Hacker News new | past | comments | ask | show | jobs | submit login
Starlink User Terminal Modchip (github.com/kuleuven-cosic)
255 points by picture 79 days ago | hide | past | favorite | 100 comments

For those wanting to explore and learn about this type of hardware attack, check out a relatively new book published by "No Starch Press" called "The Hardware Hacking Handbook" [1].

Play around with fault injection and differential power analysis with easy to obtain hardware such as a Raspberry Pi.

[1] https://nostarch.com/hardwarehacking

>easy to obtain hardware such as a Raspberry Pi


I was surprised to learn that there is an actual shortage regarding RPis... I remember the days we were hording these things. "Maybe I have an idea some day, so I better buy two of them." was the motto. Wild days to remember.

I ordered one in April. Hasn't arrived yet...

I'm not familiar with that book, but if the RPi is used to send or receive data over gpio, serial, parallel, i2c, ethernet etc. then the functions can be replicated pretty much on every SBC out there.

Many projects/articles/books use the Raspberry Pi just because it's the most popular and the name alone attracts users/readers/buyers, but, as with many other projects, almost all can be adapted with minimal changes to work using other easily available, and often also a lot cheaper, boards.

The comment you're replying to was making a joke about the claim that a Raspberry Pi is "easy to obtain", which has not been the case in a long time due to shortages.

The one you're replying to was making the point that although Raspberry Pis may no longer be easy to obtain there are plenty of similar devices on the market.

Yeah, I completely misread it.

RPi tends to be the cheapest ARM SBC so many users don't/won't look beyond it.

> RPi tends to be the cheapest ARM SBC

Not true. It surely was many years ago when it was introduced, but other manufacturers caught up quickly and now you have plenty of alternatives. Also, don't mistake the RPi Pico with other models; the Pico is a really nice product (probably the most innovative one since the 1st RPi) but plays more in the Arduino field rather than with other Raspberries. It can't run Linux for example.

Here are some prices of boards one can actually buy. All in stock (often hundreds of pieces available for each model), most cheaper than the Raspberry Pi models and all can run Linux.














And many others.

They forgot to mention its a Pi Pico, the microcontroller. Those are not hard to find.

I don't think Hardware Hacker’s Handbook uses the Pico (don't have a copy in front of me) but it definitely uses a Pi 3+ as a demo target.

The w version is a bit harder to find but not by much

What are the potential uses of this? Is it more about exploring how the user terminal works, or is it about enabling new features somehow on the user terminal?

Given that Starlink user terminals can obviously also transmit data, maybe you can make a point to point connection between user terminals over hundreds of kilometers (given line of sight, so realistically much much less). Make a mesh network that way.

Are the Rx/tx protocols really that symmetrical that an UT can receive and decode transmission from another UT? Since for cellular networks that is definitely not the case.

I'd assume that is not symmetrical. But if you can run your own software, does that matter?

If the Phy on one terminal isn't capable of receiving anything the Phy on the other terminal can transmit then all the software in the world won't help there. If the frequency bands for Tx and Rx don't overlap then you're out of luck.

Depends on how much of the stack is implemented in software and how much in fixed-function silicon.

Is there any health implications to this?

Why would there be?

Starlink emits non-iodizing radiation.

I mean, yes, but that doesn't automatically make it safe. You know cellphone mast antennas? They also emit non-ionizing radiation yet you do NOT want to stand near one when it's working - radio burns are no joke.

I don't know if starlink has enough power to cause damage - but regardless, there's a good chance this wouldn't be legal as the device isn't certified to broadcast this way and would fall afoul of regulations.

We are talking kW output effect vs mW for a Starkink UT.

But then again: IIRC, Starlink is much more focused so power per unit square might be equivalent perhaps? It needs to get to space with a good enough SNR.

The phasing of the array might also amplify the harmful effect, I'd say. But I'm very much not an RF engineer.

The starlink antenna is not very complicated and way less focused than what a modern 4G, LTE, 5G antenna use.

As an example, the latest antennas from Ericsson supports 2000 elements, which allow very narrow beamforming and target tracking (that is phase controlled movement of main beam to track individual phones).


The starlink antenna is basically a parabolic antenna that tracks the target using motors to change the angle.

Of course, my point is just that saying "it's non-ionizing radiation" isn't a magical rule that makes it safe. You can absolutely have dangerous or even lethal levels of non ionizing radiation too. (I think I should have used a simpler example - your microwave uses non-ionizing radiation too, yet would most definitely burn you if you put your hand inside it).

