tag:blogger.com,1999:blog-8320914018667085850.post2718142997614645776..comments2016-10-09T11:01:42.285+02:00Comments on Inguma Development: Moving towards Inguma 0.5Inguma Bloghttp://www.blogger.com/profile/11808896702980279168noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-8320914018667085850.post-14465796433863450702013-12-23T17:50:53.443+01:002013-12-23T17:50:53.443+01:00I think for a first proof of concept for the vulne...I think for a first proof of concept for the vulnerabilities I am aiming at is to create "evil" versions of the 3DR radio software.. at a minimum a scanner/monitor mode that would allow one to scan for in progress mavlink transmissions, and of course various attack and attack assist modes. Its relatively cheap to attack this radio and its embedded protocol(ie 3-4 radio boards in each frequency, a jtag debug/programming adapter for same(38.00 or so).. and the results given the numbers of ground stations and autopilots using same should be worthwhile, if only to force the hand to a more secure radio/protocol, vendors/programmers/users wont move until they are forced to which in this case means some fairly weighty objects descending at 9.8m2/s(kitfoxes etc). So I think this research is fairly important.<br /><br /> <br />witnessdigitalhttps://www.blogger.com/profile/01484835022519770464noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-68657994200339571712013-12-18T17:00:45.853+01:002013-12-18T17:00:45.853+01:00Hi Ender,
my worries are that Openpilot/Ardu...Hi Ender,<br /> my worries are that Openpilot/Ardupilot/NAZA/MAVLINK based systems which have not undergone ANY sort of security testing are being used to control increasingly larger craft such as full sized boats and in one case a kitfox airplane. That and the fact the code is NOT secure against even trivial attacks makes me extremely nervous.. sort of like the whole P25 radio encryption being able to be jammed by a 30.00 girls toys here in the US.witnessdigitalhttps://www.blogger.com/profile/01484835022519770464noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-9456239531293697152013-12-13T04:00:00.171+01:002013-12-13T04:00:00.171+01:00and the other thing is while I have the ability an...and the other thing is while I have the ability and hardware/software to encrypt my links(I actually use a gumstix overo as a mission/vpn processor(and considering moving to a navstic for my autopilot from pixhawk. navstic direcly interfaces ..)<br /> Other do not and if you have been on dirdrones.com things move very slowly for mavlink and the 3dr radios(this issue has been jawed to death and the fields needs the shock of samy et al(and soon to be metasploit) in the UAV/UAS security arena. Inguma-red-wagon presents some interesting possibility as a research tool but only if it is available for researchers to work with and prove to developers that they are living in glass houses on the security/integrity of these protocols.<br />Ie I am presenting using RFCat and a HackRF board will be arriving soon to help along with 3dr boards in 915 and 433 MHZ to facilitate this study.witnessdigitalhttps://www.blogger.com/profile/01484835022519770464noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-29182319956512978532013-12-13T03:49:27.168+01:002013-12-13T03:49:27.168+01:00Hi Ender,
have you seen the latest from http...Hi Ender,<br /> have you seen the latest from http://samy.pl/skyjack/... . Other scenarios of course use say an active jammer on the 2.4Ghz RC/control link.. or say a 433 RC link jammer to direct control and telemetry to an at present vulnerable control channel ,the present comms have quite a large attack surface..witnessdigitalhttps://www.blogger.com/profile/01484835022519770464noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-10220648997984340132013-12-10T08:14:50.677+01:002013-12-10T08:14:50.677+01:00Hello, witnessdigital. Thank you for including our...Hello, witnessdigital. Thank you for including our tool in your recommendations!<br /><br />The development of Inguma Red Wagon (that's the name of the branch with the airplanes code) has been done off-line to allow having code potentially dangerous be developed for the proofs of concept that Hugo has been using for the talks. So there's some responsible disclosure involved as well as a potential license issue to be cleared up.<br /><br />I don't know exactly the extent of the changes that we will finally publish, but we have been talking about this internally, and we would like to push to the public mercurial as much as we can. Please ping us again in a month or so as we should have a pretty good idea or even a code drop of this version.<br /><br />Thanks again for your patience.Enderhttps://www.blogger.com/profile/14709596788489094437noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-43868231343653356842013-11-28T05:17:56.588+01:002013-11-28T05:17:56.588+01:00So is the special version of inguma available? I a...So is the special version of inguma available? I am just starting to try and formulate a formalized repeatable test plan for the Ardupilot 3.x+ code and I would like to include your tool as one of the recommended test tools for autopilots..witnessdigitalhttps://www.blogger.com/profile/01484835022519770464noreply@blogger.comtag:blogger.com,1999:blog-8320914018667085850.post-75675613220232213242013-09-24T10:59:22.719+02:002013-09-24T10:59:22.719+02:00Inguma 0.5 is nice. I wish you could discuss more ...Inguma 0.5 is nice. I wish you could discuss more about it soon. My <a href="http://www.optimizex.com/search-engine-optimization/" rel="nofollow">Arizona SEO</a> team mates appreciates everything you have shared. Keep blogging!Anonymoushttps://www.blogger.com/profile/11736519622319166066noreply@blogger.com