Somebody used spoofed ADSB signals to raster the meme of JD Vance

Posted by wubin 22 hours ago

Comments

Comment by paulirish 20 hours ago

This was not spoofed at the ADS-B layer. It was just spoofed to adsb exchange. (While typically a feeder contributes to multiple sites, this one didn't.) eg:

- https://globe.adsb.fi/?icao=adfdf9&lat=26.678&lon=-80.030&zo...

- https://adsb.lol/?icao=adfdf9&lat=26.678&lon=-80.030&zoom=14...

Relevant discussion on r/adsb: https://www.reddit.com/r/ADSB/comments/1qp3q9n/interesting/ where they note it's also absent on FR24, airplanes.live, and theairtraffic.com.

The adsb-x feeder map: https://map.adsbexchange.com/mlat-map/ They probably won't have a hard time identifying who contributed that data.

Comment by ryandrake 18 hours ago

Yea, this is more like vandalizing Wikipedia than spoofing or interfering with safety-critical systems. It's juvenile, but probably not crashing any planes. It'll get reverted, and then presumably the adsb exchange website will tighten up their security.

Comment by PunchyHamster 6 hours ago

There is no security within ADS-B. All you need is directional antenna pointing at receiver (if you just want to fuck with website, not cause mass panic in the nearest airport tower), there is no encryption or other form of authentication in the messages.

Comment by ryandrake 4 hours ago

The security in question is the ADS-B exchange's web site's security, not the security of the ADS-B system. It's unlikely this vandal even has an antenna.

Comment by antonvs 10 hours ago

> It's juvenile

Juvenile times call for juvenile measures. In case you haven’t noticed, the US is being run by a bunch of arrested development high school bullies. Juvenile is one of the only languages they understand.

Comment by account42 7 hours ago

If anything it juvenile it's "the other guy/team/party did it first".

Comment by morpheuskafka 8 hours ago

And is Vance or Trump watching Flightradar24 in their free time? And if they did, would they even get mad at this and not find it funny? And if they did get mad at it, would they do anything at all? If they did something, would it be anything desirable or just trying to retaliate at whoever drew this?

Comment by themgt 7 hours ago

Much like the Biden team wisely embraced the Dark Brandon meme. To quote the ancient stoic wisdom imparted to Punxsutawney Phil, "don't drive angry."

https://x.com/JoeBiden/status/1756888470599967000

Comment by expedition32 7 hours ago

Trump is a narcist and it is known that he spends too much time on social media- and golf.

Vance however is the real deal. May god/science help us all if Trump ever has his long overdue stroke.

Comment by zombot 9 hours ago

+N. If I could, I would give you multiple upvotes.

Comment by consumer451 15 hours ago

I had also posted this story earlier, then deleted it once I learned that. However, I did find this interesting doc about real ADS-B spoofing, which does not appear to be very easy:

https://www.icao.int/sites/default/files/APAC/Meetings/2025/...

Comment by PunchyHamster 6 hours ago

That just says "you need to go outside, and own an SDR". It's very easy, there is no encryption nor authentication in the system

Comment by consumer451 3 hours ago

Man, I wrote that comment at the end of a 14hr work day. The crazy thing is that I had seen that SDR slide when I first looked at this. Hours later, when I posted the comment, I reviewed it again and completely hallucinated the SDR slide away.

I need to check all the work I did towards the end of yesterday. Valuable lesson. Thanks.

Comment by jjwiseman 20 hours ago

As other commenters noted, this is almost certainly not RF spoofing, just sending bad data to an aggregator (ADS-B Exchange) over the internet.

This instance of spoofing is notable for being the first that I know of that wasn't primitive vector art or text, but a raster image!

In that area of Florida multiple receivers would have picked up actual ADS-B broadcasts. ADS-B aggregators do have various anti-spoofing measures, but they're not impossible to circumvent.

The only case of actual RF spoofing of aircraft transponder signals that I know of was actually done by the U.S. Secret Service, which interfered with passenger jet collision alert systems (TCAS) by apparently broadcasting bogus signals near Ronald Reagan National Airport (KDCA): https://nymag.com/intelligencer/article/aviation-flights-whi...

