In the same way that me turning off secure boot on my desktop means free Netflix for everyone and we should shut down Comcast until there's a fix.

This is a cool attack, but (so far) no more than that. I'd expect that the SpaceX security team is over there putting in some glitch resistant compares at the moment, assuming they haven't already.

Yeah it's quite the opposite actually. Taken from the excellent preso linked above:

"""

• This is a well-designed product (from a security standpoint)

• No obvious (to me) low-hanging fruit

• In contrast to many other devices getting a root shell was challenging

• And a root shell does not immediately lead to an attack that scales

"""

> meaning everyone of those floating satellites needs to be brought back down and modified

Don’t they have a fairly short operational lifetime, thanks to increased drag from being in LEO? IIRC it’s around 5 years. I believe that’s part of the reason for the high launch cadence. Worst case they just limp along with what they’ve got until they’re all replaced with new satellites.

Uh, why though?

This demonstrates that a determined attacker can get access to the software running on their own personal terminal. That's like a determined attacker being able to get access to their own personal router. It sounds like strictly a good thing and with how many satellite internet companies are coming online we will hopefully see some common hardware devices that users have full access to along with some custom firmware that folks can run on them.

This has almost nothing to do with the security of the satellite constellation itself.

Where it would be problematic is if it's trivial to do this to someone else's terminal.

Like jailbreaking your iPhone

What are you on about. This has nothing to do with the satellites, not can this hardware mod ever be used to affects the hardware in orbit.

That's not necessarily true. Hacking the ground station means in all likelihood getting access to low level protocols between the ground station and satellite, which potentially means getting the ability to affect the satellites. Not a sure thing, but if I wanted to attack a StarLink satellite, this would be a solid first step in doing so.

The researcher mentions that in the article.

Do you write a comment like that every time someone roots a cable modem too? That seems a little over the top.

This is an exploit of the base station device. It seems that it might be used to grant access for which the owner hadn't paid, but that's also something that can be trivially patched around at the routing level ("sure, it's a valid base station, but if it's not on the list of paying customers it doesn't get packets"). It doesn't seem like there's a broader exploit against the network at all, beyond allowing the thing to attempt a DoS attack (something that is also always possible with jamming hardware, but very difficult in practice given the number of satellits).

Should be possible to DoS your area in the footprint, so everyone within a few hundred kilometers around you?

A phased array helps but you could also have a heliostat-type setup that tracks the satellite.

Realistically, I think it's funded in large parts by U.S. government grants to provide affordable internet to rural areas.

https://www.cnbc.com/2020/12/07/spacex-starlink-wins-nearly-...

Of course though, I'm not sure what the status on that is today. Looks like they may not be able to ride that train anymore:

https://www.reuters.com/world/us/us-rejects-broadband-subsid...

That was never considered a large part of the funding. That would simply have been some additional income over the next decade. And its not happening now anyway.

And given the limited capacity, they might as well use that capacity for other costumers.

> On the bright side, this means free internet outdoors in many remote parts of the world will be possible and funded by loyal Elon Musk fans ;)

I don’t believe they are that stupid as to delegate access control to the client.