The microwave is also generating many hundreds of Watts, up to kW of radio waves, a bit like the mobile base station. In slightly different frequencies. It is still several orders of magnitude less than what Starlink emits from the antenna.

There's a formula for safe distance due to the heating effects that you have to be familiar with if you want an amateur radio license. There are some funny issues there, for example certain body parts being resonant to certain frequencies.

What's the wavelength range for burning away those pesky sinus cavity infections?

radio burns are no joke.

No kidding! I'll never call in to my town's talkshow again. That DJ sucks.

Nah, unless this mod somehow boosted beyond what it transmits to the sats, it’s safe. It would require a scary sticker otherwise.

I don’t think malice was intended but your response seems shaming. Try instead thinking why others might not know something you consider to be obvious.


To be fair, the radiation is also non-iodizing!

So it does not need to carry the FDA's fake warning label?

Radioactive decay emits neurons with enough energy to strip electrons from molecules that it shoots through.

This is how it can tear apart DNA, which would chemically react after impact/ion generation (stripped electrons), and cause cancer.

I'm pretty sure no radioactive decay has ever been observed emitting a neuron (a brain cell), though you probably mean "neutron", which would be correct.

I was only making a joke - "iodizing" radiation would be radiation that causes something to react with iodine, which no known form of radiation would. The GP meant "ionizing" radiation, which is what you are describing as well.

Now that you mention it, I suppose it's possible for ionizing radiation to cause something to react with iodine, making it "iodizing" radiation as well.

Either way, radio waves are non-ionizing radiation. To the extent that they can create problems in the human body, they will do it by causing heating (like microwaves), not by stripping off electrons to create ions (and certainly not by forcing other molecules to react with iodine).

Probably non-iodizing too.

Well, yes, in that you would be arrested.

You can replace the OS that it runs with one of your own (that's not signed by Starlink keys).

You could, for example, modify the root filesystem to allow you to ssh into it, or query it with SNMP, or perhaps report a different GPS location to its APIs (instead of the one it's actually at).

I'd personally like my Starlink to use its real GPS for calculating which satellites it needs to talk to, but only report a truncated (or no) location to HQ, so that SpaceX doesn't have my meter-resolution location every time I'm online.

I imagine there are some Ukranian soldiers who feel the same way.

> I'd personally like my Starlink to use its real GPS for calculating which satellites it needs to talk to, but only report a truncated (or no) location to HQ, so that SpaceX doesn't have my meter-resolution location every time I'm online.

That’s actually what it does by default. Unless specifically activated for debugging reasons, the terminal does not send its lat/lon, so the most they know is what cell you are in (~10km-ish resolution)

I’m curious about how one would go about confirming this information. Did you learn this from a dump of the dish’s filesystem?

My email is in my profile if you want to share details privately.

> I imagine there are some Ukranian soldiers who feel the same way.

I imagine there are russian soldiers who even more think the same way... Putting the GPS location to be a few miles over in enemy territory would be a good way to make the dish work when it's geofenced.

Russian intel would be very grateful for the possibility to hack into terminals used by Ukrainian troops.

By having physical access to the terminal? What would be the use case for that?

wild guess: spies compromise terminals before it is given to troops, take tactical advantage of live GPS and maybe MITM them later?

Traffic interception.

So they steal the user terminals, give them back to the Ukrainian soldiers, then intercept their (probably TLS encrypted) traffic, and then send that information back to themselves?

I wish I had time and energy for projects like this. Like the olden days.

How do you keep this curiosity alive into adulthood?

I know several people who accomplish great things in their spare time. The common theme is that those projects are their entertainment. They get off work and can't wait to go work on their projects. They go to bed on Friday night excited to have time on the weekend to work on their stuff.

On the other end of the spectrum, I've mentored college grads for a while who would always complain that they never had time to do anything. I'd often ask them to open up the screen time report on their phone and they'd be shocked to discover they were spending 4 hours per day on Reddit or Netflix or something.

You have to choose to make things a priority. It's fine if you just want to relax in your spare time, of course, but the key is to be deliberate about those choices rather than letting the flow of entertainment media carry you away.

It's so easy to get trapped in a local minima when with just a little effort you can have a much better time. I got so much happier when I made a conscious effort to play videogames instead of doomscrolling.

I think this is key.

If you see it as another project, and then you see other things as entertainment and the things you do to relax, it feels like there isn't enough time.

I always envy those people that find true entertainment and enjoyment in active activities like this, instead of just passive entertainment to "rest".