Comment by jjwiseman 18 hours ago

Just because I don't often get a chance to talk about this, I'll mention that there was a malfunction/accident/bug that caused what you might call spoofed signals to go out around Long Island and New York. Really interesting case where it seems that an FAA system wasn't handling magnetic declination correctly, which led to it generating false TIS-B targets that were rotated 13 degrees from real aircraft positions, from the radar antenna point of view: https://x.com/lemonodor/status/1508505542423064578

(TIS-B is a system that broadcasts ADS-B-like signals for aircraft that are being tracked by radar but either don't have ADS-B Out or otherwise might not be picked up by other aircraft with ADS-B In, e.g. maybe they're at a low altitude.)

There have been a couple other incidents with the TIS-B system. E.g. this apparent test near Dallas in 2022 that generated dozens of false targets in an interesting pattern: https://x.com/lemonodor/status/1481712428932997122 There was a similar incident around LAX several months later.

Comment by andyfowler 16 hours ago

whoa, i saw your initial tweet about this, but never saw your follow up that confirmed the magnetic declination association. the convergence back to the ground radar is brilliant. nice find.

Comment by jacquesm 17 hours ago

Wow, that would appear to have some potential for bad stuff to happen.

Comment by Scoundreller 19 hours ago

Notably, the history of this aircraft shows MLAT as the source for all tracking. This spoof is the first ads-b “track” for this plane.

But there’s so much wrong with the data: 50k ft at 80knots (ground speed!) in a 747.

Comment by jychang 19 hours ago

Dang, dude invented a 747 that's incapable of stalling.

Comment by jacquesm 17 hours ago

Groundspeed, not airspeed.

Comment by RandomTeaParty 11 hours ago

hundred knots of wind on demand is also not a small invention :)

Comment by x3n0ph3n3 18 hours ago

Must be a strong headwind!

Comment by jjwiseman 19 hours ago

(Of course if you were spoofing ADS-B RF signals you wouldn't necessarily need to be anywhere near the spoofed locations. Just like with GPS spoofing.)

Comment by Nextgrid 17 hours ago

Surely the receiver would run plausibility checks on the received messages and reject spoofed locations that are physically impossible to receive by said receiver?

Comment by mschuster91 17 hours ago

> spoofed locations that are physically impossible to receive by said receiver?

Wait until you hear about Sporadic-E or Aurora. RF is a weird place full of natural phenomena making the impossible very possible.

Comment by Nextgrid 12 hours ago

But even if that was the case, is there any value for a receiver to be receiving those? Surely those messages would be picked up by a receiver closer to the transmitter anyway. I think the value in spoofing rejection is greater than the probability of a transmission reflecting from beyond the horizon and not being already being picked up by a local receiver.

Comment by jjwiseman 4 hours ago

These receivers mostly don’t have gps and it’s very common for people to put in the wrong coordinates.

Comment by mschuster91 3 hours ago

> But even if that was the case, is there any value for a receiver to be receiving those?

Yes, radio propagation is an entire academic field to be studied :)

In addition, if you have enough receivers you can use that to run something called MLAT [1] to also pick up GA aircraft that just have a transponder but no GPS. The more the merrier.

[1] https://adsbx.discourse.group/t/multilateration-mlat-how-it-...

Comment by krferriter 14 hours ago

I agree with this. Hopefully they're able to track down who did this. To upload to ADS-B Exchange you need an account. But it's not that difficult to get one. I'm not sure what kind of information they may be able to get on it. As you say the person who uploaded this may not be anywhere near there. The aggregators probably should have heuristics like if only one feeder in an area with a decent density of feeder coverage uploads an anomalous track, it should get flagged.

Comment by teiferer 13 hours ago

> Hopefully they're able to track down who did this.

Why? Was anybody harmed?

Hopefully they don't find out who did this. There was never any danger, and without this kind of joke, the world would be less fun.

(Obviously it should be harder to fool critical systems, so this served also as a warning, but if you want to attack such a system, a real bad guy would do this in more subtle ways.)

Comment by jjwiseman 14 minutes ago

It's happening again. Spoofing is in progress, rendering another image. ADS-B Exchange has blocked access to the ICAOs/hexes in question--if you try to look at their history you get redirected to the base map.

https://x.com/TheIntelFrog/status/2016841289556168990

Comment by foota 20 hours ago

The FCC and the FAA are two federal agencies that really don't want to mess with, so I hope for their sake they didn't actually spoof it. (.... I wish there were an FBB as well)

Comment by varenc 20 hours ago

Seems like it wasn't actually spoofed radio signals, but spoofed data collection uploaded to adsbexchange. Still seems unlikely to make the FAA happy, but not as bad. I assume air traffic controllers aren't relying on adsbexchange?

