Thank you! That first link does seem to be the best one (in terms of easiness to access and information explained). We'll use it above.
zerobees 1 days ago [-]
"Numbers station" is a weird analogy, because the idea of a numbers station was to broadcast messages to undercover operatives in a way that can be received using unmodified (and therefore non-suspicious) household radio receivers.
Here, it appears to be a rekeying system for specialized military gear.
matthewdgreen 16 hours ago [-]
You're assuming it requires specialized military gear, as opposed to consumer gear with a flashed firmware. I believe GPS L1 C/A subframe 4 is on the ordinary L1 C/A civil signal, which means commercial receivers can receive it. They just can't (ordinarily) decrypt it. But a few KB of extra code would change that. A pretty broad set of Android phones can receive this data, without even needing to reflash the GPS firmware: you can decrypt on the application processor, since this field is readable.
WarOnPrivacy 26 minutes ago [-]
> You're assuming it requires specialized military gear, as opposed to consumer gear with a flashed firmware.
The author studied this supposition [code intended for mil gear] for some time and learned this.
On 26 May 2011, all 31 active GPS satellites switched to the
0xAA placeholder within just a few hours.
This rapid daily change perfectly matches the operational
rollout of the U.S. Over-the-Air Distribution (OTAD) network.
matthewdgreen 19 minutes ago [-]
That doesn't really answer the question of whether it could be used to deliver "numbers station" type messages. Encrypted key material and enciphered messages should be indistinguishable. There are 18 bytes of high-entropy ciphertext that could be used for both purposes.
moritzwarhier 1 days ago [-]
I think it's simply because of using a public channel for encrypted communication.
moritzwarhier 23 hours ago [-]
Thanks for all the replies: my phrasing was indeed bad I guess!
A "public channel" is a very broad definition, and most communication channels, including those used for encrypted communication, are by design more or less "public".
Situation with GPS that feels similar to "number stations" (which I only know about thanks to Boards of Canada's album "Geogaddi", tbh^^) is that encrypted messages are deliberatily broadcasted, not that the channel is in some way "public". The latter also applies to all encrypted internet traffic, I guess.
ronsor 1 days ago [-]
Technically all RF communications are "public." You have to use encryption if you want security.
jjtheblunt 1 days ago [-]
Would point to point laser seem like it's RF and not readily snooped without detection?
wang_li 1 days ago [-]
Unless you are in a vacuum, a laser that can reach a useful distance can be observed due to atmospheric scattering.
jjtheblunt 23 hours ago [-]
true!
866-RON-0-FEZ 1 days ago [-]
Yeah GPS is not the people's airwaves it is operated by the US Space Force, I suggest you read up on your history.
moritzwarhier 1 days ago [-]
OK, I have to further narrow down my statement then: a publicly readable medium (or one-way channel).
I didn't want to imply that regular people could simply inject data into what's emitted by GPS satellites.
Sorry if that wasn't clear, but I am aware that GPS is operated by the US military.
anigbrowl 1 days ago [-]
“Every receiver in the world decodes Subframe 4, Page 17,” Murdoch said in his new article. [...] “Every GPS satellite is a numbers station,” he concluded.
tokai 1 days ago [-]
Yeah its not a number station at all.
Analemma_ 1 days ago [-]
I disagree? The point of a numbers station is that it broadcasts in the clear and anyone with a receiver can get it, but only people with the appropriate decryption key can make any use of it. Since it's broadcasting all the time, there's no need for steganography or covert transmission. That's exactly what a numbers station is.
Where the article loses me is the implication that this is somehow sinister or beyond the pale: it's just piggybacking on a global transmitter network that exists anyway, why not?
BigTTYGothGF 5 hours ago [-]
If you need a key it's not "in the clear".
anigbrowl 1 days ago [-]
This implication is purely in your head. The article and the scientist whose work it describes are just pointing out the identification of some data that's been transmitted across a public channel for years without anyne noticing.
defrost 18 hours ago [-]
It's been noticed for a long long time, as noted in the article, this is more or less the first time it has broken in more general public news media.
