Hack-a-Sat finals this weekend - AMSAT volunteers represented!
Greetings all,
There's a major event happening this weekend with a very large amateur radio satellite component.
It's DEFCON. This year it's virtual and free to attend!
DEFCON draws 30,000 people interested in improving technology and themselves.
In the past, amateur radio and AMSAT have been well represented, presented, and promoted at WiFi Village, Ham Radio Village, and Hardware Hacking Village. It's been a real pleasure to present amateur satellite work at DEFCON because the audience is receptive, educated, interested, and supportive. Every time we have a booth or talk, the feedback is overwhelmingly positive.
The largest US amateur radio licensing session on record happened at DEFCON a couple of years ago. Amateur radio is alive and well.
This year, a number of AMSAT members have participated in another aspect of DEFCON: The competitions!
There are a lot of competitions at DEFCON. They range from silly to extremely difficult multi-day technical ordeals.
This year, the Air Force sponsored a high-end competition called Hack-a-Sat.
For the qualifying event, amateur radio satellite service enthusiasts were recruited. Our practical knowledge and interdisciplinary can-do spirit was something that I thought would provide a unique advantage in a competition ordinarily dominated by networking and computing information security professionals.
This strategy worked. An interdisciplinary team finished 20th out of over 1500. You can find reports about it in the -BB archive.
Unfortunately, while 20th place is a remarkable achievement, that meant that team missed out on the finals, as only the top 10 moved on.
However, I have some news! A number of us hams were recruited by teams that finished in the finals. There will be several AMSAT engineering volunteers participating in the final event this weekend. I'm on ADDVulcan along with several others.
We are very excited to represent amateur radio in an event put on by the Air Force to explore current and pressing security issues with satellite technology.
For the finals, the teams each received a flatsat. The challenges in the competition are both "virtual", meaning code only, and also "real", meaning having to do with the flatsat hardware.
If you want to follow along, there will be coverage and content at https://www.hackasat.com/
Some inside baseball: The team that won the semifinals is a famous engineering competition team called PPP. They have withdrawn from the finals because they also have a team in the "main" computing CTF at DEFCON, and could not field both teams at once.
ADDVulcan finished 4th, and has strengthened their position through recruiting and practice.
So, I think it's fair to say that amateur radio satellite service people have a chance to contribute to a possible win at an international elite competition. Everyone here should be very proud of what our license and hobby enables.
Some of the things we've had to learn with respect to tools are Core Flight System (NASA open source) and COSMOS, from Ball Aerospace. We've also been given an opportunity to see what the Air Force believes are the 1) current capabilities of the technical community and 2) what the threat models might be.
I look forward to sharing what we learn and how we do with all of you.
These are the sorts of things I think AMSAT should be supporting and sponsoring. It's well within our capabilities as a community to host competitions like this one, where the goal of the challenges is to produce quality open source work that solves particular problems. If you are interested in doing something like this, then I'm here to help make it happen. Get in touch and let's see what we can come up with!
-Michelle W5NYV
VERY COOL - Michelle - glad to hear you are engaged with the hack-a-sat!
Robert MacHale . KE6BLR FCC Licensed Radio Operator . http://www.aprsat.com/predict . http://www.spaceCommunicator.club%C2%A0 . Supporting Boy Scout Merit Badges in Radio, Robotics, and Space Exploration Silly Joke: What did the little mountain say to the bigger mountain? Hi Cliff! He who dares not offend cannot be honest. -- THOMAS PAINE
There is nothing noble in being superior to your fellow men. True nobility lies in being superior to your former self. -- ERNEST HEMINGWAY
On Thursday, August 6, 2020, 10:25:17 AM PDT, Michelle Thompson via AMSAT-BB amsat-bb@amsat.org wrote:
Greetings all,
There's a major event happening this weekend with a very large amateur radio satellite component.
It's DEFCON. This year it's virtual and free to attend!
DEFCON draws 30,000 people interested in improving technology and themselves.
