If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#21
|
|||
|
|||
Tim Newport-Peace wrote:
I don't think it is within GFAC's remit to say what should or should not be used for World Championships. That is for the Annex A team to decide upon. Annex A is part of the Sporting Code as well as are world records or badges ; Annex A group are the specialists for World Championships within SC3, like there is a Sporting code specialist for records and badges within main part of SC3. I think GFAC should not decide which loggers should or should not be used for badges and records neither... they should approve loggers within a security classification (class A, B, C, etc.), and it should be up to the sporting code specialist (for main SC3 and Annex A) to propose to the IGC plenary which class of approval is required for badges, records, Championships, etc. As part of Annex A group I would recommand that only loggers approved for world records be accepted for world championships. But it is not the case today. -- Denis Private replies: remove "moncourrielest" from my e-mail address Pour me répondre utiliser l'adresse courriel figurant après moncourrielest" dans mon adresse courriel... |
#22
|
|||
|
|||
|
#23
|
|||
|
|||
Paul Repacholi wrote:
If anyone is going to fabricate records, then just feed the whole system from a pseudolite set. No need to get inside the systems at all. You'd need to properly synchonize the GPS and pressure altitude changes to pull it off. Maybe it's easy for you, but not for me 8^) Marc |
#24
|
|||
|
|||
X-no-archive: yes
In article , Denis Flament writes As part of Annex A group I would recommand that only loggers approved for world records be accepted for world championships. But it is not the case today. I did not find anywhere in SC3A and mention of Recorder Categories, and prior to this announcement, there were two categories one for 'Badges up to Diamond' and another for full approval. It would seem to me that as any recorder could be used up to now, Ian's announcement does not effect SC3A, as it simply divided previously accepted recorders into two subdivisions. I think I must disagree with Denis about "only loggers approved for world records be accepted for world championships". In any competition it is far more difficult to falsify a recording because: 1. The task is not known until a relatively short time before take- off. 2. The Start-Line Open time will not be known in advance of take- off 3. The recorder must be handed in within a relatively short time from landing. 4. The falsified record would need show the correct time for Takeoff, Finishing and Landing. These checks, especially the combination of 3 and 4, will give an added level of security, so that a lower level of FR security should be accepted. Tim Newport-Peace "Indecision is the Key to Flexibility." |
#25
|
|||
|
|||
"Todd Pattist" wrote:
Tim Newport-Peace ] wrote: It was suggested: A: All Purposes including World Records. B: Badges and Diplomas D: Badges up to Diamond What is the rationale for distinguishing between levels B and D? If I understand correctly, D was initially separated from everything else because of concerns about cheating, then B was shown to be hackable (Wedekind). If that's correct, why wasn't B moved into group D? Or, more preferably, why isn't D given the same privileges as B? The Diamond-level approval exists to allow for equipment with minimal physical security. The only flight recorders in that category, at present, are the EW models which connect to external GPS units. Instead of ratcheting up costs, why can't we just use our Official Observers to control cheating? We relied on them for decades before RSA/DSA and public/private key encryption. Costs are ratcheting up only in the sense that some flight recorders that could formerly be used for world records no longer can be. If the private keys in the flight recorder are compromised, we can't depend upon Official Observers to prevent cheating. There are a number of ways to cheat which will not be visible to even the most diligent observer using present procedures. The observer procedures could be altered to require more intrusive inspection and monitoring of the flight (much like the camera/barograph/chronometer days), but I think it a better compromise to accept the fact that some older flight recorder designs just don't provide the level of security assurance desirable for world records. If I hack an A level recorder (with a GPS transmitter simulator and a pressure chamber or by opening the case and inserting GPS code between the off-the-shelf GPS receiver and the custom circuitry), can we just agree that no security is perfect and group them all as imperfect, but usable for all levels with appropriate monitoring by an OO? Of course the security of even "A" level flight recorders is imperfect. There are no perfect security systems. We are just trying to find an appropriate balance between the security requirements, and convenience for pilots and observers. It's not quite as simple to find that balance as you might think... Marc |
#26
|
|||
|
|||
Paul Repacholi wrote:
... If anyone is going to fabricate records, then just feed the whole system from a pseudolite set. No need to get inside the systems at all. ... This is just what the cryptograhic RSA signature makes impossible, not to fake such records, but to put them in an IGC file that the validation program accepts as a genuine file coming from the logger. |
#27
|
|||
|
|||
Todd Pattist wrote:
Tim Newport-Peace ] wrote: It was suggested: A: All Purposes including World Records. B: Badges and Diplomas D: Badges up to Diamond What is the rationale for distinguishing between levels B and D? If I understand correctly, D was initially separated from everything else because of concerns about cheating, then B was shown to be hackable (Wedekind). If that's correct, why wasn't B moved into group D? Or, more preferably, why isn't D given the same privileges as B? Instead of ratcheting up costs, why can't we just use our Official Observers to control cheating? We relied on them for decades before RSA/DSA and public/private key encryption. If I hack an A level recorder (with a GPS transmitter simulator and a pressure chamber or by opening the case and inserting GPS code between the off-the-shelf GPS receiver and the custom circuitry), can we just agree that no security is perfect and group them all as imperfect, but usable for all levels with appropriate monitoring by an OO? Todd Pattist - "WH" Ventus C (Remove DONTSPAMME from address to email reply.) I think the kind of hacking addressed by the change is merely post download hacking, i.e. patching the downloaded file and making it valid either because it doesn't have a cryptogrhic signature or because the method used to generate the signature is to weak and so the signature can be hacked/faked. |
