Ops.group published a report on GPS spoofing back in 2024.[1] It's bad. Ops.group is an organization for dispatchers and pilots, the people who decide the routes aircraft take and fly them. They are really angry about it. Key concerns:
- The greatest safety concern is the degraded functionality of the Ground Proximity
Warning System (GPWS). The system does not operate correctly after spoofing, even
if GPS coverage is restored. The number of false alerts is astounding. ...
- A similar concern is the significant possibility of the GPS Receiver appearing normal
to flight crew after spoofing, but in reality being contaminated with false data. ...
- This year, a 500% increase in spoofing has been observed. On average 1500 flights per
day are now spoofed, versus 300 in Q1/Q2 of 2024...
They included maps. Most of the Middle East and parts of Eastern Europe no longer have useful GPS coverage. It's not just jamming. There's active spoofing, which sends out false position info.
And this was before the Iran war.
Before this, everybody in the industry thought GPS solved the aerial navigation problem.
In the US, the FAA wanted to shut down many of the old radionavigation aids.
Now, there's a lot more interest in improving the other systems. The military wants to go mostly inertial and is working on better inertial systems.
> Before this, everybody in the industry thought GPS solved the aerial navigation problem.
Many people in industry believed this but no one with a brain ever did. The vulnerability of GPS has been cause for concern for a long time, and the decimation of the VOR network has always had a lot of people up in arms.
Bigger WTF is why critical systems still use unencrypted gps signal. It is like using plain SMTP emails for banking transactions, and relying on "sender" for authentification.
Because, due to how cryptography works, nobody other than the entity holding the signing key (ie the one that deployed the satellites) can produce valid signatures for that key.
> Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
Obviously not, but solving problems is always a cost benefit and we went from all spoofing is impossible to some spoofing is possible. What is the benefit of doing this and what is the cost?
> If you want to prevent replaying as well, add a counter.
It's not clear that would be able to prevent spoofing if the attacker could overwhelm and degrade the real signal.
Galileo already contains this function for the navigation message via OSNMA, and GPS CHIMERA is soon to be operational, with the latter actually including crytographic "signatures" in the spreading code itself, so if you use these two constellations you become really harder to spoof.
They're falling back to the C/A (coarse, civilian) signal. Part of the attack is to drown out the frequency where the P (fine, military) signal is so they can more easily attack the civilian signal.
There's another frequency they could be using that is higher power but hasn't been put into production yet.
I don't understand how "spoof-to" works. If you have to mimic a satellite then isn't everyone going to get a different location? Unless you're tracking a specific target how can you intentionally spoof them to a desired location? I'd assume the best you could do is create a fixed offset.
> The military wants to go mostly inertial and is working on better inertial systems.
Given the drift rate this is an idea for munitions but exceptionally difficult to actually operate in a vehicle.
Because the clocks internal to GNSS receivers are not that accurate, if they're not at the "targeted" location they'll see that all satellites are off by a given time offset, and think that their clock is just off by that much.
GPS tampering “data” from a company who’s upcoming tech is advertised to solve the problem their data shows is indeed a problem, and coincidentally also raised their 170M series C
I would guess the business model is 'pay us and we'll give you the encryption key to our coded transmissions'.
Those coded transmissions are far harder to jam unless you have the key. So it's all about selling to as many customers as possible whilst having not a single customer leak the key.
That's why militaries use keys that rotate daily and won't let anyone else use the military signal.
Your satellite doesn't want to be sending out lots of different signals - due to a limited power budget.
So you have to send out one (or maybe a couple) of signals protected by a key.
Yes, you can distribute that key individually to clients using public key cryptography over the same link (and many services like pay TV do exactly that).
But fundamentally any client who is able to decrypt the main stream can also share the key with someone evil who can use that info to jam the same stream.
In the case of gnss systems, you can also spoof the stream, since the interesting bit of the stream is not the data contained inside, but instead the relative time of arrival of different streams from different satellites.
An attacker can record the streams and replay them milliseconds later.
A client can protect against this if they have an atomic clock, but that's only for clients willing to pay a decent amount.
