>>Participants who successfully complete a set of qualification challenges on cybersecurity and space this spring will be invited to the ultimate challenge: to (ethically) hack a satellite.
Lol. That is so military public affairs. You are allowed to hack a satellite after being vetted and approved by government. Are Canadians allowed to participate? How about Russians? What about crypto-anarchists who will never pass a military-type background check? I cannot think of a less hacker-friendly competition.
How about this: Just launch the damn satellite. Tell us which rocket it is on (I assume it is a ride share) and give 100k to the first team that manages to broadcast a rickroll.
Bonus round: An extra 100k for any team that leverages the sat to listen in to the spysat network, the one operating on 60 GHz so that it cannot be heard from the ground directly. (Fyi, if you want to meet some men in black, try putting some 60GHz capability on your cubesat. They no like anything that might jam that spectrum.)
Compare this to something like the “Voting machine village” at the last several defcons - none of which required extensive vetting before you were allowed to hack the hardware.
> Are Canadians allowed to participate? How about Russians? What about crypto-anarchists who will never pass a military-type background check?
Yes. As long as there's at least one US citizen or permanent resident on your team, and you're not a specially designated national, you're allowed to participate.
>> The Team Leader must be a U.S. citizen, must speak English and will serve as the official technical point of contact for communications with the HAS organizers.
So ya, Canadians are allowed but only if the boss is a US citizen. Don't see any resident language. I make the point because some of the best satellite spotters/finders/hackers are Canadians, such Scott Tilley who was recently in the news for finding a long-forgotten navigation sat. Or Ted Molczan who may have spotted the legendary Prowler sat.
(This is natural. Canadians are better positioned to spot satellites due to their darker sky and the longer dawn/dusk periods of higher latitudes.)
In the hackathon environments I've been in there isn't really an organizational hierarchy per team. Team Leader really means Team Representative; i.e. they only want one person coming up to give/receive items/documents/information, so they ask each team to pick a leader who can interact with the event staff.
> Are Canadians allowed to participate? How about Russians? What about crypto-anarchists who will never pass a military-type background check? I cannot think of a less hacker-friendly competition.
If you don't meet the criteria, presumably they'd rather you trade any hacks you find with a different interested party happy to pay for the information?!
It could have changed since I last looked at it, but all of the cyber jobs were transfer-only within the Air Force and you had to sign 6 years I believe.
Yes. It is absorbed by moisture in the atmosphere. That limits its range, which is great if you want to setup lots of cellular towers without them interfering with each other. If 5g used a frequency that wasn't absorbed, individual towers would have to be much further apart, increasing "cell" size and limiting available bandwidth.
I read a paper about that. It said that 98% of the energy emitted at that frequency is absorbed by oxygen, and this was touted as a benefit, because it effectively “insulated” the towers, so they would not interfere with each other. But I am still surprised that any engineer would design a system that is only 2 percent efficient.
In the US, the current licensed 5G millimeter bands are 24, 28, 37, 39 and 47 GHz. 60 GHz is an unlicensed band (actually 57 to 71 GHz) used for 802.11ad. Typical use is uncompressed HDMI extenders inside of a single room.
Depends on where you draw your ethical boundaries? I mean it's a lucrative career in itself and you get to work in cutting edge tech that hopefully never gets proliferated to other countries (esp. the oppressive ones).
The US society is great, but the US government is oppressive and responsible for murders and destruction. There is a clear line between society and a state/government.
"The FlatSat CTF Event occurs with FlatSat hardware and a virtual/simulated space environment."
For the uninitiated: when an operator builds a satellite they usually build at least 3 or 4 of the same bird for every one they launch. This includes the initial "FlatSat" which is a fully working prototype but built onto a flat proto-board rather than the launched form factor, this makes troubleshooting easier in the initial stages. Later on these development prototypes can also be used to troubleshoot problems that occur in space.
So somewhere there is an Air Force warehouse packed to the gills with all the development and flat-sats that were never intended to fly. Although obviously they would never use real hardware on an event like this for a number of reasons, if they did it would only be for old hardware that's been retired. But still an interesting idea.
Have you ever had to debug a "blackbox" before, Application code or hardware that you had really nothing to do with and had to figure out how in the hell it works? or worked with embedded devices or embedded radios? Would love to help you out likewise anyway, hit me on up twitter @JRWR
> Have you ever had to debug a "blackbox" before, Application code or hardware that you had really nothing to do with and had to figure out how in the hell it works?
