:format(webp)/s3/static.nrc.nl/images/gn4/stripped/data149196852-9f2713.jpg)
A security researcher says evidence suggests the U.S. military has been using an obscure GPS message field for nearly 20 years to broadcast encrypted key-distribution data, effectively turning GPS satellites into a global "numbers station." The hidden-looking 176-bit messages appear tied to the Pentagon's Over-the-Air Distribution system for remotely updating cryptographic keys, meaning ordinary GPS receivers may have been receiving the traffic all along without anyone outside the military noticing. The findings have been detailed by Steven Murdoch, an information security expert, in a new article in Inside GNSS. 404 Media reports: [...] From the beginning, he suspected that the subframe field contained encrypted transmissions because the data was so random. "Random data is actually very unusual to get in nature," Murdoch said. "If you see it, either it's been carefully designed to be random -- but then, why is someone sending out random data? -- or it's encrypted data. I thought encrypted data is by far the most likely explanation." He returned to the subframe on and off over the years, and solicited guesses about its content on Stack Exchange in 2023. Ahmed Kamruddin, a master's student at UCL, developed the project further in 2025. Then, this year, Murdoch put the last pieces of the puzzle together over several weeks by analyzing open archive Global Navigation Satellite System (GNSS) recordings collected since 2007 and kept by GFZ Helmholtz Centre for Geosciences.
This dataset included more than 12 million observations of Subframe 4, Page 17, yielding 3,994 unique 176-bit messages. Within this corpus, Murdoch pinpointed key-repeating "sentinels" including a pattern that appeared in February 2010 and was broadcast on and off across dozens of satellites for more than a decade. Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military's Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation.
"There was a perfect match between the timeline and that presentation and the change points that were automatically identified from the data," Murdoch said. "That was the smoking gun that made me think: This is what it's for." These automated systems replaced the cumbersome manual distribution of cryptographic keying material, allowing military GPS receivers around the world to be rekeyed remotely through satellite broadcasts rather than through onsite procedures. For the next 11 years, this expansive rekeying operation was overlooked in public GPS data. In 2022, the system entered a new phase, according to Murdoch's analysis. The shift was characterized by a slowing in the message rotation rate. Later, in December 2023, broadcasts carrying a distinctive "TEXT" prefix emerged then gradually spread across the constellation.
Murdoch isn't sure what explains the recent transition, though it could be a possible modernization of the infrastructure or the introduction of a new protocol. But to him, the bigger takeaway is that the signals were always available for anyone willing to take a closer look, a discovery that suggests that there could be more revelations hidden for the cryptographically curious among us. "Every receiver in the world decodes Subframe 4, Page 17," Murdoch said in his new article. "Almost none of them have ever looked at it. The lesson generalizes: There is more to learn from the bytes already arriving at our antennas than from the bytes we wish were specified differently. The data are publicly available. The signal is overhead, twice a day, every day."
This dataset included more than 12 million observations of Subframe 4, Page 17, yielding 3,994 unique 176-bit messages. Within this corpus, Murdoch pinpointed key-repeating "sentinels" including a pattern that appeared in February 2010 and was broadcast on and off across dozens of satellites for more than a decade. Murdoch discovered that this particular sentinel was transmitted by all 31 operational satellites within a window of a few hours on May 26, 2011, potentially heralding the activation of a new operational system. He confirmed that this timeline coincided with the rollout of the military's Over-the-Air Distribution (OTAD) and the Over-the-Air Rekeying (OTAR) by cross-referencing declassified documents, including a 2015 presentation about the dates of the operation.
"There was a perfect match between the timeline and that presentation and the change points that were automatically identified from the data," Murdoch said. "That was the smoking gun that made me think: This is what it's for." These automated systems replaced the cumbersome manual distribution of cryptographic keying material, allowing military GPS receivers around the world to be rekeyed remotely through satellite broadcasts rather than through onsite procedures. For the next 11 years, this expansive rekeying operation was overlooked in public GPS data. In 2022, the system entered a new phase, according to Murdoch's analysis. The shift was characterized by a slowing in the message rotation rate. Later, in December 2023, broadcasts carrying a distinctive "TEXT" prefix emerged then gradually spread across the constellation.
Murdoch isn't sure what explains the recent transition, though it could be a possible modernization of the infrastructure or the introduction of a new protocol. But to him, the bigger takeaway is that the signals were always available for anyone willing to take a closer look, a discovery that suggests that there could be more revelations hidden for the cryptographically curious among us. "Every receiver in the world decodes Subframe 4, Page 17," Murdoch said in his new article. "Almost none of them have ever looked at it. The lesson generalizes: There is more to learn from the bytes already arriving at our antennas than from the bytes we wish were specified differently. The data are publicly available. The signal is overhead, twice a day, every day."