Comment by jjwiseman 19 hours ago

Maybe not "rely" on, but some definitely use public ADS-B aggregator sites.

Comment by ryandrake 19 hours ago

I highly doubt any ATC on duty is looking at a public ADS-B aggregator as a real time source of information for his or her job.

Comment by jjwiseman 19 hours ago

There are non-radar towers that don't have scopes. They may have a traffic display, or maybe not. They might choose to use a public ADS-B aggregator site because it gives them situational awareness, but they don't use it to provide radar services to aircraft. That's my understanding from listening to a lot podcast episodes with air traffic controllers, anyway. I think it's an unofficial, non-FAA approved kind of thing that can make their jobs easier.

See https://www.faa.gov/air_traffic/publications/atpubs/atc_html... for non-radar ATC procedures.

Comment by rootusrootus 18 hours ago

> They might choose to use a public ADS-B aggregator site because it gives them situational awareness

I do not understand what the upside is, aside from saving a tiny amount of effort and cost -- they could get the same data with more reliability by just running their own ADS-B receiver, without having a dependency on a third-party.

Comment by fy20 18 hours ago

I'd assume it's more to see "whats the latest ETA for this aircraft that's scheduled for 1 hour?". Their own ADS-B receiver is unlikely to pick it up.

Comment by TeMPOraL 12 hours ago

Upside may be just that the equivalent first-party system doesn't exist or performs worse? ATC tower isn't a SCIF, they probably get their real-time news from Twitter like everyone else, too.

Comment by mschuster91 17 hours ago

> they could get the same data with more reliability by just running their own ADS-B receiver, without having a dependency on a third-party.

Setting up an ADS-B receiver is indeed very cheap. Less than 100$. That's what many people, both aviation enthusiasts and ham radio operators, do for fun.

The problem is, do that on an airport? You'll now need permits to install the antenna (needs to be covered in the lightning protection system and even if it's just a passive receiver probably someone needs to sign off on an antenna being added). Fire code means you'll need approval and specialized people to run the cable (you need to drill holes in fire walls). Maybe there's some law or regulation requiring approval or causing a paper trail (e.g. in Germany, all electrical appliances have to be isolation-tested and visually inspected every two years by an electrician). Doing that the proper way is an awful lot of work. And by that point, someone will notice "hey, a Raspberry Pi? An RTL-SDR stick from eBay? No way that is certified to be used in a safety critical environment", killing off the project or requiring a certified device costing orders of magnitude more money.

In contrast, a privately owned laptop, tablet or phone with the Flightaware app? No one will give a shit about it unless someone relies on FA too much, causes an incident and that is found out.

Comment by blitzar 7 hours ago

> they could get the same data

They could get uncensored data too - you dont want billionaires jets crashing into other planes because they didnt want to be tracked.

Comment by jjwiseman 1 hour ago

airplanes.live, adsb.lol, ADS-B Exchange, adsb.fi, etc. do not censor the data.

Comment by jjwiseman 18 hours ago

Imagine your boss doesn’t like you looking at ADS-B sites because it’s not data from an FAA approved system but as long as you’re discreet and not actually breaking a reg they don’t yell at you. Then they come in and see that you installed an antenna, RTL-SDR, and raspberry pi in the tower.

Comment by b00ty4breakfast 19 hours ago

if there is any critical aviation service using a 3rd party website that relies on volunteer reporting of data, they deserve whatever happens

Comment by immibis 17 hours ago

[dead]

Comment by cm2187 20 hours ago

plus they did that right next to an airport

Comment by cyanydeez 20 hours ago

Depends, how much did DOGE fuck with their leadership and management.

We now have to both identify obama judges, trump judges and trump bootlickers.

Comment by jacquesm 21 hours ago

It's still there as of now:

https://globe.adsbexchange.com/?icao=adfdf9&lat=26.678&lon=-...

Comment by nshireman 20 hours ago

Source:Other

There it is. Someone running a fake feeder uploaded fake data. No spoofed signals were actually sent over the radio.

Comment by jacquesm 20 hours ago

I always thought that coverage of those receivers was so dense by now that you'd have multiple reports of each aircraft but apparently that's not the case.

Comment by nshireman 19 hours ago

There is overlapping coverage, yes, but the server fuses them into one entry.

Comment by belter 21 hours ago

Maybe next they can do the picture of Trump and Putin that he just hang in the White House:

https://www.the-independent.com/news/world/americas/us-polit...

Comment by jacquesm 21 hours ago

No way... wtf?

