"Numbers station" is a weird analogy, because the idea of a numbers station was to broadcast messages to undercover operatives in a way that can be received using unmodified (and therefore non-suspicious) household radio receivers.
Here, it appears to be a rekeying system for specialized military gear.
Thanks for all the replies: my phrasing was indeed bad I guess!
A "public channel" is a very broad definition, and most communication channels, including those used for encrypted communication, are by design more or less "public".
Situation with GPS that feels similar to "number stations" (which I only know about thanks to Boards of Canada's album "Geogaddi", tbh^^) is that encrypted messages are deliberatily broadcasted, not that the channel is in some way "public". The latter also applies to all encrypted internet traffic, I guess.
I disagree? The point of a numbers station is that it broadcasts in the clear and anyone with a receiver can get it, but only people with the appropriate decryption key can make any use of it. Since it's broadcasting all the time, there's no need for steganography or covert transmission. That's exactly what a numbers station is.
Where the article loses me is the implication that this is somehow sinister or beyond the pale: it's just piggybacking on a global transmitter network that exists anyway, why not?
This implication is purely in your head. The article and the scientist whose work it describes are just pointing out the identification of some data that's been transmitted across a public channel for years without anyne noticing.
> Since it's broadcasting all the time, there's no need for steganography or covert transmission.
Well, you could look at it that way, or you could say that the fact that it's broadcasting all the time is the steganography. That constant transmission of nonsense that nobody wants is what makes it fail to be suspicious when you send a message that somebody does want.
Its all comes down to what we buy as the definition for a number station. For me a number station needs sends a message to be a number station, not a key.
>For me a number station needs sends a message to be a number station, not a key.
We don't know that it's a key that's being sent. For all we know, it could be just random data. Obviously it's most likely not random data, but ciphertext. Either way, we have no idea what the message is.
It is kind of like a number station but it's meant for machine to machine communication of commands, keys, and probably test messages specifically for military GPS receivers. The US government has plenty of other satellites (and the internet) at its disposal for sending messages to people covertly. They don't need to risk screwing up critical infrastructure just to send a message to someone. It also wouldn't be prudent to give a secret agent something so obviously a piece of spycraft. There's plenty of off-the-shelf radio receivers you can buy worldwide that would be capable of picking up an encoded message transmitted by a passing satellite.
“Every receiver in the world decodes Subframe 4, Page 17,” Murdoch said in his new article. [...] “Every GPS satellite is a numbers station,” he concluded.
In my view people nitpicking the 404 media story are being ridiculous. Everyone in their audience knows GPS originated as a military system, indeed I think most of teh general public knows that. Bashing them for not mentioning this is just looking for something to be mad about.
“SOUTHEAST ATLANTIC COAST: GPS Testing Information THE GPS NAVIGATION SIGNALS MAY BE UNRELIABLE FROM 20 JAN 2011 - 22 FEB 2011 FROM 0000Z - 0245Z DUE TO TESTING ON GPS FREQUENCIES USED IN SHIPBOARD NAVIGATION AND HANDHELD SYSTEMS. GPS SYSTEMS THAT RELY ON GPS, SUCH AS E-911, AIS AND DSC, MAY BE AFFECTED WITHIN A 150 NM RADIUS OF POSITION 30 49.09N 80 28.18W. DURING THIS PERIOD GPS USERS ARE ENCOURAGED TO REPORT ANY GPS SERVICE OUTAGES THAT THEY MAY EXPERIENCE DURING THIS TESTING VIA THE NAVIGATION INFORMATION SERVICE (NIS) BY CALLING (703) 313-5900 OR BY USING THE NAVCEN WEB SITE'S GPS REPORT A PROBLEM WORKSHEET AT WWW.NAVCEN.USCG.GOV.”
I specifically remember it because I was trying to navigate to the Atlanta IKEA but my phone showed me as being, like, south of Macon; ~100mi of error. That timeframe could fit if they were testing something like key availability in a spoofing scenario before enabling real key material transmission.
The going wisdom seems to be that the EU's Galileo is the most accurate system for civilian use. GPS has undergone frequent systematic update for almost a half century.
