Security and Privacy in the Age of Drones

leroux · ‎04-01-2019

Overview of this report by Ben Nassi,Asaf Shabtai, Ryusuke Masuoka & Yuval Elovici:

The evolution of drone technology in the past nine years since the first commercial drone was introduced at CES 2010 has caused many individuals and businesses to adopt drones for various purposes. We are currently living in an era in which drones are being used for pizza delivery, the shipment of goods, and filming, and they are likely to provide an alternative for transportation in the near future. However, drones also pose a significant challenge in terms of security and privacy within society (for both individuals and organizations), and many drone related incidents are reported on a daily basis. These incidents have called attention to the need to detect and disable drones used for malicious purposes and opened up a new area of research and development for academia and industry, with a market that is expected to reach $1.85 billion by 2024. While some of the knowledge used to detect UAVs has been adopted for drone detection, new methods have been suggested by industry and academia alike to deal with the challenges associated with detecting the very small and fast flying objects. In this paper, we describe new societal threats to security and privacy created by drones, and present academic and industrial methods used to detect and disable drones. We review methods targeted at areas that restrict drone flights and analyze their effectiveness with regard to various factors (e.g., weather, birds, ambient light, etc.). We present the challenges arising in areas that allow drone flights, introduce the methods that exist for dealing with these challenges, and discuss the scientific gaps that exist in this area. Finally, we review methods used to disable drones, analyze their effectiveness, and present their expected results. Finally, we suggest future research directions.

rslade · ‎04-01-2019

> leroux (Community Champion) posted a new topic in Industry News on 04-01-2019

> Finally, we review methods used to disable drones, analyze
> their effectiveness, and present their expected results.

Shotgun! (Drone skeet.)

Balloons and fishing line ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Never interrupt an enemy when he is busy making mistakes - Napoleon
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

CISOScott · ‎04-01-2019

It's not just drones you have to worry about. Every cellphone has the capability to take video and photos without your permission, we have dash cams in cars, body cams on police, surveillance cameras at businesses and homes, red-light cameras at intersections, city-wide surveillance for "protection", etc., etc.

We are the most photographed/video-graphed society and it will only get worse as the time increases until privacy laws can catch up.

We now even have kids suing their parents for privacy violations for posting pictures/videos of them when they were kids.

rslade · ‎04-01-2019

> CISOScott (Community Champion) posted a new reply in Industry News on 04-01-2019

> It's not just drones you have to worry about. Every cellphone has the capability
> to take video and photos without your permission

Say, shotguns might work for that, too ...

(C'mon, most of you guys are 'Murricans. Doesn't the "right to bare arms" mean
it's OK to shoot cell phones out of people's hands?)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
I see Canada as a country torn between a very northern, rather
extraordinary, mystical spirit which it fears, and its desire to
present itself to the world as a Scotch banker. - Robertson Davies
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

Caute_cautim · ‎04-01-2019

This all smacks of embedded firmware within common technological platforms to me. IoT we call it, and many times, we just don't know who, what, where it is embedded into the very fabric of the Surface Mounted Components themselves - so unless you forensically take them apart - X-Ray, dissemble them in the lab - there is no way you can actually fundamentally know whether or not they were built ethically or designed to be compromised by design.

How do you know whether or not there is no listening device - smacks of 1984 surveillance listening to your every word, triggered by an increased noise level above the background. Or that the fact the miniature camera is flooding your favourite social media output with your confession. Yes, you can look at the applications, you ensure they are removed - but how fundamentally do you know whether or not it is safe.

I think we have heard and seen it comes back to the supply chain and who we trust or have gone pass the point of caring, because its too late, the cat is out of the bag?

Are we simply too late?

Regards

Caute_cautim

Flyslinger2 · ‎04-02-2019

I'm a licensed sUAS pilot. I had no knowledge of flying prior to taking and passing the exam the first time. It's no picnic. I own one of the crafts mentioned in this article. I've purchased two different applications for my IOS devices to assist in me in my continual learning and management of the craft. I have offered my analysis of the applications and other commentary to both developers and now have a great relationship with them.

This article is great for giving a really detailed technical foundation of the the inner workings of a commercial craft. I learned a few things from this.

I have no desire to ever spend time incarcerated for bad behavior. Having said that, this article completely misses that segment that should be the actual main focus which are the DIY UAV's. The vast majority of commercially owned UAV enthusiasts are not going to use them maliciously. It's just too easy to trace the ownership of the UAV through purchase. The only way that I would ever use a UAV for malicious intent is if I bought it second hand. And even then I would be careful of my purchase.

The DIY UAV operator is not bound by all of the federal laws simple because it is not using software that is integrated with FAA databases that restrict and enforce NFZ's. I can't fly my own drone in my own yard. Why? Because I am with the Washington DC RFZ and I am in close proximity to a regional airport. If I assemble and start up my drone it in essence laughs at me because the software, based on GPS, knows the rules. I can override that but I do not have any interest in wearing jump suits for any length of time. The DIY UAV operator can do what ever they want where ever they want. Day or night. I am restricted by daylight hours as well.

I think more needs to be done to address the DIY operator and what they can do. Reward the legal operators by freeing up more airspace that planes will never enter.

CISOScott · ‎04-02-2019

Last month I downloaded the audio version of 1984 and listened to it (How ironic that I was listening to an audio book about being listened to....). It is scary how some of that is coming true.

Caute_cautim · ‎04-02-2019

Yes, we run head long, and yet we ignore the signs - are we sheep or caught up in a Quantum Entanglement, we don't fully realise the implications and we may never do so, before it is gone too far the wrong way?

rslade · ‎04-02-2019

> Caute_cautim (Community Champion) posted a new reply in Industry News on

> Yes, we run head long, and yet we ignore the signs - are we sheep or caught up
> in a Quantum Entanglement, we don't fully realise the implications and we may
> never do so, before it is gone too far the wrong way?

Well, if we are all entangled, then we are either all right, or all wrong ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
If you have time to whine and complain about something then you
have the time to do something about it. - Anthony J. D'Angelo
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468

Caute_cautim · ‎04-02-2019

If this is the case, we need to ensure we baseline, calculate and then measure to ensure we stay on the right side rather than fall into De-coherence. Entanglement and teleportation, often means the original is destroyed and reconstituted faster than the speed of light as proven in 2017, at present with Photons, flux and charge.