back to pirates and sailing ships. The pirates would conquer a lighthouse and extinguish its light, then build a fire at a nearby location such that ships following the cue from what they thought was the lighthouse would instead end up on the rocks, where the pirates would then plunder the ship’s cargo. Since WW2 the term has applied to SIGINT operations, including nowdays GPS. It was used during the cold war by deliberately offsetting the timebase of loran transmitters to falsely guide commercial air traffic into enemy areas to deceive the enemy into thinking a spy plane was just an off course passenger plane.

Ratio • September 25, 2017 10:28 AM

@MikeA, it’s cum grano salis (cum takes the ablative).

Ninja • September 25, 2017 10:33 AM

There are some new initiatives regarding LORAN systems as well with upgrades from -C to eLORAN. I like the idea of having multiple navigational systems when some go wrong. LORAN has the advantage of providing localization even when conditions are not that optimal. As it gets develop the equipment to use it will get small enough to go into cell phones as well. The more the merrier!

Impossibly Stupid • September 25, 2017 10:42 AM

What is the baseline unreliability for GPS receivers, military and civilian? I know that I certainly see myself get location errors that briefly put me somewhere else on the globe. I don’t doubt the signal can be spoofed, but I’d really prefer to see a lot more evidence of ill intent before the drumbeat to war gets deafening. I mean, isn’t the real “enemy” here the fact that GPS data is trusted so absolutely? Russia might be up to no good, but GPS issues should be solved regardless of their actions and, ideally, in a way that doesn’t get lots of people killed.

Ross Snider • September 25, 2017 10:59 AM

We really need to get over the tired trend of making things sound spooky when it involves Russia.

GPS gets spoofed by the US, Israel, UK, Japan, etc, etc.

I guess the news here is confirmation in the wild that there exists that kind of mass capacity in that region.

It always seemed to me that GPS would be extremely easy to spoof since it’s got so much redundancy built into it, and its designed to receive very low power signals. But blanketing over a huge geographic region would seem really hard to me. But I guess if you have a military satellite and phased array capacity, maybe not so much of a stretch.

albert • September 25, 2017 11:38 AM

OMG! The Axis of Evil is at it again! GPS spoofing is hardly rocket science, and GPS jamming is available to any high school kid with a credit card. Apparently the MSM and their corporate overlords have no problem with abuses of technology, as long as they can blame the Axis of Evil. I hope the DOD has the lead on this, before the **** hits the fan.

@Clive, et al,
So avoiding the technology is the way to go? I agree, especially with the Inertial Navigation suggestion, but IR target systems give you more bang for the buck and are extremely accurate. I’d be surprised if the Big Three (Russia, China, US) weren’t working on all kinds of alternative systems to mitigate jamming/spoofing. -That- would be an interesting discussion. BTW, old INS systems are good enough for big nuclear weapons. Re: INS. A few years ago, a college friend invited me to a sensor expo. One of the demos was a 3-axis sensor about 1/4 inch square, which you could hold and move around. The resolution was fractions of an inch, as was the repeatability. Amazing.

. .. . .. — …

Erik V. Olson • September 25, 2017 11:42 AM

Naval accidents in Pacific.
Encrypted GPS navigation is now proven UNSAFE and MUST be independently verified.

Incorrect. Collisions are a watch standing issue (failure to monitor the ocean around you and properly follow COLREGS.) GPS is used for the Navigation problem (Where am I and how do I get from here to my destination safely?) and ships are supposed to (and US Navy vessels are required to) keep a running track, and the GPS suddenly jumping them any distance will result in the GPS being turned off and the ship going back to other methods of navigation.

A navigation failure results in the ship ending up aground, not into a collision. If the officers and crew of the McCain and Fitzgerald had been properly keeping watch, they would have seen the ships they collided with and avoided them – even if they had no idea exactly where they were at the time.. Collision avoidance with other ships doesn’t involve where you are other than ships in a restricted channel have right of way. It primarily relies on keeping a proper watch, which involves watching (hmm….) what’s around you – and even if you have the right of way, you’re still supposed to avoid hitting someone, even if they’re the ones who are supposed to give way. (As the USCG says: Be right, don’t be dead right.)

Radar is a watch standing tool. The MK 1 Eyeball is a watch standing tool. Keeping an accurate plot (which includes the ships around you) is a watch standing tool. GPS is not, GPS is a navigation tool (as are all those other things!) but it doesn’t tell you anything about what’s around you.

AIS does, but US Navy Policy (indeed, EVERYBODY’s policy) is you do not rely on AIS for collision avoidance. You need to keep watch.

In fact, the root cause seems to be a combination of extremely poor training and exhaustion due to insane USN watch standing schedules.

Gunter Königsmann • September 25, 2017 11:42 AM

I don’t doubt the GPS can be easily spoofed even if a detector that watches for weird signal strengths might find out about that. My question is, though, if many combinations of commercial GPS and its users can distinguish spoofing GPS signals from a bad signal to noise margin from America actively shifting the commercial GPS positions in order to fool enemies equipped with GPS receivers from media world from commercial GPS getting unreliable by more than 20km during troop maneuvers: There were maneuvers near and in Russia only a short time ago. And during a maneuvers during the Ukraine crisis commercial GPS accuracy dropped to a point near zero in Germany. Which isn’t too near to the Ukraine.

