this post was submitted on 27 Oct 2025
95 points (99.0% liked)

Technology

76415 readers
3488 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
95
Satellite Snooping Reveals Sensitive Unencrypted Data (hackaday.com)
submitted 2 days ago by mesamunefire@piefed.social to c/technology@lemmy.world
8 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] specialwall@midwest.social 15 points 2 days ago (4 children)

What confuses me is what they mean by "corporate VPN data containing unencrypted login details." Unless the VPN server connects to the backend servers with unencrypted traffic through these satellites (which definitely should not happen) then this should not be possible.

[–] FauxLiving@lemmy.world 9 points 2 days ago

From, the paper: https://satcom.sysnet.ucsd.edu/docs/dontlookup_ccs25_fullpaper.pdf

Geosynchronous (GEO) satellite links provide IP backhaul to remote critical infrastructure for utilities, telecom, government, military, and commercial users [...]

There are thousands of GEO network links in operation today, carried by 590 GEO satellites orbiting Earth. Each satellite may carry traffic for dozens of independent networks through an array of on-board transponders, each covering a diameter of thousands of kilometers (at most a third of Earth’s surface). GEO IP links are established by leasing time on a transponder and aiming dishes for Earth-based terminals and hubs at that transponder. The ecosystem of equipment to support IP-based GEO links is mature and heterogeneous: at least 10 different vendors sell terminal and hub systems that each use their own proprietary protocol stacks to provide GEO networking.

These companies are leasing these satellite links for various purposes and then transmitting their network data over the links with no encryption. You can, for about $600 and some software (https://github.com/ucsdsysnet/dontlookup) read this data.

The researchers discovered data from US Military, Walmart-Mexico, AT&T, Government of Mexico, TelMex, Grupo Santander, Intelsat, Panasonic Avionics, WiBo, KPU. The researchers disclosed the vulnerability to all of these entities between 2024 and 2025.

Someone (I don't know who but T-Mobile is the only cellular carrier in their list...) was transmitting call and text data, in plaintext:

When we unexpectedly discovered unencrypted voice and SMS communications in our data, we ceased collection on those transpon- ders, encrypted the relevant data, and consulted again with our lawyers, who helped facilitate disclosure with affected vendors.

[–] PancakesCantKillMe@lemmy.world 8 points 2 days ago

Yah, I am sure there is a ton of unencrypted data of some form flowing, but anything end-to-end encrypted would be unreadable.

[–] AbidanYre@lemmy.world 5 points 2 days ago (1 children)

Is it even possible to configure something like wireguard so incorrectly that it's unencrypted?

[–] WhyJiffie@sh.itjust.works 7 points 2 days ago (1 children)

I guess lots of companies still use some ancient proprietary thing

[–] naticus@lemmy.world 8 points 2 days ago

I mean US hospitals still use fax machines and banks use OTP over SMS, so all things are possible I guess.

[–] mjr@infosec.pub 5 points 2 days ago (1 children)

It reads like "definitely should not happen" was indeed happening!

I wonder if some techs got a basic unencrypted test working, then a pointy haired boss moved them on to another project and it got deployed into use with no-one setting up the encryption.

[–] MonkderVierte@lemmy.zip 1 points 2 days ago

More likely "encryption in satellites is expensive, so let's not do that. Pennies saved on my quarterly report, yay!".