I've just stubled on this: https://twitter.com/oryxspioenkop/status/1502243888001699843 and https://twitter.com/MathieuPeyrega/status/1502205679175675912 I've tried to check this on ASDBexchange but was unable to find this track using the AN-225 hex id (508035), Flightradar seems to have this removed already. I'm currently not familiar on the Mode-S radio protocol and the mechanism the feeders are pushing their datagrams into ADSB exchange (haven't reviewed the source yet), but I am familiar with information security. So, if this is not a fake, this scenario indicates that basic concepts on information security are not implemented of ignored (for the feeding part). Is this something that can happen on adsbexchange as well?
ADS-B itself was never designed to be protected against spoofing. The example tweet avoids broadcasting on restricted frequencies .... anyhow consider you controlled the receiver, such a setup can have the coax changed easily to accept 1090 MHz from an hackrf. So yet it's possible ... and considering the above maybe reconsider how basic concepts will help you if the signal going into the receiver is spoofed .....
Thanks for replying. You are right, if the signal is spoofed on the radio interface, security mechanisms won't help. They won't ultimately mitigate sending crafted datagrams directy to the aggregation server either as well. But they might slow things down, which comes down to the cost of setting up a volunteer feed. It seems flightradar has blocked new volunteer feeds since yesterday due to this incident.