Cassandra • September 25, 2017 12:42 PM

Accurate navigation without GPS is possible. ICBMs don’t use GPS, they used star-spotters/ also otherwise known as automatic astro compasses.

Early versions include the Automatic Astro Compass Type MD-1 used in B-52 bombers, but much, much more sophisticated ones have been developed. Essentially, with the right optical devices and software, you can detect known bright stars and satellites reliably enough to determine your position to a high accuracy, independent of GPS signals. They do work in daylight (if you know where to look, you can see Sirius, and possibly Canopus by naked-eye observation in broad daylight.

There’s a NASA scientist trying to build one ‘on the cheap’ – the military, for obvious reasons, are way, way ahead in this area, and their import and export are tightly controlled.

Daytime Stellar Imager – “…algorithm detects 6.3 magnitude star at daytime at sea level”

supersaurus • September 25, 2017 1:11 PM

@Cassandra

how does “star spotting” work under a cloud cover? safe in seattle? 😉

NeiHuem • September 25, 2017 1:17 PM

In the German elections yesterday, a remarkable 1% of the votes went to a party (Die PARTEI) that pledged — among many other things — to make “It was Putin!” a valid legal exculpation for everything, including “arrears of rent, train delays, rear-end collisions, and defective smartphone displays”.

Just sayin’…

Mariano "Qhawaq" • September 25, 2017 1:44 PM

For that I know, there are two GPS systems on same frequencies, the AIS use “civilian” GPS that is prone to be spoofed with ease, other thing is the “military” one .

It uses another signal and it can use crypto keys and is really more robust than the civilian one and can resist more better to jamming and spoofing. So the spoofing can be obtained only with “shadowing” using local tramsmitters that overpower the weak SVNs signal from the space , but this only “ground” the gps, not cofuses it, simply block the receivers and makes GPS useless.

More smart spoofing ( I’ve tried ) is to alter the signal at ground using a simple and economic “BTS” composed by a receiver on L1/L2 and a little bit of software that mimics one or more SVNs signal received by the BTS and retrasmitted, trasposed in time, blocking the original using a more strong local signal, the effect is weird 🙂 it change your position point at will.

I think that the attack, to which Bruce had referred, maybe, was conducted with this tecnique. The incident of 2011 ,that nowadays we could be considered as an “academic taught” , have taught so much to many people ( I too ), so nothing strange 🙂

To mitigate the problem, maybe, can be useful to use a dual differentiate receiver using the “military” and “civilian” (L1/L2/M-signal) signals together , to reveal a potential spoof of this type .

Clive Robinson • September 25, 2017 2:34 PM

@ Ninja,

LORAN has the advantage of providing localization even when conditions are not that optimal. As it gets develop the equipment to use it will get small enough to go into cell phones as well.

e-Loran uses a 100KHz carrier, trying to make it small is going to be an interesting engineering problem…

Wael • September 25, 2017 2:49 PM

GPS spoofing and anti-spoofing techniques aren’t new. Search for GNSS, Spirent, …

What I see interesting is a set of “anti-GPS satellite” satellites that can illuminate any place on earth with surgical precision spoofed coordinates…

Clive Robinson • September 25, 2017 2:59 PM

@ Albert,

but IR target systems give you more bang for the buck and are extremely accurate.

It’s not much talked about but IR laser lock systems have there own problems.

I’ve mentioned a number of times in the past “red eye” csused by 180degree internal reflection in focused optics like eyes, cameras and most other optical systems.

If you use a rapidly tunable laser you can “see the optics” in the bomb/missile if you then pump the output power from half a watt to a tenth of a kilowatt then it’s not much of a smart weapon any more.

Look at it this way a “smart weapon” that needs an external input that is man made, is not so smart. Because “Whatever man maketh, man can undo”.

herman • September 25, 2017 3:12 PM

This is simple to do really. Just buy an off the shelf GPS test set, add an amplifier and antenna and Kim’s your Uncle. A test set can simulate a whole satellite constellation and then you can lead a GPS guided thing by its nose.

Wael • September 25, 2017 3:39 PM

@herman,

Just buy an off the shelf GPS test set, add an amplifier and antenna and Kim’s your Uncle.

That’s too expensive. Just get one of these or a slightly more expensive version. Do you know how much a Spirent, Rohde & Schwarz or Anritsu cost to buy (or rent.)

Besides, mission critical devices don’t depend on a simple GPS receiver that we have in our mobile devices. They use something a little more sophisticated like this

Relevant article: http://www.insidegnss.com/node/1633

Cassandra • September 25, 2017 3:50 PM

@Supersaurus

It doesn’t, or at least, not well. In the original uses for the technique, the equipment that required an accurate fix tended to be above most of/ all of the clouds.

Clive Robinson • September 25, 2017 3:58 PM

@ Cassandra,

Essentially, with the right optical devices and software, you can detect known bright stars and satellites reliably enough to determine your position to a high accuracy,

Did you know that the Russian GPS Glonas has “tri-corner” reflectors for lasers?

@ supersauras,

how does “star spotting” work under a cloud cover?

You can take reasonably accurate “star sights” on our star the sun using polarizers…

The way you know where a satellite is pointing when viewing the earth at high magnification is to look up at the stars as well as keeping an acurate time refrence. You then use a bit of software to turn the star sight into a sight line. It can be done with a higher resolution than civilian satellites are currently allowed to image the earths surface.