In the past, amateur radio and AMSAT have been well represented, presented, and promoted at WiFi Village, Ham Radio Village, and Hardware Hacking Village. It's been a real pleasure to present amateur satellite work at DEFCON because the audience is receptive, educated, interested, and supportive. Every time we have a booth or talk, the feedback is overwhelmingly positive.
The largest US amateur radio licensing session on record happened at DEFCON a couple of years ago. Amateur radio is alive and well.
This year, a number of AMSAT members have participated in another aspect of DEFCON: The competitions!
There are a lot of competitions at DEFCON. They range from silly to extremely difficult multi-day technical ordeals.
This year, the Air Force sponsored a high-end competition called Hack-a-Sat.
For the qualifying event, amateur radio satellite service enthusiasts were recruited. Our practical knowledge and interdisciplinary can-do spirit was something that I thought would provide a unique advantage in a competition ordinarily dominated by networking and computing information security professionals.
This strategy worked. An interdisciplinary team finished 20th out of over 1500. You can find reports about it in the -BB archive.
Unfortunately, while 20th place is a remarkable achievement, that meant that team missed out on the finals, as only the top 10 moved on.
However, I have some news! A number of us hams were recruited by teams that finished in the finals. There will be several AMSAT engineering volunteers participating in the final event this weekend. I'm on ADDVulcan along with several others.
We are very excited to represent amateur radio in an event put on by the Air Force to explore current and pressing security issues with satellite technology.
For the finals, the teams each received a flatsat. The challenges in the competition are both "virtual", meaning code only, and also "real", meaning having to do with the flatsat hardware.
If you want to follow along, there will be coverage and content at https://www.hackasat.com/
Some inside baseball: The team that won the semifinals is a famous engineering competition team called PPP. They have withdrawn from the finals because they also have a team in the "main" computing CTF at DEFCON, and could not field both teams at once.
ADDVulcan finished 4th, and has strengthened their position through recruiting and practice.
So, I think it's fair to say that amateur radio satellite service people have a chance to contribute to a possible win at an international elite competition. Everyone here should be very proud of what our license and hobby enables.
Some of the things we've had to learn with respect to tools are Core Flight System (NASA open source) and COSMOS, from Ball Aerospace. We've also been given an opportunity to see what the Air Force believes are the 1) current capabilities of the technical community and 2) what the threat models might be.
I look forward to sharing what we learn and how we do with all of you.
These are the sorts of things I think AMSAT should be supporting and sponsoring. It's well within our capabilities as a community to host competitions like this one, where the goal of the challenges is to produce quality open source work that solves particular problems. If you are interested in doing something like this, then I'm here to help make it happen. Get in touch and let's see what we can come up with!
-Michelle W5NYV _______________________________________________ Sent via AMSAT-BB@amsat.org. AMSAT-NA makes this open forum available to all interested persons worldwide without requiring membership. Opinions expressed are solely those of the author, and do not reflect the official views of AMSAT-NA. Not an AMSAT-NA member? Join now to support the amateur satellite program! Subscription settings: https://www.amsat.org/mailman/listinfo/amsat-bb
What a weekend!
There were a lot of presentations on satellite technology and security this year at DEF CON.
Here are two.
https://www.youtube.com/watch?v=u5XLmlm59As https://www.youtube.com/watch?v=ku0Q_Wey4K0
The Hack-a-Sat competition finals were fundamentally different from the qualifications. It was the equivalent of qualifying for a Formula 1 race, and then being taken to a different track and given funny cars to drive through an obstacle course on race day.
GNU Radio featured heavily in the qualifications, and those of us with signals, coding theory, and satellite tracking experience were very busy. The traditional info security team members had somewhat less to do.
For the finals, this was flipped. The challenges were linear, they were heavily info-sec, everything depended on knowing how to use COSMOS, how to write applications for core flight, how to get them into a VM and manipulate memory in sneaky ways.