I'm not big on motivational but this one from Arnold Schwarzenegger resonated with me and still does. You have so many hours in the day, it's what you use them for that makes a difference https://www.youtube.com/watch?v=1bumPyvzCyo

Along the same vein there is that concept that there is no such thing as being "too busy". Anytime you want to say it, you can instead replace "I'm too busy" with "It is not a priority".

this is a good tip. I'll keep that in mind

How do these people have the energy for full time jobs, hobbies, and a family? One of those at 100% for 6-8 hours and I’ma zombie.

If you have a "typical" family with two young children (say <10 years old) the reality is that you would be sacrificing your time with them to spend on your hobbies. Each day only has 24 hours and this applies for _everybody_.

Assume your kids are going to school and the parents go to work. Then the only time when everyone converges at home is ~4 to 5 hours between 4 and 9pm. This is the time slot when you have dinner together, bathe, do homework, go to the playground, do sports, do house chores, go grocery shopping, etc. By the time you are done putting them to bed you are exhausted and there's still house chores to do for the adults, tidying up for the next day, preparing school activities, etc. And you have not been able to spend quality time with your partner yet.

This is just reality. You can't get around it. You may me able to squeeze extra hours from here or there, such as by not sleeping 8hrs, but most people can't do that consistently.

Therefore, if you are in the above situation then it's incredibly difficult to spend time on hobbies, no matter how motivated you are, because it is a question of time, not motivation. So don't feel bad if you prioritize spending time with your children for now because this time won't ever come back. You can always start a new hobby but you can't always take your child to the playground.

As they grow older you might be able to align your interests with them and spend quality time together, but even then you have to align yourself more to what they want than viceversa. You won't be modding a Starlink terminal with your child and have him remain interested and engaged the whole time. But together you might build a cool world in Minecraft or whatever.

Spend your time wisely! It doesn't come back.

A lot of people older than me that accomplishes a lot more than I do have two things: They are single and never had children, and also they maintain a daily schedule of physical exercises.

To accomplish all of this with a family, I can only assume they must have an easier than most work schedule/assignments.

Some people are just far more driven than others, is the reality. Personally I couldn't spend 8 hours at work then come home and work on a hobby for 4 hours every day either.

Work doesn’t have to tax the sprit so greatly; there is a way to work that gives you energy.

Care to share all the jobs you’ve had? I suspect you’re speaking from a position of immense privilege but want to give you the benefit of the doubt.

Quite the opposite. There have been moments, when the mission is right, and you are aligned with purpose. You see it in glimpses outside of "jobs" (note I said "work" not jobs).

So how do you survive if not by working for a living as the vast majority of humans must?

The screentime report was jarring for me as well. It sounds silly, but I used the parental control on my iphone to turn it «dumb».

I can still use the internet, but blocked most social media sites and apps, reddit/etc. My good friend has the passcode.

If I need them I can use my laptop/desktop, but it’s not as gratifying and right there. My screentime dropped by 4-5 hours per day, it’s insane. Now I get bored occasionally and (unintentionally) frustrated my phone can’t solve that, but I do read more, and work on more hobbies.

Create > consume always

Have enough stability (money, housing, relationships) that you have mental juice left over for things higher up Maslow's pyramid.

I'm not being glib. That's really the answer. Sometimes, it just isn't possible to achieve, and that is both frightening and demoralizing. Doesn't make it any less true.

It's hard to hack on projects when the rent's due, after all. It is demoralizing to think of all the lost works (not just software) our society loses due to the 9-5 grind for most.

In my experience it's not a matter of stability but a matter of motivation. The motivation to do this kind of thing feels a lot less now than when I was younger.

Motivation is often just another word for ‘free enough from stress, exhaustion, and distraction to find joy in it’.


If you’re lacking in motivation, there is almost always something broken somewhere. If you think not, it’s probably because you’ve trained yourself to ignore it, or refuse to believe it.

This really resounds with me, could you expand? How do you find what is "broken somewhere"?

True evaluation and introspection of one’s daily, weekly, and monthly obligations and the cost of said obligations.

One or more of these obligations is broken if there is no motivation for enjoyable personal activities.

Broken may not be immediately fixable or remedied. There may be stress inducing obligations that are simply unavoidable.

Sometimes the fix is simply recognizing the emotional and mental cost some activities and obligations impart.

de-stimulate yourself

It could also just be your expectations that are broken. Maybe you want to pursue more hobbies then can be reasonably be done. Then it's a matter of prioritizing the ones you get joy and fulfillment from and letting go on the ones you don't have time to do.

