From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bobcat.rjmcmahon.com (bobcat.rjmcmahon.com [45.33.58.123]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id D7E053B2A4 for ; Thu, 13 Mar 2025 22:20:35 -0400 (EDT) Received: from mail-oo1-f44.google.com (mail-oo1-f44.google.com [209.85.161.44]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bobcat.rjmcmahon.com (Postfix) with ESMTPSA id 387CF1B274 for ; Thu, 13 Mar 2025 19:20:35 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 bobcat.rjmcmahon.com 387CF1B274 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rjmcmahon.com; s=bobcat; t=1741918835; bh=8+SiX4oCdpTKSVZpdkz8zaBgNmj+WO5S+lLJf8gwy0M=; h=References:In-Reply-To:From:Date:Subject:To:Cc:From; b=NHjn4+nJnisd4MMmKmatQpodZHbBC/jAggihQnNgHObb25Ey+BL93TBQ8ZbvqRh2r NUpusonm1zI4XrfXm8IuyyKahXDi8MNGdX1XBJm93iDEb2iZ9pmkiJG/ap2DEmzz7l 1ICCp+3eG40BsVc4s+IMQ/o/PS3sRJ1GJY0xUpq4= Received: by mail-oo1-f44.google.com with SMTP id 006d021491bc7-5fe9c1c14baso899253eaf.0 for ; Thu, 13 Mar 2025 19:20:35 -0700 (PDT) X-Gm-Message-State: AOJu0YyDD0YWkKhbV9Ng0g6NG6DdcS1xaBCUbFVaBy6kHLaJVp56RpJX zeNYG1wqi02Fa8u7Bkr9+Am4G2IU6ixHXzfQixMi6yLXuptJ//8+N/ik6hjrP4ZN3AhCxzS5LWn wY+DR7ZODTjiNz8dDTb3RhfnQJPs= X-Google-Smtp-Source: AGHT+IFmam2MHXAYaVvbfXnfBo6c8lOZNtjOuOIejUd7cyFDTfwvtJjITYyCoRtVWl7xhrHYOuYZ3fuougGQKdqd1iQ= X-Received: by 2002:a05:6808:2115:b0:3f6:aad5:eaba with SMTP id 5614622812f47-3fdee36f719mr375084b6e.7.1741918834498; Thu, 13 Mar 2025 19:20:34 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Robert McMahon Date: Thu, 13 Mar 2025 19:20:23 -0700 X-Gmail-Original-Message-ID: X-Gm-Features: AQ5f1JrcBcgsrzYwbSn9yw7oP9DtuagAtbkmm0LgoK1onN8OLgqfC30wWSpgXhA Message-ID: To: "David Bray, PhD" Cc: =?UTF-8?Q?Network_Neutrality_is_back=21_Let=C2=B4s_make_the_technical_asp?= =?UTF-8?Q?ects_heard_this_time=21?= , Frantisek Borsik Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [NNagain] FCC - delete, delete, delete X-BeenThere: nnagain@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: =?utf-8?q?Network_Neutrality_is_back!_Let=C2=B4s_make_the_technical_aspects_heard_this_time!?= List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Mar 2025 02:20:36 -0000 On Thu, Mar 13, 2025 at 7:17=E2=80=AFPM Robert McMahon wrote: > > yeah, our space walks to fix outdated satellites isn't easily doable > nor cost efficient. > > The parts need to be pluggable, similar to light bulbs. If they need > replacement, just swap them out for the improved version. Or if you > get a flat, buy a new tire (and don't send that car into space in the > first place.) > > This approach works well inside buildings. > > The fiber cables, plastic holders, and antennas themselves are the > only fixed, long lived parts. Fiber is actually better than copper > w/respect to security. > > China is doing this already and we're way behind. > > Bob > > On Thu, Mar 13, 2025 at 6:38=E2=80=AFPM David Bray, PhD wrote: > > > > Meanwhile there's Salt Typhoon, Volt Typhoon... also this: > > > > https://spectrum.ieee.org/iridium-satellite > > > > White Hat Hackers Expose Iridium Satellite Security Flaws > > > > Users' locations and texts can be intercepted, including DoD employees > > > > In a recent demonstration, German white hat hackers showed how to inter= cept text messages sent via the U.S. satellite communication system Iridium= and locate users with an accuracy of about 4 kilometers. > > > > The twohackers, known publicly only under the nicknames Sec and Schneid= er, made the revelations during a presentation at the Chaos Communication C= ongress in late December in Hamburg, Germany. During the talk, they highlig= hted severe vulnerabilities in services that tens of thousands of users fro= m the U.S. Department of Defense rely on. > > > > Although the DoD uses a secure gateway to route and encrypt its traffic= , the hackers were able to see which devices were connecting via the DoD pa= thway. That allowed the duo to identify and locate DoD users with an accura= cy of about 4 km using a home-assembled eavesdropping kit consisting of a c= ommercially available Iridium antenna, a software-defined radio receiver an= d a basic computer, such as the Intel N100 mobile CPU or the Raspberry Pi m= ini-computer. > > > > =E2=80=9CWe see devices that register with the DoD service center and t= hen we can find their positions from these registrations,=E2=80=9D Sec said= during the talk. =E2=80=9CYou don=E2=80=99t have to see the communication = from the actual phone to the network, you just see the network=E2=80=99s an= swer with the position, and you then can map where all the registered devic= es are.=E2=80=9D > > > > Iridium=E2=80=99s Legacy Components Still Cause Problems > > > > The Iridium constellation, first deployed in the late 1990s, is made up= of 66 satellites disbursed across six orbital planes roughly 870 km above = Earth. The constellation, the first to have provided global commercial sate= llite communications services, supports satellite telephony and connects pa= gers, emergency beacons, and Internet of Things devices all over the world.