[teovall]

The antiquated AM mode and the lack of encryption or even digital encoding is a safety feature for air traffic voice communications. Very weak signals still have a chance of being intelligible and if two signals are transmitted at once on the same frequency, both can still be heard.

[H8crilA]

Yeah but it's terrible for security. Also digital modes work just fine at the same range - I have no problem hearing ADS-B messages from up to 200mi away from my ground level antenna, where the max range is only limited by the curvature of the planet.

And note that the real problem is with authentication (MACs, or digital signatures), not encryption. Public availability of those records is actually probably beneficial. It's a common misconception to think that you need to encrypt while in reality you perhaps need to encrypt, but first you absolutely must authenticate.

[tjohns]

You don't really need more security, because if a pilot gets an ATC instruction that doesn't make sense, they're going to question it. Pilots aren't following instructions blindly, everything is mentally cross-checked against what we expect should be happening for situational awareness. (And ATC would also hear the interloper and immediately speak up.)

On top of that, almost everyone in the US also has some form of collision avoidance technology now, as well (either TCAS or ADS-B).

And there's plenty of times where the only time I could hear ATC was with the squelch full open, trying to pick a faint signal out through the static. Digital modes are terrible for this.

[H8crilA]

Eh, I get a lot of pushback in this thread. But I'll reply.

We're talking about something like a landing clearance. It doesn't have to be completely off the chart. And yes you can inject a message like that successfully, without the ATC ever knowing.

TCAS is equally broken - doesn't have authentication codes / signatures. It's actually more vulnerable since it has higher priority than ATC.

Digital modes can encode speech more efficiently than analog modes, thus reaching further on the same link budget. For example ADS-B is "audible" as far as the curvature of the planet allows - my own antenna can hear messages from up to 200mi away.

It really is a serious problem.

[tjohns]

At least in the ham radio community, experience is that digital radio sounds better further, but at the extreme ends of signal reception the digital signal becomes completely unusable before an analog signal becomes unintelligible.

See: https://en.m.wikipedia.org/wiki/Cliff_effect

https://www.selby.com.au/blog/what-is-the-digital-cliff-2

Up in the air, I can also hear AM analog voice transmissions from 200 miles away, so that's not really a good measure of performance. Both modes already do that. Benefit of having an unobstructed line of sight from several miles of altitude. :)

[H8crilA]

I mean, to put it simply it would just work with a digital mode. But that's not the point, the main point is that there is no authentication mechanism. Such systems are indeed being abused, for example trains were recently halted in Poland. This happened because they have an un-authenticated channel of communication that allows anyone to do that:

https://cybernews.com/news/century-old-technology-hack-broug...

It's only a matter of time before this happens in aviation, but unlike in the trains case it doesn't have to be just an availability problem (all trains stopped safely), it can be a "remote code execution" problem.

[ryandrake]

Is this an actual problem that is happening in practice, though? How many instances of "unauthenticated" airband communication have caused an accident? I don't know. Even if the answer is nonzero, I'd be willing to bet it's less than ten in decades.

[H8crilA]

There was a guy in Berlin who was issuing fake landing clearances recently: https://aviation.direct/en/berlin-falscher-fluglotse-narrte-...

It took 6 months to find him, and mind you that that guy was the opposite of clever (he was talking from his bathtub, from what I remember, and he started out not even knowing the ATC language).

Also, it really makes sense to think ahead just a bit, you know. Not everything has to be triggered with an accident, and in this case we're likely talking about terrorism, since no one would do this without realising just how bad the legal consequences are.