Risk Factor

Imagine someone going to a nightclub. After being frisked by a bouncer at the door, he gets an ink stamp on the hand indicating that this person paid the cover charge and was vetted by security. What if the other patrons could be immediately imperiled if that person is allow to exit and reenter without being checked again? Something akin to that scenario has happened, but with Google Play as the venue and an Android app as the once-benign but subsequently nefarious partygoer.

CNET.com reported that researchers at Trustwave’s SpiderLabs discovered a security flaw that allowed them to introduce a cloaking program that kept Google’s malware detection, called Bouncer, from detecting updates to the app. The ethical hackers were able to update the app—an SMS blocker originally designed to allow a cellphone user to block text messages from specific phone numbers—11 times without Bouncer tossing the app from the Google Play Android marketplace.

According to the CNET article, none of the added functions contained in the updates had anything to do with blocking texts. In fact some of the updates modified the software so that it is capable of accessing data—including photos, contacts, call records, and the contents of text messages—on a handset. Other updates were even more nefarious, turning a handset into a zombie that automatically connects to a predetermined website to get instructions for participating in distributed denial-of-service attacks.

The researchers, who eventually removed the cloak, letting Bouncer detect the malicious code in a subsequent update, say they have alerted Google and will meet with Android researchers this week at the Black Hat and Defcon security conferences in Las Vegas. They will share the details of their hack in a session called “Adventures in Bouncerland.”

There was an interesting op-ed piece in the New York Times about a week ago that argued that we should begin calling our cell phones by a more accurate descriptive name, e.g., our personal “tracker.” The piece argues that the purpose of cell phones is increasingly less about servicing the communication needs of their owners, and increasing more about gathering data about their users’ activities to be analyzed by third parties, commercial and government alike.

The op-ed states that, “Thanks to the explosion of GPS technology and smartphone apps, these devices are also taking note of what we buy, where and when we buy it, how much money we have in the bank, whom we text and e-mail, what Web sites we visit, how and where we travel, what time we go to sleep and wake up — and more. Much of that data is shared with companies that use it to offer us services they think we want.”

Government law enforcement is a big user of cell phone information. For instance, according to Massachusetts Congressman Edward Markey, federal, state and local law enforcement agencies made over 1.3 million requests to cell phone companies for subscriber-related information, often including their location, call records, and text messages in 2011. Often, each request includes multiple subscribers, so the true number of people being tracked is likely several times the 1.3 million figure. In addition, law enforcement officials also sometimes ask for “cell tower dumps,” meaning all calls made from a particular tower over some time period, further inflating the number.

While most of these requests are legitimate, the number of government requests for such subscriber information has significantly increased in the past decade. For example, T-Mobile stated that such requests have increased 12-16 percent annually, the LA Times reports. Twitter recently stated that the number of law enforcement requests it has received by early July of this year was already greater than all the requests it had received in 2011.

Markey states that no one really knows "how law enforcement differentiates between records of innocent people, and those that are subjects of investigation, as well as how it handles, administers, and disposes of this information." The American Civil Liberties Union has recently filed suit against the U. S. Department of Justice (DoJ) and other government agencies to find out "how often they use surveillance tools that capture the email addresses contacted, phone numbers called and websites visited by a person," the Wall Street Journal story reports. Since 2009, the DoJ is required by law to disclose this information, but has been reticent to do so.

In addition, as an article in today’s New York Times notes, many of governmental requests for cell phone (and e-mail) records are court-sealed secret surveillance orders. This means that they do not have to be publicly disclosed, and according to the Times story, likely never will be, even after the criminal investigations are ended. Because of this, as one Federal Court judge noted, “law-abiding citizens will never know that the government has accessed their e-mails, text messages, Twitter accounts or cellphone records.”

Law enforcement isn’t the only one using cell phones to track a person, of course. Retailers are increasingly figuring out how to use your Internet browsing information along with the location data from your phone so that when you enter their stores they can send you advertising text messages offering you a discount if you buy the item within the next 15 minutes or so. 

