Vittitoe, too, recalls old NASA stuff coming in handy during the qualifying rounds. In one challenge, the team had to infiltrate a simulated Apollo 11 guidance computer and read out a numerical value locked inside. Other challenges—all taking place within a simulated environment, not in the innards of actual orbital systems—dealt with satellite operations, which taught some space basics in the course of competition: Task the satellite to take a picture, upload it, charge the spacecraft batteries without sending it into the sun, etc. “We crashed many simulated satellites in our attempts to find the correct solution to these challenges,” says Vittitoe.
Sure, space is hard and different, he concedes. You have obscure—sometimes antiquated and kludgy—systems whizzing around Earth at thousands of miles per hour, connecting to ground stations and possessing solar panels and thrusters and one-of-a-kind instruments. But one thing always plays out in heaven as it does on Earth: “At the end of the day, this is all code running on a computer,” he says. “It has inputs, it processes those inputs, and it produces outputs.”
Samurai and the other seven teams that will hack a sat recently received their own FlatSat base station in the mail. “They’re going to be able to rip it apart,” says Roper. Normally, they might have done that from the same physical location, but teams (being hackers, after all) have had no trouble remotely accessing the base station and acquainting themselves with it, while it remains in one person’s possession.
When the final competition begins on August 7, they’ll first have to work problems on another FlatSat. At some point in that heads-down work, the organizers will task the teams with writing code that can take control of the actual on-orbit satellite, which will be carving an ellipse around Earth. The code must command it to change its orientation, point its camera at the moon, and snap a pic.
After testing and perfecting that code on their FlatSat, the team with the most accurate, efficient, and timely solution will get to issue commands to the real satellite, sometime in a 24-hour window, and take a lunar portrait. “A literal moon shot,” says Roper. A shot that, Roper believes, the organizers would tweet out that day.
That kind of openness runs through the whole competition, with participants, for example, required to publish all their solutions to challenges. The transparency cut down on ethical questions some competitors might’ve had about hacking for the Feds. “It’s not, ‘Oh, OK, learn to hack this thing. And tell us, and don’t tell anyone else. And we’ll use it offensively,’” says Prieto. “For me, personally, it removes some of the concerns about it. If it was one of those ‘Sign an NDA and do this thing,’ I don’t think most people would be comfortable with that.”
But it’s not like there are a lot of other options if you want someone’s blessing to go hack an operating satellite. “I don’t know people who have satellites lying around,” says Williams, of team PFS.
Co-conspirator Malekpour agrees. “I don’t know how I would normally get to do this, or get a FlatSat,” he says. “I don’t think you could just get this on Amazon.”
Still, there’s a bit of cultural side-eye cutting the other direction, too. Despite a thawing in relations, as evidenced by efforts like Hack the Pentagon and the hack-an-F-15 invitation, tensions between the two communities have a long history. And so, says Goldstein, “on the DOD side, there’s baggage.”
But suggesting that hackers and feds are dichotomous and dissimilar doesn’t reflect reality. “We force people into that word,” says Goldstein, of the term hacker, “when often we are talking about security researchers.” Many, even most, hackers are not rogue agents in basements but professionals with jobs—sometimes inside or on behalf of the government—whose 9-to-5 duties include discovering vulnerabilities like this. “We have people who carry the highest security clearances who are security researchers, hackers,” says Goldstein. “That is part of our community.”
More Great WIRED Stories
Credit: Source link