Why so expensive (flight recorders)

A simple (EW Microrecorder) is under $800. In todays
money, an extra $20 for a badge flight is less than
the round of beers you buy. 40 badge flights and you
can buy a second one. Pretty soon, you hold a club
meeting to decide what to buy next once there are
enough
recorders.

Again you're making the wrong comparison. The point
is that a Garmin Etrex costs a tenth of that, and can
provide just as secure a record for badge flights.
It's not much for navigation, but it will tell you
how far away you are from where you're going, and what
your ground speed is. Surely a Silver Badge attempt
doesn't require moving map capabilities, or extensive
computation power. There's something to be said for
encouraging the new XC pilot to keep his head up out
of the cockpit.

Sounds like P3 is making good progress on making this
all accepted.

Jim Beckman

On 15 Feb, 13:58, Jim Beckman
wrote:
A simple (EW Microrecorder) is under $800. In todays

money, an extra $20 for a badge flight is less than
the round of beers you buy. 40 badge flights and you
can buy a second one. Pretty soon, you hold a club
meeting to decide what to buy next once there are
enough
recorders.

Again you're making the wrong comparison. The point
is that a Garmin Etrex costs a tenth of that,

Because the market is 100000 times bigger than the entire secure
flight recorder market

and can provide just as secure a record for badge flights.

Not even nearly

It's not much for navigation, but it will tell you
how far away you are from where you're going, and what
your ground speed is.

Right

Surely a Silver Badge attempt
doesn't require moving map capabilities, or extensive
computation power. There's something to be said for
encouraging the new XC pilot to keep his head up out
of the cockpit.

Absolutely. In fact most clubs will insist you do the 50k with a map
not a GPS


Sounds like P3 is making good progress on making this
all accepted.

Jim Beckman

The cost of GPS engines has dropped to the 20 dollar mark
The cost of memory is negligable
The cost of the analog section ( altimeter ) is a little more but not
massive.

You are paying for the small market you are in. Don't begrudge the few
manufacturers a profit on these devices. Its not as if they are all
buying themselves EB 28's on the profits. I developed a secure logger
when the system first got going but there was simply not enough money
in it for it to be a viable business. Nothing more than hand-to-mouth.

I could get my system going again and the component build cost would
be around £125. I can tell you that at a selling price of £500 it
still wouldnt be a business!

On Feb 15, 9:09*am, nimbusgb

[Jim wrote: and can provide just as secure a record for badge
flights]

[Ian wrote: Not even nearly]

Okay Ian - prove it. Prove that a COTS unit governed under the
manual OO procedures I've laid out in the referenced link doesn't
provide an equivalent level of security. Come on, I dare ya :-)


http://home.netcom.com/~pappa3/files...rity_draft.pdf

On 15 Feb, 21:08, Papa3 wrote:
On Feb 15, 9:09 am, nimbusgb

[Jim wrote: and can provide just as secure a record for badge

flights]



[Ian wrote: Not even nearly]

Okay Ian - prove it. Prove that a COTS unit governed under the
manual OO procedures I've laid out in the referenced link doesn't
provide an equivalent level of security. Come on, I dare ya :-)

http://home.netcom.com/~pappa3/files...rity_draft.pdf

A cots GPS is still not as secure as an IGC logger.

Your presentation appears to have merit and I'd support using it for
badges.

Ian

On Feb 16, 7:45*am, nimbusgb wrote:
On 15 Feb, 21:08, Papa3 wrote:

On Feb 15, 9:09 am, nimbusgb

[Jim wrote: * and can provide just as secure a record for badge

flights]

[Ian wrote: * Not even nearly]

Okay Ian - prove it. * Prove that a COTS unit governed under the
manual OO procedures I've laid out in the referenced link doesn't
provide an equivalent level of security. *Come on, I dare ya *:-)

http://home.netcom.com/~pappa3/files...rity_draft.pdf

A cots GPS is still not as secure as an IGC logger.

Your presentation appears to have merit and I'd support using it for
badges.

Ian

"Not as secure..." Why? Specifics. Specifics. I have yet to
hear anyone make a specific argument. Generalities, yes, but
specifics, no.

I'm not trying to stand up on a soapbox here. However, I do expect
folks to do a little more than just spout the "conventional wisdom"
without a little more thought or work going into it. I'll make it
easier on folks. What specific security threats are there which fall
in the realm of reasonable probability:

- Most likely: Someone downloads a log file from a COTS logger and
alters the file using a text editor to fix a height penalty, tweak a
few fixes by a couple of feet to get into an OZ, etc. It turns out
that there a number of low tech and medium tech solutions to this:
* Lowest tech: Seal off any data ports and only allow downloading
and analysis of the file under the supervision of the OO. Very low
tech. Very high security.
* Medium tech: Rely on the encyrption provided by third party tools
such as G72Win or SeeYou. Could someone with access to a Cray
supercomputer for a few hours break their encryption methodology?
Sure. Does it matter as long as the OO takes control of the file
immediately upon download? No.