Civilian high precision surveying has been reverse engineering raw GPS since the Navstar sats and swapping notes on back channels.
thaumasiotes 1 days ago [-]
> Since it's broadcasting all the time, there's no need for steganography or covert transmission.
Well, you could look at it that way, or you could say that the fact that it's broadcasting all the time is the steganography. That constant transmission of nonsense that nobody wants is what makes it fail to be suspicious when you send a message that somebody does want.
tokai 1 days ago [-]
Its all comes down to what we buy as the definition for a number station. For me a number station needs sends a message to be a number station, not a key.
sgjohnson 1 days ago [-]
>For me a number station needs sends a message to be a number station, not a key.
We don't know that it's a key that's being sent. For all we know, it could be just random data. Obviously it's most likely not random data, but ciphertext. Either way, we have no idea what the message is.
wildzzz 22 hours ago [-]
It is kind of like a number station but it's meant for machine to machine communication of commands, keys, and probably test messages specifically for military GPS receivers. The US government has plenty of other satellites (and the internet) at its disposal for sending messages to people covertly. They don't need to risk screwing up critical infrastructure just to send a message to someone. It also wouldn't be prudent to give a secret agent something so obviously a piece of spycraft. There's plenty of off-the-shelf radio receivers you can buy worldwide that would be capable of picking up an encoded message transmitted by a passing satellite.
robotresearcher 1 days ago [-]
A data payload you didn't already know is a message. This message contains a key.
sieabahlpark 1 days ago [-]
[dead]
filup 5 hours ago [-]
[dead]
buredoranna 22 hours ago [-]
Since we're talking numbers stations...
I'll take this opportunity to plug the CONET project:
Recordings of Shortwave Numbers Stations
This is an interesting article. It has a very strong AI accent.
I really wish I could tell how real it is. When some part of it I can tell is AI slop, how much of it is AI slop? Inside GNSS has always been a marketing rag with sometimes some interesting articles.
The author is a security researcher, so maybe poking at GPS bits makes sense, but talking about floating point bit depth? There's too much slop for me to figure out if there's anything of real interest or if this is just a hallucination.
Edit. After reading more carefully this is 100% AI slop. Inside GNSS published Steven Murdoch's chat gpt session. Maybe some data was transmitted? The only way you'll actually know is to redo the research your self. There are many fabrications / confabulations that clearly happen with AI in the text.
rcxdude 1 days ago [-]
I've worked with the guy credited in the article before, so I'll vouch for his general credibility and the underlying information likely being solid: there's good evidence for this field being some kind of encrypted data stream, probably key distribution, and the behaviour has changed over time. But the breathless LLM-tone really did make it hard to read.
20 hours ago [-]
timeinput 1 days ago [-]
Cool. Some data may have been transmitted over GPS. That's interesting and note worthy.
If only that was all that was posted.
Instead there's this stuff that makes me question Steven Murdoch's research practices. If you're willing to publish slop are his research practices slop? Can I trust any paper he creates in the future when I can tell this one has factual errors? Why should I bother reading it?
I actually think he's a good researcher from a little reading. I wish he hadn't done this.
andyjohnson0 20 hours ago [-]
> Can I trust any paper he creates in the future when I can tell this one has factual errors?
What are the factual errors?
rcxdude 21 hours ago [-]
I agree
sjm217 24 hours ago [-]
The code is all available and every claim is traceable back to the statistical analysis. Results are reproducible from the original data which is archived on Zenodo. Further analysis would be very welcome. https://github.com/sjmurdoch/gps-special-messages
applicative 14 hours ago [-]
Paradoxically, in the blog post he speaks with his own voice, describing the evidence better amassed in ... the AI written article.