Most importantly for our team, there was a punishing aspect to the scoring. As soon as any team solved any challenge, the points available started deteriorating. Within 2 hours, that challenge was worth 0 points to all other teams. We were too slow to capture many points. We ended up either 6th or 8th depending on how one interprets the rules (see below!).
This type of scoring, where teams that solve a challenge first get the max number of points, and everyone else gets less, is common in these types of competitions. However, it's very rare for the points value to go to zero so quickly.
That means there's no score incentive to do a challenge that has decayed to zero, but because the contest was linear, you still had to work on things that had no score value.
I haven't run the numbers from a game theory perspective, but given the number of hours the competition was live each day, it may be impossible to overcome a leading team's early lead, given that you had to solve the challenges in order.
This was somewhat of a disincentive and got a lot of discussion in our after-contest meetup.
Another very interesting part was a challenge to design a set of mission directives to point a satellite at the moon. This was announced as a binary gate. If you solved it, your team would be considered for prizes. If you did not solve it, then you were not eligible for prizes. Wow! Yikes!
Well, we solved it. Six teams solved it, two did not. However, the announced rule did not appear to be enforced. Everyone kept their score. The highest scoring team failed to do this "side quest".
Our team is not a permanent team. This is in contrast to almost all the other teams we competed against. We formed for the event. We are now going to stick together and try more competitions.
So, what's the significance of this team being in the finals?
We had 40 members total. Not everyone competed actively in the finals. From looking at the Discord server, about 25 people actively competed in the finals. Half the team have their amateur radio license. More than half of the finals participants were hams. A lot of satellite service enthusiasts! Finals members were split between the US and Europe. About 30% of the finals team were women. Age range was 30s-50s. We finished 4th out of 2000 in the semifinals.
What would have helped our score in the finals?
We knew enough about core flight services (cFS, open source, NASA) to be helpful. But, not enough of us knew as much about COSMOS (software from Ball Aerospace) to move quickly enough to be in the points. Paying closer attention to the hints about COSMOS would have helped a lot.
We made things too hard by assuming things were more difficult than they actually were. This is not uncommon in CTF competitions! It's easy to get tunnel vision and not notice that the answer is already there.
We did extremely well in the on-orbit challenge (the pass/fail gate). We nearly won this part. Another team just barely got ahead of us in terms of accuracy. The prize for this part was for your mission plan to be put on a real satellite, and an image of the moon taken using your code. We all agreed that that was the best prize in the competition.
What did we learn?
Modern satellites require information security skills, networking skills, memory management skills, and protocol and message passing interface skills. Computing and digital technologies are a necessary area of expertise.
Someone that understands the permissions and packet filters just a little better than the satellite operator, can take out a satellite. It can be very tricky to find out what is going on, or get it back under control. Someone that modifies code just enough to waste more propellant than was allocated, and can cover it up in the telemetry, can do more than just annoy - they can render a satellite inoperable.
These are the things that the Air Force and other communities seem to be worried about.
This was a great event and it looks like it will happen again. The top scoring team was told they had a free "ticket" to enter the CTF finals next year.
Amateur satellite service enthusiasts made a very strong showing and proved to be among the best in the world at hacking a real satellite. The target for the competition was made available to us beforehand as a flat sat, and I'm going to try to arrange to have it brought to the next in-person convention that we have in the community, so that people can see it!
I'm organizing the GNU Radio Conference "capture the flag" competition. This will be held in September, and will have satellite content. The experience with Hack-a-Sat has been a big inspiration. When GRCon in-person was postponed, the auto racing themed CTF was postponed too. At first, I couldn't see how one would put on a CTF for radio signals and radio hardware for a virtual event. But, Hack-a-Sat qualifications and finals were both necessarily virtual, and it worked pretty well.
Wouldn't it be great to have a technical satellite competition like this at Symposium?
More soon! -Michelle W5NYV
On Thu, Aug 6, 2020 at 1:11 PM Robert MacHale robert.machale@yahoo.com wrote:
VERY COOL - Michelle - glad to hear you are engaged with the hack-a-sat!
