17 December 2009
SkyGrabber is a simple enough concept: grab the signals that spill from a satellite broadcast (or even narrowcast), aimed from a satellite towards a specific location, and turn them into TV feeds you can look at. Or as the website puts it: "You don't have to keep an online internet connection. Just customise your satellite dish to selected satellite provider and start grabbing."
The US drones would send their video up to a US military satellite (the "uplink") that cannot be intercepted. The signal would then be beamed by that satellite or a linked one down to the controllers – who might be in Afghanistan or Iraq. Because that signal was unencrypted, anyone who tuned their satellite dish to the correct frequency and location in the sky could pick up the signal, and decode it. And because any satellite downlink signal spreads a little, the area where it can be picked up is potentially huge.
The weakness has been known for a very long time. In February this year Adam Laurie, an "ethical hacker" who has spent a lot of time looking at satellite feed hacking, told the BlackHat conference that "anyone with a [satellite] dish can see data being broadcast" and that "things you would expect to be secure turn out not to be secure. The most worrying thing is you can just see all this data going by." He has been at it since the 1990s – and in 1997 could see French TV reporters beaming back closed circuit coverage of Princess Diana's death to the UK over unsecured feeds.
The only surprise is that the US army is surprised – given that it has known since the 1990s that the "downlink" (from the satellite) of the drone video was unencrypted. The internet may have been invented in the US, but its knowledge has spread far and wide — and insurgents have used websites and computer networks to organise themselves for years.
The thinking of the author of SkyGrabber is clear enough, given the other
products he touts: they include Tuner4PC – for establishing internet
connections via satellite uplink and downlinks – and LanGrabber, which
"intercepts network downloads started by other users and saves information
on your hard disk". The latter is what hackers call a "sniffer", seamlessly
picking up the data that others are transferring and making a copy for you.