[NNagain] FCC - delete, delete, delete

Thu Mar 13 22:17:46 EDT 2025

yeah, our space walks to fix outdated satellites isn't easily doable
nor cost efficient.

The parts need to be pluggable, similar to light bulbs. If they need
replacement, just swap them out for the improved version. Or if you
get a flat, buy a new tire (and don't send that car into space in the
first place.)

This approach works well inside buildings.

The fiber cables, plastic holders, and antennas themselves are the
only fixed, long lived parts. Fiber is actually better than copper
w/respect to security.

China is doing this already and we're way behind.

Bob

On Thu, Mar 13, 2025 at 6:38 PM David Bray, PhD <david.a.bray at gmail.com> wrote:
>
> Meanwhile there's Salt Typhoon, Volt Typhoon... also this:
>
> https://spectrum.ieee.org/iridium-satellite
>
> White Hat Hackers Expose Iridium Satellite Security Flaws
>
> Users' locations and texts can be intercepted, including DoD employees
>
> In a recent demonstration, German white hat hackers showed how to intercept text messages sent via the U.S. satellite communication system Iridium and locate users with an accuracy of about 4 kilometers.
>
> The twohackers, known publicly only under the nicknames Sec and Schneider, made the revelations during a presentation at the Chaos Communication Congress in late December in Hamburg, Germany. During the talk, they highlighted severe vulnerabilities in services that tens of thousands of users from the U.S. Department of Defense rely on.
>
> Although the DoD uses a secure gateway to route and encrypt its traffic, the hackers were able to see which devices were connecting via the DoD pathway. That allowed the duo to identify and locate DoD users with an accuracy of about 4 km using a home-assembled eavesdropping kit consisting of a commercially available Iridium antenna, a software-defined radio receiver and a basic computer, such as the Intel N100 mobile CPU or the Raspberry Pi mini-computer.
>
> “We see devices that register with the DoD service center and then we can find their positions from these registrations,” Sec said during the talk. “You don’t have to see the communication from the actual phone to the network, you just see the network’s answer with the position, and you then can map where all the registered devices are.”
>
> Iridium’s Legacy Components Still Cause Problems
>
> The Iridium constellation, first deployed in the late 1990s, is made up of 66 satellites disbursed across six orbital planes roughly 870 km above Earth. The constellation, the first to have provided global commercial satellite communications services, supports satellite telephony and connects pagers, emergency beacons, and Internet of Things devices all over the world. Out of Iridium’s 2.3 million subscribers, 145,000 are U.S. government customers. Iridium receivers are also frequently used by vessels at sea and by aircraft pilots exchanging information with other airplanes and with ground control.
>
> “Back then encryption was not something on everyone’s mind,” Sec said during the presentation. “All the [first generation] Iridium data is unencrypted.”
>
> In response to a request for comment, a spokesperson from Iridium says, “This is old news. The DoD and others encrypt their communications over our network which address the issues this article raises. There is a reason the DoD continues to be such a big customer and we expect that to continue well into the future. We have always allowed others to encrypt their traffic over our network. Our commercial partners have been doing the same for decades, when and where the markets request it.”
>
> Iridium replaced its first-generation fleet with more secure satellites (the second-generation NEXT constellation) between 2017 and 2019. But according to satellite and telecommunications industry analyst Christian von der Ropp, many Iridium devices in use today, including civilian satellite phones, still rely on the first-generation Iridium radio protocol that has no encryption.
>
> “The regular satellite phones that they sell still operate under the old legacy protocol,” says von der Ropp. “If you buy a brand-new civilian Iridium phone, it still operates using the 30-year-old radio protocol, and it is subject to the same vulnerability. So, you can intercept everything. You can listen to the voice calls, you can read SMS, absolutely everything. Out of the box it’s a totally unsecure service.”
>
> Von der Ropp estimates that tens or even hundreds of thousands of Iridium devices in use today rely on the old, unsecured radio protocol.
>
> Hackers Reveal Vulnerabilities in Iridium’s Systems
>
> While the DoD uses an extra layer of encryption to protect the content of its exchanges, other nations’ agencies appear to be less aware of the vulnerabilities. In perhaps the most jaw-dropping moment of the hacking demonstration, Sec revealed a text message exchanged between two employees of the German Foreign Office that he and Schneider were able to intercept.
>
> “I need a good doctor in [Tel Aviv] who can also look at gunshot wounds. Can you send me a number ASAP,” read the message sent by a worker at the Crisis Response Center of the German Foreign Office’s mission in Tel Aviv. The hackers did not reveal when the exchange had taken place.
>
> Using software he and Schneider had created, Sec also showed a map of devices visible in a single moment to their eavesdropping gear located in Munich. Iridium devices as far as London, central Norway and Syria (more than 3,000 km away) could be seen.
>
> “With US $400 worth of equipment and freely available software, you can start right away intercepting Iridium communications in an area with a diameter of hundreds, sometimes even thousands of kilometers,” said von der Ropp, who was present at the demonstration. “The Iridium signal is divided into spot beams that are about 400 km wide. In principle, one should only be able to listen to the spot beam overhead. But the signal is so strong that you can also detect many of the surrounding spot beams, sometimes up to 2,000 km away.”