Comment by andrewflnr 20 hours ago

This is not even a surprise. Trump has been a fan of Putin for years.

Comment by userbinator 18 hours ago

The photo was praised by Kirill Dmitriev, one of Russia’s key negotiators

I think it's part of his strategy of getting on Putin's good side.

Comment by jacquesm 20 hours ago

It may not be a surprise to you but it is a surprise to me because there are many other characters that he could be a fan of , he's literally giving Putin top billing here, right next to a picture of what seems to be him and his granddaughter.

What's next? Pol Pot? Stalin? Kim?

Comment by hermanzegerman 20 hours ago

Well he certainly likes Kim

https://www.nytimes.com/2025/08/25/us/politics/trump-north-s...

Comment by defrost 17 hours ago

Kim wrote him beautiful letters, in Trump's own words, "and then we fell in love"

* https://www.youtube.com/watch?v=e8OG3U66X9w

Comment by nozzlegear 20 hours ago

I really recommend you read Bob Woodward's four most recent books, starting with Fear[¹] . They give us a fascinating look into Trump's mind, and we get frank discussions from Trump and the people around him about how he not only idolizes strong men like Putin and Kim, but wishes he could be more like them if it weren't for the limits on his power and weak people around him (i.e. more feared/respected by his subordinates, able to command them with an iron fist, etc.).

[¹] The title of the book comes from Trump remarking to Woodward that "Real power is – I don’t even want to use the word – fear."

Comment by jacquesm 17 hours ago

That word works two ways: it shows that Trump would like to be feared, but he's not, it also shows that he's probably very scared, especially of the people he's sucking up to.

Comment by gorgoiler 10 hours ago

I will show you fear in a handful of dust

Comment by mr_toad 18 hours ago

He only likes right wing dictators. Even if the left wing dictators behave exactly like right wing dictators.

Comment by blell 20 hours ago

[flagged]

Comment by jacquesm 20 hours ago

Because?

Comment by actionfromafar 20 hours ago

Yeah... Putin has many more nukes.

Comment by mullingitover 20 hours ago

He isn't even at Putin's right hand, that's reserved for Putin's more highly regarded henchmen.

Comment by decimalenough 20 hours ago

Unless I'm much mistaken, Vance's face is centered over Mar-a-Lago!

https://maps.app.goo.gl/fjqtAa2qgcWsJvFfA

https://globe.adsbexchange.com/?icao=adfdf9&lat=26.680&lon=-...

Comment by belter 18 hours ago

If you get the DF17 frames and extract the airborne position messages Type Codes 9–18.

Then CPR decode them into latitude/longitude....plus plot enough spoofed positions so the point cloud forms a QR code like raster on the map, then scan the rendered pattern...you get a URL to the unredacted Epstein files.

Comment by jacquesm 17 hours ago

Hehe, you had me all the way to the punchline, that was funny.

Comment by KnuthIsGod 17 hours ago

How long before domestic terrorism charges are laid ?

Everthing seems to be domestic terrorism in the US these days.

Comment by mindslight 13 hours ago

Domestic terrorism is now an official policy goal of the "US" government, so yes, there is a lot of it.

Comment by abustamam 5 hours ago

Easy to justify the murder of your political opponents by calling them domestic terrorists.

What's almost more frightening is how many people actually buy it.

Comment by mindslight 2 hours ago

I'm still chewing on the idea of how many supporters are bots or at least bot-adjacent (ie manufactured social proof), and what can even be done about that. When I go to my local [small, suburban] protest in a balanced red-blue area, lately it's been many honks and agreements, and only a handful of angry grimaces.

So I think the tide has long ago shifted, which makes sense what with the terror gangs executing Americans and all. The question is how we can organize into meaningful opposition when most activity happens online these days, and every non-echo-chamber forum still has extremist nutjobs who derail productive conversation.

I'd think that Congressional offices are seeing a similar dynamic too, inundated with robocalls from "constituents", the occasional untraceable threat of violence to their families if they step out of line, etc.

Comment by guerrilla 21 hours ago

For those wondering, https://knowyourmeme.com/memes/jd-vance-edited-face-photosho...

Comment by randycupertino 20 hours ago

My favorite one is "Emo JD Vance" with the heavy eyeliner and the scene haircut: https://www.amazon.com/Vance-Meme-Emo-Republican-Conservativ...

