Researchers intercept unencrypted satellite traffic from space blabbermouths Geostationary satellites are broadcasting large volumes of unencrypted data to Earth, including private voice calls and text messages as well as consumer internet traffic, researchers have discovered. Scientists at the University of California, San Diego, and the University of Maryland, College Park, say they were able to pick …
Usenet?
Amateurs have been listening in to satellite traffic longer than satellites have been generating traffic.
There are regulars here on ElReg who remember tuning in to Sputnik's lonely "beep, beep, beep ... "
Yes, I know, it wasn't technically named "Sputnik" ... The Press in 1957 was just as ignorant as it is today.
You'll find the poster is very familiar with Sputnik, as VoiceOfTruth and elsergiovolador are Kremlin propaganda accounts. If you imagine what the Russian line of the week is, these bots are posting it. Anti-west sentiment, anti climate-change, pro Russia anti Ukraine, you name, they post it. Day after day, week after week, month after month.
Amazingly, their accounts are still active. El Reg does nothing to block spam accounts, they're just happy of the interaction. Probably why it has all but died after the takeover a long time ago.
I don't, but if I know they're going to be this shoddy, I might find out and take action. For example, if I was on an ISP that routinely did this and was now confirmed as not bothering to encrypt, maybe that would convince me to use a VPN to something with a cabled connection so that the traffic was encrypted during the satellite part. If I determine that something I'm connecting to uses a satellite connection, that's going to be harder but there are still some things I could try. It's not easy and satellite operators shouldn't require their users to do it themselves, but the users aren't powerless.
That's how the internet works. IP traffic isn't encrypted, which is why we have so many encrypted protocols at higher layers. VPN users should already be aware of this. If it's something I control, I can have the VPN endpoint on a private network on both sides so it's only unencrypted on networks I control.
But as for verifying how my traffic is routed after the VPN, there are a lot of things I can do. For one thing, if the primary goal is avoiding satellite links, I'm almost certainly fine because commercial VPNs don't put endpoints on satellite networks. Satellite introduces latency, especially geosync which is the easiest to eavesdrop on. VPNs don't want latency. That's why they put their endpoints near big cities and have big fiber links, because that is easier, cheaper, and gets more customers.
But what if I want to check that? Simple, I can measure the ping time or any other indicator of latency between me and something else. The latency effect of geosync is so large that it is quite easy to measure, so if I'm already using it once, I can quickly determine with a latency test whether my endpoint is now doing two satellite hops. That handles everything except a situation where the thing I'm connecting to also uses a satellite link, which is rare because a lot of servers are also avoiding the high latency links but I handled the what if in my last post.
> But the traffic between the VPN provider
Hold it right there, you are doing it wrong. In this context the VPN is as it was originally intended: You control the endpoints, you control the encryption, you control the whole packet chain from your trusted network in, lets say Stuttgart, Arkansas, USA to Stuttgart, Baden Württemberg, Germany. That is a zero trust setup.
The "VPN provider" you talk about and always appear in youtube ads are not the thing professionals would use. Their service is to obfuscate your IP and fake a different location, which has nothing to do with satellite operators (or at least satellite operators should do it on that professional level). They are those which you have to blindly trust, more or less... You CAN use them as a starting point to add YOUR professional VPN on top though, i.e. you VPN within their VPN.
Let me simplify that for you:
Use a VPN
Do you 100% trust all carriers that might be involved in routing your traffic?
No? Well then you should be encrypting your traffic.
Yes? Well then encrypting your traffic will help normalise encryption, which will be a help for people who do need it, so you should still use a VPN.
A VPN changes literally nothing except the breakout point to the Internet. Even if it did, you’re now fully trusting a dodgy VPN provider rather than a dodgy ISP.
Encrypt your traffic end to end. Unless the VPN breakout is on your network it’s not adding anything. Even if your VPN does break out on your network, end to end encryption is neither hard nor expensive so you still ought to do it otherwise you’re one network issue away from data leaks.