>
> The DoD, von der Ropp said, is looking for alternatives to Iridium, including Starlink. Still, last year Iridium won a $94 million contract to provide communication services to the U.S. Space Force.
>
> Von der Ropp noted that few Iridium users seemed to be active in Ukraine, suggesting the local forces are potentially aware of Iridium’s shortcomings. The vulnerability of satellite systems and services to disruption and interference by bad actors has become a hot topic since Russia’s invasion of the country three years ago. The widespread cyberattack on the ground infrastructure of satellite communication provider Viasat crippled the Ukrainian forces’ access to satcom services on the eve of the invasion. The incident, which according to analysts was planned by Russian state-backed hackers for months, revealed the weakness of Viasat’s cyber defenses.
>
> Since then, the number of cyberattacks on satcom providers has increased exponentially. Global navigation and positioning satellite systems such as GPS have also been put to the test. Signal jamming is now a regular occurrence even outside conflict zones and instances of sophisticated spoofing attacks, designed to confuse users and send them to wrong locations, are becoming increasingly common.
>
> This story was updated on 14 February 2025 to add a statement from Iridium.
>
>
>
> On Thu, Mar 13, 2025 at 2:36 PM Robert McMahon via Nnagain <nnagain at lists.bufferbloat.net> wrote:
>>
>> My opinions:
>>
>> There should be no more linux kernels in the customer premise with
>> Fi-Wi. 30M lines of code and 11,000 config options is a form of sw
>> bloat that's impossible to secure. Particularly since most noone is
>> getting paid for this work.
>>
>> Reducing the radio head/client (STA) density to near 1/1 and shrinking
>> the cell size will minimize the media access latency. Packet latency
>> can use non queue building techniques so there will be no substantial
>> packet queueing delays. All delay will be distance and speed of
>> photons related per physics & spacetime.
>>
>> Our issue isn't regulators - it's that white collar workers and our
>> leadership haven't engaged the blue collar workers, and we haven't
>> kept advancing our engineering. We need to teach fiber installer
>> businesses how to build these Fi-Wi networks so that our kids get life
>> support and productivity capable networks that can be depended upon.
>>
>> And everyone that adds value needs to be paid somehow. Best done
>> through markets. Fi-Wi creates high paying jobs in the trades for in
>> premise fiber installers.
>>
>> I think we lack vision and leadership, followed by execution. It's not
>> a cult thing like Musk's failed prophecies - it's the real deal that
>> impacts our lives. Low latency will become ubiquitous if we act to our
>> abilities. Waiting on regulators is like Waiting for Godot.
>>
>> Bob
>>
>>
>> On Thu, Mar 13, 2025 at 10:00 AM Frantisek Borsik
>> <frantisek.borsik at gmail.com> wrote:
>> >
>> > Hey Bob,
>> >
>> > I don't think that improving latency is about mandating of a specific algorithm - it's about an improvements to broadband definition.
>> > Broadband that servers the needs of us all today, goes beyond 100/20, it's should include a low latency, low consistent jitter.
>> > Now, what are the right numbers, that's another discussion. But it's a discussion we need to have.
>> > I would certainly let market to decide on the tools/algorithms that will achieve those numbers - be it a Quality of Experience middle box (like LibreQoS, Preseem, Bequand/Cambium Networks QoE, Paraqum or Sandvine), L4S etc.
>> >
>> > As for the other issues that need some love - for example, making vendors to update kernel and provide updates to routers they sold, that's a good thing.
>> >
>> > All the best,
>> >
>> > Frank
>> >
>> > Frantisek (Frank) Borsik
>> >
>> >
>> >
>> > https://www.linkedin.com/in/frantisekborsik
>> >
>> > Signal, Telegram, WhatsApp: +421919416714
>> >
>> > iMessage, mobile: +420775230885
>> >
>> > Skype: casioa5302ca
>> >
>> > frantisek.borsik at gmail.com
>> >
>> >
>> >
>> > On Thu, Mar 13, 2025 at 5:33 PM Robert McMahon via Nnagain <nnagain at lists.bufferbloat.net> wrote:
>> >>
>> >> >
>> >> > As for "what the FCC can do", "dissolve itself" comes to mind. AFAIK, it's been over a decade since they have done anything helpful or useful for any American citizen who isn't the head of a major corporation. If you delete the entire organization, there will be no one around to enforce whatever regs are still on the books so who cares? ... and you'll save another few 10's of millions of dollars annually which will fit nicely in the pockets of the "good folks", aka FODT. 😊😊😊
>> >> >
>> >> I worked with a CA state regulator in a tech support role prior to
>> >> so-called broadband (actually, internet access beyond dial-up MODEMs)
>> >> This was post 1996 telco act, just prior to the dot com bubble. The
>> >> lobbyists at the time disliked having 50 States regulating things.
>> >> They pushed made it so the 5 commissioners on the FCC became the
>> >> primary regulators. Many call this regulatory capture.
>> >>
>> >> Unfortunately, I don't think we can get rid of the FCC. Our utility
>> >> poles are mostly regulated by them as one example.
>> >>
>> >> I also don't think the FCC can mandage any specific AQM algorithm.
>> >> That's a long term disaster in the making for sure. Let network
>> >> engineers and the market battle that out.
>> >>
>> >> Bob
>> >>
>> >> PS. Good to hear from you RR - i hope all is well. I've got a Fi-Wi
>> >> project you may be interested in - not sure.
>> >> _______________________________________________
>> >> Nnagain mailing list
>> >> Nnagain at lists.bufferbloat.net
>> >> https://lists.bufferbloat.net/listinfo/nnagain
>> _______________________________________________
>> Nnagain mailing list
>> Nnagain at lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/nnagain