Real-Time Access To All U.S. Drones & Warplanes Video With $26 Worth Of Software

Oy. Just Oy.

For crying out loud, I use encryption on sensitive emails, and set up a basic VPN server so I can use it when I’m using my iPhone through public wi-fi (like at Starbucks or the airport or something). Did the U.S. military really not think this one through?

How’d the militants manage to get access to such secret data? Basically by pointing satellite dishes up, and waiting for the drone feeds to pour in. According to the Journal, militants have exploited a weakness: The data links between the drone and the ground control station were never encrypted. Which meant that pretty much anyone could tap into the overhead surveillance that many commanders feel is America’s most important advantage in its two wars. Pretty much anyone could intercept the feeds of the drones that are the focal point for the secret U.S. war in Pakistan.

Using cheap, downloadable programs like SkyGrabber, militants were apparently able to watch and record the video feed — and potentially be tipped off when U.S. and coalition forces are stalking them. The $26 software was originally designed to let users download movies and songs off of the internet. Turns out, the program lets you nab Predator drone feeds just as easily as pirated copies of The Hangover.

When they say “encryption,” most people assume some super-secret, super-expensive spy-gear stuff that only the military knows about – or is able to deploy. But we’re not talking about that. The military may have proprietary encryption algorithms which the hoi polloi (like me) don’t know anything about, but they wouldn’t have had to in order to avoid this problem. In the last fifteen years or so, open-sourced encryption algorithms have advanced to the point where the NSA themselves have put their stamp of approval on them. Right now, AES-256 is cheap, widely available, and would require more computing horsepower than is available on the entire planet, combined, working for thousands of years, in order to brute-force crack. It’s that good. That the military didn’t bother including this as a module in what they consider (rightly) to be a huge military advantage (and a correspondingly huge security breach, when cracked by militants) is simply beyond me.