Feeds

GPS spoofing countermeasures: Your smartphone already has them

BAE Systems gets to where Google was in 2007-odd

Top 5 reasons to deploy VMware with Tegile

Analysis There's suddenly a lot of panic about GPS satellite navigation spoofing, and BAE Systems among others would like to sell the military some tech to resist it. But in fact, most modern smartphones already have strong countermeasures against this sort of thing.

UK-headquartered but largely US-based BAE's latest grab for government pork is a GPS companion which uses other transmissions, such as TV and cellular sites, to confirm a location fix, just as Google started doing in 2007, and others had been doing well before that.

Realistically a greater menace to GPS users than spoofing would appear to be the British Ministry of Defence itself. InsideGNSS reports that various suppliers of GPS receivers and satellites have had letters from Ploughshare Innovations - the MoD's R&D commercialisation arm - asking for patent fees.

The claims stem from a patent taken out by Ploughshare on technology jointly developed by the US and European Union to ensure that users could make use of both the new GPS third-generation satellites and the upcoming European Galileo system. Doubtless the UK Defence Science and Technology Laboratories were involved, but their claim on a slice of GPS revenue as a result is far less clear.

That dispute will get bigger, potentially much bigger, but in the meantime BAE Systems reckons users should be looking to add a check on GPS data with ambient radio signals anyway.

The Great Google Slurp

Google started using the locations of cellular towers in 2007, to speed up the time-to-fix of GPS systems and provide location data to those without GPS hardware. Google had to manually compile the initial list of cell sites, though nowadays it sucks in constant updates automatically (from the phone of anyone using radio location in Google Maps). It has also added Wi-Fi hotspot data to the database - providing very fast fixes to within a couple of metres without recourse to slow, power-hungry GPS.

Which is just what BAE's NAVSOP (Navigation via Signals of Opportunity) does. NAVSOP claims to add TV transmitters to the mix, something Google would no-doubt bother with if more phones could receive TV signals.

"The potential applications of this technology are already generating huge excitement in both civilian and military circles," says BAE's Dr Faraghe - presumably those circles where Bing is the search engine of choice, as a stock Android handset is already doing nearly everything NAVSOP claims to be capable of - making itself largely immune to the GPS jamming (or more insidious spoofing) which so worries BAE.

Jamming and spoofing equipment is certainly readily available, and GPS signals are very weak (hence easily blotted out by noise or spoof signals). But people forget that military GPS signals are encrypted, meaning that they can't be spoofed, only jammed.

And a military GPS receiver, certainly in something important like a cruise missile or a smartbomb or a drone is only used as a check on inertial navigation anyway, so a jammer would have to follow the bird for a long time to have any effect (it would probably need to follow it from above, too, as the antenna is designed to look up at the sky).

Civil GPS signals are not encrypted, but in the civilian world you can introduce signals of opportunity as a check on location with ease, as your Android (or your iPhone) already does. Smartphones are acquiring some of the other military inertial checks, too: many phones now have magnetometers and accelerometers able to provide a basic dead-reckoning check.

Much is being made of the University of Texas team which recently managed to spoof a drone owned by the US Department of Homeland Security. But as Aviation Week points out that drone was a commercially-available mini quadrotor totally reliant on civil GPS.

GPS has been assailed before: in the UK we've seen the LORAN crowd arguing that the availability of GPS jammers demands that alternative technologies be maintained and expanded (specifically LORAN obviously), but the cost of such alternatives is significant and it's hard to see what they really bring to the party.

Using ambient radio signals to confirm a location isn't "a real game changer" as BAE systems would have us believe, then, but it is quite a good idea: which is why Google, Apple and other rather faster-moving technology firms started doing it long ago. ®

Internet Security Threat Report 2014

More from The Register

next story
'Kim Kardashian snaps naked selfies with a BLACKBERRY'. *Twitterati gasps*
More alleged private, nude celeb pics appear online
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
Freenode IRC users told to change passwords after securo-breach
Miscreants probably got in, you guys know the drill by now
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
BitTorrent's peer-to-peer chat app Bleep goes live as public alpha
A good day for privacy as invisble.im also reveals its approach to untraceable chats
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.