>> An even bigger WTF is why GPS data isn't signed with some official key so spoofing is impossible.

> Because an attacker can just replay legitimate broadcasts with slightly skewed time and origin and introduce huge errors into the fix.

Galileo uses a signing system (Timed Efficient Stream Loss-Tolerant Authentication, TESLA) to protect the authenticity of its messages, including preventing replays:

* https://gssc.esa.int/navipedia/index.php/Galileo_Open_Servic...

* https://datatracker.ietf.org/doc/html/rfc4082 (TESLA)

* https://people.eecs.berkeley.edu/~tygar/papers/TESLA_broadca...

* https://users.ece.cmu.edu/~adrian/projects/stream/node1.html