#28
|
|||
|
|||
On Wed, 19 Nov 2003 04:24:46 GMT, Marc Ramsey wrote:
There is no written policy at this moment, as the category is less than a year old, and it's not clear whether any other manufacturers will make use of it. The whole point is to keep it fairly flexible, so those who can't or won't go for all flights approval have another category to work with. Great. What you mean is that any manufacturer could be screwed around by the GFAC as there is no publicly stated, openly available policy. It has happened before. "jump starting the market" in that way as you put it would most likely contravene the Trade Practices Act (1974) in Australia and land you with a large fine. Ask the freight companies who were fined after the ACCC(Australian Consumer and Competition Commission) used an electronic barograph to prove that goods being sent by "airfreight" were in fact going by truck between Brisbane- Sydney- Melbourne. I have no idea what you are talking about. Writing a specification around one manufacturer's product, approving that product and others from the same manufacturer and then changing the rules for new entrants into the market to make it more difficult and expensive for them while still leaving the old rules for the original manufacturer's products would be not only considered unethical in Australia but most likely illegal. The ACCC does have teeth and uses them regularly. Mike Borgelt |
#29
|
|||
|
|||
Hi,
let me try to add my 2cents to this thread. We should not see proposed modification as downgrade of approval level for particular flight recorder but rather as an increase of security measure for particular type of flights (e.g. world records). And some of approved flight recorders do not meet these requirements. Seeyou Erazem |
#30
|
|||
|
|||
On Wed, 19 Nov 2003 11:57:02 -0500, Todd Pattist
wrote: Tim Newport-Peace ] wrote: It was suggested: A: All Purposes including World Records. B: Badges and Diplomas D: Badges up to Diamond What is the rationale for distinguishing between levels B and D? If I understand correctly, D was initially separated from everything else because of concerns about cheating, then B was shown to be hackable (Wedekind). If that's correct, why wasn't B moved into group D? Or, more preferably, why isn't D given the same privileges as B? Instead of ratcheting up costs, why can't we just use our Official Observers to control cheating? We relied on them for decades before RSA/DSA and public/private key encryption. If I hack an A level recorder (with a GPS transmitter simulator and a pressure chamber or by opening the case and inserting GPS code between the off-the-shelf GPS receiver and the custom circuitry), can we just agree that no security is perfect and group them all as imperfect, but usable for all levels with appropriate monitoring by an OO? Todd Pattist - "WH" Ventus C (Remove DONTSPAMME from address to email reply.) Far too sensible for GFAC , Todd and of course you, me and others like Robert Danewid and Dave Starer pointed out all this in 1995-96. Done a search for GPS simulators lately? Not only has PC technology progressed in the last ten years but simulator technology has too. I found several manufacturers quite easily in a few minutes. Give the problem to a bunch of bright engineering students and I'll bet in 12 months you not only have a nice GPS simulator that is driven by a PDA but a nice commercial product too. Knowing this I have doubts about many of the current crop of amazing records which is a pity because they *might* even be real. Engine noise level sensors are easy to fool. The technology is readily available commercially from Headsets Inc.. Just organise your active noise cancelling to put noise in during glides and noise cancelling during climbs with engine running. I just put a kit in our headsets for the BD4. Works great. I heard a rumour yesterday that the IGC in fact have a motorglider record they have doubts about because of vague engine noise levels. The mickey mouse microswitch is also good for just the first time you open a particular logger. I sell Volksloggers and have serviced two and fooling the microswitch is truly child's play now. Any potential World record or 1000 km diploma holders should contact me privately. GFAC members need not apply. I'm also told by some people who are actively seeking World Records that some records have been set under some suspicious circumstances. For records requiring declarations the trick is to carry multiple loggers and choose the appropriate one after the fact with the declaration for the flight you actually did. This is definitely cheating so why should we be surprised at better efforts requiring more organisation? I believe that for World Records the following should apply: At least 30 days notice to the IGC that records will be attempted. Notice to include the serial numbers and type of logger being used including spares and name of O.O being used and location. No more than 2 loggers in the aircraft. Requires O.O. to be present just before takeoff. O.O to use his own PC to clear logger memory before takeoff then seal the loggers in aircraft no more than 15 minutes before takeoff. O.O notes takeoff and landing times. O.O to take charge of loggers immediately after landing and download them him or her self and send files to IGC. If landed at some other place logger must stay sealed in aircraft until aircraft is brought to O.O or O.O to aircraft. In this case any dataports must be sealed by the O.O. and only unsealed by him. IGC to reserve the right to substitute their own nominated O.O at any time. Actually do this now and again. Loggers used to be returned to manufacturer for examination as soon as possible after record session ends before record is approved. Yes it requires honest O.O's. If we don't have those then we don't have anything do we? Note none of the above requires any onerous electronic security on the logger and the logger and GPS can be separate joined by a cable. As Marc pointed out indirectly the RSA security drives the current logger design. We could also get real and eliminate the pressure sensor out of the logger and start using geometric altitudes like the rest of aviation. They are the same in an ISA standard atmosphere but near as I can tell gliding assumes that pressure altitudes achieved were done in an ISA atmosphere when this is most likely not the case. The differences are quite serious for gold and diamond badges. Mike Borgelt |
Thread Tools | |
Display Modes | |
|
|