I suppose so, yes, but probably not to the extent required in some of these challenges.
Is there a pointer on where to read more about challenges like this - technical information on how space com systems work, and what some example CTFs are?
Thanks, but I was referring to space comms ctfs specifically :) it’s one thing to find a buffer overflow exploit on http but I don’t even know what the carrier protocol for a ku band transponder is called..
Hello. My CS experience is quite elementary, and I'm a decent enough Web Dev and Scientific Programmer. If I wanted to be the type of hacker capable of taking down a Satellite, what would be everything that I would need to learn? I assume that this is super complex (Duh) but am curious as to the actual extent of knowledge required to pull this off.
$14 billion 2020 budget for the USAF space portfolio[1], $50 thousand prize (split between entire team) to reveal detailed procedure to hack the USAF space portfolio. I feel like they should be a bit more generous here.
You could ask how the other ctf defcon winners are regarded? The top teams are all pretty hardcore, I always felt they'd be treated specially as well but seems not to be the case
Bruce Schneier already posit that hack-a-thing challenge is not a good test or proof of whether a thing is vulnerable. Back in the days when everyone was coming out with hash and cipher algo there were bounties offered as PR of how strong thingX was. Not everyone is going to take up a challenge, if I were a real criminal I would discover the vulnerability (if any) and keep it to myself because the exploit, especially a secret one, is worth more than the bounty, and has a longer pay period.
Agree 100%, if someone was to seriously think and ad-hoc team was a replacement for a formal security audit... well they get what they deserve. I'm not sure where these fall in the mix, but they definitely seem useful, more eyes on a problem the better.
Why on Earth would you help them militairise outerspace and draw a crosshair on your forehead while being at it ?
As if current spacejunk isn't enough of a threat to humanities future in space already. This sounds all awesome at first, but think about it for a second.
It may make it safer if you help stop bad actors getting access to what will be there anyway. Some terrorist would probably love to steer one satellite into another... or whatever options control gives.
Armies are organizations build around aggression per definition and therefore _are_ the terrorist in outerspace. The good guys in space are found at civil presence such as the ISS. People from all nations and cultures working together in peace. A symbol of hope for humanity. Much unlike military organizations with boots on the ground.
Because they would do it anyway. I've heard "stories" of attackers gaining control of a sat, "flipping it" to prevent it from listening to incoming commands, and then asking for a ransom from the original owners.
The part where the Starfleet cruises around space in giant militarized weapon platforms with phase cannons and torpedos, engaging in de facto military conflicts?
Starfleet isn't a military. Starfleet is a pacifist post-scarcity utopia dedicated to scientific and intellectual pursuit - militarism is an atavistic, primitive vice that humans have evolved beyond at that point.
That Starfleet just happens to use a military chain of command and fleet structure doesn't mean they've "militarized space" in any way. It's just a unique expression of Earth culture, and nothing more.
Starfleet is peaceful, it's everyone else in the galaxy who's warlike, because they fear Starfleet's freedom and way of life. If it weren't for those duplicitous Romulans and thuggish Klingons, Starfleet might not even need every ship to have enough firepower to boil the oceans off of a planet. But peace has to be defended.
Or would you rather have the Alpha Quadrant be run by aliens?
Is it just me or is $50K is really low price to pay, almost like a slap in the face, for a satellite level vulnerability? If i remember correctly military satellites often carry civilian comm services: important business communications/financial networks etc.
What would be the black market price for something like this? It has to be at least 10x more at $500K as a low end. Realistically a million $+
Lol. That is so military public affairs. You are allowed to hack a satellite after being vetted and approved by government. Are Canadians allowed to participate? How about Russians? What about crypto-anarchists who will never pass a military-type background check? I cannot think of a less hacker-friendly competition.
How about this: Just launch the damn satellite. Tell us which rocket it is on (I assume it is a ride share) and give 100k to the first team that manages to broadcast a rickroll.
Bonus round: An extra 100k for any team that leverages the sat to listen in to the spysat network, the one operating on 60 GHz so that it cannot be heard from the ground directly. (Fyi, if you want to meet some men in black, try putting some 60GHz capability on your cubesat. They no like anything that might jam that spectrum.)
https://en.wikipedia.org/wiki/Satellite_Data_System