So much AI. I stopped immediately. He might have something interesting to say, but apparently not important enough for him to write about it himself, so not important enough for me to read it either.
opengrass 7 hours ago [-]
Messages would be split over multiple mediums or be slow.
ck2 1 days ago [-]
People are complaining about a clickbaity title but it's a fascinating article I am not sure most would read otherwise
What's interesting to me is how out of date US GPS system is compared to China's BeiDou
and while most US GPS receivers will use Russia's GLONOSS, China's BeiDou is blocked
The going wisdom seems to be that the EU's Galileo is the most accurate system for civilian use. GPS has undergone frequent systematic update for almost a half century.
Indeed. i have some GPS receiver modules and had wondered about this data, I had assumed it was imprecision in my device or something to do with a satellite moving around. I'll have to plug it in and go back for another look.
kortilla 17 hours ago [-]
> What's interesting to me is how out of date US GPS system is compared to China's BeiDou
It’s significantly older though. What would you expect?
entrope 6 hours ago [-]
Two things amaze me about GPS. First, that there are still four Block IIR and seven Block IIR-M satellites operational; these had 7.5 year design lives and were launched by 2004 and 2009 respectively. Second, that L1C, L5 and L2C are all still pre-operational thanks to the OCX debacle. L1C and L2C really modernize the signal structure to improve accuracy.
In my view people nitpicking the 404 media story are being ridiculous. Everyone in their audience knows GPS originated as a military system, indeed I think most of teh general public knows that. Bashing them for not mentioning this is just looking for something to be mad about.
Lammy 23 hours ago [-]
> May 26, 2011
> No publicly recorded NANU announces a fleet-wide event of this kind in the surrounding window.
“SOUTHEAST ATLANTIC COAST: GPS Testing Information THE GPS NAVIGATION SIGNALS MAY BE UNRELIABLE FROM 20 JAN 2011 - 22 FEB 2011 FROM 0000Z - 0245Z DUE TO TESTING ON GPS FREQUENCIES USED IN SHIPBOARD NAVIGATION AND HANDHELD SYSTEMS. GPS SYSTEMS THAT RELY ON GPS, SUCH AS E-911, AIS AND DSC, MAY BE AFFECTED WITHIN A 150 NM RADIUS OF POSITION 30 49.09N 80 28.18W. DURING THIS PERIOD GPS USERS ARE ENCOURAGED TO REPORT ANY GPS SERVICE OUTAGES THAT THEY MAY EXPERIENCE DURING THIS TESTING VIA THE NAVIGATION INFORMATION SERVICE (NIS) BY CALLING (703) 313-5900 OR BY USING THE NAVCEN WEB SITE'S GPS REPORT A PROBLEM WORKSHEET AT WWW.NAVCEN.USCG.GOV.”
I specifically remember it because I was trying to navigate to the Atlanta IKEA but my phone showed me as being, like, south of Macon; ~100mi of error. That timeframe could fit if they were testing something like key availability in a spoofing scenario before enabling real key material transmission.
GPS was always a dual use system. This is very detailed and specific, but not interesting or surprising. Research has been study GPS signal data, found parts that are encrypted and he doesn’t understand. The end. Article seems only intended to generate an emotional response of “how dare they use GPS for war, man!”
sgjohnson 1 days ago [-]
> GPS was always a dual use system
It wasn't. It was going to be a military-only system, until KAL007 presented the obvious life-saving civilian case.
But yes, the title of this article might as well read "Satellite system developed for military use is being used for a military purpose."
eagerpace 1 days ago [-]
Even better, thanks for clarifying. It’s that kind of omission from the article that makes the rest of it hard to swallow. Even if it is technically correct. Which is sadly the case for most “journalism” these days.
golem14 1 days ago [-]
It’s not surprising, but I find it interesting.
transistor-man 1 days ago [-]
This is a fantastic writeup
1 days ago [-]
7777777phil 1 days ago [-]
Slightly related the latest Veritasium Video: Something is jamming GPS over Europe.
TLDW: Russia is jamming GPS and GNSS over Europe, purposefully, using a constellation of military satellites.