Indeed. i have some GPS receiver modules and had wondered about this data, I had assumed it was imprecision in my device or something to do with a satellite moving around. I'll have to plug it in and go back for another look.
GPS was always a dual use system. This is very detailed and specific, but not interesting or surprising. Research has been study GPS signal data, found parts that are encrypted and he doesn’t understand. The end. Article seems only intended to generate an emotional response of “how dare they use GPS for war, man!”
Even better, thanks for clarifying. It’s that kind of omission from the article that makes the rest of it hard to swallow. Even if it is technically correct. Which is sadly the case for most “journalism” these days.
This is an interesting article. It has a very strong AI accent.
I really wish I could tell how real it is. When some part of it I can tell is AI slop, how much of it is AI slop? Inside GNSS has always been a marketing rag with sometimes some interesting articles.
The author is a security researcher, so maybe poking at GPS bits makes sense, but talking about floating point bit depth? There's too much slop for me to figure out if there's anything of real interest or if this is just a hallucination.
Edit. After reading more carefully this is 100% AI slop. Inside GNSS published Steven Murdoch's chat gpt session. Maybe some data was transmitted? The only way you'll actually know is to redo the research your self. There are many fabrications / confabulations that clearly happen with AI in the text.
The code is all available and every claim is traceable back to the statistical analysis. Results are reproducible from the original data which is archived on Zenodo. Further analysis would be very welcome. https://github.com/sjmurdoch/gps-special-messages
I've worked with the guy credited in the article before, so I'll vouch for his general credibility and the underlying information likely being solid: there's good evidence for this field being some kind of encrypted data stream, probably key distribution, and the behaviour has changed over time. But the breathless LLM-tone really did make it hard to read.
Cool. Some data may have been transmitted over GPS. That's interesting and note worthy.
If only that was all that was posted.
Instead there's this stuff that makes me question Steven Murdoch's research practices. If you're willing to publish slop are his research practices slop? Can I trust any paper he creates in the future when I can tell this one has factual errors? Why should I bother reading it?
I actually think he's a good researcher from a little reading. I wish he hadn't done this.
So much AI. I stopped immediately. He might have something interesting to say, but apparently not important enough for him to write about it himself, so not important enough for me to read it either.
Anyone have a good source to read up on the current state of the art for daytime celestial navigation? Maybe there isn't too much in the public domain, because things like GPS work so well. But I'd guess that since you can't easily artificially jam celestial navigation there would be military research on this. But I suppose clouds also limit the practicality as well.
> for use in distributing the keys for accessing the military GPS signals
It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal. “Numbers station” implies that they’re distributing unrelated encrypted information, but they’re not; it’s not surprising that GPS signals would be used to deliver information related to GPS, even if only military receivers have any use for it!
Yeah, but the DAGRs out there hop around on both sets. You can run a DAGR without keys and it'll use civ GPS just fine. It'd make sense to have the hidden OTAR/OTAP running on a hidden chunk of L1 traffic.
I don't think this qualifies as clickbait in the sense that the headline mismatches the contents. My experience with 404 Media is that they treat every article like they've just released the Pentagon Papers, so you just have to read with that in mind.
> My experience with 404 Media is that they treat every article like they've just released the Pentagon Papers
I think you’ve perfectly phrased exactly what it is that annoys me when I see a 404 Media headline. When it was a new shop, I stomached it more, but this is every single headline I ever see from them.
For new and under-reported (or otherwise downplayed) stories, I think it's understandable and maybe even good. But when every single story has a breathless, scandalized headline, it gets exhausting fast, and it's hard for me to know what to pay attention to.
I remember last year 404 put out a clickbait-y story about the shitty "covert" websites that the CIA used to communicate with spies they'd recruited in Iran, even though it was old news at that point. If you only read the headline (as many people do...) you'd think it was a startling new development.
>It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal.
The most militarily-valuable aspect of the military GPS signals is actually the anti-spoofing qualities, rather than the higher precision. Survey-grade GPS gear has been able to achieve centimetre-level precision from the regular civilian signals for several years now, using RF fuckery like tracking the phase angle and other techniques.