(Btw I’m a non-downvoting, VPN-toting ‘Tard.)
I don’t see ISPs and VPNs as equally untrustworthy.
ISPs are in the business of providing Internet access. That they monetise/share our usage data is pretty much par for the course and presumably limited only by applicable privacy laws.
On the other hand, VPNs are in the privacy business. Take away the privacy and they offer us nothing. So on a very generic level, for privacy I’d trust a VPN more than I trust an ISP.
And at least with established paid-for VPN brands then I am confident that they at least aim to do what they say, e.g. not collecting/retaining my connection data, and they do mostly provide some further info about how their system works.
So yes, I’ll always trust a VPN provider over an ISP.
You speak of a "VPN provider", i.e. one that obfuscates your IP on the net (and a few more things, depending), for which you pay a subscription for, use a login and so on.
We speak of a VPN in its original definition, a Virtual Private Network YOU set up directly, and where YOU control the encryption and everything that goes through it, usually with fixed endpoints. One who uses a satellite surely does not use "NordVPN" or one of those others constantly appearing in youtube ads, they use VPN in their original definition. You don't have to give away trust with a real VPN.
BTW: In the original definition a VPN did not include encryption, that came up when they noticed they had to go via shared medium, like electromagnetic waves, or a long, easy to tap, cable.
I was specifically replying to the comment about trusting a dodgy ISP vs a dodgy VPN provider, clearly nothing to do with homegrown solutions.
In-house stuff can clearly be more trustworthy but trusting a VPN company is pretty much all an end-user pleb like me can do in terms of securing an internet connection.
That comment is technically true, but we were specifically talking about avoiding having clear traffic on the unencrypted satellite ISP while still using it, and a VPN does that. Try to avoid the dodgy ones, possibly by implementing your own. Pointing out other problems doesn't prevent the solution from solving the one we're doing, and as those problems exist no matter what you do with the public internet, bringing them up doesn't really provide any more information.
"all carriers that might be involved in routing your traffic" includes a third-party VPN if you're of the inclination to use one.
But I wrote that comment while thinking about end-to-end connections and therefore the VPN would be a private one within the destination network. (I realise I wasn't clear about that)
I have less than zero trust over commercial VPN providers. What better people to monetise than those who are explicitly seeking privacy? Plus, as you've pointed out, a VPN just shifts the untrust point from your ISP to your VPN provider - it does nothing for anything beyond that.
(I haven't downvoted you)
So instead of your ISP and their upstream having access to your possibly (but hopefully not) unencrypted traffic, with a VPN you give that to the VPN provider, their hosting provider (often small outfits, rarely known and documented), and their ISP and upstream.
How exactly is that an improvement?
What? Is this the 1980? 'cause in the 1990 it all started to go crypto. Hell, even "Netbios LM login" used crypto. Even the first Netware used encrypted PW transfer. And after Snowden everything which was left went crypto (POP3/SMTP encrypted login got enforced, not optional etc). There is really no excuse for such a fail.
The first IETF meeting after Snowdon was quite something. Basically a massive wake up call to encrypt as much as possible with better crypto suites, and mandatory statements on security aspects. There has been significant increases in peer review and oversight which is all very welcome. If you consider the RFC for BOOTP that you could drive a truck through, that would not be allowed today.
But it’s up to everyone to use them.
Or anywhere there is a repeater with test ports.
Traditionally, they were one mile apart, clear across the country. Fiber spread them out a trifle further.
One little known aspect of this kind of digital signalling is that the signal doesn't get amplified at repeaters, it gets regenerated. That means it is read, and then a new copy is generated. The test ports are tapped into the regeneration circuitry. This makes tapping a line easy, with no way of detecting the tap at either end of the conversation. Ostensibly, this is only used to check line conditions ... but as we all know, people are evil. Governments doubly so.