No they're harder to spoof. Jamming is easy, but requires more power to achieve a desired effect and as they note they're planning to operate a low altitude constellation with closer transmitters as a result, so harder to swamp the signal for the receiver.
Is there any other more useful url? Even with ad blocking enabled this site is a mess of auto playing adverts. It makes the actual content difficult to find.
I also read the same guerilla advertising for an alternative between the lines. If I understood it correctly from the article, the alternative itself is basically more of the same, but with a stronger signal.
So they basically will launch 300 satellites with an alternative that will face the exact same issues once jamming output signals increase too?
I've stopped watching Veritasium after the PE buyout. All of a sudden I'm deeply suspicous of their content and I'm left wondering if there is some Ulterior Motive that we are not aware of.
Always had a strange feeling watching that channel, something feels off somehow. Anyway, didnt the video also mention GPS basically has the same capability (to be weaponised)? Seems trivial and logical… its a transmitter.. just transmit noise or spoofed signals. Another thing I see pop up here in the comments is about encryption. Critical infra usually is not encrypted because you need to be able to receive it critical conditions, simple means. These infras have been steadily been replaced by ‘hightech secure’ stuff in the west (like c2000…) but here in Asia i can still get an weather-fax image using a 5 dollar radio.
Military hardware uses different signals, encryption, more advanced receivers, etc etc, but these things are on ITAR lists and not shared with the public.
It's a little surprising to me that there's a commercial venture that has been allowed to provide these things to the public at some point.
> Gunning says that, with the superior strength of the PNT signal transmitted by the company's planned LEO constellation, existing jammers would only be able to affect about 5% of the area they can currently disrupt.
"The effect of the jamming is going to be reduced to a smaller radius," Gunning said. "The degradation area will go down, and the full lock-out radius will also go down."
Will this suddenly make offending countries scramble for an alternative?
> When we fly over North America, for example, we see a beautiful signal all the time
I think by “fly”, they mean several hundred km in the air where you have sharply reduced below-the-horizon blocking.
Anyone got any leads on Doppler shift detecting equipment? Not hard to detect you’re getting spoofed or jammed with based on that. Power levels being all improbable wouldn’t be hard to detect either. Difficult to detect if “tuned” to a particular target but blanket spoofing would be hard.
Then at the consumer level, fallback options exist (hi wifi); but having something more local would be nice. FM radio stations maybe? Can mess with those too ofc. AM systems are already a fallback in aviation for gross navigation.
A private GNSS constellation has very business cases.
>Anyone got any leads on Doppler shift detecting equipment?
All radio receivers? Detecting the radio doppler frequency shift for satellites is kinda trivial.
Spoofing/jamming systems also trivially include doppler shifts. The more someone is trying to interfere with your specific location, the harder it is to defeat the spoofing.
My pedantic self says GNSS includes other non-US constellations such as GLONASS, Galileo and Beidou, and they flew those satellites because they don't fully trust US GPS
Ops.group published a report on GPS spoofing back in 2024.[1] It's bad. Ops.group is an organization for dispatchers and pilots, the people who decide the routes aircraft take and fly them. They are really angry about it. Key concerns:
- The greatest safety concern is the degraded functionality of the Ground Proximity Warning System (GPWS). The system does not operate correctly after spoofing, even if GPS coverage is restored. The number of false alerts is astounding. ...
- A similar concern is the significant possibility of the GPS Receiver appearing normal to flight crew after spoofing, but in reality being contaminated with false data. ...
- This year, a 500% increase in spoofing has been observed. On average 1500 flights per day are now spoofed, versus 300 in Q1/Q2 of 2024...
They included maps. Most of the Middle East and parts of Eastern Europe no longer have useful GPS coverage. It's not just jamming. There's active spoofing, which sends out false position info.
And this was before the Iran war.
Before this, everybody in the industry thought GPS solved the aerial navigation problem. In the US, the FAA wanted to shut down many of the old radionavigation aids. Now, there's a lot more interest in improving the other systems. The military wants to go mostly inertial and is working on better inertial systems.