IMO, that is another word for something being broken.

Having more hobbies to do than can be reasonably done, but not feeling like you can or should stop is a sign of something wrong elsewhere.

Why feel compelled to do them then, after all?

The root cause, in my experience, almost always boils down to not enough understanding, awareness, and acceptance of what actually is vs what someone feels should be, could be, or wants to be.

Sometimes for good reasons, that matter. Sometimes for bad reasons. Sometimes for no apparent reason at all.

The most common factor I see all the time is emotional/mental overwhelm, as in my experience that is the root cause of almost all other causes, as it stops someone from seeing and reacting to the other problems when they occur (like lack of knowledge and bad information, misleading or manipulative other actors that don’t get properly handled, signing up for things that are not realistic due to lack of proper self awareness, lack of healthy coping mechanisms, or over reliance on healthy ones, etc).

If you want to read a overly analytical 312 page manual from the Army on exactly this topic, here is the link [https://armypubs.army.mil/epubs/DR_pubs/DR_a/ARN34875-TC_3-2...].

A lot of key Army doctrine involves how to get inside and lengthen the awareness/decide/action loop of the opponent, while shortening theirs, as it is a key tactical advantage.

It’s a large part of why the Ukraine war is going as well for the Ukrainians as it is.

The lessons apply to us all however. The sooner you can become aware of what is really happening, decide on/synthesize it into a course of appropriate and effective action (or inaction), and then follow through on it effectively, the healthier, happier, and more successful we tend to be.

With our bodies, rational analysis is almost always too slow, and can easily lead to self delusion. Mindfulness, breathing techniques, etc. are generally better. However, as Buddha was well aware of and cautioned against repeatedly, delusion is an ever present threat and can easily happen during meditation as well.

Both are often needed, IMO, for different parts of the problems we all face.

One of the reasons is: at some point you (will) have done enough of rather different projects/experiments... twice, so new ones are not so exciting.

Finding hobbies in different (even related) fields is a lot easier.

Yeah. Life just keeps piling on responsibility after responsibility until we can no longer afford to care about stuff. Even simply starting something is hard.

For me, it's about having a goal which is concrete enough to achieve and deliver satisfaction, but unrelated to daily life enough to not be a stressor. And one major key for me is to never, ever develop a timeline.

When I was a kid/teenager, I worked on a lot of game console reverse engineering projects. As an adult, I wanted to get back into systems reverse engineering, but game consoles felt both too "useless" and too locked up. So, since I already had a major car hobby, I decided I'd learn how to calibrate OEM automotive engine control units - both the software reverse engineering and exploitation side and the actual mechanics and engine control side.

This turned out to be a great idea because everything fell into a cadence and a nice "proximal development" area - novel enough to be fun and engaging, but achievable enough to get hits of success. There was always something new to learn, but it was always something easy enough to be a week or two away. And there was absolutely no timeline besides my own, so it remained fun.

For me as an adult, the two major detriments to curiosity are a timeline (now it's work) and a lack of purpose (now it's just fiddling around). Setting a goal but not a timeline is what really gets me going. YMMV.

If I'm not feeling success, I aim at a more achievable goal, or pick up another project. If I'm bored, I aim bigger. And if I feel like I have no "free" time, I rethink priorities. Yes, sometimes work sucks, or an unexpected obligation is a drag, but by and large, as an adult with a marketable skill, I and I think most HN readers are blessed with pretty broad autonomy to decide what to do next.

For example: lately, I've left most of these projects behind in favor of day job security and preparing for a family life, but I don't feel stressed out or like I lack "time and energy" - my goals have just moved along as I have.

For me personally what has worked is going to bed early and waking up early before the world's distractions begin. This gives me 1 to 2 hours every day uninterrupted to work on projects. Why it's working better for me then staying up late to tinker is because I'm guaranteed not to have excuses or distractions such as working into the evening on my day job.

Added bonus not waking up tired. Took me about a month to adapt to this routine given I've never - ever - been a morning person in my life. And I'm still not if I go to bed late.

Completely cut out all alcohol which ensures better quality sleep - ready to start the day by working on a fun project.

I think hardware hacking is the coolest stuff ever. That is why we have so many people buying Raspberry Pi-s.

I guess the best way to keep your curiosity after X years of age is to start with a really challenging project that you know has steps of micro-success. Also, find a motivating community where you can chill, rant or discuss things with. That's why I am here, you are here. You need to have some level of familiarity with the domain of knowledge so, you know what you can achieve in what amount of time. There needs to be the idea of challenge, definite success and somewhat familiarity involved.

