[NNagain] FCC - delete, delete, delete

[David Bray, PhD]

Meanwhile there's Salt Typhoon, Volt Typhoon... also this:

https://spectrum.ieee.org/iridium-satellite

White Hat Hackers Expose Iridium Satellite Security Flaws

Users' locations and texts can be intercepted, including DoD employees

In a recent demonstration, German white hat hackers
<https://spectrum.ieee.org/tag/hackers> showed how to intercept text
messages sent via the U.S. satellite communication system Iridium
<https://spectrum.ieee.org/tag/iridium> and locate users with an accuracy
of about 4 kilometers.

The twohackers, known publicly only under the nicknames Sec and Schneider,
made the revelations during a presentation at the Chaos Communication
Congress <https://events.ccc.de/congress/2024/infos/index.html> in late
December in Hamburg, Germany <https://spectrum.ieee.org/tag/germany>.
During the talk, they highlighted severe vulnerabilities in services that
tens of thousands of users from the U.S. Department of Defense
<https://spectrum.ieee.org/tag/department-of-defense> rely on.

Although the DoD uses a secure gateway to route and encrypt its traffic,
the hackers were able to see which devices were connecting via the DoD
pathway. That allowed the duo to identify and locate DoD users with an
accuracy of about 4 km using a home-assembled eavesdropping kit consisting
of a commercially available Iridium antenna, a software-defined radio
<https://spectrum.ieee.org/passive-radar-with-sdr> receiver and a basic
computer, such as the Intel <https://spectrum.ieee.org/tag/intel> N100
mobile CPU or the Raspberry Pi <https://spectrum.ieee.org/tag/raspberry-pi>
mini-computer.

“We see devices that register with the DoD service center and then we can
find their positions from these registrations,” Sec said during the talk.
“You don’t have to see the communication from the actual phone to the
network, you just see the network’s answer with the position, and you then
can map where all the registered devices are.”
Iridium’s Legacy Components Still Cause Problems

The Iridium constellation <https://www.iridium.com/network/>, first
deployed in the late 1990s, is made up of 66 satellites
<https://spectrum.ieee.org/tag/satellites> disbursed across six orbital
planes roughly 870 km above Earth. The constellation, the first to have
provided global commercial satellite communications
<https://spectrum.ieee.org/tag/satellite-communications> services, supports
satellite telephony <https://spectrum.ieee.org/tag/telephony> and connects
pagers, emergency beacons, and Internet of Things
<https://spectrum.ieee.org/tag/internet-of-things> devices all over the
world. Out of Iridium’s 2.3 million subscribers, 145,000 are U.S.
government customers. Iridium receivers are also frequently used by vessels
at sea and by aircraft pilots exchanging information with other airplanes
and with ground control.

“Back then encryption <https://spectrum.ieee.org/tag/encryption> was not
something on everyone’s mind,” Sec said during the presentation. “All the
[first generation] Iridium data is unencrypted.”

In response to a request for comment, a spokesperson from Iridium says,
“This is old news. The DoD and others encrypt their communications over our
network which address the issues this article raises. There is a reason the
DoD continues to be such a big customer and we expect that to continue well
into the future. We have always allowed others to encrypt their traffic
over our network. Our commercial partners have been doing the same for
decades, when and where the markets request it.”

Iridium replaced its first-generation fleet with more secure satellites
(the second-generation NEXT constellation
<https://www.iridium.com/blog/iridium-next-review/>) between 2017 and 2019.
But according to satellite and telecommunications industry
<https://spectrum.ieee.org/tag/telecommunications-industry> analyst
Christian von der Ropp, many Iridium devices in use today, including
civilian satellite phones <https://spectrum.ieee.org/tag/satellite-phones>,
still rely on the first-generation Iridium radio protocol that has no
encryption <https://spectrum.ieee.org/fully-homomorphic-encryption>.

