Comments on: GPS and Wall Street http://philosecurity.org/2008/09/11/gps-and-wall-street Tue, 09 Mar 2010 23:41:40 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Logan Scott http://philosecurity.org/2008/09/11/gps-and-wall-street/comment-page-1#comment-1801 Logan Scott Tue, 30 Sep 2008 17:32:41 +0000 http://philosecurity.org/?p=132#comment-1801 This vulnerability is well understood and most Symmetricom cryptographic time stampers include precision clocks to counter spoofing attacks. This is one of the few success areas for GPS counter spoofing. Meanwhile, the GPS Wing and Homeland Security are pretty much asleep at the wheel regarding the need to authenticate GNSS signals for civil applications. This vulnerability is well understood and most Symmetricom cryptographic time stampers include precision clocks to counter spoofing attacks. This is one of the few success areas for GPS counter spoofing. Meanwhile, the GPS Wing and Homeland Security are pretty much asleep at the wheel regarding the need to authenticate GNSS signals for civil applications.

]]> By: bryan http://philosecurity.org/2008/09/11/gps-and-wall-street/comment-page-1#comment-1664 bryan Fri, 12 Sep 2008 03:39:27 +0000 http://philosecurity.org/?p=132#comment-1664 I think I mentioned before, NIST has some new tiny clocks that are pretty good: http://tf.nist.gov/ofm/smallclock/index.htm Easier to integrate on trader desktops/pdas/cellphones than a big ol' cessium clock. Many physics and astronomical observatories require high precession traceable timing for correlation and triangulation; there are a variety of GPS receiver time server products with varying degrees of redundancy; i'm pretty sure the worst an outside attacker could do would be to slowly introduce offsets on the order of a millisecond over a few hours/days, which isn't a very dramatic attack. You could "slow down" one trading center vs. others, but that would require more sophisticated localized RF equipment. I think I mentioned before, NIST has some new tiny clocks that are pretty good: http://tf.nist.gov/ofm/smallclock/index.htm
Easier to integrate on trader desktops/pdas/cellphones than a big ol’ cessium clock.
Many physics and astronomical observatories require high precession traceable timing for correlation and triangulation; there are a variety of GPS receiver time server products with varying degrees of redundancy; i’m pretty sure the worst an outside attacker could do would be to slowly introduce offsets on the order of a millisecond over a few hours/days, which isn’t a very dramatic attack. You could “slow down” one trading center vs. others, but that would require more sophisticated localized RF equipment.

]]> By: Chris http://philosecurity.org/2008/09/11/gps-and-wall-street/comment-page-1#comment-1661 Chris Thu, 11 Sep 2008 20:30:47 +0000 http://philosecurity.org/?p=132#comment-1661 Get an antenna that's primarily sensitive upwards, and put it on the roof of your office building - chances are, it's up there anyway so you're not suffering from multi-path or extremely obstructed views. For critical applications, don't just use the GPS as the clock - build a GPS-disciplined frequency standard and use that to drive the clock. A high-quality OXCO/TXCO, rubidium or cesium standard can freewheel for quite a long time before the loss of GPS degrades its accuracy worse than what NTP over Ethernet does. The previous article doesn't say what kind of receivers were used - some are much more tolerant of bad signals than others. receivers designed for timing applications often have T-RAIM (Timing Receiver Autonomous Integrity Monitoring) to attempt to eliminate bad signals. Of course, if your attacker is presenting a wonderfully consistent set of lies... you've got a whole 'nother problem. It would be nice if Wall Street used gps clocks and frequency standards. It's a never-ending source of amusement to me how many large enterprises use public ntp servers... machines with no SLA or quality guarantees. Get an antenna that’s primarily sensitive upwards, and put it on the roof of your office building – chances are, it’s up there anyway so you’re not suffering from multi-path or extremely obstructed views.

For critical applications, don’t just use the GPS as the clock – build a GPS-disciplined frequency standard and use that to drive the clock. A high-quality OXCO/TXCO, rubidium or cesium standard can freewheel for quite a long time before the loss of GPS degrades its accuracy worse than what NTP over Ethernet does.

The previous article doesn’t say what kind of receivers were used – some are much more tolerant of bad signals than others. receivers designed for timing applications often have T-RAIM (Timing Receiver Autonomous Integrity Monitoring) to attempt to eliminate bad signals.

Of course, if your attacker is presenting a wonderfully consistent set of lies… you’ve got a whole ‘nother problem. It would be nice if Wall Street used gps clocks and frequency standards. It’s a never-ending source of amusement to me how many large enterprises use public ntp servers… machines with no SLA or quality guarantees.

]]>