My example: I like the old school WSB community. If you know, the tesla-short era. So, I attempted to build tooling that they will enjoy, and I will have fun discussing. My checklist of accomplishments was things I knew can be completed in a few hours. The progressive dopamine hits kept me focused. I was doing great.

Why did I fail? Community itself become not the same. Fun discussions were harder to find. Market kept going up, meaning tools that I made is worthless because anything I didn't make sense because stonks go up. A Complex JavaScript project felt harder to write than I anticipated. So again, community, challenge and knowing your limits.

If you are looking for hardware hacking motivation, these two videos blew my mind. Joe Grand, crypto wallet hacking:



This channel is also good, but it is a bit wacky: https://www.youtube.com/watch?v=icBD5PiyoyI

Edit: Also validation.

When WSB got extremely popular, and it was being spammed. Subreddit was flooded with spam and mods removed posts aggressively. It wasn't the place to show, "look what I made". Not blaming the mods, I just didn't belong anymore.

If you can achieve validation by yourself internally, that is incredible. But the average human needs other people to say, "Good job :)"

Finding a way to get validation from your projects is fantastic, a friendly community and likes on your YouTube videos or blogs can have immense impact.

> This channel is also good, but it is a bit wacky:

Messed up the link. This is the correct one.


In my experience it has largely been about letting myself do it. I get too worried about work and obligations, but I need to relax and follow those impulses. Force myself to make time for stuff.

I’ve gone through long stints of neglecting hobbies, but it’s always my fault.

Lately I love building out and refining my hydroponic garden’s automation and related application. At the moment I’m expanding it to a mushroom spawning and fruiting system. I spend a few hours a week on it, but I love it. I’m awful with hardware but learn so much every week.

Your situation might be different, but I highly recommend literally forcing yourself to make the time. I know that has been my mistake over the last 15 years – never acknowledging and then accommodating the need to just do fun and interesting stuff.

Just do it.

I'll bet you probably have tons of energy, but also more responsibilities and even in your youth you were not that dedicated - you just had moments of intense interest and did stuff for fun without too much diligence and no other worries.

Maybe carve out some 'me time' for whatever.

And a bit of cardio really, really helps.

This repo is from a research group from a university in Belgium [1]. In general though all the sybling comments are right. It is a matter of prioritizing projects over other things in live.

[1] https://www.esat.kuleuven.be/cosic/

I thought I didn't have time or energy for years. As it turned out I just didn't have a project I cared about enough!

This is literally a security researcher's job.

In their spare time they are probably watching porn/netflix like everyone else.

I think they might be researchers, so this is their job.

Hah, I kinda like this:

"We are not providing exact glitch parameters"

Is this the old "lamer protection" again...

The control IC is running at 250Mhz.

Does that mean the fault timings are limited to 4 nanosecond granularity? Is that enough to make a reliable attack?

Is anything done to sync with the startup and locking of the host clock PLL, since that would presumably vary quite a bit based on temperature?

this is awesome but how do I get the circular dish that hasn’t been firmware updated?

You can still glitch the new releases with UART disabled.

Nice job COSIC folks!

It's a good thing it's not called "Star Link" !

Woah, this is awesome!

Someone’s about to lose their access to FSD beta for life and their Twitter account.

No... It got him second place on the hall of fame page on SpaceX's bugcrowd page. https://bugcrowd.com/spacex/hall-of-fame

It also got a direct response from SpaceX saying that they encourage this kind of thing, titled "Bring On The Bugs", and also congratulated Lennert: https://api.starlink.com/public-files/StarlinkWelcomesSecuri...

It's useful to not let your opinions of someone/a company become completely disconnected from reality. It helps you continue to be grounded in reality so that when problems actually happen you have a platform of credibility to stand on when you engage in criticism.

> It's useful to not let your opinions of someone/a company become completely disconnected from reality.

Well... Musk has had a number of comedians blocked on Twitter who showed just how unreliable that new "verification" system actually is a few days ago. It's not too far-fetched to fear the same kind of reaction towards criticism on his other properties as well.

I'm not surprised people are being banned when they violate Twitter's long standing Terms of Service for the purpose of getting into the news. They knew what they were doing.

Yeah, no. Starlink security team congratulated this guy on his hard work in person at DEFCON and gave him bug bounty "hall of fame" status.


Some signup link, guess it's some spam. Protip: put a + behind bitly links to see where they go without going there directly.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact