Hacker News new | past | comments | ask | show | jobs | submit login

Because it dates to a time when such attacks were infeasible. GPS is very similar in that regard. Even HTTPS was uncommon back when I was in university. NASA spacecraft still communicate over unencrypted channels.

Mindsets were different then.




not just mindsets, but the computing power available. These days, my smartphone is millions of times more powerful and the computation to do TLS encryption on every website I visit is trivial for a computer that fits in the palm of my hand. Way back when, the 1 or 2 kilobytes or so a modern RSA private key (PEM format) would take up on disk was meaningful when you only had 4 megabytes of RAM and CPUs ran in the megahertz range.


Also to a dumb phone it doesn't matter whether an SMS contains a phishing link because it has no way of accessing it. Until the advent of smart phones SMS phishing was a non-issue.


> GPS is very similar in that regard.

GPS originated as a military protocol and has some level of encryption and authentication, but this is not available to the general public.


GPS *had* no encryption or authentication; indeed, such security is only a recent addition to the L2 frequency.

USK: Galileo also has authentication available on its civilian frequencies.


> GPS had no encryption or authentication; indeed, such security is only a recent addition to the L2 frequency.

This was a long time ago, but I distinctly remember the encrypted P(Y)-code and anti-spoofing being operative in the mid 1990s.


> such security is only a recent addition to the L2 frequency

Is that already available? I thought GPS L2C didn't include authentication yet.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: