Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://chrt.fm/track/2748D7/https://traffic.libsyn.com/securitypodcast/2197.mp3
My Next Class
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Interested in Internet Storm Center stickers? Check here if there are still some available for today.
Adobe Patch
http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html
GPS Spoofing
http://www.homelandsecurity.org/bulletin/Dual%20Benefit/warner_gps_spoofing.html
http://philosecurity.org/2008/09/07/gps-spoofing
iOS iMessage Login
http://arstechnica.com/apple/news/2011/12/stolen-iphone-your-imessages-may-still-be-going-to-the-wrong-place.ars
http://blogs.adobe.com/asset/2011/12/background-on-cve-2011-2462.html
GPS Spoofing
http://www.homelandsecurity.org/bulletin/Dual%20Benefit/warner_gps_spoofing.html
http://philosecurity.org/2008/09/07/gps-spoofing
iOS iMessage Login
http://arstechnica.com/apple/news/2011/12/stolen-iphone-your-imessages-may-still-be-going-to-the-wrong-place.ars
Discussion
The UK Military regularly carry out "GPS Jamming excercises" in some locations, and these are notified to the public by OFCOM.
http://www.ofcom.org.uk/static/subscribe/select_list.htm
Example notification "NOTIFICATION OF GPS JAMMING EXERCISES
RAF SPADEADAM, CUMBRIA, MARCH 2012
Dates: Between the 5th of March to the 9th of March 2012 inclusive.
Times: 0800 -1800 GMT.
Location of MULTIPLE jammers: based within 5km of N55° 04.000’ W002° 34.000’.
Frequency: A 24 MHz band centred around 1575.42MHz (GPS L1).
Total Power: Up to 10 Watts EIRP.
It is stressed that, as in previous exercises, Safety of Life operations will at all times take precedence over exercise activities.
Ofcom stakeholders should contact InfoGPS.Notices@ofcom.org.uk"
I've never been near enough to one of locations, at the right time to see what effect it has on GPS SatNav units.
http://www.ofcom.org.uk/static/subscribe/select_list.htm
Example notification "NOTIFICATION OF GPS JAMMING EXERCISES
RAF SPADEADAM, CUMBRIA, MARCH 2012
Dates: Between the 5th of March to the 9th of March 2012 inclusive.
Times: 0800 -1800 GMT.
Location of MULTIPLE jammers: based within 5km of N55° 04.000’ W002° 34.000’.
Frequency: A 24 MHz band centred around 1575.42MHz (GPS L1).
Total Power: Up to 10 Watts EIRP.
It is stressed that, as in previous exercises, Safety of Life operations will at all times take precedence over exercise activities.
Ofcom stakeholders should contact InfoGPS.Notices@ofcom.org.uk"
I've never been near enough to one of locations, at the right time to see what effect it has on GPS SatNav units.
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Mar 3rd - Mar 8th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | Orlando | Apr 13th - Apr 18th 2025 |
Application Security: Securing Web Apps, APIs, and Microservices | San Diego | May 5th - May 10th 2025 |
Network Monitoring and Threat Detection In-Depth | Baltimore | Jun 2nd - Jun 7th 2025 |
RE the UAV, shielding from any downward signals reduces the interference. As for "really big" jamming or spoofing, you seem to not know of the inverse square law. One does NOT require a massive transmitter to overcome an Earth bound receiver. The signal is incredibly low arriving to a receiver, when transmitted by satellite.
BUT, you hit the nail on the head for backup recovery systems, though I'd not go so much for visual, but perhaps an old fashioned intertial guidance system, where recovery trusts the intertial system over the newer software based system.
As for Adobe, less and less Adobe products are being installed by enterprise systems, unless they're mission essential. I'm personally considering removing their tangle code from my systems too. Adobe seems to not have learned that security is ESSENTIAL in software development. Even Microsoft started to learn THAT lesson!
In the long run, it's cheaper to have secure code written than to have weekly Adobe patches being written!
Hopefully, Oracle manages to secure THEIR java code even better.