There is an interesting bit in both the book and the film of “Ice Station Zebra” where on of the spys tells the sub captin all about “their german scientists” and “their german scientists” and explains almost exactly what happens…

Mike Barno • September 25, 2017 5:12 PM

@ MikeA,

Hmm, did you hear this from a player of the strategy game Diplomacy? As @Bruce might remember, the map’s space named Moscow has no coast, and therefore no fleet can occupy Moscow. Perhaps the 19th-century captains were in St. Petersburg or Sevastopol, but the dastardly Tsarist regime distributed Moscow newspapers at the harbor, with bogus celestial charts.

(Okay, I realize the 19th century had some river combat boats, so it’s plausible, just as the landlocked “Austrian Navy” in The Sound of Music was the Austro-Hungarian Empire’s navy out of Trieste. But most river warships never made it back to their home port from their first mission.)

Sancho_P • September 25, 2017 6:07 PM

A sophisticated attack – oh clearly, evil Putin and the Ruzkies, only to destroy America.
But don’t think too much why they position the ships to airports:
It’s only their test environment.
In short they will briefly beam (not only) whole ships to specialized logistic centers, unload them, and beam the empty corpses back, so nobody will know how and who did it.
Kind a time machine to steal our everything.
We must immediately send them a strong message, otherwise we’re lost!
Go, Donald, go!
… A MSM article at wired, very sad.

Steve • September 25, 2017 6:15 PM

I’ve had “anomalous” GPS events in the middle of Arizona more than once.

In any event, this makes self-driving vehicles somewhat problematic, no?

Wael • September 25, 2017 9:10 PM

@Steve,

Out of order response:

this makes self-driving vehicles somewhat problematic, no?

It makes GPS assisted drive problematic.

I’ve had “anomalous” GPS events

Me too! I was once driving in NJ and the lady inside the GPS asked me to take a bridge that seemed out of the way, so I took it. Turns out I had to pay $10 toll. A few minutes later, the b*tch asked me to make a U-turn. Went through the bridge again with another $10 toll. I got so mad I almost jumped out of my skin!

I’m not sure if I had to pay the toll twice, but my memory cells have that recorded.

Anura • September 25, 2017 10:02 PM

When I moved to another state, my GPS just got completely lost and never recovered for the remainder of the trip; luckily, I had both remaining turns memorized.

Wael • September 25, 2017 10:34 PM

@Anura,

rofl 🙂

tyr • September 26, 2017 1:23 AM

Sounds like feeping creaturism has made
things quite undependable at the same
time folk have decided to trust technology
too much.

I recall an argument over whether a radar
position was wrong being ended when one
of the lookouts reported the portside
channel marker bouy going by on the starboard
side. There is no substitute for paying
attention. For Smart weapons you can’t
beat a beam rider wiith a high velocity
engine. Clive can even tell you why they
work better.

Cassandra • September 26, 2017 1:38 AM

@Clive

I didn’t know that interesting fact about Glonass (ГЛОНАСС) satellites.

I did know about using polarisation to determine where the sun is through clouds. There is speculation the Vikings used that technique to aid their navigation, and evidence that both certain bees and ants can navigate using polarization of UV light. When properly trained, many humans can detect polarised light with the naked eye (Haidinger’s Brush).

Peter A. • September 26, 2017 2:14 AM

I may be old-fashioned but I still have a paper map in my car…

Clive Robinson • September 26, 2017 4:14 AM

@ Steve,

blockquote>I’ve had “anomalous” GPS events in the middle of Arizona more than once.

blockquote>

The problem with an “anomalous GPD event” like in any radio navigation aid is working out the Where? and the Why? of the event.

If you think about it you can draw up a communications chart of parts/channels. So simplisticaly the event could happen in,

1, The transmitter.
2, The free space radio path.
3, The receiver.

If it occurs in the transmitter “everybody” gets to see it. If in the radio path “some people” get to see it and in the receiver “only you” get to see it.

The fact that there are “some people” seeing these anomalies near Russia is what makes people suspect that it is the radio path that is causing the issue, hence the possible “spoofing claims”.

However in your case Im assuming that it was “only you” that saw the anomalous event at that time, which tends to suggest it was your receiver.

There are two main sources of apparently random errors in systems,

1, Actual hardware faults like dry joints on printed circuit boards etc.

2, Software “corner cases” that have “not been tested out”, one example of which is integer overflow that pops up in all sorts of places including floating point math.

Which brings us to your question,

In any event, this makes self-driving vehicles somewhat problematic, no?

To which the answer would be, “If any part of the overal system is defective, then you had better hope the fail safes are correctly functioning where you are”.

Winter • September 26, 2017 6:50 AM

Animals can use the quirks of earth’s magnetic field to create their own GPS.
https://www.seeker.com/pigeons-create-gps-from-earths-magnetic-field-discovery-news-1765750653.html

Undoubtedly, the military uses that too. Btw, this was a plot feature of the 2012 spy thriller “The Alexandria Project” where North Korean agents change the US’ database of magnetic field data to misdirect ICBM’s. Maybe the current leadership of NK have read that book?

Hollywood plotter • September 26, 2017 7:58 AM

Wouldn’t that make a great plot for a film ?

Rogue scientist / engineer sells GPS spoofing technology to arch villain.
NATO Warship wanders into foreign territorial waters and gets destroyed.
A spy in the manner of 007 gets sent to track down the source of GPS spoof and ‘sort out’ the world’s evil nemesis.

Oh damn, it’s already been done !

Maybe my Tomorrow has Died already.

Bob Paddock • September 26, 2017 8:08 AM

@Winter, @Clive

@Winter, sometime ago NASA had an extreme interest in mapping the magnetic field of Earth. I have wondered why.

@Clive, wrote: “e-Loran uses a 100KHz carrier, trying to make it small is going to be an interesting engineering problem…”

@Clive, how would you expand this “Black Hole” Antenna design from 25 kHz that it is now to the needed 100kHz? Issues of Near/Far field etc. Technology has advanced since NASA did it prior to 1993.

Dr Sutton of NASA Wrote (elsewhere long ago):

…The active (“Black Hole”) antenna was developed in another project, where we didn’t want to transport a two meter long antenna that weighed 200 pounds…..so we miniaturized the hardware while simultaneously expanding the antenna field cross section. We wanted to receive the entire ELF-VLF bands all at once, so we had to have an extremely broadband antenna….like four decades of bandwidth or more. You wouldn’t believe the arguments I had with the reviewer at Physics Essays. He just couldn’t believe that one could do what we did….and if it was indeed true, then why hadn’t someone done it years ago?.., “and what makes you so smart”, .so, of course, “this must be nonsense, etc…..” Progress in physics is so bloody difficult because most physicists think that everything worthwhile has already been discovered….so they expect nothing new. This is negative feedback which, of course, makes the system stable, I suppose.

The one text book that includes diagrams of the antenna-external field interaction is listed as one of the references in the Physics Essays paper. Sorry, I can’t remember the name of the author or the title.

John Sutton, Ph.D.

My summary of their work (long ago):

“A Broadband Active Antenna for ELF Magnetic Fields” by John F. Sutton and G. Craig Spaniol” in Physics Essays March 1993, Vol 6, #1, 1993.

Abstract: “A unique broadband ULF-ELF-magnetic antenna is described. Active circuitry is employed to introduce a negative impedance that combines with the wire resistance, the distributed winding capacitance, and the inductance of a physically small search coil to produce an antenna with a very small impedance. The result is increased search coil current and a enhanced dipole-plane wave field interaction, which greatly increases the effective area of the antenna, independent of frequency – a ‘black hole’ antenna.”

The conclusion of the paper reads:

“We began our work with the known plane-wave electromagnetic field-resonant dipole electromagnetic field interaction which can explain equally well the enhanced effective areas of photon-atom, photo-particle, and radio wave-tuned dipole interactions. We have extended this principle by showing theoretically and demonstrating experimentally that active circuitry can be used to introduce negative impedances into an antenna circuit to reduce this same interaction over a broad band of frequencies. The interaction has been applied to enhance the sensitivity of physically small untuned search coils, used in the study of the ionosphere via the Earth-ionosphere cavity resonances, nominally in the 1 Hz – 100 Hz range. The active antenna frequency response has been measured and confirmed to be free for resonances and uniform, +/- 2dB, over a nearly four decade range of frequencies from 3.5 Hz to 25 kHz.

They site “C.F.Bohren and D.R.Huffman, “Absorption and Scattering of Light by Small Particles” (Wiley, 1983) saying it show Poynting vector field diagrams of the field interactions. Ref #22 of the paper.

Sir A. Fleming “On Atoms of Action, Electricity, and Light” in “The London, Edinburgh, and Bublin Phiosophical Magazine and Journal of Science” October 1932. Phil.Mag.S.7.Vo..14.No.92.Oct 1932

It shows “diagram representing the nature of the electromagnetic field near a receiving aerial in wireless telegraphy”. Sucking like distortion field.

“Light absorption by a dipole” H. Paul and R. Fischer. Sov.Phys.Usp.26(10), Oct. 1983. American Institute of Physics.

Abstract: “In semiclassical radiation theory, the electric dipole moment induced on an atom by a strong incident field, absorbs much more energy, per sec, than is flowing through its geometrical cross section. This means, the atom has the capability to ‘suck up’ [that is what it says here, I’m not make it up] electromagnetic energy from a spatial region that is by far larger than its own volume. An intuitive understanding of the effect is provided by studying, in the framework of classical electrodynamics, the energy flow in the total field made up by superposition of the incident wave and the field that is generated by the dipole also in the absorptive case.”

Some one wrote a note on the cover pages that reads “The German explanation is that it ‘sucks'”.

https://web.archive.org/web/20070425064831/http://www.unusualresearch.com:80/Sutton/sutton.htm

Wael • September 26, 2017 8:30 AM

@Hollywood plotter,

Wouldn’t that make a great plot for a film ?

Of course! A sure blockbuster!

A spy in the manner of 007 gets sent to track down the source of GPS spoof

And during his trip, 007 gets his Q-Provided watch GPS spoofed and ends up at the Kremlin, where Putin challenges him to a Judo match. 007 gets his neck broken and is sent back on a wheelchair, a trip during which his GPS gets spoofed again. This time he ends up in North Korea with little rocket man, who sticks him on an ICBM for an expedited trip to the UK. The GPS on the ICBM gets spoofed, one more time and…

Jonestown • September 26, 2017 8:43 AM

When the US Navy can’t avoid ramming ships in the wide open ocean imagine what will happen when their GPS is cut off.