[1] https://ops.group/dashboard/wp-content/uploads/2024/09/GPS-S...
> Before this, everybody in the industry thought GPS solved the aerial navigation problem.
Many people in industry believed this but no one with a brain ever did. The vulnerability of GPS has been cause for concern for a long time, and the decimation of the VOR network has always had a lot of people up in arms.
Bigger WTF is why critical systems still use unencrypted gps signal. It is like using plain SMTP emails for banking transactions, and relying on "sender" for authentification.
An even bigger WTF is why GPS data isn't signed with some official key so spoofing is impossible.
Why would that make spoofing impossible?
Because attackers wouldn't be able to send legitimate-looking data to GPS receivers any more.
Yes that's what spoofing is, but why wouldn't they be able to?
(EDIT: I see the other reply thread is already asking the same thing, didn't intend to ask about the same thing)
Because, due to how cryptography works, nobody other than the entity holding the signing key (ie the one that deployed the satellites) can produce valid signatures for that key.
Because an attacker can just replay legitimate broadcasts with slightly skewed time and origin and introduce huge errors into the fix.
Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
If you want to prevent replaying as well, add a counter.
> Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
Obviously not, but solving problems is always a cost benefit and we went from all spoofing is impossible to some spoofing is possible. What is the benefit of doing this and what is the cost?
> If you want to prevent replaying as well, add a counter.
It's not clear that would be able to prevent spoofing if the attacker could overwhelm and degrade the real signal.
Galileo already contains this function for the navigation message via OSNMA, and GPS CHIMERA is soon to be operational, with the latter actually including crytographic "signatures" in the spreading code itself, so if you use these two constellations you become really harder to spoof.
Of course, they dont protect against jamming.
They're falling back to the C/A (coarse, civilian) signal. Part of the attack is to drown out the frequency where the P (fine, military) signal is so they can more easily attack the civilian signal.
There's another frequency they could be using that is higher power but hasn't been put into production yet.
> spoofing
I don't understand how "spoof-to" works. If you have to mimic a satellite then isn't everyone going to get a different location? Unless you're tracking a specific target how can you intentionally spoof them to a desired location? I'd assume the best you could do is create a fixed offset.
> The military wants to go mostly inertial and is working on better inertial systems.
Given the drift rate this is an idea for munitions but exceptionally difficult to actually operate in a vehicle.
You mimic several satellites
Clock bias.
Because the clocks internal to GNSS receivers are not that accurate, if they're not at the "targeted" location they'll see that all satellites are off by a given time offset, and think that their clock is just off by that much.
GPS tampering “data” from a company who’s upcoming tech is advertised to solve the problem their data shows is indeed a problem, and coincidentally also raised their 170M series C
Competing with four free GNSS constellations is an interesting business model for sure...
And starlink...
I would guess the business model is 'pay us and we'll give you the encryption key to our coded transmissions'.
Those coded transmissions are far harder to jam unless you have the key. So it's all about selling to as many customers as possible whilst having not a single customer leak the key.
That's why militaries use keys that rotate daily and won't let anyone else use the military signal.
Why wouldn't they use public key cryptography for that?
Your satellite doesn't want to be sending out lots of different signals - due to a limited power budget.
So you have to send out one (or maybe a couple) of signals protected by a key.
Yes, you can distribute that key individually to clients using public key cryptography over the same link (and many services like pay TV do exactly that).
But fundamentally any client who is able to decrypt the main stream can also share the key with someone evil who can use that info to jam the same stream.
> jam the same stream.
To add to that, other people won't be able to spoof the original stream (as that needs the private key), but instead only jam it.
It would be the same failure mode as SSL certificates.
In the case of gnss systems, you can also spoof the stream, since the interesting bit of the stream is not the data contained inside, but instead the relative time of arrival of different streams from different satellites.
An attacker can record the streams and replay them milliseconds later.
A client can protect against this if they have an atomic clock, but that's only for clients willing to pay a decent amount.
No they're harder to spoof. Jamming is easy, but requires more power to achieve a desired effect and as they note they're planning to operate a low altitude constellation with closer transmitters as a result, so harder to swamp the signal for the receiver.