Columbia University law professor Eben Moglen, on the other hand, instead thinks we should be calling our cell phones robots, “for which – the proud owners – are merely their hands and feet,” the op-ed noted. Moglen argues for the use of this term because cell phones, “See everything, they’re aware of our position, our relationship to other human beings and other robots, they mediate and information stream around us.”

You can, of course, keep you cell phone from ratting on you by turning it off except when absolutely necessary, or by buying a burn phone, but this isn’t really practical for most users.

So, as the op-ed concludes,

“We can love or hate these devices – or love and hate them – but it would make sense to call them what they are so we can fully understand what they do.”

Given that, what new name should we call our cell phones: trackers, robots or something else?

And remember too, think about how it will be used to describe the cell phone industry as well. The snitch industry, anyone?

According to a Cnet.com article, computer-security experts temporarily took down Grum, the world's third-largest botnet, on 17 July. They disabled command-and-control servers in Panama and the Netherlands that had been the source of 18 billion spam e-mail messages a day, or roughly 18 percent of the world total. A New York Times article reports that when, by the end of the same day, the Grum botnet’s creators had set up shop in Russia and Ukraine, U.S.- and U.K-based security firms gave chase and tracked it to local ISPs. The Russian ISP cooperated in shutting down the servers. Atif Mushtaq, a computer security specialist at FireEye, one of the security firms that helped to shut down the botnet, told the Times that, “Because of how the malware was written for Grum, when the master server is dead, the infected machines can no longer send spam or communicate with a new server.”

On 16 July, Pinterest posted the latest in a series of notices related to security breaches on the site, says a Techcrunch post. The “Locked Account Survey,” it issued that day asked the site’s users to complete a survey to “assist our investigation” into how its security was breached. The 11-question survey, says Techcrunch, asked about things such as whether users had experienced other security hacks, how they use Pinterest, and what browser they used—things indicating that Pinterest is still unsure of the source of the break-ins and method by which they are being pulled off. In the meantime, the content sharing service has been locking user accounts. A 10 July notice read:

“If changing your password does not solve the issue, change your password again and immediately deactivate your account. Please return to this support article in 1-2 weeks for additional instructions; we are working on a process that will enable users to reset their accounts. Unfortunately, we are unable to restore any deleted boards or pins.”

Pinterest is assuring users that all their content is “safe and sound,” but there is still some uncertainty as to whether some users who have had their accounts hijacked will have nothing to show for the countless hours spent adding items to their pages.

Just weeks after unnamed U.S. government sources admitted that the U.S. and Israel were behind the Stuxnet worm designed to attack Iran’s nuclear weapons development enterprise, computer security experts are reporting the discovery of a data-stealing Trojan that has infected about 800 computers, mostly in Iran and Israel, over the last eight months. CNET reports that The Madi Trojan, capable of recording keystrokes, screenshots, and audio, and of stealing text and image files, was given that name because of references in the code to the word for the Islamic Messiah. The malicious code, which included strings in Farsi and dates in the Persian calendar format in communications with a command-and-control server, was embedded in attachments such as PowerPoint documents, fake Word documents, and fake images appended to phishing e-mails. 

Symantec reports that the victims—which at this point should have a heightened sense of the need to maintain security—included critical infrastructure companies, government embassies, and financial services firms in Iran, Israel, Afghanistan, the United Arab Emirates, Saudi Arabia, as well as the United States and New Zealand.

Though some accusations have been hurled at Iran’s government because security firms have observed Madi Trojan communicating with command-and-control servers hosted there, experts including those at Symantec say there is no smoking gun positively identifying Madi as state-sponsored malware.

Honeywell is experimenting with an autopilot not to fly the plane but to taxi it, the Wall Street Journal reports.  It’s harder than it may seem because the biggest problem—sensing and avoiding objects—is particularly thorny in crowded airports.

The system should one day enable controllers to maneuver a plane on the tarmac through direct, computer-to-computer links, without the messiness of oral back-and-forth with a pilot. Such an autopilot would then close the circle of flight automation from takeoff to parking. Maybe someday robots will even put your luggage in the trunk of your car.

