Hacker News new | past | comments | ask | show | jobs | submit login
Navy chiefs conspired to get themselves illegal warship Wi-Fi (navytimes.com)
133 points by donohoe 16 days ago | hide | past | favorite | 80 comments



This is insane yet not shocking. I can’t imagine throwing away my entire career, and possibly more, over this.

When I was stationed aboard the USS Mount Whitney, we had internet access at essentially all times. Yes it was painstakingly slow but you learned how to navigate that by using mobile sites, bookmarking exact pages, etc.

If I wanted to find sports scores, it’d take a moment but I’d get them - heck, we had fantasy football leagues going using ESPN while at sea. The mobile pages of Facebook and email was enough to communicate with friends and family while movies and shows were passed around on external hard drives.

I genuinely don’t understand what they gained from this to contemplate it yet alone act on it. My best guess is it was simply a chiefs mess with a ton of issues and who felt they were untouchable. But who knows.

There will be a lot of training..


I've been stationed in a lot of places with no or little internet access, and it does suck. I'm sure it's worse for people that weren't used to circa 2003 internet...

but the hubris here. Getting caught then just lying and saying the system was only used in port and HAVING IT RE-INSTALLED. I can't even imagine that. The fact that the rest of them just got NJP too... this reads to me like a command failure.


> This is insane yet not shocking. I can’t imagine throwing away my entire career, and possibly more, over this.

Has she thrown away her career? She was demoted from Senior Chief Petty Office to Chief Petty Officer, a demotion of one rank, which at least on paper doesn't seem to be too bad.

Or will this being on her record mean that she won't get any future promotions, nor any of the more desirable assignments that a Chief Petter Officer might get, making it unlikely that she will reenlist whenever her current enlistment ends?

Here's her bio [1]. I'm surprised the punishment wasn't much more severe. I could see being lenient if this was some relatively inexperienced sailor who had not been in the Navy a long time.

But she's been in the Navy for just over 22 years, and based on this

> Marrero first served at Submarine Group Eight, followed by U.S. Second Fleet as the afloat Flag communicator. She was Sailor of the Year at Combat Direction Systems Activity Dam Neck, completed two combat deployments with Mobile Communications Team attached to SEAL Team Two, and held multiple positions in the joint intelligence and operations departments at U.S. Southern Command.

it looks like she had experience in communication and intelligence, so really should have known that unauthorized communication channels can be very risky.

[1] https://www.surfpac.navy.mil/Leaders/Biography/Article/31526...


I'm so far removed from the Navy at this point and don't know the details but a court martial won't include a separation board. That usually follows.


If this was a bunch of junior enlisted, I’d be impressed at their ingenuity, and they’d probably get a slap on the wrist for doing the dumb things that nineteen year olds are expected to get caught for.

I can’t imagine the entire senior enlisted crew of a shop risking their careers over better internet access, though. I doubt many captains would have either, though, so I wonder if this presages an imminent crisis of confidence in senior enlisted by senior officers.


Given how easy it is to deploy Starlink, I am actually surprised this is the first time this has been tried. Or perhaps this is the first time it came out publicly.


Yeah, if it was actual spies or junior enlisted, I doubt we’d hear about it, so this may not be the first time.

For a captain not to be able to trust his senior chiefs is what’s most scary here.


With the proliferation of cheap consumer grade satellite communications devices, I imagine this sort of thing is going to become a bigger issue for the military.

Apple recently enabled sending non-emergency messages via satellite[0], it's reasonably easy to detect a big starlink terminal, but it's harder to police people using their iPhones to communicate over unauthorized channels while deployed.

[0]: https://www.satellitetoday.com/connectivity/2024/06/11/apple...


While iPhones (will be able to) do that, you have to point them at the satellite. So if anyone is around to watch it might look kind of suspicious.

This all reminds me of when users of when users of Strava were accidentally mapping out military bases for anyone who wanted to see.

https://www.wired.com/story/strava-heat-map-military-bases-f...


Here's an angle for HN to ponder: How could the navy have noticed this?

Noticing an SSID is easy enough to work around. What's next? Can one easily scan for just radio activity on wifi bands? What if it was all wired, could the navy notice the unplanned RF signature (note that it's quite directional)?

Do military installations scan their RF environment regularly to notice such unwanted things?

I'd assume CIA/NSA/embassies do make similar scans, to notice surveillance gadgets.


Yes, it's pretty trivially easy to detect, even without fancy EW equipment. At one point I admin'd a college dorm's network, wifi/wired, and we didn't allow personal APs for interference reasons (you could run your own switch or router as long as it wasn't a WAP). Our run-of-the-mill networking hardware could find signals and triangulate them down to a couple of feet. A couple residents were flummoxed to learn that the "hidden network" thing doesn't actually do anything, which was hopefully at least a useful educational moment.

