at least no authentication, nor any encryption I know of.
AFAIK - the few ID bits are the only method of separating links.
I'm a bit more concerned with people eavesdropping on the MAVLINK-link or hijacking the drone than just with separating the link. With no authentication/encryption, hijacking a drone needs little more than a laptop, a 3DR-modem and a terminal program. That's not entirely comforting :).
yes - I too am concerned about that - in fact, thats why I did not used the *jacking* word - to avoid this thread to be easily found...
you can star this issue: http://code.google.com/p/ardupilot-mega/issues/detail?id=810&th...
I get your point, but "security by obscurity" is a proven nonworking concept :). So better talk about problems and fix them than be silent and hope nobody figures it out :).
About your bug report - that's IMHO not strictly an APM issue, I would say. MAVLINK does support some kind of authentication but the problem is that the air interface of the 3DR modems is completely unprotected, so security should be added there, not necessarily in the APM :).
yes, I know this have nothing to do with with APM - but AFAIF, the same repository/tracker is used for the radio firmware
When I was reading up on mavlink, that is one thing that struck me as a problem, there was no method of security, however...
Doesn't Frequency hopping do a damn good job of keeping others from sending messages? (I know it's not 100%, and can be broken with time because the numbers are pseudo-random)
Not if the attacker also uses 3DR radios...
The process being that they listen to see what channels you're using and then gather enough to reproduce your hopping pattern? Could radios be made that act a lot like cell phone, modulate a pseudo-random code before transmitting? That on top of the frequency hopping would be hard to break.
I don't know why they didn't put an encryption option in mavlink. I understand they were trying to keep it light, but still.
Good read there, thanks for sharing.
I need to read over the FCC rules a bit more, but I thought public use Wifi (under 100mw for omni directional antennas) were good to go for encryption. I got a kick out article then they suggested you set your SSID to your call-sign Also, great video as well.
What's the best avenue for secure our command channels?
I don't thing, there will be encryption for consumer R/C controllers anytime soon, because - well - they are consumer products and R/C vehicles are usually controlled in line of sight.
A drone, especially, a UAV is something quite different, IMHO, and does warrant enhanced security.