The U.S. Navy has long had an interest in such technology because its carrier decks must integrate up to 60 manned and unmanned aircraft sitting or taxiing on just 4.5 acres of metal. That requires not only sense-and-avoid capability but also a routing algorithm, much like the one you’d need to order numbered squares in a game board that offered just one blank space for wiggle room. MIT has worked up such an algorithm for the Navy and confirmed it with a computer simulation.  The plan is one day to outfit a carrier with the necessary sensors and give the program a full-dress rehearsal.

It’s interesting to consider which parts of human expertise are easiest to automate. For flying and for car-driving, it’s the middle part—witness cruise control. Next easiest, for cars, is parking—today’s best systems will even parallel park. But in other fields, automation often starts by gnawing at the ends of a process, and only later chomps its way toward the middle.

In chess programming, for instance, the machine first mastered the opening, then the endgame, and finally the middlegame. Reason: the opening can be played from a stored “book” of moves, and the endgame can be worked out exactly, just as you’d work out a game of tic-tac-toe. Only the middlegame requires the computer to “think.”

The same seems to apply to lawyering. The preparation for a lawsuit—discovery, which consists of searching many documents—is falling to automation now. The prediction of how a lawsuit will go—necessary to decide whether to bring the case in the first place—is also on the verge of falling.  The middle part—the actual arguing of the case—has so far remained firmly in the hands of human beings.

It has been relatively quiet on the IT hacking front for the past month since LinkedIn and eHarmony were hacked and some 8 million user passwords taken. But things hotted up this past week, with several major hacks targeted at the social media site Formspring, search company Yahoo, and just announced today, hardware maker Nvidia.

On Monday, hackers posted password information on 420,000 Formspring accounts online, which caused it to reset the passwords for all 28 million users on Wednesday as a precaution. A story at the San Francisco Chronicle quotes the following from Formspring founder Ade Olonoh’s blog that, ”We found that someone had broken into one of our development servers and was able to use that access to extract account information from a production database."

The Formspring passwords taken were encrypted, and the company “salts” its password files, making it more difficult for them to be decrypted than in the LinkedIn and eHarmony cases. A story in Secure Computing magazine says that Formspring has taken additional steps to increase the strength of the password encryption technique it uses.

Then yesterday came word that Yahoo had been hacked and that password information on some 453,000 accounts had been posted online. The information was taken from the Yahoo Contributor Network, an Internet publishing company Yahoo had acquired in 2010, says a story at the Chicago Tribune.

This time, the password information stolen was unencrypted, which is surprising for a company that really should know better. Yahoo tried to play down the breach by saying the file stolen was old and that less than 5% of the Yahoo accounts taken were still active. However, the password information taken also included “106,000 Gmail e-mail addresses, 55,000 Hotmail e-mail addresses and 25,000 AOL e-mail addresses,” according to the New York Times. The Tribune story also notes that accounts from Comcast Corp, Verizon Communications, and AT&T were exposed as well. It is unclear how many of those accounts are still active, but most of the companies have already stated that they have reset the passwords of the affected accounts.

The hackers who broke into Yahoo stated they did it as a “wake-up call” to show how poor Yahoo’s security was. As numerous stories have also pointed out, the hack illustrated (again) how account holders too often use lame passwords.

Finally, there is word filtering out this morning that Nvidia’s developer forums were also hacked last week and the password information for an unknown number of accounts was taken. Nvidia has closed down the forums while an investigation is taking place. While the password information was encrypted and salted, Nvidia is telling users, “As a precautionary measure, we strongly recommend that you change any identical passwords that you may be using elsewhere.”

They should probably have added, “And while you’re at it, ensure that none of your passwords for any of the sites you are registered for are identical.” That is your biggest risk.

For nine hours, beginning last Friday afternoon at about 15:00 Paris time until 00:30 Saturday morning, some 26 million subscribers of France Télécom's mobile company Orange were unable to make calls, send text messages, or downlaod data. According to ComputerWorld UK, the database that keeps track of which cell a subscriber is connected to which is called the New Generation Home  Location Register suffered a software error. Exactly why the error occurred is not known, and Orange is said to be consulting with equipment suppliers Alcatel-Lucent and Ericsson to try to track down the root cause.