= Out of Iridium=E2=80=99s 2.3 million subscribers, 145,000 are U.S. governm= ent customers. Iridium receivers are also frequently used by vessels at sea= and by aircraft pilots exchanging information with other airplanes and wit= h ground control. > > > > =E2=80=9CBack then encryption was not something on everyone=E2=80=99s m= ind,=E2=80=9D Sec said during the presentation. =E2=80=9CAll the [first gen= eration] Iridium data is unencrypted.=E2=80=9D > > > > In response to a request for comment, a spokesperson from Iridium says,= =E2=80=9CThis is old news. The DoD and others encrypt their communications= over our network which address the issues this article raises. There is a = reason the DoD continues to be such a big customer and we expect that to co= ntinue well into the future. We have always allowed others to encrypt their= traffic over our network. Our commercial partners have been doing the same= for decades, when and where the markets request it.=E2=80=9D > > > > Iridium replaced its first-generation fleet with more secure satellites= (the second-generation NEXT constellation) between 2017 and 2019. But acco= rding to satellite and telecommunications industry analyst Christian von de= r Ropp, many Iridium devices in use today, including civilian satellite pho= nes, still rely on the first-generation Iridium radio protocol that has no = encryption. > > > > =E2=80=9CThe regular satellite phones that they sell still operate unde= r the old legacy protocol,=E2=80=9D says von der Ropp. =E2=80=9CIf you buy = a brand-new civilian Iridium phone, it still operates using the 30-year-old= radio protocol, and it is subject to the same vulnerability. So, you can i= ntercept everything. You can listen to the voice calls, you can read SMS, a= bsolutely everything. Out of the box it=E2=80=99s a totally unsecure servic= e.=E2=80=9D > > > > Von der Ropp estimates that tens or even hundreds of thousands of Iridi= um devices in use today rely on the old, unsecured radio protocol. > > > > Hackers Reveal Vulnerabilities in Iridium=E2=80=99s Systems > > > > While the DoD uses an extra layer of encryption to protect the content = of its exchanges, other nations=E2=80=99 agencies appear to be less aware o= f the vulnerabilities. In perhaps the most jaw-dropping moment of the hacki= ng demonstration, Sec revealed a text message exchanged between two employe= es of the German Foreign Office that he and Schneider were able to intercep= t. > > > > =E2=80=9CI need a good doctor in [Tel Aviv] who can also look at gunsho= t wounds. Can you send me a number ASAP,=E2=80=9D read the message sent by = a worker at the Crisis Response Center of the German Foreign Office=E2=80= =99s mission in Tel Aviv. The hackers did not reveal when the exchange had = taken place. > > > > Using software he and Schneider had created, Sec also showed a map of d= evices visible in a single moment to their eavesdropping gear located in Mu= nich. Iridium devices as far as London, central Norway and Syria (more than= 3,000 km away) could be seen. > > > > =E2=80=9CWith US $400 worth of equipment and freely available software,= you can start right away intercepting Iridium communications in an area wi= th a diameter of hundreds, sometimes even thousands of kilometers,=E2=80=9D= said von der Ropp, who was present at the demonstration. =E2=80=9CThe Irid= ium signal is divided into spot beams that are about 400 km wide. In princi= ple, one should only be able to listen to the spot beam overhead. But the s= ignal is so strong that you can also detect many of the surrounding spot be= ams, sometimes up to 2,000 km away.=E2=80=9D > > > > The DoD, von der Ropp said, is looking for alternatives to Iridium, inc= luding Starlink. Still, last year Iridium won a $94 million contract to pro= vide communication services to the U.S. Space Force. > > > > Von der Ropp noted that few Iridium users seemed to be active in Ukrain= e, suggesting the local forces are potentially aware of Iridium=E2=80=99s s= hortcomings. The vulnerability of satellite systems and services to disrupt= ion and interference by bad actors has become a hot topic since Russia=E2= =80=99s invasion of the country three years ago. The widespread cyberattack= on the ground infrastructure of satellite communication provider Viasat cr= ippled the Ukrainian forces=E2=80=99 access to satcom services on the eve o= f the invasion. The incident, which according to analysts was planned by Ru= ssian state-backed hackers for months, revealed the weakness of Viasat=E2= =80=99s cyber defenses. > > > > Since then, the number of cyberattacks on satcom providers has increase= d exponentially. Global navigation and positioning satellite systems such a= s GPS have also been put to the test. Signal jamming is now a regular occur= rence even outside conflict zones and instances of sophisticated spoofing