“The regular satellite phones that they sell still operate under the old
legacy protocol,” says von der Ropp. “If you buy a brand-new civilian
Iridium phone, it still operates using the 30-year-old radio protocol, and
it is subject to the same vulnerability. So, you can intercept everything.
You can listen to the voice calls, you can read SMS
<https://spectrum.ieee.org/tag/sms>, absolutely everything. Out of the box
it’s a totally unsecure service.”

Von der Ropp estimates that tens or even hundreds of thousands of Iridium
devices in use today rely on the old, unsecured radio protocol.
Hackers Reveal Vulnerabilities in Iridium’s Systems

While the DoD uses an extra layer of encryption to protect the content of
its exchanges, other nations’ agencies appear to be less aware of the
vulnerabilities. In perhaps the most jaw-dropping moment of the hacking
demonstration, Sec revealed a text message exchanged between two employees
of the German Foreign Office that he and Schneider were able to intercept.

“I need a good doctor in [Tel Aviv] who can also look at gunshot wounds.
Can you send me a number ASAP,” read the message sent by a worker at the
Crisis Response Center of the German Foreign Office’s mission in Tel Aviv.
The hackers did not reveal when the exchange had taken place.

Using software he and Schneider had created, Sec also showed a map of
devices visible in a single moment to their eavesdropping gear located in
Munich. Iridium devices as far as London, central Norway
<https://spectrum.ieee.org/tag/norway> and Syria
<https://spectrum.ieee.org/tag/syria> (more than 3,000 km away) could be
seen.

“With US $400 worth of equipment and freely available software, you can
start right away intercepting Iridium communications in an area with a
diameter of hundreds, sometimes even thousands of kilometers,” said von der
Ropp, who was present at the demonstration. “The Iridium signal is divided
into spot beams that are about 400 km wide. In principle, one should only
be able to listen to the spot beam overhead. But the signal is so strong
that you can also detect many of the surrounding spot beams, sometimes up
to 2,000 km away.”

The DoD, von der Ropp said, is looking for alternatives to Iridium,
including Starlink <https://spectrum.ieee.org/tag/starlink>. Still, last
year Iridium won a $94 million contract to provide communication services
to the U.S. Space Force.

Von der Ropp noted that few Iridium users seemed to be active in Ukraine
<https://spectrum.ieee.org/tag/ukraine>, suggesting the local forces are
potentially aware of Iridium’s shortcomings. The vulnerability of satellite
systems and services to disruption and interference by bad actors has
become a hot topic since Russia’s invasion of the country three years ago.
The widespread cyberattack on the ground infrastructure of satellite
communication provider Viasat crippled the Ukrainian forces’ access to
satcom services on the eve of the invasion. The incident, which according
to analysts was planned by Russian state-backed hackers for months,
revealed the weakness of Viasat’s cyber defenses.

Since then, the number of cyberattacks
<https://spectrum.ieee.org/tag/cyberattacks> on satcom providers has
increased exponentially. Global navigation and positioning satellite
systems such as GPS <https://spectrum.ieee.org/tag/gps> have also been put
to the test. Signal jamming <https://spectrum.ieee.org/satellite-jamming>
is now a regular occurrence even outside conflict zones and instances of
sophisticated spoofing attacks
<https://spectrum.ieee.org/gps-spoofing-2670499105>, designed to confuse
users and send them to wrong locations, are becoming increasingly common.

*This story was updated on 14 February 2025 to add a statement from
Iridium.*


On Thu, Mar 13, 2025 at 2:36 PM Robert McMahon via Nnagain <
nnagain at lists.bufferbloat.net> wrote:

> My opinions:
>
> There should be no more linux kernels in the customer premise with
> Fi-Wi. 30M lines of code and 11,000 config options is a form of sw
> bloat that's impossible to secure. Particularly since most noone is
> getting paid for this work.
>
> Reducing the radio head/client (STA) density to near 1/1 and shrinking
> the cell size will minimize the media access latency. Packet latency
> can use non queue building techniques so there will be no substantial
> packet queueing delays. All delay will be distance and speed of
> photons related per physics & spacetime.
>
> Our issue isn't regulators - it's that white collar workers and our
> leadership haven't engaged the blue collar workers, and we haven't
> kept advancing our engineering. We need to teach fiber installer
> businesses how to build these Fi-Wi networks so that our kids get life
> support and productivity capable networks that can be depended upon.
>
> And everyone that adds value needs to be paid somehow. Best done
> through markets. Fi-Wi creates high paying jobs in the trades for in
> premise fiber installers.
>
> I think we lack vision and leadership, followed by execution. It's not
> a cult thing like Musk's failed prophecies - it's the real deal that
> impacts our lives. Low latency will become ubiquitous if we act to our
> abilities. Waiting on regulators is like Waiting for Godot.
>
> Bob
>
>
> On Thu, Mar 13, 2025 at 10:00 AM Frantisek Borsik
> <frantisek.borsik at gmail.com> wrote:
> >
> > Hey Bob,
> >
> > I don't think that improving latency is about mandating of a specific
> algorithm - it's about an improvements to broadband definition.
> > Broadband that servers the needs of us all today, goes beyond 100/20,
> it's should include a low latency, low consistent jitter.
> > Now, what are the right numbers, that's another discussion. But it's a
> discussion we need to have.
> > I would certainly let market to decide on the tools/algorithms that will
> achieve those numbers - be it a Quality of Experience middle box (like
> LibreQoS, Preseem, Bequand/Cambium Networks QoE, Paraqum or Sandvine), L4S
> etc.
> >
> > As for the other issues that need some love - for example, making
> vendors to update kernel and provide updates to routers they sold, that's a
> good thing.
> >
> > All the best,
> >
> > Frank
> >
> > Frantisek (Frank) Borsik
> >
> >
> >
> > https://www.linkedin.com/in/frantisekborsik
> >
> > Signal, Telegram, WhatsApp: +421919416714
> >
> > iMessage, mobile: +420775230885
> >
> > Skype: casioa5302ca
> >
> > frantisek.borsik at gmail.com
> >
> >
> >
> > On Thu, Mar 13, 2025 at 5:33 PM Robert McMahon via Nnagain <
> nnagain at lists.bufferbloat.net> wrote:
> >>
> >> >
> >> > As for "what the FCC can do", "dissolve itself" comes to mind. AFAIK,
> it's been over a decade since they have done anything helpful or useful for
> any American citizen who isn't the head of a major corporation. If you
> delete the entire organization, there will be no one around to enforce
> whatever regs are still on the books so who cares? ... and you'll save
> another few 10's of millions of dollars annually which will fit nicely in
> the pockets of the "good folks", aka FODT. 😊😊😊
> >> >
> >> I worked with a CA state regulator in a tech support role prior to
> >> so-called broadband (actually, internet access beyond dial-up MODEMs)
> >> This was post 1996 telco act, just prior to the dot com bubble. The
> >> lobbyists at the time disliked having 50 States regulating things.
> >> They pushed made it so the 5 commissioners on the FCC became the
> >> primary regulators. Many call this regulatory capture.
> >>
> >> Unfortunately, I don't think we can get rid of the FCC. Our utility
> >> poles are mostly regulated by them as one example.
> >>
> >> I also don't think the FCC can mandage any specific AQM algorithm.
> >> That's a long term disaster in the making for sure. Let network
> >> engineers and the market battle that out.
> >>
> >> Bob
> >>
> >> PS. Good to hear from you RR - i hope all is well. I've got a Fi-Wi
> >> project you may be interested in - not sure.
> >> _______________________________________________
> >> Nnagain mailing list
> >> Nnagain at lists.bufferbloat.net
> >> https://lists.bufferbloat.net/listinfo/nnagain
> _______________________________________________
> Nnagain mailing list
> Nnagain at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/nnagain
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/nnagain/attachments/20250313/34af7480/attachment-0001.html>