Theory is that Russia is constantly practicing to totally disrupt GPS and GNSS (and the Chinese system) across all of Europe.
floxy 1 days ago [-]
Anyone have a good source to read up on the current state of the art for daytime celestial navigation? Maybe there isn't too much in the public domain, because things like GPS work so well. But I'd guess that since you can't easily artificially jam celestial navigation there would be military research on this. But I suppose clouds also limit the practicality as well.
And the Russian system is named (the Russian words for) "Global Navigation Satellite System", but usually only called GLONASS because adding L, O and A is less confusing than having one name for super- and sub-sets in a single category.
The fourth global GNSS constellation is Europe's Galileo. NavIC and QZSS are regional GNSS constellations.
jp42 1 days ago [-]
Meanwhile Starlink and Starshield: Hold my beer ;-)
rafram 1 days ago [-]
Clickbait from 404 Media? Surely not!
The part they kept out of the headline:
> for use in distributing the keys for accessing the military GPS signals
It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal. “Numbers station” implies that they’re distributing unrelated encrypted information, but they’re not; it’s not surprising that GPS signals would be used to deliver information related to GPS, even if only military receivers have any use for it!
05 24 hours ago [-]
> has access to a separate, encrypted, higher-precision GPS signal.
That's not it, though. This is available on the consumer L1 band, and you can even read that info using a $5 Ublox receiver (UBX-RXM-SFRBX command).
kotaKat 20 hours ago [-]
Yeah, but the DAGRs out there hop around on both sets. You can run a DAGR without keys and it'll use civ GPS just fine. It'd make sense to have the hidden OTAR/OTAP running on a hidden chunk of L1 traffic.
I don't think this qualifies as clickbait in the sense that the headline mismatches the contents. My experience with 404 Media is that they treat every article like they've just released the Pentagon Papers, so you just have to read with that in mind.
SllX 24 hours ago [-]
> My experience with 404 Media is that they treat every article like they've just released the Pentagon Papers
I think you’ve perfectly phrased exactly what it is that annoys me when I see a 404 Media headline. When it was a new shop, I stomached it more, but this is every single headline I ever see from them.
DANmode 24 hours ago [-]
Contrasting the tone of innocence the larger publications use around these institutions feels perfectly within a journalistic mandate.
SllX 23 hours ago [-]
Nobody is disputing that it is a legitimate choice. It is also legitimately off-putting.
If their audience is into it though, good for them.
DANmode 22 hours ago [-]
Honestly, I was surprised to see this take.
Their tone just makes me miss the original The Intercept and other used-to-be-heavy-hitters.
Were they also too punchy for you?
(I sound possibly sarcastic, but am genuinely curious)
cryzinger 22 hours ago [-]
For new and under-reported (or otherwise downplayed) stories, I think it's understandable and maybe even good. But when every single story has a breathless, scandalized headline, it gets exhausting fast, and it's hard for me to know what to pay attention to.
I remember last year 404 put out a clickbait-y story about the shitty "covert" websites that the CIA used to communicate with spies they'd recruited in Iran, even though it was old news at that point. If you only read the headline (as many people do...) you'd think it was a startling new development.
DANmode 19 hours ago [-]
> it's hard for me to know what to pay attention to.
>It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal.
The most militarily-valuable aspect of the military GPS signals is actually the anti-spoofing qualities, rather than the higher precision. Survey-grade GPS gear has been able to achieve centimetre-level precision from the regular civilian signals for several years now, using RF fuckery like tracking the phase angle and other techniques.
To be sure, you want the precision too. NATO countries have M982 Excalibur GPS-guided artillery rounds that are precise enough that you can select not just the building you want to hit but the specific window you want the round to enter.
But the primary benefit of the encrypted signal is that it provides cryptographic assurance that the signal is not spoofed and one can be confident that one's GPS-guided cruise missile or other munition is not being diverted off-course.