Yassified Vance, which a Republican congressman actually created and posted as a legit fan edit is also very funny: https://x.com/KatAbughazaleh/status/1841491297145634831

Comment by guerrilla 20 hours ago

> "Emo JD Vance"

Oh I thought that was the angry little man, what's his name... Ben Shapiro! (Google knew what I meant.)

Comment by deevus 21 hours ago

I had a few chuckles reading that. Thanks.

Comment by Fnoord 18 hours ago

Can you explain what is funny about it? I genuinely don't understand.

Comment by Am4TIfIsER0ppos 4 hours ago

Are funny faces funny? Are edited images funny? Are edited funny faces funny? Perhaps it just isn't your sort of humor.

Comment by aaronbrethorst 20 hours ago

I'm disappointed it doesn't seem to have a link to this Vance/Trump 'makeup' video. https://www.reddit.com/r/StrangeAndFunny/comments/1jm9kn4/jd...

Comment by randycupertino 20 hours ago

A drag makeup artist has an entire series called "Queer Eye for the MAGA Guy" on republican makeup recreations: https://www.youtube.com/watch?v=u6hK_UEGBs4&list=PLNZQj4dOgd...

Comment by fortran77 20 hours ago

Most likely they spoofed the reporting API to "FlightAware" or other ADSB crowd-data-sourced sites and didn't spoof "ADSB Signals"

Comment by 20 hours ago

Comment by colechristensen 20 hours ago

Actually spoofing ADSB radio signals could very well land you in prison with a $100,000 fine. The FCC is very eager to find and fine you for these kinds of stunts.

Spamming flightaware is much less severe, but still... it's not cute to mess with life-safety critical infrastructure.

Comment by fc417fc802 14 hours ago

FlightAware isn't safety critical. If it was then being able to spoof it in this manner would be negligence on the part of the operator.

Comment by 18 hours ago

Comment by eep_social 21 hours ago

edit: op also has this, disregard

hugged but someone caught it: https://archive.is/VrEtg

Comment by dayyan 16 hours ago

Hilarious

Comment by burnt-resistor 16 hours ago

This is just yet another cost and side-effect of a deeply unpopular, business-destroying, corrupt regime.

Comment by aa_is_op 19 hours ago

Isn't this actually illegal?

Comment by altairprime 19 hours ago

It’s not “illegal broadcast which engages the FAA and FCC to hunt you down” illegal, but that doesn’t exclude other prosecutions.

Comment by filleduchaos 10 hours ago

Other persecutions for what? Sending crap data to an API is not a crime.

Comment by andrewstuart 21 hours ago

Please explain the tech.

Comment by CGMthrowaway 20 hours ago

No real 747 flew this. It was a prank using impossible flight data via ADS-B spoofing. Ground-based “software-defined radios” (SDRs) broadcast fake transponder signals to trick ADS-B Exchange. This works because both the ADS-B & AIS systems use unencrypted, unauthenticated data.

Comment by joecool1029 20 hours ago

It was sent to ADSBexchange's API, not over RF. No laws were broken.

Comment by nshireman 20 hours ago

Yep, as evidenced by the "Source:Other" tag on ADSBExchange. Signals actually sent over the air would show ADS-B, TIS-B, etc, as the data source.

Comment by Scoundreller 19 hours ago

It’s only “other” at the very last point. Go earlier in the track and it shows as “ADS-B”, but every historical real flight in this plane is MLAT (it doesn’t broadcast its precise position but it can be inferred from receivers)

Comment by jjwiseman 19 hours ago

That's not true. And if you click almost anywhere else on the spoofed track it will show as Source: ADS-B.

Comment by 20 hours ago

Comment by sneak 21 hours ago

ADS-B is packet data telemetry broadcast unencrypted and unauthenticated by aircraft on 1090MHz.

Anyone can receive it, and many do. FlightRadar and others have networks of people with receivers that forward all received packets to central servers.

The aircraft self-report location, heading, altitude, etc, so anyone can transmit packets making ghost planes.

I am somewhat surprised nobody has stashed an ADS-B spoofer near ATL or AMS that just broadcasts tracks of A380 tail numbers crossing the runways perpendicular at 500 ft AGL or something. They have primary radar, sure, but I imagine there would still be a temporary disruption until people figured out what was going on.

I think this is the first case I’ve seen of ADS-B spoofing in the wild.

EDIT: this was spoofed reports to the data aggregators via the internet, not broadcast on radio waves. I’ve still never seen or heard tell of RF ADS-B spoofing.

Comment by fc417fc802 14 hours ago

> I’ve still never seen or heard tell of RF ADS-B spoofing.