ComputerWorld UK reported that the register, which was supplied by Alcatel-Lucent, is made up of three elements: the front end, the central servers, and the databases. An Orange spokesperson stated in the article that, "There were some inconsistencies in the data, and erroneous messages were exchanged between the different elements. That caused some saturations, leading to a snowball effect that blocked the system."

Subscribers who didn't move from a cell were able to keep their service the longest, but eventually the error-queue in the register became so big that everyone lost service.

French ministers were not amused, and have called for an audit of France Télécom and other critical national infrastructure to ensure that it doesn't happen again, reports this Reuters story. The Reuter story implies that the new French government believes that the outage may be caused by excessive cost cutting by France Telecom.

According to this Bloomberg News article, Orange has 38 percent of the French mobile market (it is the largest Internet provider in Europe), which is experiencing intense competition and job cuts at French Telecom's competitors to reduce their operational costs (France Télécom laid off over 20 thousand staff a few years ago itself). Bloomberg quotes the CEO of France Télécom Stéphane Richard  as saying that the outage was an "isolated incident" that had nothing to do with "the level of investment in our networks."

The Wall Street Journal noted that when the network crashed, senior executives frantically tried to call Richard at his country home, but they couldn't reach him; they didn't have his landline number, only his mobile.

France Telecom has said that it will compensate subscribers for the outage, which is expected to cost upwards to $25 million.

A deadly combination of pilot confusion, “warning system ergonomics” design and inadequate pilot training were responsible for the crash of Air France Flight 447 on 1 June 2009.

This is the conclusion reached by the BEA (Bureau d'Enquêtes et d'Analyses pour la sécurité de l'aviation civile), the French authority responsible for carrying out safety investigations relating to accidents or serious incidents in civil aviation, in its final report into the crash. BEA’s 224-page report indicated that the aircraft might have been flown out of danger if the pilots had realized the situation they were facing.

The summary of the report (pdf) provides the following account, which begins with the “unleashing event” of the icing over of the three Pitot tubes that provide airspeed data to the Airbus 330-200’s flight computers and which subsequently caused the aircraft’s autopilot to disengage:

The blockage of the Pitot probes by ice crystals in cruise was a phenomenon that was known but misunderstood by the aviation community at the time of the accident. From an operational perspective, the resulting loss of all airspeed information was an identified malfunction. After initial reactions involving basic airmanship skills, it was supposed to be diagnosed by pilots, and managed if necessary by precautionary inputs on the pitch attitude and thrust detailed in the associated procedure.

The occurrence of the failure in the context of flight in cruise completely surprised the crew of flight AF 447. The apparent difficulties in handling the aeroplane in turbulence at high altitude resulted in over-handling in roll and a sharp nose-up input by the PF [pilot flying]. The destabilisation that resulted from the climbing flight path and changes in pitch attitude and vertical speed therefore added to the incorrect airspeed indications and ECAM  [Electronic Centralized Aircraft Monitoring] messages that did not help any diagnosis. The crew, whose work was becoming disrupted, likely never realised they were facing a «simple» loss of all three airspeed sources.

In the first minute after the autopilot disconnection, the failure of the attempt to understand the situation and the disruption of crew cooperation had a multiplying effect, inducing total loss of cognitive control of the situation. The behavioural assumptions underlying the classification of a loss of airspeed information as «major» were not validated in the context of this accident. Confirmation of this classification therefore requires additional work in terms of operational feedback in order to modify, where necessary, crew training, the ergonomics of the information made available to them, as well as the design of procedures.

The aeroplane went into a sustained stall, signalled by the stall warning and strong buffet [the warning at one point sounded continuously for 54 seconds but apparently was ignored]. Despite these persistent symptoms, the crew never understood they were in a stall situation and therefore never undertook any recovery manoeuvres. The combination of the warning system ergonomics, the conditions under which pilots are trained and exposed to stalls during their professional and recurrent training, did not result in reasonably reliable expected behaviour patterns.

