Ops.group published a report on GPS spoofing back in 2024.[1] It's bad. Ops.group is an organization for dispatchers and pilots, the people who decide the routes aircraft take and fly them. They are really angry about it. Key concerns:
- The greatest safety concern is the degraded functionality of the Ground Proximity
Warning System (GPWS). The system does not operate correctly after spoofing, even
if GPS coverage is restored. The number of false alerts is astounding. ...
- A similar concern is the significant possibility of the GPS Receiver appearing normal
to flight crew after spoofing, but in reality being contaminated with false data. ...
- This year, a 500% increase in spoofing has been observed. On average 1500 flights per
day are now spoofed, versus 300 in Q1/Q2 of 2024...
They included maps. Most of the Middle East and parts of Eastern Europe no longer have useful GPS coverage. It's not just jamming. There's active spoofing, which sends out false position info.
And this was before the Iran war.
Before this, everybody in the industry thought GPS solved the aerial navigation problem.
In the US, the FAA wanted to shut down many of the old radionavigation aids.
Now, there's a lot more interest in improving the other systems. The military wants to go mostly inertial and is working on better inertial systems.
> Before this, everybody in the industry thought GPS solved the aerial navigation problem.
Many people in industry believed this but no one with a brain ever did. The vulnerability of GPS has been cause for concern for a long time, and the decimation of the VOR network has always had a lot of people up in arms.
Bigger WTF is why critical systems still use unencrypted gps signal. It is like using plain SMTP emails for banking transactions, and relying on "sender" for authentification.
They're falling back to the C/A (coarse, civilian) signal. Part of the attack is to drown out the frequency where the P (fine, military) signal is so they can more easily attack the civilian signal.
There's another frequency they could be using that is higher power but hasn't been put into production yet.
> Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
Obviously not, but solving problems is always a cost benefit and we went from all spoofing is impossible to some spoofing is possible. What is the benefit of doing this and what is the cost?
> If you want to prevent replaying as well, add a counter.
It's not clear that would be able to prevent spoofing if the attacker could overwhelm and degrade the real signal.
I don't understand how "spoof-to" works. If you have to mimic a satellite then isn't everyone going to get a different location? Unless you're tracking a specific target how can you intentionally spoof them to a desired location? I'd assume the best you could do is create a fixed offset.
> The military wants to go mostly inertial and is working on better inertial systems.
Given the drift rate this is an idea for munitions but exceptionally difficult to actually operate in a vehicle.
Is there any other more useful url? Even with ad blocking enabled this site is a mess of auto playing adverts. It makes the actual content difficult to find.
> Gunning says that, with the superior strength of the PNT signal transmitted by the company's planned LEO constellation, existing jammers would only be able to affect about 5% of the area they can currently disrupt.
"The effect of the jamming is going to be reduced to a smaller radius," Gunning said. "The degradation area will go down, and the full lock-out radius will also go down."
Will this suddenly make offending countries scramble for an alternative?
GPS tampering “data” from a company who’s upcoming tech is advertised to solve the problem their data shows is indeed a problem, and coincidentally also raised their 170M series C
I would guess the business model is 'pay us and we'll give you the encryption key to our coded transmissions'.
Those coded transmissions are far harder to jam unless you have the key. So it's all about selling to as many customers as possible whilst having not a single customer leak the key.
That's why militaries use keys that rotate daily and won't let anyone else use the military signal.
Your satellite doesn't want to be sending out lots of different signals - due to a limited power budget.
So you have to send out one (or maybe a couple) of signals protected by a key.
Yes, you can distribute that key individually to clients using public key cryptography over the same link (and many services like pay TV do exactly that).
But fundamentally any client who is able to decrypt the main stream can also share the key with someone evil who can use that info to jam the same stream.
No they're harder to spoof. Jamming is easy, but requires more power to achieve a desired effect and as they note they're planning to operate a low altitude constellation with closer transmitters as a result, so harder to swamp the signal for the receiver.
I also read the same guerilla advertising for an alternative between the lines. If I understood it correctly from the article, the alternative itself is basically more of the same, but with a stronger signal.
So they basically will launch 300 satellites with an alternative that will face the exact same issues once jamming output signals increase too?
Military hardware uses different signals, encryption, more advanced receivers, etc etc, but these things are on ITAR lists and not shared with the public.