To be sure, you want the precision too. NATO countries have M982 Excalibur GPS-guided artillery rounds that are precise enough that you can select not just the building you want to hit but the specific window you want the round to enter.
But the primary benefit of the encrypted signal is that it provides cryptographic assurance that the signal is not spoofed and one can be confident that one's GPS-guided cruise missile or other munition is not being diverted off-course.
Nowadays the military GPS signal has moved from transmitting the legacy "P(Y) code", which is a Cold War-era design, to the "M code" which incorporates several decades' worth of lessons learned in terms of spoofing resistance, cryptographic authentication, etc. It's actually a really neat rabbit hole to climb down.
PDF of article (page 62) https://cdn.coverstand.com/61061/865273/2c88ea662e2b57478723...
Here, it appears to be a rekeying system for specialized military gear.
A "public channel" is a very broad definition, and most communication channels, including those used for encrypted communication, are by design more or less "public".
Situation with GPS that feels similar to "number stations" (which I only know about thanks to Boards of Canada's album "Geogaddi", tbh^^) is that encrypted messages are deliberatily broadcasted, not that the channel is in some way "public". The latter also applies to all encrypted internet traffic, I guess.
I didn't want to imply that regular people could simply inject data into what's emitted by GPS satellites.
Sorry if that wasn't clear, but I am aware that GPS is operated by the US military.
Where the article loses me is the implication that this is somehow sinister or beyond the pale: it's just piggybacking on a global transmitter network that exists anyway, why not?
Civilian high precision surveying has been reverse engineering raw GPS since the Navstar sats and swapping notes on back channels.
Well, you could look at it that way, or you could say that the fact that it's broadcasting all the time is the steganography. That constant transmission of nonsense that nobody wants is what makes it fail to be suspicious when you send a message that somebody does want.
We don't know that it's a key that's being sent. For all we know, it could be just random data. Obviously it's most likely not random data, but ciphertext. Either way, we have no idea what the message is.
I'll take this opportunity to plug the CONET project: Recordings of Shortwave Numbers Stations
https://en.wikipedia.org/wiki/The_Conet_Project
https://archive.org/details/The-Conet-Project
[edit: formatting]
The source data and analytical code (in Julia) is also available at https://lsc-pagepro.mydigitalpublication.com/publication/?i=...
In my view people nitpicking the 404 media story are being ridiculous. Everyone in their audience knows GPS originated as a military system, indeed I think most of teh general public knows that. Bashing them for not mentioning this is just looking for something to be mad about.
> No publicly recorded NANU announces a fleet-wide event of this kind in the surrounding window.
I do remember living through this one in February 2011 which was very strange at the time: https://web.archive.org/web/20111015232120/http://navcen.usc...
“SOUTHEAST ATLANTIC COAST: GPS Testing Information THE GPS NAVIGATION SIGNALS MAY BE UNRELIABLE FROM 20 JAN 2011 - 22 FEB 2011 FROM 0000Z - 0245Z DUE TO TESTING ON GPS FREQUENCIES USED IN SHIPBOARD NAVIGATION AND HANDHELD SYSTEMS. GPS SYSTEMS THAT RELY ON GPS, SUCH AS E-911, AIS AND DSC, MAY BE AFFECTED WITHIN A 150 NM RADIUS OF POSITION 30 49.09N 80 28.18W. DURING THIS PERIOD GPS USERS ARE ENCOURAGED TO REPORT ANY GPS SERVICE OUTAGES THAT THEY MAY EXPERIENCE DURING THIS TESTING VIA THE NAVIGATION INFORMATION SERVICE (NIS) BY CALLING (703) 313-5900 OR BY USING THE NAVCEN WEB SITE'S GPS REPORT A PROBLEM WORKSHEET AT WWW.NAVCEN.USCG.GOV.”
I specifically remember it because I was trying to navigate to the Atlanta IKEA but my phone showed me as being, like, south of Macon; ~100mi of error. That timeframe could fit if they were testing something like key availability in a spoofing scenario before enabling real key material transmission.