Probably because the required expertise, effort, risk, and reward ratios don't work out. You can cause a minor disturbance that isn't particularly visible and in exchange get investigated by the FBI. Seems about as wise as attempting to graffiti the front gate of a military base.

Comment by infthi 7 hours ago

There was this proof of concept in 2012: https://youtu.be/CXv1j3GbgLk?t=2483

(IIUC they did not actually transmit data, just fed it directly into an ADS-B receiver, but transmitting would've been trivial at this point)

Comment by pixl97 21 hours ago

Fake signals are not uncommon, but mostly accidental. They are dealt with very quickly when causing traffic control problems

Comment by mywittyname 20 hours ago

I'm guessing this doesn't cause traffic control problems due to the no-fly zone over that area?

Comment by pixl97 20 hours ago

Probably is not causing traffic issues. With that said I'm sure a number of TLA's are looking into it already, so whoever did it has hopefully took a number of infosec steps not to get caught and questioned.

Comment by sneak 16 hours ago

Sure, but traffic control problems can still be caused (temporarily) by abuse of the frequency/protocol by those intending to cause disruption.

Can you tell me more about the fake signals? Who sends them? Why? How often?

Comment by idontwantthis 21 hours ago

Can someone explain what this means? Where would this have been seen?

Comment by burkaman 21 hours ago

Most planes broadcast their position using ADS-B, and some websites collect these signals and visualize them so you can track flight paths. Somebody broadcast a fake flight path that draws a picture of JD Vance on these sites: https://globe.adsbexchange.com/?icao=adfdf9&lat=26.678&lon=-...

Comment by zeeZ 21 hours ago

To expand on that, those websites mostly operate on random volunteers self hosting a (starting price) fairly cheap receiver and antenna with an open source stack that feeds the ADS-B data to the website operator in exchange for nothing or free "premium" benefits.

The spoofer could have just sent them fake location information drawing an image using latitude, longitude and altitude for color (in the default view flight paths have different colors based on the altitude of the plane at that point in time).

They could have built an antenna and actually broadcast this data, but that would be a lot more effort and most likely some form of crime.

Comment by dpe82 21 hours ago

As a pilot I really hope it's the former. Broadcasting spoofed traffic at minimum would be confusing and distracting to both pilots and ATC.

Comment by JasonADrury 21 hours ago

> Somebody broadcast a fake flight path

They didn't actually "broadcast" anything. This was created by uploading fake data to absexchange.

Comment by HNisCIS 21 hours ago

No, someone probably setup a fake feeder pretending to be an ADSB receiver.

Comment by OkayPhysicist 21 hours ago

ADS-B (Automatic Dependent Surveillance-Broadcast) is a protocol for planes to publish their positions, so help with the whole "not crashing into each other" thing. The data is mostly for pilots and air traffic control, but it is publicly available, and there's a number of sites that track the data so that you can see what planes are overhead or whatever.

Someone spoofed Airforce One's transponder, had it declare itself as "VANCE 1", and then fly a pattern to display the meme. Or lied to one or more of the major sites, pretending to be listening in on the ADS-B signals. It's unclear. Regardless, it's a very funny hack.

Comment by cluckindan 20 hours ago

It’s basically the modern radar system as in it supplies the data air traffic controllers see on their screens. Civilian ATC doesn’t really use actual radars any more.

That said, TCAS (Traffic Collision Avoidance System) does not operate on flight data reported by ADS-B.

Comment by esseph 21 hours ago

Pilots and nerds that watch airplane traffic

Viewable on FlightRadar24, etc

Comment by walletdrainer 13 hours ago

Pilots would tend to not see this, neither would people using FlightRadar24

Comment by esseph 4 hours ago

There are now multiple ones, and they are spreading through more than just ADSBExchange for this attempt.

It is on Airplanes.live ADSB,FI,and TheAirTraffic.com. Isn't on adsb.lol or FlightRadar24.

https://globe.adsbexchange.com/?icao=adfdf8

Comment by JasonADrury 21 hours ago

> Where would this have been seen?

on HN, mostly

Comment by sammy2255 21 hours ago

This has gotta be some sort of federal crime

Comment by pear01 21 hours ago

I believe this was "spoofed" only in the sense that a particular provider/online platform accepted data via an API that was abused to draw this on that platform only. Searching around it seems it was not found if you looked on other platforms, so it might not even have been a crime. I believe they didn't emit any real "signals" just took advantage of an API that should probably be better secured.

