Site Network: | | Jongsma & Jongsma

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Hiding in Plain Sight

In an article over at, it is being reported that the French are threatening to release ephemeris data on secret US satellites, if the US doesn't stop publishing ephemeris data on sensitive French satellites.

One of the problems with trying to keep the presence of a satellite in space a secret is that anybody who can observe that portion of space will have the opportunity to detect and track the satellite. For most purposes, the information published by the US military's Space Surveillance Network is a good catalogue of data for objects from Near Earth orbits out to the Geo-stationary orbits, and is widely used across the globe.

One of the problems, though, is that this data can include details on sensitive equipment belonging to other countries. An unexpected benefit of the new French space-surveillance radar (the Graves system) has been the discovery of objects that did not appear in the official US data. With some of the objects possessing solar arrays the French are confident that they have identified and are tracking secret US satellites, despite assertions from the US that if it doesn't appear in the official ephemeris data, then it doesn't exist.

This information will then be used as leverage against the US to get them to exclude information about sensitive French satellites from their published ephemeris data, or else they will publish the information on the US satellites. With the ability to publish data on essentially any object in orbit, the more likely result will be a new method for identifying and publishing data about sensitive satellites, whoever they belong to.

While not yet an approved European Space Agency program (just a French one at this stage), the French system, alongside a German system, is expected to form the basis of a European Space Surveillance system to match the US Space Surveillance Network. This continues the trend of European efforts to develop comparative systems to those of the US, such as the to-be-implemented Galileo positioning system.

Knowing who might be listening to your communications (or even looking at you) is an important part of Information Security, but the above case has parallels that most people would have encountered at some stage - software patches.

When a vendor issues a patch and associated information detailing what has been fixed, it is analagous to the ephemeris data that the US releases - information that appears to be complete and an accurate record of what has changed. Hackers armed with various code analysis tools are then able to perform differential analysis against the original software and the software after the patch has been applied. Any discrepancy between what is observed and what has been declared in the patch can be seen as an attempt to silently patch flaws or an indication that the declared flaw has not been patched correctly. While there is no sense in the hackers reporting this information to the vendor (after all, it's already been patched), it does become leverage against users who have not applied the patch and are mitigating against only the threat that the vendor has described.

Unfortunately, this is a more common occurrence than most would like, with numerous cases from the last few years where silent fixes have been applied under the guise of patching another flaw, and others where the vendor has had to issue repeated patches to address a vulnerability that was not properly patched the first time.

10 September 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.