It's a little surprising to me that there's a commercial venture that has been allowed to provide these things to the public at some point.
> When we fly over North America, for example, we see a beautiful signal all the time
I think by “fly”, they mean several hundred km in the air where you have sharply reduced below-the-horizon blocking.
Anyone got any leads on Doppler shift detecting equipment? Not hard to detect you’re getting spoofed or jammed with based on that. Power levels being all improbable wouldn’t be hard to detect either. Difficult to detect if “tuned” to a particular target but blanket spoofing would be hard.
Then at the consumer level, fallback options exist (hi wifi); but having something more local would be nice. FM radio stations maybe? Can mess with those too ofc. AM systems are already a fallback in aviation for gross navigation.
A private GNSS constellation has very business cases.
>Anyone got any leads on Doppler shift detecting equipment?
All radio receivers? Detecting the radio doppler frequency shift for satellites is kinda trivial.
Spoofing/jamming systems also trivially include doppler shifts. The more someone is trying to interfere with your specific location, the harder it is to defeat the spoofing.
My pedantic self says GNSS includes other non-US constellations such as GLONASS, Galileo and Beidou, and they flew those satellites because they don't fully trust US GPS
Ops.group published a report on GPS spoofing back in 2024.[1] It's bad. Ops.group is an organization for dispatchers and pilots, the people who decide the routes aircraft take and fly them. They are really angry about it. Key concerns:
- The greatest safety concern is the degraded functionality of the Ground Proximity Warning System (GPWS). The system does not operate correctly after spoofing, even if GPS coverage is restored. The number of false alerts is astounding. ...
- A similar concern is the significant possibility of the GPS Receiver appearing normal to flight crew after spoofing, but in reality being contaminated with false data. ...
- This year, a 500% increase in spoofing has been observed. On average 1500 flights per day are now spoofed, versus 300 in Q1/Q2 of 2024...
They included maps. Most of the Middle East and parts of Eastern Europe no longer have useful GPS coverage. It's not just jamming. There's active spoofing, which sends out false position info.
And this was before the Iran war.
Before this, everybody in the industry thought GPS solved the aerial navigation problem. In the US, the FAA wanted to shut down many of the old radionavigation aids. Now, there's a lot more interest in improving the other systems. The military wants to go mostly inertial and is working on better inertial systems.
[1] https://ops.group/dashboard/wp-content/uploads/2024/09/GPS-S...
> Before this, everybody in the industry thought GPS solved the aerial navigation problem.
Many people in industry believed this but no one with a brain ever did. The vulnerability of GPS has been cause for concern for a long time, and the decimation of the VOR network has always had a lot of people up in arms.
Bigger WTF is why critical systems still use unencrypted gps signal. It is like using plain SMTP emails for banking transactions, and relying on "sender" for authentification.
They're falling back to the C/A (coarse, civilian) signal. Part of the attack is to drown out the frequency where the P (fine, military) signal is so they can more easily attack the civilian signal.
There's another frequency they could be using that is higher power but hasn't been put into production yet.
An even bigger WTF is why GPS data isn't signed with some official key so spoofing is impossible.
Because an attacker can just replay legitimate broadcasts with slightly skewed time and origin and introduce huge errors into the fix.
Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
If you want to prevent replaying as well, add a counter.
> Just because we can't solve all current problems doesn't mean we shouldn't solve any current problems.
Obviously not, but solving problems is always a cost benefit and we went from all spoofing is impossible to some spoofing is possible. What is the benefit of doing this and what is the cost?
> If you want to prevent replaying as well, add a counter.
It's not clear that would be able to prevent spoofing if the attacker could overwhelm and degrade the real signal.
Why would that make spoofing impossible?
Because attackers wouldn't be able to send legitimate-looking data to GPS receivers any more.
Yes that's what spoofing is, but why wouldn't they be able to?
(EDIT: I see the other reply thread is already asking the same thing, didn't intend to ask about the same thing)
> spoofing
I don't understand how "spoof-to" works. If you have to mimic a satellite then isn't everyone going to get a different location? Unless you're tracking a specific target how can you intentionally spoof them to a desired location? I'd assume the best you could do is create a fixed offset.
> The military wants to go mostly inertial and is working on better inertial systems.