Read more of this story at Slashdot.
Ahead of its upcoming IPO, SpaceX announced that Google will pay the company $920 million per month for access to roughly 110,000 Nvidia GPUs and related compute infrastructure. Google says the agreement is short-term "bridge capacity" to meet stronger-than-expected demand for Gemini Enterprise, while SpaceX is using deals like this and its Anthropic contract to bolster its pitch for a historic public offering. TechCrunch reports: The deal is similar in length and scope to the one SpaceX announced with Anthropic in late May. As part of that deal, Anthropic agreed to pay SpaceX $1.25 billion per month through 2029 to rent all the available compute from its Colossus 1 data center near Memphis, Tennessee that xAI -- now part of SpaceX -- originally built for its own artificial intelligence efforts.
Google's deal appears to be paying for roughly half the amount of compute that Anthropic has access to at Colossus 1. SpaceX didn't say which specific data center Google would be using. CEO Elon Musk has previously suggested his company would reserve the Colossus 2 data center for xAI. Anthropic was significantly limited in its compute capacity prior to its deal with SpaceX, raising usage limits on the same day the deal was announced. Google is in a very different position, with some estimates naming it as the world's largest single owner of AI compute.
[...] Also like the Anthropic deal, the agreement with Google includes a cancellation clause. Both SpaceX and Google have the option to terminate the agreement with 90 days notice after December 31, 2026. Google's access to the data center will ramp up "through September at a reduced fee," according to the filing. "If we fail to deliver access to the committed amount of GPUs by September 30, 2026, then following a one-month grace period, Google may immediately terminate the agreement or accept the number of GPUs provided" with a reduction in the monthly fees, it reads.
Google's deal appears to be paying for roughly half the amount of compute that Anthropic has access to at Colossus 1. SpaceX didn't say which specific data center Google would be using. CEO Elon Musk has previously suggested his company would reserve the Colossus 2 data center for xAI. Anthropic was significantly limited in its compute capacity prior to its deal with SpaceX, raising usage limits on the same day the deal was announced. Google is in a very different position, with some estimates naming it as the world's largest single owner of AI compute.
[...] Also like the Anthropic deal, the agreement with Google includes a cancellation clause. Both SpaceX and Google have the option to terminate the agreement with 90 days notice after December 31, 2026. Google's access to the data center will ramp up "through September at a reduced fee," according to the filing. "If we fail to deliver access to the committed amount of GPUs by September 30, 2026, then following a one-month grace period, Google may immediately terminate the agreement or accept the number of GPUs provided" with a reduction in the monthly fees, it reads.
Read more of this story at Slashdot.
Bitcoin briefly fell below $60,000 on Friday, "extending its weekly loss to nearly 20% and threatening to fall below $59,000," reports CoinDesk. Crypto was also hit by a 40%-plus plunge in Zcash after Shielded Labs disclosed a years-old bug that could have allowed undetected counterfeit ZEC creation. From the report: Now, with stocks in plunge mode -- the Nasdaq down nearly 4% on Friday -- bitcoin finds itself perfectly correlated. "Short term, Bitcoin feels like swallowing broken glass," wrote Jeff Swanson Friday. "The chart goes up. It goes down. It makes grown men cry into their Robinhood accounts and CNBC anchors smugly declare the funeral, for the eleventh time." "Here's what uncomfortable people don't understand: the discomfort is the yield. Every paper-handed panic seller is handing their future to someone with a longer time horizon and a colder storage device."
[...] Earlier, Shielded Labs, a nonprofit developer on the privacy token system, disclosed a critical vulnerability in Zcash's (ZEC) Orchard privacy pool that could have threatened the integrity of the token's supply. The vulnerability, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. "Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed," wrote Omkar Godbole. Importantly, the vulnerability was discovered with help from Anthropic's recently released Opus 4.8 AI model, raising difficult questions for the entire crypto industry. More to come on that. ZEC is now down 42% over the past 24 hours. On Wednesday, the Zcash Foundation said: "The vulnerability was caught before any known exploitation occurred. There is no evidence of unauthorized value creation. Zcash's turnstile mechanism (which tracks the total ZEC balance across all value pools) confirmed that the total supply remained intact throughout. User privacy was not affected. Sapling and transparent transactions continued operating normally throughout the incident."