Nowadays the military GPS signal has moved from transmitting the legacy "P(Y) code", which is a Cold War-era design, to the "M code" which incorporates several decades' worth of lessons learned in terms of spoofing resistance, cryptographic authentication, etc. It's actually a really neat rabbit hole to climb down.
https://www.youtube.com/watch?v=DjLnIb41DuQ I Found The US Nuclear Detection System In Space (saveitforparts)
Someone broadcasting one time pad messages using GPS over years...
a spy operative using jogging app changing routes slightly
or maybe a cartel member embedded inside highly hostile countries like Singapore
PDF of article (page 62) https://cdn.coverstand.com/61061/865273/2c88ea662e2b57478723...
Here, it appears to be a rekeying system for specialized military gear.
The author studied this supposition [code intended for mil gear] for some time and learned this.
A "public channel" is a very broad definition, and most communication channels, including those used for encrypted communication, are by design more or less "public".
Situation with GPS that feels similar to "number stations" (which I only know about thanks to Boards of Canada's album "Geogaddi", tbh^^) is that encrypted messages are deliberatily broadcasted, not that the channel is in some way "public". The latter also applies to all encrypted internet traffic, I guess.
I didn't want to imply that regular people could simply inject data into what's emitted by GPS satellites.
Sorry if that wasn't clear, but I am aware that GPS is operated by the US military.
Where the article loses me is the implication that this is somehow sinister or beyond the pale: it's just piggybacking on a global transmitter network that exists anyway, why not?
Civilian high precision surveying has been reverse engineering raw GPS since the Navstar sats and swapping notes on back channels.
Well, you could look at it that way, or you could say that the fact that it's broadcasting all the time is the steganography. That constant transmission of nonsense that nobody wants is what makes it fail to be suspicious when you send a message that somebody does want.
We don't know that it's a key that's being sent. For all we know, it could be just random data. Obviously it's most likely not random data, but ciphertext. Either way, we have no idea what the message is.
I'll take this opportunity to plug the CONET project: Recordings of Shortwave Numbers Stations
https://en.wikipedia.org/wiki/The_Conet_Project
https://archive.org/details/The-Conet-Project
[edit: formatting]
I really wish I could tell how real it is. When some part of it I can tell is AI slop, how much of it is AI slop? Inside GNSS has always been a marketing rag with sometimes some interesting articles.
The author is a security researcher, so maybe poking at GPS bits makes sense, but talking about floating point bit depth? There's too much slop for me to figure out if there's anything of real interest or if this is just a hallucination.
Edit. After reading more carefully this is 100% AI slop. Inside GNSS published Steven Murdoch's chat gpt session. Maybe some data was transmitted? The only way you'll actually know is to redo the research your self. There are many fabrications / confabulations that clearly happen with AI in the text.
If only that was all that was posted.
Instead there's this stuff that makes me question Steven Murdoch's research practices. If you're willing to publish slop are his research practices slop? Can I trust any paper he creates in the future when I can tell this one has factual errors? Why should I bother reading it?
I actually think he's a good researcher from a little reading. I wish he hadn't done this.
What are the factual errors?
What's interesting to me is how out of date US GPS system is compared to China's BeiDou
and while most US GPS receivers will use Russia's GLONOSS, China's BeiDou is blocked
https://news.ycombinator.com/item?id=47849174
It’s significantly older though. What would you expect?
The source data and analytical code (in Julia) is also available at https://lsc-pagepro.mydigitalpublication.com/publication/?i=...
In my view people nitpicking the 404 media story are being ridiculous. Everyone in their audience knows GPS originated as a military system, indeed I think most of teh general public knows that. Bashing them for not mentioning this is just looking for something to be mad about.
> No publicly recorded NANU announces a fleet-wide event of this kind in the surrounding window.
I do remember living through this one in February 2011 which was very strange at the time: https://web.archive.org/web/20111015232120/http://navcen.usc...