Is there any other more useful url? Even with ad blocking enabled this site is a mess of auto playing adverts. It makes the actual content difficult to find.
It works fine if you don't enable javascript.
uBlock Origin works fine on Firefox there.
Is GNSS jamming really as bad a problem as the article makes it seem?
The article itself reads like guerilla advertising so I'm inclined not to take it at face value.
I also read the same guerilla advertising for an alternative between the lines. If I understood it correctly from the article, the alternative itself is basically more of the same, but with a stronger signal.
So they basically will launch 300 satellites with an alternative that will face the exact same issues once jamming output signals increase too?
> with an alternative that will face the exact same issues once jamming output signals increase too?
Encryption and LEO make this significantly harder to jam. I see value in it.
Veritasium did a video a few weeks ago about scientists trying to figure out where a space based GPS jamming signal came from. https://www.youtube.com/watch?v=tz23G_UXCGA
I've stopped watching Veritasium after the PE buyout. All of a sudden I'm deeply suspicous of their content and I'm left wondering if there is some Ulterior Motive that we are not aware of.
Always had a strange feeling watching that channel, something feels off somehow. Anyway, didnt the video also mention GPS basically has the same capability (to be weaponised)? Seems trivial and logical… its a transmitter.. just transmit noise or spoofed signals. Another thing I see pop up here in the comments is about encryption. Critical infra usually is not encrypted because you need to be able to receive it critical conditions, simple means. These infras have been steadily been replaced by ‘hightech secure’ stuff in the west (like c2000…) but here in Asia i can still get an weather-fax image using a 5 dollar radio.
Near a warzone with consumer hardware? Yes.
Military hardware uses different signals, encryption, more advanced receivers, etc etc, but these things are on ITAR lists and not shared with the public.
It's a little surprising to me that there's a commercial venture that has been allowed to provide these things to the public at some point.
> Gunning says that, with the superior strength of the PNT signal transmitted by the company's planned LEO constellation, existing jammers would only be able to affect about 5% of the area they can currently disrupt. "The effect of the jamming is going to be reduced to a smaller radius," Gunning said. "The degradation area will go down, and the full lock-out radius will also go down."
Will this suddenly make offending countries scramble for an alternative?
Looks like this is mostly marketing for the services of this new constellation...
> When we fly over North America, for example, we see a beautiful signal all the time
I think by “fly”, they mean several hundred km in the air where you have sharply reduced below-the-horizon blocking.
Anyone got any leads on Doppler shift detecting equipment? Not hard to detect you’re getting spoofed or jammed with based on that. Power levels being all improbable wouldn’t be hard to detect either. Difficult to detect if “tuned” to a particular target but blanket spoofing would be hard.
Then at the consumer level, fallback options exist (hi wifi); but having something more local would be nice. FM radio stations maybe? Can mess with those too ofc. AM systems are already a fallback in aviation for gross navigation.
A private GNSS constellation has very business cases.
>Anyone got any leads on Doppler shift detecting equipment?
All radio receivers? Detecting the radio doppler frequency shift for satellites is kinda trivial.
Spoofing/jamming systems also trivially include doppler shifts. The more someone is trying to interfere with your specific location, the harder it is to defeat the spoofing.
The worst ad ridden website I’ve ever seen.
It’s jammed!
Raspberry!
There's only one man who would dare give me the raspberry...
This is a lucid way to think of enshittification in general and of the advertising business in particular: jamming the information signal.
I honestly see this jamming as a win. GNSS is a global blanket opt-in American spyware.
GNSS receivers are passive devices that receive beacons broadcasted from the satellites. It's technically impossible to spy on someone with GNSS.
And 99.99% of those GNSS receivers are connected to the internet. Or are in proximity to an (American controlled/designed) internet connected device.
This sounds like you have an issue with internet connected devices.
You can’t bomb a person based on an IP address
My pedantic self says GNSS includes other non-US constellations such as GLONASS, Galileo and Beidou, and they flew those satellites because they don't fully trust US GPS