Hackers Defeat BARR

  • E-Mail this Article
  • View Printable Article
  • Text size:

    • A
    • A
    • A

It was perhaps inevitable that someone somewhere would find a way, and an apparently legal one at that, to track flights of aircraft on the Block Aircraft Registration Request (BARR) but at least one of the architects of the project feels a little bad about it. Dustin Hoffman (the researcher, not the actor), who developed the system with Semon Rezchikov, is a private pilot who thinks it's none of anyone's business where consenting adults fly their aircraft. In fact, he's managed to strike a noble posture in his defense of OpenBarr.net. "I'm a libertarian. I don't think it's anyone's business where you travel to," he told Forbes "But what's worse, for everyone to know it's easy to track you, or to have a false assurance you can't be tracked?" NBAA isn't buying it. "Getting on an airplane shouldn't amount to forfeiting your security and privacy to anyone, anywhere in the world with an Internet connection," NBAA spokesman Dan Hubbard told Forbes. "That's why a law was passed to create a program that allows citizens and companies to opt out from having their flights tracked. Attempts to compromise that opt-out ability amount to nothing less than an unwarranted invasion of the privacy of aircraft owners and operators, a threat to the competitiveness of U.S. companies and a potential security risk to the persons aboard aircraft."

Hoffman might have used his knowledge as a pilot to come up with the process. OpenBARR's software simply scans LiveATC's broadcast of pilot/controller interactions and picks out the N-numbers of arriving or departing aircraft. It would appear those scanning the data would have to know what they're looking for but aircraft registrations remain public information and finding out the tail number of a celebrity or business owner's aircraft is relatively simple. The site is active now scanning ATC transmissions from Henderson, North Las Vegas and McCarran International Airports serving Sin City. More will follow. The "service" was unveiled at the annual DEF CON hackers' conference in Las Vegas last week.