Guess what one of the first things to go in a war would be, imagine a world with no GPS or GLONASS of any kind.
I grew up in that world, it was better than this one.

Clive Robinson • September 26, 2017 9:47 AM

@ Bob Paddock,

From the description it sounds like they made the antenna a negative resistance oscillator that did not quite oscillate.

Back in the early days of home radio (1915-25) you had the Tuned Radio Frequency (TRF) receiver. It often had three seperatly tuned radio stages and was at best difficult to tune to a different station. It had other issues that were partly cured by neutralization, which is a form of feedback mechanism.

Edwin Armstrong amongst others played with radio circuits and he patented the idea of a regenerative receivers, which also used feedback. It used the idea of bring a tuned circuit to just about resonance and then quenching it back. Yes they got very high gains with just a single device and single tuning element, but the down side was that the effective Q,of the circuit went up proportionately thus the bandwidth dropped.

Armstrong later got around some of the regenerative receiver problems by designing the amplifier so that as it started to oscillate, the circuit conditions changed and it became not an RF oscilator but an ultrasonic oscillator. This was called auto quenching and the overall circuit the Super-Regenerative Receiver[1] or “super-gen”. But it still had the low bandwidth issues.

So I’m not sure how this “black hole antenna works” as the description is incompleate.

[1] http://www.eix.co.uk/Articles/Radio/Welcome.htm

Wael • September 26, 2017 10:19 AM

@Bob Paddock, @Clive Robinson,

Black hole antenna, eh? A bust from the start. Black holes emit Hawking radiation, so even the name he chose sucks, pun in 10 did.

MRRO • September 26, 2017 11:03 AM

Interesting. I know this is anecdoctal [verified with 3 phones though] there are two spots in my home town where GPS is completely wrong.
A “Secret” Airforce base & bunker where the GPS would always default to somewhere in Southern Africa for 1/2 mile or so around it.
This stopped happening when the base was closed down

And the other place -A builders yard where when deliveries are made between 0600 and 0800 the GPS says you’re in Salford/manchester

Clive Robinson • September 26, 2017 11:30 AM

@ Wael,

Whilst the name might be a bust, have you any ideas on the what and the how of it?

Wael • September 26, 2017 11:41 AM

@Clive Robinson,

Looked at it briefly, wasn’t convinced so I moved along. So I have no idea how it works…

Bob Paddock • September 26, 2017 12:48 PM

@Clive, @Wael

If this link works it takes you to the NASA patent, with schematic and description:

US5296866

TRF is trying to be selective while the Black Hole Ant. is trying to be wideband.
The goal is to synthesize the massively large coils with Gyrators and still be a physical pick up vs simulated inductor. The Negative Resistance cancels the physical search coil’s resistance allowing for reduction in mass of a real coil.

To the Ultrasonic point, today you can use high bandwidth opto couplers to isolate the antenna from the feedback rather than Ultrasonic, to prevent the unwanted oscillations of old style Regenerative Receivers. Such a Opto based Regenerative Receiver was written up in QST in the 90’s.

Tatütata • September 26, 2017 3:38 PM

From the description it sounds like they made the antenna a negative resistance oscillator that did not quite oscillate.

The plight of the RF engineer: Amplifiers oscillate, oscillators don’t…

In addition to the paper, you can have a look at the patents. The database incorrectly lists “US ARMY” as the assignee, I checked and it is actually NASA.

My own experiences (as a hobbyist) with low-frequency negative resistance amplifiers were rather disappointing, getting them to work without a ton of measurements and analysis is tricky. Oscillation was also an old friend on repeatered two-wire tandem trunks, which poles wandering off the wrong side of the imaginary axis when the loop wasn’t in service. (I guess that spending a dime to insert a terminating resistance was too much for good ol’ Ma Bell).

Compensating the antenna losses with negative resistance is a recipe for noise, but then the system is dominated anyway by atmospheric interference.

The signal from the satellites is purposfully weak (their orbit is between MEO and GeoStat) thus they can be easily jamed by even quite a low power transmitter.

The signal level is low because that’s pretty much the only way how you can hope to get the system to work.

Are there any reports of Glonass spoofing or even jamming? (It’s FDMA nature seems to me slightly more demanding).

Wael • September 26, 2017 3:39 PM

@Bob Paddock, @Clive Robinson,

Looked at the patent. I understand some parts. Antennas, see have.a temperate and a radiation patten. It’s the same for receiving and for transmitting. Now I understand the part about the expansion of physical dimensions of the antenna through some circuitry that cancels out the impedance of the antenna. I am not sure things work that way.

What is the specific area you want to discuss? I am not sure I have the bandwidth to read the whole disclosure, which seems like an application, not an issued patent yet? But NASA “acquired it”, and in that case, who am I to question the soundness of an idea that subject matter experts with much more knowledge than truly your have?

supersaurus • September 26, 2017 6:18 PM

@Clive

do you ever sleep? how is it possible to know so much about so many things (for cynics on the thread, no, I’m not being sarcastic).

fajensen • September 27, 2017 2:52 AM

@Bob Paddock

Very interesting antenna/receiver concept, thanks for digging this up of the abyss and posting it here!!