Robert MacHale . KE6BLR FCC Licensed Radio Operator . http://www.aprsat.com/predict . http://www.spaceCommunicator.club . Supporting Boy Scout Merit Badges in Radio, Robotics, and Space Exploration Silly Joke: What did the little mountain say to the bigger mountain? Hi Cliff! He who dares not offend cannot be honest. -- THOMAS PAINE
There is nothing noble in being superior to your fellow men. True nobility lies in being superior to your former self. -- ERNEST HEMINGWAY
On Thursday, August 6, 2020, 10:25:17 AM PDT, Michelle Thompson via AMSAT-BB amsat-bb@amsat.org wrote:
Greetings all,
There's a major event happening this weekend with a very large amateur radio satellite component.
It's DEFCON. This year it's virtual and free to attend!
DEFCON draws 30,000 people interested in improving technology and themselves.
In the past, amateur radio and AMSAT have been well represented, presented, and promoted at WiFi Village, Ham Radio Village, and Hardware Hacking Village. It's been a real pleasure to present amateur satellite work at DEFCON because the audience is receptive, educated, interested, and supportive. Every time we have a booth or talk, the feedback is overwhelmingly positive.
The largest US amateur radio licensing session on record happened at DEFCON a couple of years ago. Amateur radio is alive and well.
This year, a number of AMSAT members have participated in another aspect of DEFCON: The competitions!
There are a lot of competitions at DEFCON. They range from silly to extremely difficult multi-day technical ordeals.
This year, the Air Force sponsored a high-end competition called Hack-a-Sat.
For the qualifying event, amateur radio satellite service enthusiasts were recruited. Our practical knowledge and interdisciplinary can-do spirit was something that I thought would provide a unique advantage in a competition ordinarily dominated by networking and computing information security professionals.
This strategy worked. An interdisciplinary team finished 20th out of over 1500. You can find reports about it in the -BB archive.
Unfortunately, while 20th place is a remarkable achievement, that meant that team missed out on the finals, as only the top 10 moved on.
However, I have some news! A number of us hams were recruited by teams that finished in the finals. There will be several AMSAT engineering volunteers participating in the final event this weekend. I'm on ADDVulcan along with several others.
We are very excited to represent amateur radio in an event put on by the Air Force to explore current and pressing security issues with satellite technology.
For the finals, the teams each received a flatsat. The challenges in the competition are both "virtual", meaning code only, and also "real", meaning having to do with the flatsat hardware.
If you want to follow along, there will be coverage and content at https://www.hackasat.com/
Some inside baseball: The team that won the semifinals is a famous engineering competition team called PPP. They have withdrawn from the finals because they also have a team in the "main" computing CTF at DEFCON, and could not field both teams at once.
ADDVulcan finished 4th, and has strengthened their position through recruiting and practice.
So, I think it's fair to say that amateur radio satellite service people have a chance to contribute to a possible win at an international elite competition. Everyone here should be very proud of what our license and hobby enables.
Some of the things we've had to learn with respect to tools are Core Flight System (NASA open source) and COSMOS, from Ball Aerospace. We've also been given an opportunity to see what the Air Force believes are the 1) current capabilities of the technical community and 2) what the threat models might be.
I look forward to sharing what we learn and how we do with all of you.
These are the sorts of things I think AMSAT should be supporting and sponsoring. It's well within our capabilities as a community to host competitions like this one, where the goal of the challenges is to produce quality open source work that solves particular problems. If you are interested in doing something like this, then I'm here to help make it happen. Get in touch and let's see what we can come up with!
-Michelle W5NYV _______________________________________________ Sent via AMSAT-BB@amsat.org. AMSAT-NA makes this open forum available to all interested persons worldwide without requiring membership. Opinions expressed are solely those of the author, and do not reflect the official views of AMSAT-NA. Not an AMSAT-NA member? Join now to support the amateur satellite program! Subscription settings: https://www.amsat.org/mailman/listinfo/amsat-bb
participants (2)
-
Michelle Thompson -
Robert MacHale