Comment by observationist 21 hours ago

At worst it'd be a violation of the site ToS - it's a crowdsourced community data based system, and not any sort of an official, important system. The account doesn't seem to have been banned, so maybe the admins are just rolling with the joke.

Comment by fc417fc802 14 hours ago

> an API that should probably be better secured.

I think the API is secured? The entire premise is that a volunteer creates an account and uploads ADS-B telemetry. Detecting falsified data is a separate matter.

Comment by darthwalsh 11 hours ago

Sounds like authentication is working great, but their authorization design may be flawed.

Comment by filleduchaos 10 hours ago

How is it flawed? That is the nature of crowdsourcing.

Comment by 19 hours ago

Comment by Scoundreller 21 hours ago

Doubt it did anything in RF, only sent packets to adsbexchange’s web service that its volunteers feed it.

Also Adsbexchange has had some… history:

https://www.reddit.com/r/ADSB/comments/10l2euc/adsb_exchange...

https://hackaday.com/2023/01/26/ads-b-exchange-sells-up-cont...

Comment by lovecg 20 hours ago

Agreed with other commenters that nothing was likely actually broadcast, but if it was it would definitely be highly illegal and you’d have feds knocking down your door pretty quickly. They don’t joke around with illegal transmissions like that.

Comment by advisedwang 21 hours ago

It's almost certainly a violation of the Computer Fraud and Abuse Act because it's an extremely broad law.

Comment by eleventyseven 20 hours ago

Violating terms and conditions is not a CFAA violation, per the Supreme Court case Van Buren v US (https://www.politico.com/news/2021/06/03/supreme-court-cyber...) which narrowed to actual fraud and data theft.

"The Government’s interpretation of the statute would attach criminal penalties to a breathtaking amount of commonplace computer activity,” Barrett wrote. “If the ‘exceeds authorized access’ clause criminalizes every violation of a computer-use policy, then millions of otherwise law-abiding citizens are criminals."

adsbexchange is a user-generated content platform where you can submit decoded radio signals to a common database. Sending fake data to adsbexchange is as much a CFAA violation as posting hoaxes to Wikipedia or a social media platform.

Comment by kevin_thibedeau 19 hours ago

Precedent won't get in the way of a tribal retaliation. They've proven that they can't be consistent with fundamental laws they've sworn to uphold.

Comment by sophacles 20 hours ago

TBF so is your reply and mine.

Comment by HNisCIS 21 hours ago

ADSB sites aren't any sort of official thing. You can send whatever data you want to them. Just because it's there doesn't mean it ever went over the air as an ADSB broadcast.

Comment by TimorousBestie 21 hours ago

An interesting question.

Assuming the FAA has the authority to enforce ADSB requirements (an open question post-Chevron), I can’t find any regulation saying non-aircrafts cannot transmit ADSB. Only ones saying aircrafts in certain categories must.

There’s probably some non-interference requirement somewhere (FCC spectrum licensing perhaps), but I’m not seeing it immediately.

All this is in the hypothetical that RF was transmitted, which as others point out it probably wasn’t.

Comment by tjohns 18 hours ago

It would be under the FCC regs, not the FAA regs.

Whatever transmitter you're using would not be type-accepted for operation on the 1080 MHz or 978 MHz band. (47 USC § 301)

Additionally, RF operation with the intent of willful interference is inherently illegal. (47 USC § 333)

Comment by fc417fc802 14 hours ago

What if you removed a genuine ADS-B unit from a plane and installed it in your vehicle?

Also does impersonation necessarily qualify as interference? Naively, I'd expect interference to refer to jamming.

Comment by jjwiseman 12 hours ago

A transponder in a car is not an "aircraft station" (§ 87.5), therefore it is not covered by aircraft "license-by-rule" (§ 87.18(b)), so transmitting would be operating without a valid authorization (§ 1.903(a)). https://www.ecfr.gov/current/title-47/chapter-I/subchapter-D...

Comment by TimorousBestie 18 hours ago

Excellent, thanks.

Comment by 21 hours ago

Comment by 15155 21 hours ago

(Assuming this were actually RF)

This is easily-prosecutable willful interference or possibly aircraft sabotage: ADS-B operates in licensed bands and uses an already highly-contended modulation scheme and transmission protocol.

Comment by esseph 21 hours ago

No reason to believe RF when you can just upload whatever data you want

Comment by fragmede 21 hours ago

They'll probably try and make a case of wire fraud and CFAA as the usual go tos if it wasn't in RF.

