Hacker News new | past | comments | ask | show | jobs | submit login

This system does not at all rely on security by obscurity.

This system relies on safety be reliability / availability. All of the operating parameters are public, to prevent anyone from accidentally interfering with these systems. They are not designed against adversarial attacks, and really with radio systems. It is very hard to defend against jamming attacks. Doing so successfully makes the system a lot more complicated. More importantly, doing so successfully makes the system use much more bandwidth.

Bandwidth is actually really scarce. If you start doing defensive stuff, then more and more frequencies get used, and you end up with everyone screaming over each other just to be able to add all the required error correction. That is why we decided to coordinate on frequency allocation. It prevents a tragedy of the commons. As a side effect, it also means transmit power can be lower. This allows you to operate more systems in the same area without interfering.

Now, this does leave a somewhat fragile system. Because jamming (and other attacks) are not mitigated by the system. But this is an acceptable price to pay to actually allow people to use radio communication.

Besides, jamming attacks have an interesting downside. They are somewhat easy to track down. The higher level attacks can be defeated by cryptography. There is a mid-level of smart jamming, that attacks the low level protocols with more than just power. These require significant effort to develop though. And military hardware tends to have mitigations against this sort of thing. A sufficiently sophisticated attacker could disrupt civil systems, but to what gain?




> They are not designed against adversarial attacks

> Now, this does leave a somewhat fragile system

Thank you for reiterating my point. If such a system is not designed to stop adversarial attacks, and is a fragile system, something needs to change.

I appreciate you trying to explain why it's fragile, but it doesn't negate the risk.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: