Feeds

GPS spoofing countermeasures: Your smartphone already has them

BAE Systems gets to where Google was in 2007-odd

Secure remote control for conventional and virtual desktops

Analysis There's suddenly a lot of panic about GPS satellite navigation spoofing, and BAE Systems among others would like to sell the military some tech to resist it. But in fact, most modern smartphones already have strong countermeasures against this sort of thing.

UK-headquartered but largely US-based BAE's latest grab for government pork is a GPS companion which uses other transmissions, such as TV and cellular sites, to confirm a location fix, just as Google started doing in 2007, and others had been doing well before that.

Realistically a greater menace to GPS users than spoofing would appear to be the British Ministry of Defence itself. InsideGNSS reports that various suppliers of GPS receivers and satellites have had letters from Ploughshare Innovations - the MoD's R&D commercialisation arm - asking for patent fees.

The claims stem from a patent taken out by Ploughshare on technology jointly developed by the US and European Union to ensure that users could make use of both the new GPS third-generation satellites and the upcoming European Galileo system. Doubtless the UK Defence Science and Technology Laboratories were involved, but their claim on a slice of GPS revenue as a result is far less clear.

That dispute will get bigger, potentially much bigger, but in the meantime BAE Systems reckons users should be looking to add a check on GPS data with ambient radio signals anyway.

The Great Google Slurp

Google started using the locations of cellular towers in 2007, to speed up the time-to-fix of GPS systems and provide location data to those without GPS hardware. Google had to manually compile the initial list of cell sites, though nowadays it sucks in constant updates automatically (from the phone of anyone using radio location in Google Maps). It has also added Wi-Fi hotspot data to the database - providing very fast fixes to within a couple of metres without recourse to slow, power-hungry GPS.

Which is just what BAE's NAVSOP (Navigation via Signals of Opportunity) does. NAVSOP claims to add TV transmitters to the mix, something Google would no-doubt bother with if more phones could receive TV signals.

"The potential applications of this technology are already generating huge excitement in both civilian and military circles," says BAE's Dr Faraghe - presumably those circles where Bing is the search engine of choice, as a stock Android handset is already doing nearly everything NAVSOP claims to be capable of - making itself largely immune to the GPS jamming (or more insidious spoofing) which so worries BAE.

Jamming and spoofing equipment is certainly readily available, and GPS signals are very weak (hence easily blotted out by noise or spoof signals). But people forget that military GPS signals are encrypted, meaning that they can't be spoofed, only jammed.

And a military GPS receiver, certainly in something important like a cruise missile or a smartbomb or a drone is only used as a check on inertial navigation anyway, so a jammer would have to follow the bird for a long time to have any effect (it would probably need to follow it from above, too, as the antenna is designed to look up at the sky).

Civil GPS signals are not encrypted, but in the civilian world you can introduce signals of opportunity as a check on location with ease, as your Android (or your iPhone) already does. Smartphones are acquiring some of the other military inertial checks, too: many phones now have magnetometers and accelerometers able to provide a basic dead-reckoning check.

Much is being made of the University of Texas team which recently managed to spoof a drone owned by the US Department of Homeland Security. But as Aviation Week points out that drone was a commercially-available mini quadrotor totally reliant on civil GPS.

GPS has been assailed before: in the UK we've seen the LORAN crowd arguing that the availability of GPS jammers demands that alternative technologies be maintained and expanded (specifically LORAN obviously), but the cost of such alternatives is significant and it's hard to see what they really bring to the party.

Using ambient radio signals to confirm a location isn't "a real game changer" as BAE systems would have us believe, then, but it is quite a good idea: which is why Google, Apple and other rather faster-moving technology firms started doing it long ago. ®

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.