Last week came the bombshell news that Israeli air footage was being intercepted by US and UK intelligence for years:
The United States and Britain have monitored secret sorties and communications by Israel's air force in a hacking operation dating back to 1998, according to documents attributed to leaks by former U.S. spy agency contractor Edward Snowden.The article in The Intercept that describes how they did it shows a shocking fact - Israel didn't really encrypt the communications. It merely scrambled them in a way that could be unscrambled using public domain tools.
Israel voiced disappointment at the disclosures, which were published on Friday in three media outlets and might further strain relations with Washington after years of feuding over strategies on Iran and the Palestinians.
Israel's Yedioth Ahronoth daily said the U.S. National Security Agency, which specializes in electronic surveillance, and its British counterpart GCHQ spied on Israeli air force missions against the Palestinian enclave Gaza, Syria and Iran.
The spy operation, codenamed "Anarchist", was run out of a Cyprus base and targeted other Middle East states too, it said. Its findings were mirrored by stories in Germany's Der Spiegel news magazine and the online publication The Intercept, which lists Snowden confidant Glenn Greenwald among its associates.
According to GCHQ Anarchist training manuals from 2008, analysts took snapshots of live signals and would process them for “poor quality signals, or for scrambled video.”Encryption is encoding information that cannot be seen without a "key" (or an error in the encryption algorithm.)
The manuals stated that video feeds were scrambled using a method similar to that used to protect the signals of subscriber-only TV channels. Analysts decoded the images using open-source code “freely available on the internet” — a program known as AntiSky. The attack reconstructed the image by brute force, allowing intelligence agents to crack the encryption without knowing the algorithm that had been used to scramble the video.
But Antisky (named because the original scrambling algorithm was used by UK's Sky network) doesn't decrypt in the real sense of the word. It figures out how to reproduce video scrambled with an algorithm caled Videocrypt. As its documentation describes:
Videocrypt rotates individual lines, or in other words, every line is cut at a secret point in two parts and then both parts are exchanged. I.e. if an original line in the pixtures wasSince virtually every line in a video is very similar to the line above it, the Antisky program reshuffles each line of video until is matches as closely as possible the previous line.
0123456789
(each digit represents one pixel), then the rotated version (here with offset 3) looks like
7890123456
What the first step of the ANTISKY algorithm is doing is only to compare this rotated line in all 10 offsets
7890123456
6789012345
5678901234
...
9012345678
8901234567
with the previous line. The measure of how good this line compares in one particular offset to the previous one is the sum of the products between pixels in the same column. In the output picture, consecutive lines are rotated relative to each other, so that this measure is maximized. The first line is not touched.
This is compute intensive which is why it cannot be used to descramble the signal in real time, but individual shots can be decoded with the right equipment in a few minutes. The leakers published a short manual on exactly what operators need to do to descramble signals using both Antisky and ImageMagick.
What this comes down to is that the Israelis relied on an old technology (at least from 1994) to obfuscate, but not encrypt, the video signals coming from the drones
There is one other leaked document from 2010 that seems to indicate a different method of extracting the signals that had been upgraded to digital, not the analog signals from the earlier drones (and other equipment.) But although that document indicates that they had not been fully successful at decoding all the signals, they were able to decode multiple video streams from the same drone, again indicating that there was no encryption of the signal - the analysts just had to figure out what algorithms were being used to digitize the data, and therefore how to extract each video from a larger data stream.
This is a major screw-up on Israel's part.
We have lots of ideas, but we need more resources to be even more effective. Please donate today to help get the message out and to help defend Israel.
|