Given the drift rate this is an idea for munitions but exceptionally difficult to actually operate in a vehicle.
Is there any other more useful url? Even with ad blocking enabled this site is a mess of auto playing adverts. It makes the actual content difficult to find.
> Gunning says that, with the superior strength of the PNT signal transmitted by the company's planned LEO constellation, existing jammers would only be able to affect about 5% of the area they can currently disrupt. "The effect of the jamming is going to be reduced to a smaller radius," Gunning said. "The degradation area will go down, and the full lock-out radius will also go down."
Will this suddenly make offending countries scramble for an alternative?
GPS tampering “data” from a company who’s upcoming tech is advertised to solve the problem their data shows is indeed a problem, and coincidentally also raised their 170M series C
Competing with four free GNSS constellations is an interesting business model for sure...
I would guess the business model is 'pay us and we'll give you the encryption key to our coded transmissions'.
Those coded transmissions are far harder to jam unless you have the key. So it's all about selling to as many customers as possible whilst having not a single customer leak the key.
That's why militaries use keys that rotate daily and won't let anyone else use the military signal.
Why wouldn't they use public key cryptography for that?
Your satellite doesn't want to be sending out lots of different signals - due to a limited power budget.
So you have to send out one (or maybe a couple) of signals protected by a key.
Yes, you can distribute that key individually to clients using public key cryptography over the same link (and many services like pay TV do exactly that).
But fundamentally any client who is able to decrypt the main stream can also share the key with someone evil who can use that info to jam the same stream.
> jam the same stream.
To add to that, other people won't be able to spoof the original stream (as that needs the private key), but instead only jam it.
It would be the same failure mode as SSL certificates.
No they're harder to spoof. Jamming is easy, but requires more power to achieve a desired effect and as they note they're planning to operate a low altitude constellation with closer transmitters as a result, so harder to swamp the signal for the receiver.
And starlink...
Is GNSS jamming really as bad a problem as the article makes it seem?
The article itself reads like guerilla advertising so I'm inclined not to take it at face value.
Veritasium did a video a few weeks ago about scientists trying to figure out where a space based GPS jamming signal came from. https://www.youtube.com/watch?v=tz23G_UXCGA
I also read the same guerilla advertising for an alternative between the lines. If I understood it correctly from the article, the alternative itself is basically more of the same, but with a stronger signal.
So they basically will launch 300 satellites with an alternative that will face the exact same issues once jamming output signals increase too?
Near a warzone with consumer hardware? Yes.
Military hardware uses different signals, encryption, more advanced receivers, etc etc, but these things are on ITAR lists and not shared with the public.
It's a little surprising to me that there's a commercial venture that has been allowed to provide these things to the public at some point.
> When we fly over North America, for example, we see a beautiful signal all the time
I think by “fly”, they mean several hundred km in the air where you have sharply reduced below-the-horizon blocking.
Anyone got any leads on Doppler shift detecting equipment? Not hard to detect you’re getting spoofed or jammed with based on that. Power levels being all improbable wouldn’t be hard to detect either. Difficult to detect if “tuned” to a particular target but blanket spoofing would be hard.
Then at the consumer level, fallback options exist (hi wifi); but having something more local would be nice. FM radio stations maybe? Can mess with those too ofc. AM systems are already a fallback in aviation for gross navigation.
A private GNSS constellation has very business cases.
>Anyone got any leads on Doppler shift detecting equipment?
All radio receivers? Detecting the radio doppler frequency shift for satellites is kinda trivial.
Spoofing/jamming systems also trivially include doppler shifts. The more someone is trying to interfere with your specific location, the harder it is to defeat the spoofing.
Looks like this is mostly marketing for the services of this new constellation...
The worst ad ridden website I’ve ever seen.
It’s jammed!
I honestly see this jamming as a win. GNSS is a global blanket opt-in American spyware.
GNSS receivers are passive devices that receive beacons broadcasted from the satellites. It's technically impossible to spy on someone with GNSS.
And 99.99% of those GNSS receivers are connected to the internet. Or are in proximity to an (American controlled/designed) internet connected device.
My pedantic self says GNSS includes other non-US constellations such as GLONASS, Galileo and Beidou, and they flew those satellites because they don't fully trust US GPS