Comment by habinero 11 hours ago

"Wire fraud" means financial fraud, not "sending data over wires".

Comment by burnt-resistor 16 hours ago

Since most of these ADS-B collection sites are patchworks of unofficial/best effort, that seems like a great attack vector for nation state-level spoofing to interrupt flight planning, capacity planning, other tertiary air transport operations, and make civilians nervous. It's analogous to "hobby" code running key infrastructure of the internet without serious processes and auditing, testing, and verification.

It would be far better and more reliable to have the FAA do it by providing authoritative single source of truth as (selectively) open data rather than depend upon the whims / greed / sloppiness of an over-privatized utility. ATCs need and/or have this data anyhow, so in the future, it should be provided.

How do less neoliberal European countries do it?

Comment by habinero 11 hours ago

These are hobbyist sites, not critical infrastructure. Commercial aviation doesn't use them.

> It's analogous to "hobby" code running key infrastructure of the internet

I have some bad news my dude lol

Comment by mvdtnz 20 hours ago

[flagged]

Comment by estimator7292 20 hours ago

[flagged]

Comment by danpalmer 20 hours ago

The traffic that the top of HN generates is remarkably little. It'll be Reddit that is causing this.

Comment by Imustaskforhelp 20 hours ago

I find it absolutely crazy how I spent around 20 minutes trying to find the rough estimates and predictions with everything to essentially summarize into the same statement which you wrote.

Although I would consider that even reddit might not be enough to cause a death wall if the infrastructure behind it is organized.

There could be a software mis configuration option, I find it the most plausible option personally.

Comment by ipsum2 20 hours ago

Not just HN, this is pretty much all over the web.

Comment by mulhoon 20 hours ago

Not millions, but still, they have a point.

Comment by AreShoesFeet000 20 hours ago

You should’ve taken the opportunity to not have been so unnecessarily aggressive.

Comment by Imustaskforhelp 20 hours ago

I mean HN has around ~5 Million unique users

Most are from US or from a HN user: population, well technically switzerland iirc (https://news.ycombinator.com/item?id=33450094) But I don't know, I feel like there are definitely times where people create two accounts on HN or more or lose access of previous or want better names (I am thinking of creating a new account on HN myself) so assume half to go through ~2.5 million users

Over the span of one decade+ year though, a lot of people completely leave the forum and so I would consider frequent users to be around ~ 1 million

Then the people who are actually active a lot of days or are weekly active or monthly active and tonight's the night (dexter reference) that they open it,I would assume ~500k users

I would consider these ~500k impressions to be an average estimate on a really really impactful HN post on front page & they all might come through say ~24 hours.

I am being more generous and assuming 500k HN impressions on 3-6 hours timeframe then technically the server just has to handle like ~46 users/sec or ~23 users/sec

But even on a really high estimate we assume ~500 users/sec

But I have seen some benchmarks of websites/frameworks/languages which are able to handle 5k-10k requests as a really low to decent estimate depending on the task

I do feel like its something that I can architect ~500 users/sec on some hetzner box most likely at max for ~30-40 usd/month or using their smallest plan with cloudflare tunnels for around I guess ~2.99 euros or 3 euros per month

I feel like its definitely possible to survive the "HN wall of death" but any of my websites haven't gone and hit this wall but if anyone of your projects or anyone can anecdotally tell me something it would be interesting & we can discuss it.

Also I have seen this one person who was able to survive this HN wall of death on a literal 780 mb alpine server using lighthttpd. Which if we are assuming racknerd or dedirock or something can get to around ~7$/yr or ~6.70-ish$/yr deal from black friday & you can get such deals on websites like lowendtalk for quite a low price.

Though these providers have comparatively low bandwidth if you actually want the cheapest somehow option and want to survive this HN wall of death. (these providfe around 1TB-2TB/month iirc)

Personally I feel like netcup (my preferred provider) / IONOS might be better options as they are still cheap while giving more lenient bandwidth or you can also find probably some really cheap high bandwidth black friday deals around the 7$/yr mark as well

I think I am getting off topic but I really like german hosting providers usually for the most part except the only thing I do hate a (little?) about them is that I have observed that they have a reputation of being exceptionally strict to the rules/some have the more ban first-ask-later approach which um might suck if your project is a little unconvential or quite frankly it can sometimes conflict with my morals as I always feel a little bit of hestitation around building around such system.

Comment by Scoundreller 21 hours ago

[flagged]