@Wael
I haven’t dug out the paper yet, from looking at the thing, what they do is that they use a current source to cancel the currents induced in the coil antenna from the surrounding field. This makes the EM field zero near the coil, which is probably where the “black-hole”-imagery is derived from.

Since the cancellation current is proportional to the induced current , they can pick up a scaled copy the signal at the current source, for example by having different ratios between the antenna coil and the cancellation coil/winding. Since we are driving currents, the circuit resistance becomes irrelevant – the currents depends “only” on the driving current source (of curse within physics limits) – so resistance “cancels out” and does not really affect the performance from an RF circuit perspective.

I think it should work – certainly as an antenna, that is.

I dunno about the “bending of the EM-field” to make the “virtual antenna” appear much larger than the physical – but – Maybe:

Since we are actively injecting a current into the thing, derived to canceling the induced currents, the device is in fact transmitting an inverse EM field and this might well cancel/diminish the field out to some distance depending on the bandwidth and power of the current source.

Of course, if we are very good at cancelling, there will be no field left to derive a reference from so it cannot be an actual “EM black hole”, some residual field must always remain. How much depends on the gain of the device between “Imposed EM-field” and the “Injected Cancellation EM-field”.

I think my conclusion is that it actually does work pretty much as described.

That wide bandwidth current source will be tricky to stabilise, but, of course this is possible (Automated Test Equipment (ATE) uses lots of high-bandwidth current drivers 24/7). As a hobbyist one can easily buy transconductance amplifiers and roll a “current servo amplifier” that is better than the Howland? current source they use in the patent.

http://www.ti.com/lit/an/sboa117a/sboa117a.pdf

@Clive, “e-Loran uses a 100KHz carrier, trying to make it small is going to be an interesting engineering problem…”

Yes. It is always interesting and often very rewarding* to reinvent “ancient” technologies with much better materials and components, in this case probably The Humble Ferrite Antenna. It has been accomplished before to fit DCF-77 (77 kHz) into wristwatches, the receiver is tricky.

http://caxapa.ru/thumbs/417284/Engeler_DCF77.pdf

*)
Made so much money on designs with Transductors: Ancient magnetic device based on saturation effects for rudimentary AC power control in the 1930’s or so (and in the V2), “suddenly” due to much better magnetics and trivial ease that we can handle high frequencies today, it becomes quite tiny, robust, efficient and able to operate in satellite switch mode power supplies where heat is radiated away, so, they are really cooking (or welding machines, where no-one gives flying fig about stuffed ventilation slots – it just have to work regardless of all the abuse).

Wael • September 27, 2017 6:36 AM

@fajensen,

I’m familiar how active antennas work, I agree that EM bending is not something I’m aware can be done with another EM / DC component. That’s the part I don’t buy. The thing my work, but I question the explanation.

Bob Paddock • September 27, 2017 7:19 AM

@Fajensen @Clive @Wael

“…accomplished before to fit DCF-77 (77 kHz) into wristwatches, the receiver is tricky.” http://caxapa.ru/thumbs/417284/Engeler_DCF77.pdf

That paper discusses a type of ‘Lock-In-Amplifier’ or Synchronous Detector.
Part of Dr Sutton’s work at NASA was related to these as well:

Dr Sutton wrote: “The synchronous detectors were used in temperature monitors and temperature controllers designed to control temperatures on spacecraft at 60 milliKelvin +/- a few ucroKelvin. The preamplifier had to have a gain of 10E5 after which the demodulated signal had to be converted by a 16 bit ADC, with +/- 1LSB allowable error…. so of course, you can see that we were working with extremely small signals buried in the noise, and we had to go all out in an effort to beat down the noise. That’s why we had to use a new improved synchronous demodulator. This project was as close to being impossible as you can get! I still have trouble believing that we actually made it work.”

Again he declined to discuss ‘Why?’ they needed this. Any ideas?

That work is NASA GSC-13179 and GSC-13273:

“Improved Analog Synchronous Demodulator: Output ripple is suppressed without an output filter” GSC-13179, NASA Tech Briefs, March 1992. Uses dual op-amp and 4053 CMOS switches.

“Digital Synchronous Demodulator: The digital version offers greater speed, precision, and reliability.” GSC-13273. All done in FPGA.

I don’t have any Patent numbers for those at hand here. Searching for Dr Sutton and NASA will likely find them.

The original NASA ‘Black Hole’ Antenna was:

“Broadband Active-Antenna: The effective area of a search coil is increased.” GSC-13309. Single op-amp, search coil and a few passive components. This paper appears to be the patent application before the lawyers screwed it all up.

This seems to have great weight in GSC-13309 “How Can a Particle Absorb More Than the Light Incidence on It?” by Craig F. Bohren, Am. J. Phys. 51, No. 4, P.323, April 1983.

From GSC-13309: “With a tuned antenna there is always a tuned circuit including the antenna, where a capacitive reactance is effectively canceled by an inductive reactance which leads, in turn, to a large circulating current in the resonant circuit, which results in the production of a field. This field, in turn, interacts with the incoming field.”

More details here.

My original question was, we have better technology than before 1992, seems we should be able to get such a ‘Black Hole’ Antenna working to at least the 100 kHz required by eLORAN? eLORAN will be less susceptible to CMEs taking out all the satellites.

