From the L.A. Daily News

Concerns arise that civilian drones can be hijacked

MONROVIA - They've become the eyes and ears of the military.

Small, unmanned aircraft systems designed and built by AeroVironment Inc. at a Simi Valley plant are being used extensively by U.S. forces in Iraq and Afghanistan.

They can hover, swoop and fly at altitudes high enough to operate virtually undetected while providing live streaming video of enemy operations.

And pending clearance from the Federal Aviation Administration, AV's drones are poised for use in a variety of civilian applications, including law enforcement, monitoring pipeline and utility assets and search-and-rescue operations.

But there's just one glitch - they can be hijacked. Or at least Professor Todd Humphreys suspects they can. And if that happens, these nimble aircraft could become weapons for terrorists.

AV officials, however, say their technology includes safeguards that would make that nearly impossible to do.

Humphreys and his team of researchers at the University of Texas at Austin's Radionavigation Laboratory completed an experiment on June 25 showing that they have found a way to hack into the GPS systems of unmanned drones.

The team field tested the Hornet Mini, a small, remote-controlled helicopter made by Adaptive Flight.

The practice, known as "spoofing," creates false GPS signals that trick the aircraft's GPS receiver into thinking nothing is amiss - even as it steers a new navigational course determined by the outside hacker.

"The military and civilian signals come from the same satellite," Humphreys said. "The military signals are encrypted, so they can't easily be falsified. But the civilian signals are the so-called `open' signals that are transmitted in the clear with no authentication data."

That means they can be mimicked, Humphreys said.

"You can predict them, so you can counterfeit them," Humphreys said. "It's almost like a dollar bill that isn't being printed on special paper with watermarks and special ink. It would be like printing a dollar bill on a laser printer."

Civilian GPS wide open

Most drones that will fly over the U.S. will rely on civilian GPS, which is not encrypted and is wide open to infiltration. Humphreys warns it is crucial that the government address this vulnerability before it allows unmanned aerial vehicles (UAV) broad access to U.S. airspace.

Humphreys' team didn't test any AV drones. But he suspects spoofing would work just as well on the company's systems.

"I'm entirely certain that the ones they will sell to law enforcement are civilian grade," he said. "AV is a really well established group with lots of good ties, so they can probably just blow this off and no one will care in the short-term. But in the long-term ... they will be pressured to address this."

Steven Gitlin, AV's vice president of marketing strategy, said the company has gone to great pains to ensure that its unmanned aircraft systems are safe.

"We design our small UAS to be reliable, easy to use and secure," he said. "The digital data link encrypts the communications link between operator and aircraft, making it extremely difficult for someone to take over communication."

The company is based in Monrovia but its drones are built and tested at a facility in Simi Valley.

Built-in protections

Gitlin said AV's military drones have built-in counter measures that are designed to prevent them from being hijacked.

"Our domestic-style systems will have similar counter measures," he said. "And the FAA will likely rule that small, unmanned aircraft always operate in line of sight, so if something happened with the navigation system the operator would see that, and they could manually control it back home."

System training, Gitlin said, will be crucial.

"That will go a long way to ensure that our systems do what they are supposed to do," he said. "The other aspect of this is we have an integrated map in the control systems. If a UAV veered off its course you would know it immediately."

Still, Humphreys figures AV's civilian drones will be open to attack.

"It just shows the kind of mentality that we got after 9-11, where we reinforced the cockpit door to prevent people hijacking planes," he said. "Well, we need to adopt that mentality as far as the navigation systems for these UAVs."

"Spoofing" is a relatively new concern in the world of GPS navigation. Until now, the main problem has been GPS jammers. Readily available over the Internet, they could be used for a variety of criminal purposes, such as hiding illicit use of a GPS-tracked company van.

It's also believed that Iran brought down a U.S. spy drone last December by jamming its GPS and forcing it into an automatic landing mode after it lost its bearings.

Positive applications

John Villasenor, an electrical engineering professor at UCLA, offered a mostly upbeat assessment of the use of drones for civilian purposes.

"I think that the overwhelming majority of applications of domestic UAVs will be positive," he said. "For example, when used for search and rescue or disaster relief, they will save lives. Of course, like almost any technology, UAVs can be misused. But we shouldn't let the potential for misuse be a reason not to take advantage of their many benefits."

James Gregory, a press officer with the U.S. Department of Defense, said his department requires that all new military GPS systems be protected by anti-spoofing technology. Pilots, he said, provide an additional safeguard against erroneous GPS data misdirecting aircraft - even for remotely piloted systems.

And non-military drones?

"Civilian agencies, to include the FAA, have the responsibility for determining the best way to protect systems that will be used for civilian use," Gregory said. "We can speak only for the Department of Defense."

Burbank Unified reestablishes hot line for students to report bullying

With more attention being paid to the potentially tragic effects of bullying, particularly online, the Burbank Unified School District has resurrected a hot line for students to report abuse.