a= ttacks, designed to confuse users and send them to wrong locations, are bec= oming increasingly common. > > > > This story was updated on 14 February 2025 to add a statement from Irid= ium. > > > > > > > > On Thu, Mar 13, 2025 at 2:36=E2=80=AFPM Robert McMahon via Nnagain wrote: > >> > >> My opinions: > >> > >> There should be no more linux kernels in the customer premise with > >> Fi-Wi. 30M lines of code and 11,000 config options is a form of sw > >> bloat that's impossible to secure. Particularly since most noone is > >> getting paid for this work. > >> > >> Reducing the radio head/client (STA) density to near 1/1 and shrinking > >> the cell size will minimize the media access latency. Packet latency > >> can use non queue building techniques so there will be no substantial > >> packet queueing delays. All delay will be distance and speed of > >> photons related per physics & spacetime. > >> > >> Our issue isn't regulators - it's that white collar workers and our > >> leadership haven't engaged the blue collar workers, and we haven't > >> kept advancing our engineering. We need to teach fiber installer > >> businesses how to build these Fi-Wi networks so that our kids get life > >> support and productivity capable networks that can be depended upon. > >> > >> And everyone that adds value needs to be paid somehow. Best done > >> through markets. Fi-Wi creates high paying jobs in the trades for in > >> premise fiber installers. > >> > >> I think we lack vision and leadership, followed by execution. It's not > >> a cult thing like Musk's failed prophecies - it's the real deal that > >> impacts our lives. Low latency will become ubiquitous if we act to our > >> abilities. Waiting on regulators is like Waiting for Godot. > >> > >> Bob > >> > >> > >> On Thu, Mar 13, 2025 at 10:00=E2=80=AFAM Frantisek Borsik > >> wrote: > >> > > >> > Hey Bob, > >> > > >> > I don't think that improving latency is about mandating of a specifi= c algorithm - it's about an improvements to broadband definition. > >> > Broadband that servers the needs of us all today, goes beyond 100/20= , it's should include a low latency, low consistent jitter. > >> > Now, what are the right numbers, that's another discussion. But it's= a discussion we need to have. > >> > I would certainly let market to decide on the tools/algorithms that = will achieve those numbers - be it a Quality of Experience middle box (like= LibreQoS, Preseem, Bequand/Cambium Networks QoE, Paraqum or Sandvine), L4S= etc. > >> > > >> > As for the other issues that need some love - for example, making ve= ndors to update kernel and provide updates to routers they sold, that's a g= ood thing. > >> > > >> > All the best, > >> > > >> > Frank > >> > > >> > Frantisek (Frank) Borsik > >> > > >> > > >> > > >> > https://www.linkedin.com/in/frantisekborsik > >> > > >> > Signal, Telegram, WhatsApp: +421919416714 > >> > > >> > iMessage, mobile: +420775230885 > >> > > >> > Skype: casioa5302ca > >> > > >> > frantisek.borsik@gmail.com > >> > > >> > > >> > > >> > On Thu, Mar 13, 2025 at 5:33=E2=80=AFPM Robert McMahon via Nnagain <= nnagain@lists.bufferbloat.net> wrote: > >> >> > >> >> > > >> >> > As for "what the FCC can do", "dissolve itself" comes to mind. AF= AIK, it's been over a decade since they have done anything helpful or usefu= l for any American citizen who isn't the head of a major corporation. If yo= u delete the entire organization, there will be no one around to enforce wh= atever regs are still on the books so who cares? ... and you'll save anothe= r few 10's of millions of dollars annually which will fit nicely in the poc= kets of the "good folks", aka FODT. =F0=9F=98=8A=F0=9F=98=8A=F0=9F=98=8A > >> >> > > >> >> I worked with a CA state regulator in a tech support role prior to > >> >> so-called broadband (actually, internet access beyond dial-up MODEM= s) > >> >> This was post 1996 telco act, just prior to the dot com bubble. The > >> >> lobbyists at the time disliked having 50 States regulating things. > >> >> They pushed made it so the 5 commissioners on the FCC became the > >> >> primary regulators. Many call this regulatory capture. > >> >> > >> >> Unfortunately, I don't think we can get rid of the FCC. Our utility > >> >> poles are mostly regulated by them as one example. > >> >> > >> >> I also don't think the FCC can mandage any specific AQM algorithm. > >> >> That's a long term disaster in the making for sure. Let network > >> >> engineers and the market battle that out. > >> >> > >> >> Bob > >> >> > >> >> PS. Good to hear from you RR - i hope all is well. I've got a Fi-Wi > >> >> project you may be interested in - not sure. > >> >> _______________________________________________ > >> >> Nnagain mailing list > >> >> Nnagain@lists.bufferbloat.net > >> >> https://lists.bufferbloat.net/listinfo/nnagain > >> _______________________________________________ > >> Nnagain mailing list > >> Nnagain@lists.bufferbloat.net > >> https://lists.bufferbloat.net/listinfo/nnagain