- Less likely: Someone manufactures a log on their PC using Condor
and SeeYou and loads it up to the logger before a flight. Solutions:
* Very Low Tech: Inspection of the logger to ensure memory is empty
prior to flight. Very easy to do since COTS loggers inherently
provide the ability to manage log files through their UI.
* Medium Tech: Rely on the inherent feature of (some) loggers which
zero out the timestamps of any files loaded into memory which are not
generated by the GPS itself.

- Unlikely: Pilot manipulates the datum in flight (have heard this
one spouted a lot). Has anyone actually looked at what would
happen? Depending on which datums are swapped, the impact is
somewhere between a few hundred meters and ... well a lot of
kilometers. Post flight analysis will pick this up in a heartbeat,
as the glider will have an instantaneous velocity approaching that of
the Starship Enterprise. This is much different than a single
spurios fix or group of dropped fixes where the smoothed average is
highly believable. I can show a trace of this if anyone wants to see
it.

Point being, it's easy to talk about this in vague terms, but when you
put your mind to it, it turns out that there's not that much which
would be required to make a very secure log file for the purpose of
supervised badge flights.

All good stuff to be pondering as we in the Northern Hemisphere await
the return of soaring season.

P3

On 16 Feb, 12:45, nimbusgb wrote:
On 15 Feb, 21:08, Papa3 wrote:

On Feb 15, 9:09 am, nimbusgb

[Jim wrote: and can provide just as secure a record for badge

flights]

[Ian wrote: Not even nearly]

Okay Ian - prove it. Prove that a COTS unit governed under the
manual OO procedures I've laid out in the referenced link doesn't
provide an equivalent level of security. Come on, I dare ya :-)

http://home.netcom.com/~pappa3/files...rity_draft.pdf

A cots GPS is still not as secure as an IGC logger.

Your presentation appears to have merit and I'd support using it for
badges.

Ian

Ho boy!

It is VERY simple to split the casing on COTS units and substitute
some internal microprocessor controlled gubbins or even reprogram the
software so that it appears to perform like the real thing but given a
few 'special' keystrokes could do just about anything, including
dumping some prerecorded track or trace. I have a Garmin 12 that I put
a NiMh pack into with a charger circuit INSIDE the casing.

Without the manufacurers PKI key it would be extremely difficult to
acheive this sot of thing with an IGC logger and still avoid detection
using the VALI programs.

That's why a COTS unit is not as secure. There is no way for anyone to
check the validity of what's being produced from the unit or whether
the unit is still a 'standard' cots unit.

Now if you want to talk about how #probable# it is that someone is
going to spend time, money and effort in replacing the internals of a
cots unit just toe get a diamond height, thats another argument. Its
MUCH quicker and simpler to just go find some wave somewhere.

This was all argued out more than 10 years ago!

Ian

On Feb 16, 12:38*pm, nimbusgb wrote:
On 16 Feb, 12:45, nimbusgb wrote:





On 15 Feb, 21:08, Papa3 wrote:

On Feb 15, 9:09 am, nimbusgb

[Jim wrote: * and can provide just as secure a record for badge

flights]

[Ian wrote: * Not even nearly]

Okay Ian - prove it. * Prove that a COTS unit governed under the
manual OO procedures I've laid out in the referenced link doesn't
provide an equivalent level of security. *Come on, I dare ya *:-)

http://home.netcom.com/~pappa3/files...rity_draft.pdf

A cots GPS is still not as secure as an IGC logger.

Your presentation appears to have merit and I'd support using it for
badges.

Ian

Ho boy!

It is VERY simple to split the casing on COTS units and substitute
some internal microprocessor controlled gubbins or even reprogram the
software so that it appears to perform like the real thing but given a
few 'special' keystrokes could do just about anything, including
dumping some prerecorded track or trace. I have a Garmin 12 that I put
a NiMh pack into with a charger circuit INSIDE the casing.

Without the manufacurers PKI key it would be extremely difficult to
acheive this sot of thing with an IGC logger and still avoid detection
using the VALI programs.

That's why a COTS unit is not as secure. There is no way for anyone to
check the validity of what's being produced from the unit or whether
the unit is still a 'standard' cots unit.

Now if you want to talk about how #probable# it is that someone is
going to spend time, money and effort in replacing the internals of a
cots unit just toe get a diamond height, thats another argument. Its
MUCH quicker and simpler to just go find some wave somewhere.

This was all argued out more than 10 years ago!

Ian- Hide quoted text -

- Show quoted text -


Unfortunately, it was argued out by people who didn't take the time to
talk with the manufacturers of the COTS units themselves!! The
statement that " it would be It is VERY simple to split the casing on
COTS units and substitute
some internal microprocessor controlled gubbins or even reprogram the
software so that it appears to perform like the real thing but given a
few 'special' keystrokes could do just about anything, including
dumping some prerecorded track or trace" neglects the fact that a
company like Garmin or Magellan is more than a little sensitive about
people reverse-engineering their products. Show me somebody who's
rebuilt their Garmin 76 as you describe, and I'll believe you. I have
detailed correspondence with Garmin engineers willing to discuss the
issue.