As students prepare to return from summer break, Tom Steele, director of student services, said he printed 1,000 fliers with the hot line's phone number and email that will hang in every classroom in the district, from kindergarten through high school.

The hot line has been six months in the works, and comes after new cyber-bullying laws have been created to support California students. The reactivated hot line for reporting bullying was last operable in 2006.

Now, with increased awareness of bullying, Steele said, the hot line is back in business.

“Burbank doesn't have any more or any less [bullying] than any other place,” said Burbank Unified school board member Roberta Reynolds. “We just need to be very vigilant.”

The hot line also is borne out of an ongoing bullying discussion on how parents, teachers and administrators handle the consequences of student behavior on digital platforms, particularly social media websites.

The new bullying hot line is (818) 729-4589. Or students may send an email to StopBullying@burbankusd.org.

Police use social media tools to inform citizens

"Stay out of area," said one alert. "Multiple shooting victims reported. Medical on-scene. Police are evacuating a nearby, affected business."

Officers would eventually discover a grisly scene inside a tiny Christian college on that spring day. Seven people were killed, three others wounded and dozens terrified in the deadliest mass shooting in the city's history.

Bolton later gave those on edge an update: "Possible suspect in custody. No imminent public safety threat appears to exist in immediate area."

Across the country, law officers are adding a new form of social media to their arsenal of crime-fighting tools.

Almost 6,000 law enforcement agencies are now deploying the public notification service Nixle to provide residents with real-time alerts on crimes in progress, traffic messes and missing children. Previously, the service has helped police in Amarillo, Texas, capture a fugitive wanted for aggravated robbery and probation violation; and authorities in Fayetteville, N.C., nabbed a suspect wanted for armed robbery soon after a Nixle alert was sent to residents.

With the San Francisco-based service approaching 1 million subscribers, with police departments participating in major cities such as Chicago, Los Angeles, Baltimore and Dallas, it is part of what one expert calls a new "blue wave" of electronic community policing that lets cops reach out directly to the public.

The International Association of Chiefs of Police recently found in a survey of 800 law enforcement agencies that nearly nine out of 10 use some form of social media and more than half reported that social media have helped solve crimes.

Many of those agencies have boosted their social media presence significantly within the last two to three years, said Nancy Kolb, a senior program manager for the IACP.

"I think there was some initial hesitancy due to safety and security reasons and because some new fads in technology don't always take hold," said Kolb, adding that the IACP established its Center for Social Media in 2009 after many police chiefs sought guidance on how to incorporate the technology into their departments.

"Slowly, some saw what their counterparts were doing and the really successful ones are able to find out what works specifically within their departments that may not work well in others."

While many law enforcement agencies use Twitter and Facebook, and there are other public safety notification systems such as CodeRED, Nixle has become increasingly popular with law enforcement, said Lauri Stevens, a Massachusetts-based law enforcement social media strategist.

Police officials say they particularly like Nixle security features that make it less susceptible to hacking than some social media. Also, the company has a partnership with the National Law Enforcement Telecommunications System (NLETS), which allows local, state, federal and international public safety agencies to exchange sensitive information.

A private messaging system Nixle created has allowed authorities to use it at major events including the G-20 Summit, May Day immigration protests and even the Academy Awards.

However, Nixle is not as interactive as some of the other social media networks, Stevens said.

"The company has taken off like crazy and it helps law enforcement send information out, but it can't get any answers back, so I don't consider them social media in the true sense," she said. "What Nixle has done right, though, is that they've got good buzz and are still building a huge customer base."

With about $10 million in startup funding, Nixle began in 2007 as a potential competitor to the hyper-local news site Patch, but instead found its niche a year later by providing those in law enforcement a network to communicate directly to the public.

The company says it hasn't yet turned a profit, CEO Eric Liu said, but he hopes police departments that currently get its service for free will later sign up for paid premium services and upgrades, such as a secured anonymous tip service through the Web.

"Typically, the community's experience with public safety is usually negative, but Nixle is about creating positive experiences, and I think that's important to build," Liu said. He said the police agencies have been "hands-on, and have literally helped build the product."

The system allows police departments to send out alerts and advisories to its subscribers either citywide or just to a specific neighborhood within a quarter-mile radius. A message can be received either through text or email, and can also be sent out through other social media platforms.

Subscriptions typically spike when populaces suffer crises such as tornadoes, wildfires and major violent crimes, Liu said.

"But we still need to get smarter about how we interface with social media," Liu said. "We are reaching out to more people than we realize."

On April 2, when a former student opened fire on students at Oikos University in Oakland, Bolton found Nixle extremely important in providing residents real-time information to a city on edge.

"I'm no different than any other police officer wanting to do everything you can to intervene and help during a crisis," Bolton said. "There's no way I can compare the stress and desire to do that from a computer terminal to that of the officers who bravely entered that campus to save lives, but I think social media alert tools serve a unique public safety purpose just the same."

.