“SOUTHEAST ATLANTIC COAST: GPS Testing Information THE GPS NAVIGATION SIGNALS MAY BE UNRELIABLE FROM 20 JAN 2011 - 22 FEB 2011 FROM 0000Z - 0245Z DUE TO TESTING ON GPS FREQUENCIES USED IN SHIPBOARD NAVIGATION AND HANDHELD SYSTEMS. GPS SYSTEMS THAT RELY ON GPS, SUCH AS E-911, AIS AND DSC, MAY BE AFFECTED WITHIN A 150 NM RADIUS OF POSITION 30 49.09N 80 28.18W. DURING THIS PERIOD GPS USERS ARE ENCOURAGED TO REPORT ANY GPS SERVICE OUTAGES THAT THEY MAY EXPERIENCE DURING THIS TESTING VIA THE NAVIGATION INFORMATION SERVICE (NIS) BY CALLING (703) 313-5900 OR BY USING THE NAVCEN WEB SITE'S GPS REPORT A PROBLEM WORKSHEET AT WWW.NAVCEN.USCG.GOV.”
I specifically remember it because I was trying to navigate to the Atlanta IKEA but my phone showed me as being, like, south of Macon; ~100mi of error. That timeframe could fit if they were testing something like key availability in a spoofing scenario before enabling real key material transmission.
It wasn't. It was going to be a military-only system, until KAL007 presented the obvious life-saving civilian case.
But yes, the title of this article might as well read "Satellite system developed for military use is being used for a military purpose."
https://youtu.be/tz23G_UXCGA
Theory is that Russia is constantly practicing to totally disrupt GPS and GNSS (and the Chinese system) across all of Europe.
https://www.scientificamerican.com/article/how-to-see-stars-...
The Chinese system is called BeiDou.[1]
[1] https://en.wikipedia.org/wiki/Satellite_navigation#BeiDou_(2...
The fourth global GNSS constellation is Europe's Galileo. NavIC and QZSS are regional GNSS constellations.
The part they kept out of the headline:
> for use in distributing the keys for accessing the military GPS signals
It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal. “Numbers station” implies that they’re distributing unrelated encrypted information, but they’re not; it’s not surprising that GPS signals would be used to deliver information related to GPS, even if only military receivers have any use for it!
That's not it, though. This is available on the consumer L1 band, and you can even read that info using a $5 Ublox receiver (UBX-RXM-SFRBX command).
https://www.baesystems.com/en/product/defense-advanced-gps-r...
I think you’ve perfectly phrased exactly what it is that annoys me when I see a 404 Media headline. When it was a new shop, I stomached it more, but this is every single headline I ever see from them.
If their audience is into it though, good for them.
Their tone just makes me miss the original The Intercept and other used-to-be-heavy-hitters.
Were they also too punchy for you? (I sound possibly sarcastic, but am genuinely curious)
I remember last year 404 put out a clickbait-y story about the shitty "covert" websites that the CIA used to communicate with spies they'd recruited in Iran, even though it was old news at that point. If you only read the headline (as many people do...) you'd think it was a startling new development.
If it’s a decent institution?
All of what they’re reporting on! =]
The most militarily-valuable aspect of the military GPS signals is actually the anti-spoofing qualities, rather than the higher precision. Survey-grade GPS gear has been able to achieve centimetre-level precision from the regular civilian signals for several years now, using RF fuckery like tracking the phase angle and other techniques.
To be sure, you want the precision too. NATO countries have M982 Excalibur GPS-guided artillery rounds that are precise enough that you can select not just the building you want to hit but the specific window you want the round to enter.
But the primary benefit of the encrypted signal is that it provides cryptographic assurance that the signal is not spoofed and one can be confident that one's GPS-guided cruise missile or other munition is not being diverted off-course.
Nowadays the military GPS signal has moved from transmitting the legacy "P(Y) code", which is a Cold War-era design, to the "M code" which incorporates several decades' worth of lessons learned in terms of spoofing resistance, cryptographic authentication, etc. It's actually a really neat rabbit hole to climb down.
These people need to mind their links. Unless that "current-issue" is the only/last one.
https://news.ycombinator.com/item?id=48414479
https://www.404media.co/the-u-s-military-quietly-turned-gps-...
The 404 article seems fluff-free and cites
https://insidegnss.com/current-issue/
as source.