back to article Belgian boffins dump Starlink dish terminal's firmware, gain root access and a few ideas

Belgian boffins have published a teardown of the Starlink user terminal – also known as Dishy McFlatface – in which they managed to dump the device's firmware that was housed on a eMMC card upon the PCB. For the academics at the Katholieke Universiteit Leuven (KU Leuven), actually getting their hands on the firmware for later …

  1. sebacoustic

    Looks like spacex took their security implemetation fairly seriously... not your average IoT "intelligent kettle/fridge/vibrator" kind of effort. I hope the boffins keep at it and crack it though, someone needs to take Musk down a peg or three.

    1. oiseau
      Thumb Up

      Looks like spacex took their security implemetation fairly seriously ...

      Quite so.


      Now, if all hardware/software outfits did the same thing ...


    2. Arthur the cat Silver badge

      your average IoT "intelligent kettle/fridge/vibrator" kind of effort

      That's one hell of a 3-in-1 combo.

      1. Wellyboot Silver badge

        Post event cuppa & snack, there's got to be a market for that!

    3. James Hughes 1

      Why does Musk need to be taken down a peg or two?

    4. hoola Silver badge

      One cannot help but think this was more a fortuitous outcome as a result of preventing the technology from being stolen rather than a "security first" approach to ensure that is is actually appropriate.

      Maybe I am just being cynical.....

  2. Chris Tierney

    Geofencing development

    SpaceX really went to town on trying to protect this from unauthorised reverse engineering this. The geofencing was an impressive last gasp touch but no matter how good you are there is always someone better or more determined.

    1. Graham Cobb Silver badge

      Re: Geofencing development

      This reminds me of a colleague (in the early '90s I guess) who participated in the standardisation process for data comms using satellite phones. A rep from another company rather pompously asserted that because the existing satellite phone standards included, as a mandatory requirement, the phone reporting its precise position (using GPS data) that could be used as part of the routing for the data (actually I think it was probably mostly for billing - so the country concerned could get a cut).

      My colleague suggested that as a major market for satellite phones (at the time) were militaries and spies it was unlikely most of the phones would be reporting accurate locations, despite mandatory requirements from the CCITT! He suggested that if they looked at the data they may find that a surprising number of phones are being used at the North Pole. Of course, at that time, it was nation states which were being talked about - I never knew if/when terrorists realised they had to acquire satellite phones which didn't report their location.

      It will be interesting to see if SpaceX geofencing remains unbroken.

    2. Aitor 1

      Re: Geofencing development

      I understand the geofencing.

      They don't want people to use the devices in countries they have no license to operate, as that would make them liable for huge fines.

      Also, it is a beta and they need to make dure they understand where the dishes are, and to determine needs before putting more birds in space.

      Elon commented that they plan to lift the geofencing latter this year.. so it might happen (or not). I still expect them to limit the movement of the fish to a single country/region, for legal reasons.

      1. Alan Brown Silver badge

        Re: Geofencing development

        The primary reason for geofencung right now is to ensure dishes stay more or less where they're expected to be and don't cluster too much in one cell. Beamforming still makes for a big spot from 500-1500km away and right now there are only 920 active birds

        I'm expecting that once tge first shell is fully active (1440 birds) they'll start relaxing restrictions and selling more terminals. There are already that many in orbit but it will take 3 more months or so to get them all in position ( is useful to visualise thjngs)

        There are at least 2 more shells to be built. The sun synchronous set only has a dozen flying so far and these are the only ones with fricking lasers onboard at the moment. The first 2 launches worth are already in the process of being retired and deorbited

        What's more interesting than where ground stations are popping up is seeing where they AREN'T. I think national geofencing will quickly be bypassed by determined individuals without governments being able to really do much about it. (The Internet interprets censorship as damage and routes around it)

  3. Pete 2 Silver badge

    Here's my guess

    > the researchers claim they were able to access a root shell, without adequately explaining how they accomplished it

    login: root

    password: admin

    perhaps? Or if the first attempt didn't get there, how about

    login: elon

    password: musk

    1. Jimmy2Cows Silver badge

      Re: Here's my guess

      login: elon

      password: muskrulez

      1. davidp231

        Re: Here's my guess

        login: elon

        password: bezossucks

    2. mihares

      Re: Here's my guess

      login: joint

      password: joint

      1. gandalfcn Silver badge

        Re: Here's my guess

        login: pedo

        password: elon

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like