What's interesting to me is how out of date US GPS system is compared to China's BeiDou
and while most US GPS receivers will use Russia's GLONOSS, China's BeiDou is blocked
https://news.ycombinator.com/item?id=47849174
It’s significantly older though. What would you expect?
It wasn't. It was going to be a military-only system, until KAL007 presented the obvious life-saving civilian case.
But yes, the title of this article might as well read "Satellite system developed for military use is being used for a military purpose."
I really wish I could tell how real it is. When some part of it I can tell is AI slop, how much of it is AI slop? Inside GNSS has always been a marketing rag with sometimes some interesting articles.
The author is a security researcher, so maybe poking at GPS bits makes sense, but talking about floating point bit depth? There's too much slop for me to figure out if there's anything of real interest or if this is just a hallucination.
Edit. After reading more carefully this is 100% AI slop. Inside GNSS published Steven Murdoch's chat gpt session. Maybe some data was transmitted? The only way you'll actually know is to redo the research your self. There are many fabrications / confabulations that clearly happen with AI in the text.
If only that was all that was posted.
Instead there's this stuff that makes me question Steven Murdoch's research practices. If you're willing to publish slop are his research practices slop? Can I trust any paper he creates in the future when I can tell this one has factual errors? Why should I bother reading it?
I actually think he's a good researcher from a little reading. I wish he hadn't done this.
What are the factual errors?
https://youtu.be/tz23G_UXCGA
Theory is that Russia is constantly practicing to totally disrupt GPS and GNSS (and the Chinese system) across all of Europe.
https://www.scientificamerican.com/article/how-to-see-stars-...
The Chinese system is called BeiDou.[1]
[1] https://en.wikipedia.org/wiki/Satellite_navigation#BeiDou_(2...
The part they kept out of the headline:
> for use in distributing the keys for accessing the military GPS signals
It’s common knowledge that the military has access to a separate, encrypted, higher-precision GPS signal. “Numbers station” implies that they’re distributing unrelated encrypted information, but they’re not; it’s not surprising that GPS signals would be used to deliver information related to GPS, even if only military receivers have any use for it!
That's not it, though. This is available on the consumer L1 band, and you can even read that info using a $5 Ublox receiver (UBX-RXM-SFRBX command).
https://www.baesystems.com/en/product/defense-advanced-gps-r...
I think you’ve perfectly phrased exactly what it is that annoys me when I see a 404 Media headline. When it was a new shop, I stomached it more, but this is every single headline I ever see from them.
If their audience is into it though, good for them.
Their tone just makes me miss the original The Intercept and other used-to-be-heavy-hitters.
Were they also too punchy for you? (I sound possibly sarcastic, but am genuinely curious)
I remember last year 404 put out a clickbait-y story about the shitty "covert" websites that the CIA used to communicate with spies they'd recruited in Iran, even though it was old news at that point. If you only read the headline (as many people do...) you'd think it was a startling new development.
If it’s a decent institution?
All of what they’re reporting on! =]
The most militarily-valuable aspect of the military GPS signals is actually the anti-spoofing qualities, rather than the higher precision. Survey-grade GPS gear has been able to achieve centimetre-level precision from the regular civilian signals for several years now, using RF fuckery like tracking the phase angle and other techniques.
To be sure, you want the precision too. NATO countries have M982 Excalibur GPS-guided artillery rounds that are precise enough that you can select not just the building you want to hit but the specific window you want the round to enter.
But the primary benefit of the encrypted signal is that it provides cryptographic assurance that the signal is not spoofed and one can be confident that one's GPS-guided cruise missile or other munition is not being diverted off-course.
Nowadays the military GPS signal has moved from transmitting the legacy "P(Y) code", which is a Cold War-era design, to the "M code" which incorporates several decades' worth of lessons learned in terms of spoofing resistance, cryptographic authentication, etc. It's actually a really neat rabbit hole to climb down.
https://news.ycombinator.com/item?id=48414479
https://www.404media.co/the-u-s-military-quietly-turned-gps-...
The 404 article seems fluff-free and cites
https://insidegnss.com/current-issue/
as source.
These people need to mind their links. Unless that "current-issue" is the only/last one.