Of course, there are more than a few people out there (myself
included) who know how to open the case of a number of IGC Approved
Secure loggers to defeat the tamper switch. Gasp! On one of the
units I own, this was precipitated by having to replace the small
backup battery which preserves memory. Once opened and accidentally
disconnected from the power supply, the security seal is broken.
What to do? Oh, need to send the unit back to the manufacturer to
reset the code. But, as long as I have it open, let's see how this
works. Ahah, here's the mechanical switch. Let's see now, where
does this come in contact with the case? Let's just mark that point
on the case for "future reference". Now, send it back to the
manufacturer and the unit comes back as "secure." Of course, now
that I know exactly where the switch is and how to defeat that...
Where did I put that 1/8" drill bit...

And off we go. Of course, why stop with cracking the case. I'm
sure any firmware guru and EE who wants to go to the effort of hacking
a COTS GPS can more easily create a low power GPS signal generator
which can spoof GPS signals with off-the-shelf components. In fact,
my firm works with a number of freight/transportation firms on RFID,
GPS, and other tracking technologies. Guess what one of the very REAL
threats they're facing is right now - GPS spoofing. See for
example:

http://www.eyefortransport.com/index...nli=freight&ch

Anyone who believes that an IGC Approved Recorder is somehow
"significantly more" secure from tampering by a sophisticated/
dedicated cheater is fooling him/herself. I strongly agree that the
IGC Approved Recorder provides a valuable solution for non-supervised/
minimally supervised flights. The overhead associated with having to
manually review every recorder at a large contest would be a
nightmare. But, could a dedicated cheater defeat security on an IGC
Approved Logger. Yup.

So, before we go off into fantasy land, let's start talking about the
REALISTIC threats and the differences between the two approaches.
IGC Approved loggers clearly have the advantage in that they offer an
easier administrative approach at contests and other gatherings where
there isn't direct supervision of the FRs. COTS loggers will
require additional manual intervention which make them less attractive
for those situations, but they are equally desirable for a supervised
Silver C.

Off to go skiing. At least I'll be on the ridge...

P3

So, before we go off into fantasy land, let's start talking about the
REALISTIC threats and the differences between the two approaches.
IGC Approved loggers clearly have the advantage in that they offer an
easier administrative approach at contests and other gatherings where
there isn't direct supervision of the FRs. COTS loggers will
require additional manual intervention which make them less attractive
for those situations, but they are equally desirable for a supervised
Silver C.

Off to go skiing. At least I'll be on the ridge...

P3

So we agree then!

I fly in Italy, and Garmin COTS are accepted for badges up to gold,
excluding the heigth (1000 and 3000 m).
For diamonds and 1000m, 3000m, 5000m you need an approved IGC logger.

Once you understand that COTS can be manipulated anytime without even
bothering touching the hardware, you also understand that an IGC approved
recorder cannot even be tampered and leaves no doubts about the flight.

If we consider a COTS like a camera, then it all comes down to the
observation of a judge/supervisor just like with cameras in the good old
times. Fact is, that there are too many COTS and unless there are some
restrictions on models we cannot expect that a man is able to know and
understand each of them. So there has to be a "white list" and a "black
list".

I fly with Garmin 76S and 76CSX. Like all Garmin models they cannot be
hacked. There's no way one can change the firmware, otherwise one could also
load pirated maps and everybody know that with Garmin it's impossible on
COTS unless you have an unlock code. The newer Colorado 400T has glide
calculations as well and seems to be the only valid alternatives to palms at
least for basic data and good maps.

However, with garmins you can save a flight and then load it back as the
current track. Or you can load a track and then put it on as the current
track. Not that this means anything, cause the track should be coherent to
the flight times which you cannot predict.

Personally I think that COTS are ok for most of the times, even in
competitions if a competent supervisor is on the field.

Paul


"nimbusgb" ha scritto nel messaggio
...

So, before we go off into fantasy land, let's start talking about the
REALISTIC threats and the differences between the two approaches.
IGC Approved loggers clearly have the advantage in that they offer an
easier administrative approach at contests and other gatherings where
there isn't direct supervision of the FRs. COTS loggers will
require additional manual intervention which make them less attractive
for those situations, but they are equally desirable for a supervised
Silver C.

Off to go skiing. At least I'll be on the ridge...

P3

So we agree then!

I fly with Garmin 76S and 76CSX. Like all Garmin models they cannot be
hacked.

Yes they can. Garmin tends to use industry standard processors and
components in their units so there's no reason why they couldnt be
hacked if there was something in it for someone.They use flash memory
for their code, they have serial uploaders to facilitate flashing new
updates. The fact that they haven't been hacked is simply because
there is no reason to hack them!