Space Bits

Space Force videos

Deux salles, deux ambiances

Pardon my French. I like them both.

Space Bits

HackASat (3/x) has small updates on HackASat challenge : in an article titled “Hundreds of hackers sign up for chance to break into a DoD satellite“, Sandra Erwin reports, quoting Dr. Will Roper from Air Force, that more than 900 participants have registered for the qualification phase.

Space Bits

Space Security Challenge

As a follow up to previous post, the Space Security Challenge or Hack A Sat (HaS) has a website. Although DEFCON 28 will be virtual this year (DEFCON Safe Mode), the Final event / challenge (“Hack a Sat Capture The Flag” hosted by the virtual Aerospace Village) will happen in August and the qualification phase is ongoing (registration closes May 24 and qualification event starts May 22).

Workshops on satellite will also be organized in August.

Rules edited by the Air Force Research Lab are availble (pdf) :

The top 10 teams will be requested to submit a “Qualification Event Technical Paper” describing the solutions for 5 challenges solved during the qualification. Papers will be reviewed by the organizer before a formal invitation to the Final Event (online) is sent to the team. 8 teams will participe, 2 will be on standby.

The Final event is composed of a new CTF (FlatSat) followed by an On-orbit challenge for teams with all the FlatSat challenges solved. A technical papers will also be requested at the end.

Each entrant must include at least one U.S. citizen or permanent resident. Official Government entities are not eligible (that makes two reasons preventing foreign space agencies to participate to this U.S. challenge).

I like the disqualification rules :

– Utilizing or engaging in Denial of service against other competitors is strictly forbidden
– All patches to open-source software must be made available according to open source license guidelines
– Any vulnerabilities discovered in open-source software must be made available to the public via a public disclosure process
– No physical coercion or intimidation is allowed
– Any acts of sabotage, tampering, misuse, attacks, or use without consent of the contest organizers property, contest infrastructure, equipment, software, or items that pertain to the contest that are outside of the contest environment are expressly forbidden

Of course, the usual disclaimer alerting participants of monitoring and interception are in the document. Publicity (disclosure) will also be part of the deal.





Content from HackASat published with permission.

Space Bits

Air Force’s orbiting satellite at DEFCON 2020

This Wired story from 2019, September describes the road taken by Air Force to decide to offer an orbiting satellite for “testing” by hackers at DEFCON 28.

After a F-15 fighter last year, Air Force will enable a select number of researchers to evaluate the security of an orbiting satellite from an attacker perspective. At the time of writing of the article the satellite targeted was unknown.

On December the 12th, released an update but the satellite was yet to be chosen, according to Will Roper, assistant secretary of the Air Force for acquisition, technology, and logistics. Internal Air Force project name is “Hack-A-Sat”, public one will presumably be “Space Security Challenge”.

Space Bits

2019 Challenges to Security in Space

U.S. Defense Intelligence Agency has released in February 2019 a report on challenges to U.S. Security in Space (newsreport in pdf).