[Starlink] Starlink Security Find

[Starlink] Starlink Security Find

[Jonathan Bennett]

[-- Attachment #1: Type: text/plain, Size: 193 bytes --]

Thought you guys might appreciate this. A traceroute lead to a Starlink bug
bounty.
https://hackaday.com/2021/12/17/this-week-in-security-log4j-pdf-cpu-and-i-hack-starlink/

--Jonathan Bennett

[-- Attachment #2: Type: text/html, Size: 366 bytes --]

Re: [Starlink] Starlink Security Find

[Dave Taht]

Nice work, Jonathan! You buried the lede... A lot simpler than the
other two bugs you discussed, either one of which has me inclined to
log out permanently and head to mexico. Why do we get all these
security vulns at christmas? I lost a christmas to spectre, another to
a mips fpu bug, another to the ping of death - I remember how I spent
those christmases far more clearly than the actual "fun" ones.

Also nice to see the 28ms RTT between you and your friend. Care to try
a few flent tests between you? or to the internet?

Over here I've been doing some pretty extensive tests of my starlink
test cloud, from a dsl and a cable modem, the cake rtt_fair results
(from dallas to sydney) were to die for:
https://forum.mikrotik.com/viewtopic.php?p=898777#p898627

On Fri, Dec 17, 2021 at 7:47 AM Jonathan Bennett
<jonathanbennett@hackaday.com> wrote:
>
> Thought you guys might appreciate this. A traceroute lead to a Starlink bug bounty. https://hackaday.com/2021/12/17/this-week-in-security-log4j-pdf-cpu-and-i-hack-starlink/
>
> --Jonathan Bennett
> _______________________________________________
> Starlink mailing list
> Starlink@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/starlink



-- 
I tried to build a better future, a few times:
https://wayforward.archive.org/?site=https%3A%2F%2Fwww.icei.org

Dave Täht CEO, TekLibre, LLC

Re: [Starlink] Starlink Security Find

[David Lang]

[-- Attachment #1: Type: text/plain, Size: 2107 bytes --]

FYI, I received an email from starlink tuesday that I could finally get my dish 
shipped, so it's on it's way (southern california)

This will be the third Internet link to my house (when I don't use it as a 
remote connection) so it's fair game for experimentation.

David Lang

On Fri, 17 Dec 2021, Dave Taht wrote:

> Date: Fri, 17 Dec 2021 08:04:32 -0800
> From: Dave Taht <dave.taht@gmail.com>
> To: Jonathan Bennett <jonathanbennett@hackaday.com>
> Cc: starlink@lists.bufferbloat.net
> Subject: Re: [Starlink] Starlink Security Find
> 
> Nice work, Jonathan! You buried the lede... A lot simpler than the
> other two bugs you discussed, either one of which has me inclined to
> log out permanently and head to mexico. Why do we get all these
> security vulns at christmas? I lost a christmas to spectre, another to
> a mips fpu bug, another to the ping of death - I remember how I spent
> those christmases far more clearly than the actual "fun" ones.
>
> Also nice to see the 28ms RTT between you and your friend. Care to try
> a few flent tests between you? or to the internet?
>
> Over here I've been doing some pretty extensive tests of my starlink
> test cloud, from a dsl and a cable modem, the cake rtt_fair results
> (from dallas to sydney) were to die for:
> https://forum.mikrotik.com/viewtopic.php?p=898777#p898627
>
> On Fri, Dec 17, 2021 at 7:47 AM Jonathan Bennett
> <jonathanbennett@hackaday.com> wrote:
>>
>> Thought you guys might appreciate this. A traceroute lead to a Starlink bug bounty. https://hackaday.com/2021/12/17/this-week-in-security-log4j-pdf-cpu-and-i-hack-starlink/
>>
>> --Jonathan Bennett
>> _______________________________________________
>> Starlink mailing list
>> Starlink@lists.bufferbloat.net
>> https://lists.bufferbloat.net/listinfo/starlink
>
>
>
> -- 
> I tried to build a better future, a few times:
> https://wayforward.archive.org/?site=https%3A%2F%2Fwww.icei.org
>
> Dave Täht CEO, TekLibre, LLC
> _______________________________________________
> Starlink mailing list
> Starlink@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/starlink