"Traditionally, they were one mile apart, clear across the country. Fiber spread them out a trifle further.
One little known aspect of this kind of digital signalling is that the signal doesn't get amplified at repeaters, it gets regenerated. That means it is read, and then a new copy is generated."
How to tell us you know nothing about carrier grade fibre optics without telling us you know nothing about carrier grade fibre optics.
In my 47 year career as a telco and vendor support engineer I never encountered, or even heard rumour of, any system, analogue or digital, open wire line, copper cable or fiibre that needed amplifiers or regens every mile or so - 60~90km is more typical for optical systems and modern DWDM systems have optical amplifiers, not regens, at those sites. Signals are normally only 'read' at sites where a wavelength is terminated and that can be at spacings of 100's or even 1000's of km apart, depending on the modulation type and FEC in use.
"You never worked on T-carrier stuff?"
Nope - never saw it where I worked (it was mentioned as a curiosity during our training, but that's all).
Regardless, the subject you were making uniformed, or even outright wrong, comments about was fibre optics, not long forgotten PCM systems. Whatever the failings of T-carrier systems, the fact is that current fibre optics can easily go several thousand km without regen - submarine cables are the most obvious example - no submerged regens, just protocol agnostic optical amplifiers all the way. Even the Southern Cross network, which is over 25 years old and is now being overlaid used amplifiers, not regens, between landing stations.
Re-read what I wrote.
I started discussing copper ("traditionally"), then pointed out that fiber later spread things out "a trifle", with typical ElReg commentard understatement. I personally have worked on fiber regen, it does exist, and includes boxen that the Internet runs over to this day.
But that wasn't the point of my comment. My point was that having access to a test port on either line termination equipment, or a repeater (for varying values of repeater) allows someone who knows what they are doing to access the traffic on that line covertly. Nowhere in mine did I make the sweeping statements that you are accusing me of making.
Note that until the late 90s (or thereabouts) virtually all inter-city voice and almost all of the early Internet's Switched56 links were carried over T1 or T3. As was ISDN (not that anybody cared). Later, much of the NSFnet was over T3 lines. This was all copper, with regens every mile or so. Fiber came later. A lot of this T-carrier infrastructure is still in use. It works, and is in place and functioning, so why spend the money to change it.
"How to tell us you know nothing about carrier grade fibre optics without telling us you know nothing about carrier grade fibre optics."
Didn't you get the memo? Jake knows everything about everything. If you look at his earliest comments on this site, it is quite interesting how things have changed...
No, did not miss a thing. For about 20 years, XP/Server 2003 time, even MS recommended the SMB "encrypt and sign every packet", but did not enable it until turned on manually du to CPUs being not so fast at that time. With later OS-es that behaviour was set to "prefer encryption when the other side can".
You can overdo encryption. A standard like AES is essentially unbreakable but nobody attacks the data, the weak point is key distribution and management. So adding another layer of encryption rather than encouraging users to employ end to end encryption is just giving users a false sense of security.
As for phone conversations being in the clear its likely that the bulk of these are not businesses discussing confidential information (which is likely to be encrypted VoIP anyway) but low cost providers' international links (i.e. junk calls and phishing).
The article already clarifies that your supposition is wrong. The unencrypted phone traffic was going to or from local towers on a local network (T-Mobile) where those towers did not have cables for the traffic. So if you're in a remote location and make a traditional voice call, then it was probably sent unencrypted. That's all PSTN voice calls, not just international ones. More sensitive messages do tend to use VOIP platforms which are generally encrypted at least between server and client, but that's not certain at any level and I'm sure there are plenty of businesses still using normal voice calls for something important.
All the remote towers I've come across use terrestrial microwave links. Legacy satellite would have too much latency (and modern LEO systems such as Starlink are both digital and encrypted).
Even if voice traffic was unencrpyted analog it wouldn't be like the old AMPS system where you could just listen into a conversation with a scanner, it would be a time multiplexed digital feed, not IP based.