In short, as BEA head Jean-Paul Troadec is quoted at the crash report news conference last Thursday at Le Bourget Airport in Paris:

“It seems that the pilots did not understand the situation and they were not aware that they had stalled.”

However, Troadec also made it very clear that BEA was not blaming the pilots alone for the accident:

“If the BEA thought that this accident was only down to the crew, we would not have made recommendations about the systems, the training, etc.”

He went on to say:

“What appears in the crew behavior is that most probably, a different crew should have done the same action. So, we cannot blame this crew. What we can say is that most probably this crew and most crews were not prepared to face such an event.”

In fact, BEA made a total of 25 recommendations (pdf) covering everything from better training of aircrews to changes in display logic to improvements in search and rescue. Training pilots to fly aircraft manually at high altitudes is seen as a major need.

Many of the recommendations also deal with the so-called “automation paradox,” i.e., which as I wrote about for IEEE Spectrum concerns the situation where “the more reliable the automation, the less the human operator may be able to contribute to that success. Consequently, operators are increasingly left out of the loop, at least until something unexpected happens. Then the operators need to get involved quickly and flawlessly.”

In the Air France Flight 447 case, the crash report stated that the occurrence of the failure in the context of flight in cruise "completely surprised the pilots,” and thus being “startled,” they were never able to comprehend what the difficulty caused the autopilot to disengage.

Going back to the summary of the crash report (with my highlighting):

“At present, recognition of the stall warning, even when associated with buffet, assumes that the crew assigns a minimum degree of «legitimacy» to the alarm. This in turn assumes sufficient prior experience with stall conditions, at least some cognitive availability and understanding of the situation, as well as knowledge of the aeroplane (and its protection modes) and its flight physics. A review of pilot training did not provide convincing evidence that the associated skills had been correctly developed and maintained.”

“More generally, the dual failure of the expected procedural responses shows the limits of the current safety model. When action by the crew is expected, it is always assumed that they will have the capacity to initially control the flight path and to rapidly diagnose and identify the correct entry in the dictionary of procedures. A crew may encounter an unexpected situation causing a momentary but profound loss of understanding. If, in such cases, the assumed capacity to initially control and then to diagnose is lost, the safety model is in «common failure mode». In this occurrence, the inability to initially control the flight path also made it impossible to understand the situation and find the appropriate solution.”

What the pilots seemed to need was something akin to the “digital parachute” I blogged about last year being developed by Rockwell Collins that will take control of the aircraft's flight management system and return the aircraft to level flight (if possible) when a pilot hits a "panic button" during an emergency situation.

A story in the New York Times states that, “The French news media reported late Wednesday that a judicial panel of experts advising a separate criminal inquiry into the crash had recommended that blame not be placed solely on the pilots, saying that Air France, Airbus and European safety regulators also shared responsibility.”

Supposedly tomorrow, both Air France and Airbus will find out whether they will be charged with manslaughter in regard to their roles leading up to the crash. No word on whether the safety regulators will face legal scrutiny.

A few weeks ago, I blogged about how researchers led by Professor Todd Humphreys of the University of Texas at Austin Radionavigation Laboratory successfully demonstrated that a drone with an unencrypted GPS system could be taken over by a person wielding a $1,000 GPS spoofing device (pdf). Recently, I was fortunate to be able to speak with Professor Humphreys about GPS spoofing and its implications not only on UAVs, but other systems like financial systems (pdf) that use GPS for tasks such as data time stamping.

Below is the transcript of my conversation with Professor Humphreys. The interview took place on the 29th of June 2012, and is lightly edited for clarity.

Charette:  Hello, I’m Bob Charette, the editor of IEEE Spectrum magazine’s Risk Factor blog. Today, I’m speaking with Professor Todd Humphreys, who directs the Radionavigation Laboratory at the University of Texas-Austin, where, among other activities, software-defined GPS receivers are developed as a platform for GPS innovation. His recent focus has been on defending against intentional GPS spoofing and jamming.

Welcome, Professor Humphreys, and thank you for spending the time with me this morning.

Humphreys:  Hi Bob, good to be here.

Charette:  Recently, you and your team of researchers demonstrated how a drone using a commercial, unencrypted GPS system could be spoofed by someone using about a $1,000 worth of equipment.  Professor Humphreys, could you tell us what GPS spoofing is, why your demonstration came about, and what you were able to show?

Humphreys:  Sure. Well GPS spoofing takes advantage of the fact that the civilian GPS signals, as you mentioned, are unencrypted and unauthenticated; so, whereas the military GPS signals have an encryption code overlaid on them, the civilian ones do not and never have. So you can consider this one of the most popular, global unauthenticated protocols in the world.  A spoofing attack is one where you generate signals that are functionally indistinguishable from the authentic signals coming down from the satellite, so that when a receiver takes in your signals and the authentic signals it can't tell the difference and you raise the power of the counterfeit signals sufficiently to take control of the GPS receiver. At that point it does your bidding. You can induce any kind of position or time that you wish.

So, why did we do this? We ended up wanting to demonstrate this concept, this vulnerability in sort of a dramatic way by capturing a drone that was being guided by a GPS-based navigation system. We did so by purchasing our own drone. No one would lend us a drone because they knew it was going to be a risky endeavor and we generated fictitious GPS signals, captured the drone and brought it down.

Charette:  Now, what are some of the implications of your demonstration? We know that the FAA has been told by Congress to basically open up the U.S. skies for UAVs and commercial drones across U.S. airspace within the next few years so given that you’re able to do this capturing by GPS spoofing, what are some the implications and some of the worries that you’ve shown with your demonstration?

Humphreys:  You know, originally we got interested in this because we read the stories about the Iranian capture of a U.S. drone back in December. That at first was a curiosity, but when in February the U.S. Congress mandated that the FAA bring in drones by 2015 in the National Airspace, our curiosity turned into an imperative. We decided that there were implications that needed to be made apparent to the whole community because if we are going to bring these civilian drones into the National Airspace with navigation systems based on unencrypted and unauthenticated GPS, well then that was a safety hazard. We wanted to demonstrate that so that perhaps in these three years before the 2015 landmark date when the drones will be welcomed in, we can prepare and fix this problem.

Charette:  Okay. Now, the Association of Unmanned Vehicle Systems International (AUVSI) put out a statement in response to your demonstration that states in part that, "The industry is well-aware of so-called ‘spoofing’ and is already advancing technologies, such as Selective Availability Anti-Spoofing Module (pdf) – to prevent it. This technology is already in use by the military to thwart GPS spoofing abroad and we expect it will transition to civilian unmanned aircraft in the coming years to protect aircraft flying in the National Airspace. Meanwhile, some unmanned aircraft also have alternate navigation systems, such as radio links and backup inertial systems, which will provide redundancy to GPS."

The statement goes on to say that there is always a controller ready to intervene in case of problems. Do you have any comments on their statement and their position?

Humphreys:  Sure. Well, I like to make clear from the very beginning that I am a big fan of drones and I'm looking forward to the time when I can get Chipotle burritos delivered to my doorstep with a drone and other takeout foods, other great efficiency boosts to the national economy, etc. So I am not an enemy of drones as they come onto our national stage. I simply want the adoption of drones, the incorporation of drones, to be done safely.

As far as the SAASM receivers being used in civilian drones, these are the SAASM-type receivers that are typically used in military context.  I don't think it's likely that will see SAASM military-grade receivers incorporated into civilian drones. These have been a huge logistical headache for the military. You have to re-key them every few months and you have to keep them only in a trusted community. I don't see them proliferating among civilians.

