
Israeli Drone Feeds Hacked by British and American Intelligence - finid
https://theintercept.com/2016/01/28/israeli-drone-feeds-hacked-by-british-and-american-intelligence/
======
tyre
This is a great use of the NSA/GCHQ.

From a global security perspective, we absolutely want to know if Israel is
about to bomb Iran. If we can't trust their word (and Netanyahu's public
statements are rather bellicose) then this doesn't feel like a bad thing.

Also different from other leaks, the targets here were other militaries. This
type of leaking gives credence to the national security concerns — what's the
public need to know here? Really just a "how the sausage is made" look into
military intelligence, interesting because we're curious moreso than because
the government is acting unethically.

~~~
ForHackernews
Agreed. This is exactly what the NSA _should_ be doing. This leak has no value
to the public.

~~~
markdown
> This leak has no value to the public.

US taxpayers give the Israeli government billions of dollars _every_ year.

Then Israel turns around and publicly disrespects the US president.

US taxpayers need to know that their government is willing to stand up to
Israel when necessary. This is an actual concern because:

1\. US politicians are almost all for sale. 2\. The Israeli lobbying group
AIPAC has bought and paid for a great number of those politicians.

~~~
gozur88
>Then Israel turns around and publicly disrespects the US president.

Yeah... so what? The president isn't the United States. He's just a manager,
temporarily.

Besides, there was plenty of disrespect flowing the other way, too. When Obama
went out of his way to snub Netanyahu, did it bother you, or do you think
somehow the office of the American president is worthy of more respect than
that of the Israeli PM?

~~~
markdown
> did it bother you, or do you think somehow the office of the American
> president is worthy of more respect than that of the Israeli PM?

Much more worthy, obviously. If you come with me hat in hand accept my aid,
you damn well better be nice to me. If Israel wants to crap on the US
president, that's fine, but don't then accept handouts from them.

At least the beggars in my town only swear at you if you _don 't_ give them
money.

~~~
gozur88
Like I said, the president is not the US. Congress, not the president,
appropriates money, and Israel has a lot of support among the American people
and in Congress. What Obama thinks about money going to Israel is pretty much
irrelevant unless it's something over which he'd be prepared to get into a big
budget fight. Which he'd probably lose.

The president has gone out of his way to show the Israelis he doesn't like or
respect them. He undermines them at every opportunity. Were I Netanyahu I
wouldn't give Obama the time of day. I'd fly in, give my speech to Congress,
and then leave without ever going to the White House.

------
blennon
Can someone explain the rationale for leaking this? I have been a strong
critic of NSA domestic surveillance, but what is described in the article
seems to be the appropriate use of the U.S. intelligence apparatus.

~~~
idoco
Follow the money.

Israeli sources claim that the reason that this information is published at
this timing is a German-Israeli drone deal in which the US Predator lost -
[http://www.defensenews.com/story/defense/international/europ...](http://www.defensenews.com/story/defense/international/europe/2016/01/13/bundeswehr-
germany-lease-israeli-drones/78723784/)

They also claim that since 2011 (The last "hacking" incident) there was a
major change in the way that drone communication is encrypted.

Edit: changed 2010 to 2011

~~~
runjake
The article pretty clearly details interceptions as recent as 2012. And maybe
it still goes on, we don't know, because this apparently came from the 2013
Snowden leak.

~~~
idoco
These are not my claims, they are taken from Israeli sources. They probably
have there own interests too.

The only event I found from 2012 is labeled as 'regular collects of Heron TP
carrying weapons' I'm not sure what it means.

~~~
dogma1138
Could mean anything from them being able to intercept video from the tail cam
to them just tracking the drones based on signal / radar information. All the
imagery from the Israeli drones is from circa 2009-2010.

------
bazillion
I tried to do an AMA yesterday[1] about my time in the NSA and the CIA that
fell flat as far as generating any interest. My main goal was to bring some
reality to the security conversation, since the government's voice mostly
remains absent and I have a pro-government lean on the security issue. I was a
mission manager for the LENA (Levant/North Africa) division for the NSA, so
I'm speaking from a very informed opinion on this particular release.

As you can expect, my opinion on information like this being released is: Why?
How can this be considered journalism. Militaries keeping track of militaries
is exactly what we want happening with taxpayer dollars. From a purely defense
perspective, this is a good use of resources as others in this comment section
have mentioned. But, releasing documents that actually detail sources/methods
of collection are purely harmful -- I see absolutely nothing that can be
misconstrued as noble by publishing an article like this.

There is another half to this. These documents that are being released have to
stop being cited as if they're the canonical truth. Snowden did the equivalent
of scraping a bunch of google pages pulling all documents down willy-nilly,
and there are tons of absolute crap documents in there. You can tell that some
of these powerpoints were made by E-3's giving briefs to some equally clueless
group from the quality of the presentations themselves.

I'm definitely thankful for the people that came out and asked questions, as I
tried to give extremely straight-forward, un-political answers. If you have
any questions, feel free to reply to the reddit thread and I'll still answer
them, so at least there can be a record of it.

[1]
[https://www.reddit.com/r/IAmA/comments/4346rc/im_justin_meal...](https://www.reddit.com/r/IAmA/comments/4346rc/im_justin_mealey_a_former_arabic_linguist_at_nsa/)
and
[https://news.ycombinator.com/item?id=10989800](https://news.ycombinator.com/item?id=10989800)

~~~
jonnybgood
> You can tell that some of these powerpoints were made by E-3's giving briefs
> to some equally clueless group from the quality of the presentations
> themselves.

Indeed. Many are viewing these presentations as if they're official documents
like an SOP and what not. The presentations are under the discretion of the
creator which can be anybody and say anything. But because it has 'Top Secret'
on it many will treat it, as you say, canonical truth. I stopped trying to
explain this on the internet. I only explain it personally now.

~~~
bazillion
Absolutely. That classification markings are there because the subject matter
has an overall classification, but doesn't actually confer any legitimacy to
the content.

------
tptacek
It looks like these came from the Snowden documents. Am I reading that wrong?

~~~
diyorgasms
That's what I gathered from the article too.

It seems strange that there's an awful lot of pro-Israel handwaving in this
thread implying that The Intercept (of all outlets) would publish this piece
at the behest of the US government.

------
dogma1138
One of the downsides of encrypting analog video you don't have to have the
correct key to decrypt it just something good enough to get you in the ball
park, the video quality will suffer greatly but you'll end up with more or
less an image you can view (this also quite commonly affects steganography
with poor keys you can brute force it in seconds you won't get a good image
but if it's text it will be immediately readable).

~~~
tptacek
Can you go into more detail about this "analog encryption" you're talking
about? You might be talking about some kind of Spectravision-style video
scrambling, but that's not really "encryption" in the modern sense --- in the
modern sense, encryption, with an actual cipher, must necessarily take digital
inputs.

~~~
gherkin0
If the encryption is done badly, it's also sometimes possible to recover a
shadow of an encrypted image from the cyphertext without actually decrypting
it:

[https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation...](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29)

~~~
dogma1138
Close enough it's even worse since with video you have to preserve the frame
structure so even less of the "data" is actually encrypted.

The scrambling/encryption it self is not ECB but when you brute force the keys
you get the same effect as ECB encryption and images, you basically then run
some basic analysis usually FFT which alerts you that a candidate image has
been reconstructed if it's good enough you can take it, if it's not the
correct value usually can be then guesstimated based on the key that has
generated an image that cam close enough.

This is how these systems tend to work
[https://en.wikipedia.org/wiki/Conditional_access](https://en.wikipedia.org/wiki/Conditional_access)

------
davidf18
A related story about Cybersecurity in Israel. Israel's Cybersecurity industry
ranks second in the world after the US.

[http://www.timesofisrael.com/how-israel-became-the-go-to-
pla...](http://www.timesofisrael.com/how-israel-became-the-go-to-place-for-
cyber-security/)

------
petra
Any idea how it was technically achieved?

~~~
paulmd
The Israelis used a commercially-available encryption scheme, VideoCrypt,
which was brute-forced (albeit slowly) as early as 1994. Then it's just a
matter of intercepting the satellite signal from somewhere within its downlink
footprint.