Baylink • September 27, 2017 8:39 AM

Perhaps I’m missing something here, but are we really assuming that because the AIS reports of Russian ships in Russian waters are bad, that it’s the incoming GPS that was spoofed?

Isn’t it much simpler to assume the AIS transponder is the thing that’s lying?

Raptor • September 27, 2017 10:12 AM

It kind of makes you wonder why the Obama administration cut funding for LORAN doesn’t it? LORAN was impervious and resistant to jamming but GPS is such as low powered signal that spoofing and jamming are extremely easy. This nation has gone 7 years without a reliable and affordable backup time and position source.

Clive Robinson • September 27, 2017 10:21 AM

@ Supersaurus,

do you ever sleep? how is it possible to know so much about so many things

Well I used to hardly sleep when I was younger, maybe an hour or two most nights but all day sunday.

However nit currentky I’ve had to get involved with a conferance that is about politics and all I want to do is snore very very loudky 😉

I was also insanely curious about “fundementals” you’d be supprised just how they are transferable from one knowledge domain to another.

But… I’ve always had the inate ability to see a system mentaky break it into parts and identify it’s weaknesses. Kind of @Bruces “thinking hinky” on steroids.

Rachel • September 27, 2017 11:19 AM

Clive

You said to the effect of, you have the ability to see a system in entirety and break it down and identify its weaknesses. I am not suggesting you are autism spectrum for a moment ( although you did acknowledge you are a savant) – but your description above reminds me of a biopic of Temple Grandin. Maybe not a spokeswoman for autism but has become publically associated with the syndrome and embraced for her success and innovation. ( largely in animal husbandry interestingly) The biopic displayed her capacity to do what you described, with mechanical systems. Somewhat cross sensory in fact, almost synaesthesia . She has written some great books

Clive Robinson • September 27, 2017 3:08 PM

@ Baylink,

Isn’t it much simpler to assume the AIS transponder is the thing that’s lying?

I suspect it’s unlikely, think about a ships Captain, on seeing an AIS anomaly they are going to look at it’s inputs which is the GPS. The Captain sees that the GPS is reporting the same “off position” which means either both systems are being effected equally or just the GPS which the AIS is dependent on. The use of Occams Razor suggests it’s the GPS that is at fault, and that appears to have been confirmed. Which is why the Master being interviewed indicatted that the ship’s crew resorted to using the ships radar and older technology including I assume standard watch keeping and bridge officer duties involving optical instruments such as sighting compasses and sextants for taking bearings. Which is what I do along with keeping a running log (I don’t trust fuses 😉

Clive Robinson • September 27, 2017 4:47 PM

@ Rachel,

I am not suggesting you are autism spectrum for a moment

Older readers know the answer to that and the answer is aspie, I’m not the only one, as others may wish to confirm, or not as is their choice.

Whilst I do have some savant like abilities, the one I was most reliant on, speed reading got kicked out of me one day. It happened when I was attacked on my way to work and had my head kicked into a street sign metal pole with a flying karate kick. So I nolonger read a paperback a day and two or three technical books and around four hundred sheets of A4 data sheets a week. Worse I do not have the memory I used to have, I was kind of like a human file index, you could ask me about something relatively obscure and I would not only tell you which file box it was in, but usually the page and paragraph. Thus I saved a lot of colleagues time and effort. Whilst I am not making “new memories” like that, I still do have the recall for much of it which makes the expresive disphasia I suffer from occasionaly now all the more gauling[1]. It also has a knock on effect on my writting, previously I could write ten or more pages without having to plan or re-read to check I’d not left anything out or said things twice or more importantly inconsistantly.

Apparently according to the surgeon I was very lucky to be alive. The force was sufficient to give a full fracture at the point of the lower jaw. Which is apparently the hardest bone to break, and normally seen only in the mortuary on those who have been in fatal car accidents or similar. It resulted in a loss of taste which killed of one of my hobbies which was entertaining people to dinner, whilst I can still cook it’s no where near the standard it used to be. The other problem it has caused is a change in personality, the knock on effect of which is apparently one of the reasons I now sometimes sleep for over 22hours in a day or not at all other days.

For those reading along in the US you are probably aware of sporting head injuries that cause personality changes via lawsuits and the NFL and what it can mean to an individual. If you have children please ensure they wear head gear when cycling, sailboat sailing etc and discorage them from US Football, or those living in Auz “Aussie rules” and other places rugby. Whilst you should not “cotton wool” children, that does not mean you should allow them to take “meat grinder” style needless risks.

[1] What happens is occasionaly I can not recall a word. I know it exists and can give you the dictionary definition but the word itself remains just out of reach. Once however I see or hear the word I recall it, and will remember it again for quite a while. For instance a month ago I had need to use the word nepotism, but could not remember it. In the end I did a reverse search for the word on the internet using the dictionary definition and found it within a few seconds… It’s realy anoying when it happens, kind of like turning your ankle when out running.

Ismar Duderija • September 28, 2017 2:20 AM

This may be the best thread so far this blog.

Rob • September 28, 2017 4:34 AM

I’ve not read the original article but from the extract it seems to suggest that incorrect AIS transmissions is an indicator of interference with GPS. Well AIS is a very simple protocol where clear text data is transmitted by vessels at semi random intervals. That data is often fed to the AIS transmitter by an NMEA feed from a separate GPS unit. Well NMEA is simply text over rs232. If you plug a terminal into your AIS transmitter you can tell people anything you like. A lot simpler than interfering with GPS.

TM • September 28, 2017 5:38 AM

NeiHuem • September 25, 2017 1:17 PM

In case anybody missed this: Die Partei, a registered political party in Germany, is a project by satirists of the ‘Titanic’ magazine. Their political platform includes the demand to base manager pay on bra size in order to solve the gender pay gap. Their success in the election is more than symbolic because they now get money from the state to fund their political activity.

Wael • September 28, 2017 6:38 AM

@TM,

Their political platform includes the demand to base manager pay on bra size

Silicon power amplifiers (bra inserts) and Silicon implants (at around 5,000€ a pop) will be in huge demand. If I were you, I’d invest in a silicon company. Dump the stock when they equate Silicon with fake resumes.

GPS: Glorified Peanut Smugglers

Wael • September 28, 2017 6:49 AM

invest in a silicon company […] Dump the stock…

Gives a whole new practical meaning to the expression “pump and dump” 🙂

Mike Barno • September 28, 2017 9:05 AM

@ Wael,

Silicon power amplifiers (bra inserts) and Silicon implants (at around 5,000€ a pop) will be in huge demand. If I were you, I’d invest in a silicon company.

Silicon ~= Silicone. Different firmness.

Wael • September 28, 2017 9:24 AM

@Mike Barno,

Good catch.

Different firmness.

I could imagine.

albert • September 28, 2017 12:12 PM

@Rachel,
Thanks for mentioning Dr.Temple Grandin. Instead of whining about animal cruelty, she ‘took the bull by the horns’ and consulted with meat processors to explain more humane ways of killing animals, based on her own extensive studies.
..

@Wael, Barno,
Silicon, element – con as in convict, northern California, Silicon Valley
Silicone, compound – cone as in ice cream cone, southern California, Hollywood!
BTW, Silicone is -no longer recommended- for breast implants.
..
. .. . .. — ….

Wael • September 28, 2017 2:51 PM

@albert, @Mike Barno

Silicon, element – con as in convict…

Okay, okay, so I made a booboo. Thanks for that titbit of information! Amazing how the discussion goes from GPS to such a titular subject!

BTW, Silicone is -no longer recommended…

Let me take a shot at it: Titanium?

Mike Barno • September 28, 2017 5:24 PM

@ Wael,

Titanium?

Produced by the Tata Group.

Wael • September 28, 2017 7:41 PM

@Mike Barno,

Tata group, eh? Lol

But I digress • September 28, 2017 7:42 PM

“Which is apparently the hardest bone to break” – Pretty sure that’s still the forehead.

Clive Robinson • September 28, 2017 8:49 PM

@ But I digress,

Pretty sure that’s still the forehead.

Which bones –there are several– in the forehead are you refering to and in which ethnic grouping?

Men for instance have more pronounced brow ridges than women, but the actual size varies a great deal with not just ethnicity but age as well.

But if you look at the bones at your temples, which are regarded by most as part of the forehead the thumb and middle finger of the same hand in an adult male can excert enough force to fracture if not fully break them… Such wounds have been seen by anthropologist when investigating the skeletons of those killed at various times. It is for instance known that a method of tourture and execution –still practiced–
was to put strong twine around a persons head from just above the eyes above the ears and just below where the back of the skull juts out. Two suitably shapped pebbles or hardwood disks would be put under the twine at the temples and a stick would be twisted in the twine at the back of the head tightening the twine loop around the head applying preasure at the temples slowly and painfully. Unlike a similar process done around the throat the victim would scream very loudly thus making a prolonged public spectacle of the torture or ultimately execution.

However when considering the difficulty of bone breaking you did not quote me fully. What I actually said was,

the point of

I was being quite specific as to where the break was and how difficult I had been told it was to break there by the maxiofacial surgeon. Like the bones at the temples the side of the jaw is much easier to break. Evolution has in effect decided over thousands of years that insult / injury to the front of the head is what needs protecting more than other parts of the skull.

Oh you will find some people claim the hardest bones to break are the ossicles, not because they are strong, but because they are inside the skull at the thickest part, thus not easily accessible to the usual forms of insult / trauma. However as those taught some of the nastier forms of hand to hand combat will tell you an object like a slim screw driver or pen can be fairly easily driven into the ear cannal and then rotated about causing not just near instant fatal brain injury but also easily smashing up the ossicles.

Which shows the argument can be quite subjective, so untill I see qualified evidence to the contrary, I’ll go with what the surgeon told me.

PeaceHead • August 2, 2018 11:27 AM

https://s33.postimg.cc/5xkmnoqj3/Caution.png
https://bigthink.com/videos/a-black-hole-in-our-own-backyard (video)

“When the […] collide, stars in your eyes; open your mind angel in disguise. ”

https://spacefan.org/wp-content/uploads/2016/03/17/merging_black_holes_940x705.jpg

@Bruce, this singular page is showing up as raw xml data on my browser. All other pages are showing up as normal: https://www.schneier.com/blog/archives/2018/06/friday_squid_bl_629.xml

GPS Spoofing Attacks

Comments

Leave a comment Cancel reply