And what about redundancies on UAVs that can help protect against any kind of GPS sabotage or GPS hacking like we've done? I believe that is a good way forward; unfortunately most of the drones today don't have a sufficient sense of paranoia about their GPS readout, so they don't double-check things. We shouldn't also be lolled into any kind of false sense of security here to the extent that you depend on GPS, to the extent that you use it in any way - civilian GPS - you are vulnerable to a spoofing attack. So even though you might have other sensors against which are cross-referencing GPS, those sensors tend to drift in the case of inertial sensors or altimeters, etc. We tend to always go back to GPS as the bedrock against which we compare these drifts and estimate biases. So if an attack is carried out slowly, under the drift rate of your inertial measurement package, for example, then it can still be effective and dangerous. So I would caution against too much optimism in what we can do by just cross-checking against our sensors.

Charette:  And I am assuming that if you put in some of these, what would be considered military-grade systems that the cost of these commercial drones would skyrocket fairly quickly anyway.

Humphreys:   Oh yes. And the high cost militates against some of the wonderful uses of smaller drones. The drone that we purchased, for example, has a very small u-blox chip that is used as its GPS receiver. It’s a beautiful chip, wonderful and cheap and low power and very powerful, very effective; it just happens to have a vulnerability to GPS spoofing.

Charette:  Right. Now it’s also interesting when I was doing some background research into the story is that it's not only for drones, it’s also for aircraft, and vehicle navigation systems. But I also read some research that said that GPS spoofing could also affect smart grids and even financial markets. Could you talk just a little bit about that?

Humphreys:   Well sure. One of the little-known facts about GPS is that it's used for timing almost as much as it's used for positioning. And in our critical national infrastructure, we've got GPS there helping to synchronize different nodes and networks, synchronize the power grid, synchronize financial transactions and time-stamp those transactions. So, here we have GPS antennas hanging out in the clear in the open because we need a clear view of the sky and the timing on those receivers can be manipulated by a spoofing attack. We’ve demonstrated this here in our laboratory. We’ve even demonstrated this last week at White Sands where from about a kilometer away, we move the timing off on a GPS device that is used to synchronize so-called phasor measurement units in the power grid. And this was just as easy as it was to do in the laboratory.

Charette:  I’m not sure if I'm happy to hear that or not, to be honest. But, it again it is a major worry. If you had to sum up what you would like see happen to address this GPS spoofing issue that you’ve demonstrated, what would like to see in the next year? For instance, what concrete actions could the FAA or others really take to address this issue?

Humphreys:   Bob, I see two ways of going forward. There’s a grass-roots type approach where operators and users of GPS can come up with clever ways, as we've talked about before, to cross-check the GPS readout with other sensors. They can look for signal-processing receiver-autonomous technique for examining the signals coming into their devices and determining whether they believe they are authentic or not, but there isn't anything foolproof there.

The closest thing we've got to foolproof would be to persuade the GPS Directorate of the Air Force to actually alter the civilian GPS signals coming down from the satellite to add an overlay, a digital signature overlay on those signals, or to modify the spreading codes in such a way you don't ruin the connection with all deployed GPS receivers so it’s backward-compatible, but you allow newer GPS receivers to authenticate the origin of those signals. The trouble is the GPS Directorate is actually willing to look into this but they need funds. If they get a requirement but it doesn't have any funding behind it, then they don’t feel it’s their responsibility to pay for it. My view is that the Department of Homeland Security is the right the agency to step up and say, “We will fund this. This is going to be on our dime. The GPS Directorate can go ahead and carry it out, but we will make the sacrifice to fund it.”

Charette:  Do you think that is realistic in the financial environment that we’re in or are we going to have to wait for something bad to happen before people are going to take action, do you think?

Humphreys:   Well, you know we are pushing forward here at the laboratory with the grass-roots approach. I guess that expresses my lack of optimism that we will get a top-down fix on this. We wrote several papers on what the top-down fix could look like; how we could add digital signatures to the civilian signals and we did a deep dive into showing how powerfully that protects your signals from a spoofing attack. We were happy to do that, we just got those papers accepted to be published in peer-reviewed journals, but we're not so optimistic that that’s going to happen so were looking for the receiver-autonomous approach, where you know, we’ll just do it ourselves.

Charette:   Right. Well again, we’ve been speaking with Professor Todd Humphreys, Director of the Radionavigation Laboratory at the University of Texas-Austin and I want to thank you for speaking with us today.