The article dates to 2010 and it sounded like the Israelis were switching to a
better encryption scheme even back then, so I'd expect this information is
strategically useless now. VideoCrypt was probably more of a "fences make good
neighbors" thing to keep Hezbollah from seeing their drone feeds quite so
easily.

Also on the "dates to 2010" thing, this is probably something that could be
GPU-accelerated nowadays.

~~~
petra
Thanks. So why would the Israeli Army use, in 2009-2010 , something that was
brute-forced in 1994 ?

~~~
dogma1138
Everyone does, drones for the most part still use analogue video because
latency matters and it also simplifies quite allot of things.

Encryption in military application has to take a second stance to availability
this is why many tactical systems use obfuscation and signal intercept
avoidance (e.g. spread spectrum frequency hopping which is highly effective
especially when combined with differential signaling) rather than proper
encryption since key exchange and management is still a big issue in real
world applications.

Having strong encryption that will fail you when you need it and make you
system unavailable is a much bigger risk in tactical military applications
than some one intercepting and decrypting your communications (note tactical
application, for strategic communications the playbook is completely
different).

Military communication gear (and pretty much every other piece of electronics)
is also quite out dated due to the sheer time scales involving adoption and it
having to support integration with legacy systems that might be 30 years
behind it.

With drones specifically bandwidth is also an issue especially if you aren't
say the US and can launch nearly 20 dedicated satellites to support your drone
fleet (and even US drones have the same issues, their communications were
scrambled at all until 2009 and some probably still aren't).

Drones have limited bandwidth what you usually do is use encrypted digital
signaling for the command and control channels and multiplex all of your
sensors over analogue video which is then usually transmitted using standard
TV broadcasting protocols (either terrestrial or satellite), if you can
scramble your sensory signals sufficiently to prevent real time capture more
power to you but it's not the main goal - making sure the signal gets back to
you, that you do not lose imagery due to bandwidth limitations and that there
is as little delay as possible is the key part, having a signal which can also
be easily decoded is also important because if you cant propagate it to the
forces that need to consume the feeds from the drone (and these aren't rear
echelon guys those ones can wait, were talking on boots in the ground or in
the cockpit) it cant serve its main mission.

~~~
petra
Thanks. So implied is that the information the Americans got isn't really that
valuable , right?

~~~
dogma1138
Well depends on how you define valuable.

Tactical information usually means that by the time it's intercepted, analyzed
and disseminated on its self is have very little value.

For example if we are at war right now the chatter between various units on a
local scale isn't that important any information you might gain from them will
not be useful to you as it will be out of date before you can do anything with
it.

However if you capture the same tactical information over a long period of
time during "peace time" from the same units during various military exercises
you might gain some insight in the long run.

I don't think the US has gotten any real intelligence out of this, they
probably knew that Israeli drones are capable of carrying weapons and while
Israeli still does not allow armed drones to be used in combat (at least
within the confines of Israel/Gaze/West Bank) having proof that they do at
least experiment with armed drones and being able to shove if into the face of
some Israeli politician when the time comes might have some value.

The biggest value I can think of is that Israel is the largest exporter of
drones in the world and while most of it's export is to NATO countries (over
80% of NATO's non-US drones are supplied by Israel), it also sells drones to
China and now Russia (please note that after the "Falcon" affair there is a US
congressional oversight over Israeli arms exports, this is the only country
that needs "US" approval to sell arms under certain circumstances), so it
gives them a fairly good opportunity to train under more or less real world
conditions for when they'll have to do it to some one that might slightly more
mind their presence like say China.

On the other hand It would also not surprise me if Israel didn't knew about
this and was quite interested in seeing what the can the US actually intercept
from their drones, because as far as real life goes while the NSA/GCHQ might
have been extremely proud of their work and boasting about how it can improve
their national security some one from the CIA/DIA/DOD or even US congress
could've take that report walk down to the Israeli Intelligence Attache in
Washington and handed it out to them directly.

------
zurn
The article says Israel only added crypto after Hezbollah used the unencrypted
feeds against them on the ground in real time, it sounds like their threat
model is not necessarily about NSA intercepting and eventually crackig the
encrypted feeds.

------
eliteraspberrie
Thank goodness. Knowing NSA spies on Iranian drones, my civil liberties have
been restored.