[...] Earlier, Shielded Labs, a nonprofit developer on the privacy token system, disclosed a critical vulnerability in Zcash's (ZEC) Orchard privacy pool that could have threatened the integrity of the token's supply. The vulnerability, if exploited, could have allowed an attacker to create an unlimited number of counterfeit ZEC tokens, completely undetected. "Think of it as someone secretly gaining access to the Federal Reserve's dollar printing press, except in this case, even the Fed wouldn't be able to tell these extra dollars were printed," wrote Omkar Godbole. Importantly, the vulnerability was discovered with help from Anthropic's recently released Opus 4.8 AI model, raising difficult questions for the entire crypto industry. More to come on that. ZEC is now down 42% over the past 24 hours. On Wednesday, the Zcash Foundation said: "The vulnerability was caught before any known exploitation occurred. There is no evidence of unauthorized value creation. Zcash's turnstile mechanism (which tracks the total ZEC balance across all value pools) confirmed that the total supply remained intact throughout. User privacy was not affected. Sapling and transparent transactions continued operating normally throughout the incident."
Read more of this story at Slashdot.
Tip-off is at 8.30pm ET from Frost Bank Center
Email beau.dure@theguardian.com with your thoughts
Draft dynamics …
The NBA Draft is June 23-24, and we’ll take a break from seeing everyone’s mock drafts to look backwards and see how these players got here.
Continue reading...A botched tumbler promotion on the anniversary of a pro-democracy massacre unleashed a boycott, police investigation and political firestorm
It was a PR nightmare: customers smashing Starbucks branded tumblers and mugs as fans deleted loyalty apps and cashed out prepaid balances. Amid the uproar, government ministries cut ties with the coffee chain and apology notices were pasted on Starbucks stores across South Korea.
The initial shock may have passed, but the anger remains.
Continue reading...Iran and the US have exchanged a series of attacks near the strait of Hormuz, imperilling efforts to reach a peace deal
The US military said it shot down four Iranian drones that were launched toward the strait of Hormuz and struck coastal surveillance radar sites in response.
“The attack drones posed an immediate threat to regional maritime traffic,” US central command (Centcom) said on social media. The military is enforcing a blockade on Iranian ports in response to Tehran’s chokehold on the strait – a crucial corridor for global oil and natural gas shipments – which has sent energy prices spiking.
Continue reading...
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/06b57cb-AanZet_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/6c7bb5e-Vorto_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/cc7ceaa-PreciesVier_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/e3dbc3a-Cinco_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/472f2b9-Woordzoeker_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/6cf24d7-Cijferblok_itemafbeelding.png)
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/81f2d02-Koprol_itemafbeelding.png)
Onze zoon van 5 en zijn vader gaan naar het Archeon. Zoon is zeer onder de indruk van hoe huizen gebouwd werden met koeienpoep in de prehistorie en hoe gladiatoren in gevecht…
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/bvhw/wp-content/blogs.dir/114/files/2019/07/ikje5bij3-1.png)
Plaats de cijfers 1 tot en met 9 zo in het diagram dat elk cijfer precies één keer voorkomt in elke rij, kolom, de negen vetomrande 3x3 vakken, én de vier grijze 3x3 vakken.
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/c3f9335-Sudoku_itemafbeelding.png)
Horizontaal: 4. Dat auto-onderdeel is nog zonder eigen behuizing (7) 7. Een keer bestraald worden (11) 10. Automatendrank (8) 11.
:format(jpeg):fill(f8f8f8,true)/s3/static.nrc.nl/taxonomy/dd34c6c-Scrypto_itemafbeelding.png)
Is het een golfkar? Past-ie op de plek van een scooter? Japanse kei-auto’s genieten een ongekende populariteit in eigen land. Ook in Europa klinkt de roep om kleinere en betaalbare auto’s steeds luider,
/s3/static.nrc.nl/images/gn4/stripped/data149152111-d06bc3.jpg)
WASHINGTON (ANP) - Het Amerikaanse leger heeft vrijdag aanvallen uitgevoerd op Iraanse radarinstallaties, nadat Iran vier aanvalsdrones richting de Straat van Hormuz had gelanceerd. Dat meldt het Amerikaanse Central Command (CENTCOM) in een bericht op X.
"De aanvalsdrones vormden een onmiddellijke bedreiging voor het regionale scheepvaartverkeer. De Amerikaanse strijdkrachten hebben vervolgens Iraanse radarinstallaties voor kustbewaking in Goruk en op het eiland Qeshm aangevallen om verdere aanvallen af te weren", aldus het bericht.
Eerder zei een Amerikaanse functionaris tegen CNN dat de Iraanse drones vermoedelijk gericht waren op commerciële schepen die door de regionale wateren voeren of op Amerikaanse troepen die in de omgeving actief waren.
Het Amerikaanse leger zei dat het zal blijven reageren op "ongerechtvaardigde Iraanse agressie uit zelfverdediging".