I wonder if a forgettable, generic-looking man, wearing a forgetrable, generic suit, had a meeting with the T-Mobile president, said, "You would do your country a great service were you to leave these pieces of equipment, which you will install in these locations," (hands the T-Mobile president a sheet of paper printed with the relevant details) "at their default settings* with respect to encryption. In recognition of your efforts, I leave you with this." (hands the T-Mobile president a briefcase containing a governmental Memorandum of Understanding§ and a stack of bearer bonds worth US$1M.)
* the default value being, "OFF".
§ A/k/a a "Get Out of Jail Free Card", or as "Immunity from Prosecution."
That wouldn't make any sense. Anyone connecting via one of those satellite links could be eavesdropped on by anyone, but people connecting any other way wouldn't. Anyone with government-level access would insist that they do encrypt all their satellite communications and their wire communications, but using a key given them by and sending a copy to the official eavesdropper. That way, only they can access the data and it doesn't matter where their target happened to be at the time.
Being serious, given we are talking about a 3G and later mobile operator, we need to question the extent to which the 3GPP specifications - on which all 3G, 4G etc. networks are based - mandate security within the carrier network and not just for the over-the-air phone-to-mast connection.(*).
(*) Aside, remember IEEE802.11/WiFi-Alliance only specifies the over-the-air connection, what comes out of the back of the AP is unspecified and hence typically not encrypted.
>” "We appreciate our collaboration with the security research community, whose work helps reinforce our ongoing commitment to protecting customer data and enhances security across the industry."”
Colaboration implies some level of commercial interest, so does this mean T-Mobile have rewarded the researchers or have thrown a large (7 digit) sum of money at the University of California and the University of Maryland? Or have they gone all Trump and cut funding to “messengers”? ….
"Reg readers will no doubt find this kind of negligence staggering after years of security breaches and warnings about locking down sensitive data."
This one wouldn't.
How many people will not even dare speak the word "Telnet" because it's unencrypted and therefore totally insecure (which, to be sure, it is!!) but stil use a hosting provider that only supports plain FTP for file transfers to and from the hosting space? Hint: A LOT.
Apathy and naivité that are rampant in the field. This is just yet another example of it. Sat operators simply assume that because their payload data goes over a private satlink nobody will have (or bother to get) access to it, right? Because who would do that, right?
During a stint at one of my clients in the 1990s when bandwidth was limited and expensive, I reduced non-work related Internet traffic by 90+%, simply by adding a symlink that exposed the proxy cache, complete with login names, to all and sundry, combined with a minor policy change that made the proxy cache the default homepage for all web browsers. Porn browsing, online gambling and shopping for cheap holiday bookings disappeared overnight. Nobody had realized that a proxy keeps copies (and track) of all web browsing results.
Do you know how your Internet traffic is being routed through the Interweb tubes?
Oops...
This one wouldn't.
I was amazed to get this far down the comments before someone else said it - I am not in the least surprised either. I would imagine a lot of this is "legacy" "it works, c.b.a. looking at it again" stuff - unloved, unfunded for management or updates.
And that's when you consider people who actually have a clue. Once you consider how many people, including business managers, don't have a clue - then it becomes even less of a surprise.
... that exposed the proxy cache, complete with login names ...
That's into BOFH territory. I'd have at least replaced user names with "*"s for a short time to spare the guilty.
Hey, it's "in the clear". All you need is just the right metallic fillings in your teeth and then bite into the co-ax cable from the LNB :-)
I used to work for ‘a leading supplier of satellite cellular backhaul systems. Back around 2016 when the UK was negotiating to replace the (still extant) Airwave system used for emergency services with a 4G network I warned various parties that unless they used true end to end IPSec, not just on certain links that the traffic could be compromised. But guess what - they chose a cheaper but compromised system! Surprise!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