Humphreys:   Thanks, Bob.

Early last week, I blogged about the lingering computer problems plaguing RBS Group banks.  As you may recall, on the evening of 19 June, a  software upgrade to the system used to process payments to and from the banks’ customer accounts became corrupted, causing havoc to millions of accounts for almost two weeks.

For customers at one of the banks, Ulster Bank in Northern Ireland (others in the group include NatWest and the namesake Royal Bank of Scotland), it looked like the situation was finally getting back to normal this week except for some (we don't know how many except that it's “significantly” more than the originally estimated 100 000 customers thought to be affected by the glitch), who were told yesterday not to expect normalcy to return until the week of 16 July. And that was the hopeful prediction, “barring," the bank said, "any residual reconciliation required.”

As one might expect, Ulster Bank customers, as well as government banking regulators and Northern Ireland politicians, are unhappy, with many complaining that the bank's customers are receiving second-class treatment in comparison to NatWest and RBS customers.  Some Ulster customers claim that money has disappeared from their accounts, while others say that the bank has duplicated payment transactions. Ulster Bank officials have told customers who complain about missing money that the money is indeed in their accounts, but it is “invisible;” they have also admitted that some duplicate transactions have occurred, but they have also given contradictory information as to what these transactions are.

RBS Group CEO Stephen Hester and Ulster Bank officials have repeatedly said normalcy was just around the corner. Fortunately, the Irish Central Bank views the long-term outage as more than just an "inconvenience"—to use the euphemism that RBS Group press releases have repeatedly used—and is demanding customers be compensated for their trouble. That discussion will be interesting to watch play out.

Bank officials have said the reason Ulster Bank customers were so hard hit was that “Ulster Bank payments happen to follow in sequence after those of NatWest and RBS.”  This still doesn’t fully explain why Ulster Bank, with the smallest customer base of the three and with the other two banks supposedly operating normally for nearly a week, is taking so long to get back upright. It may indicate that there are still other account reconciliation issues at the other two banks that are not making the news. RBS Group has remained tight-lipped on more than the general details of the original glitch and its actions in the wake of it.

By coincidence, National Australia Bank suffered an IT glitch that kept its customers accessing their accounts online yesterday for about an hour. I bet it reminded NAB customers of a similar banking meltdown there about 18 months ago that took months to finally resolve.

Every few years, the International Earth Rotation and Reference Systems Service calls for an adjustment, usually by one second, to be made between atomic and Earth time to compensate for deviations in the earth’s rotation. The most recent one took place over the weekend at 30 June 2012 at 23:59:60 UTC (Coordinated Universal Time).

Apparently, the change in time was not adjusted for correctly by some web servers leading to temporary problems with Qantas Airlines, Mozilla, Reddit, Gawker, LinkedIn, FourSquare, Yelp and other websites, according to the Guardian newspaper. Qantas's check-in, reservations, and plane loading systems were all forced onto manual operation for about two hours yesterday. The problem was actually with the Amadeus airline reservation system; the airline Virgin Australia was also affected, though not as severely.

Also every few years, a derecho or "a widespread, long-lived wind storm that is associated with a band of rapidly moving showers or thunderstorms," hits parts of the U.S. East coast. On Friday night, a “super” derecho swept through the mid-Atlantic area between 0800 and 1100 pm causing wide spread power outages in its wake (there is a fascinating time-lapsed YouTube video of the derecho here). The storm (which felt like being in a short-lived hurricane) took out power to the Amazon’s Elastic Compute Cloud (EC2) in Northern Virginia; back-up power also for some reason did not kick in. As a result, several popular websites including Instagram, Netflix, and Pinterest experienced problems.

The storm also disrupted 911 service in Prince William, Fairfax, Stafford, Manassas, and Manassas Park counties in Northern Virginia; many Verizon and Sprint customer phones were not working in the area as well. So if you have been having trouble reaching someone either by email or by phone in the Washington, D.C. region, don’t be surprised. Things should be back to normal by Saturday.