Any decent SDR can notice such things, presumably not to mention actual EW equipment. It's only really with sub-noise-floor gold code type stuff where a signal doesn't jump out on a waterfall spectrum chart, and even then it's generally fairly obvious at close range. I can only speculate as to why that didn't actually happen here.


> we didn't allow personal APs for interference reasons

For "interference reasons"? Would you mind expanding on that?


I imagine the issue was that in earlier WiFi versions, there weren't a lot of channels available. You basically got 2 or 3 (depending on which country you were in) non-interfering channels. The protocols also dealt with congestion less well, I think.

On a university campus, let's assume that at least one of those channels is taken by the campus WiFi, possibly more if they have separate networks for staff or whatever. At that point, you start getting a few dozen private networks running in the dorms, and the campus network(s) grind to a halt.



Boats typically don't scan local RF unless they need to for the simple reason that boats - especially LARGE boats - are absolutely godawful environments for wifi.

Metal panels between each deck and most of the walls, instruments and engines and microwave ovens running at all different times every shift generating RF noise... you almost need an extra repeater/access point for EVERY SINGLE ROOM and running on separate channels if you want it to be at all reliable.


Cisco Wifi Equipment has long had the ability to detect, and even "block", what they define as "Rogue" Wireless Networks. In fact, one of their clients landed in legal trouble for using such[1], and they have since dialed back said features to make it less misusable.

I'm surprised that on Navy Ships, they're not using something of the sort, if only of the "Stalker Prevention" variety; Their EWAR systems should be scanning for APs that show up for more than a few consecutive days when not in port.

[1] https://docs.fcc.gov/public/attachments/FCC-15-146A1_Rcd.pdf


Wow, every time I think it can't possibly get worse with hotel/conference Wi-Fi...

Fortunately PMF, a mandatory part of WPA3 but also available on some WPA2 hardware, should make these types of attacks much harder.


I would think that there is some radio officer on a ship That would in their normal day-to-day business find errant radio signals.


>But records released so far show the probe, which wrapped in November, found that the entire chiefs mess knew about the secret system, and those who didn’t buy into it were nonetheless culpable for not reporting the misconduct.

>Marrero and her cohorts paid $2,800 for a Starlink High Performance Kit with a personal credit card, and contacted Starlink to expedite shipping so the system would arrive in time for the deployment.

>Those involved also used the Chief Petty Officer Association’s debit card to pay off the $1,000 monthly Starlink bill, and Marrero warned the chiefs to only use the network in their rooms.

Sounds like the Navy needs to provide better wifi before people get desperate like this and screw up their electronic warfare


> Sounds like the Navy needs to provide better wifi before people get desperate like this and screw up their electronic warfare

"Desperate" is a strong word. The point is that there should be no wifi at all during these deployments, and there are reasonable operational security reasons for that ban. This isn't a "fix" to a problem, it's directly disobeying an order.


I think what a lot of people are missing is that there is HUGE operational security issue with military using social media and the internet while deployed.

The lack of general internet availability onboard ships is a feature, not a bug. There are a million and one ways that opsec failures could happen accidentally, let alone through malicious code, devices or people.

Everyone I know who went to sea had a hard drive full of movies for trading around. There are plenty of ways to keep yourself entertained at sea. Leaking intel isn't a good one.


Not to mention the opsec failure of the starlink antenna continuously broadcasting the ship's location during its deployment.


SAR sats capable of tracking ships (or even cars) have been around for decades.


Navy already can’t meet their enlisted recruiting [1] and civilian mariner [2] targets. Operational security is a consideration, but unmanned vessels don’t sail and project force.

As stevetodd’s link mentions downthread, the Navy is procuring StarLink officially (likely as part of StarShield, their DoD product with milspec satellites and full DoD ownership and control [3]); peel off some bandwidth for the humans if you expect them to show up to the job. They’ll easily find a better job in the current labor macro otherwise [4].

[1] https://news.ycombinator.com/item?id=39169676

[2] https://news.ycombinator.com/item?id=41331066

[3] https://spacenews.com/pentagon-embracing-spacexs-starshield-...

[4] https://www.defense.gov/News/News-Stories/Article/article/36...


How about a huge collection of offline digital medias and an Intranet that connects the sailors on the ship? That might help a bit?


Most media that your average person is interested in can't legally be obtained for offline consumption.

Your average techie can get around that by using Jellyfin, Sonarr/Radarr, Torrent trackers and such, but the military has to follow the law.

THe fact that ships travel around the world doesn't make this easier. Even if the Pentagon could make a deal with most of the major U.S. streaming services to provide their content to the military in a secure, offline fashion, which they probably could, those companies are often prohibited from distributing that content outside U.S. borders due to exclusivity agreements.


I was on a ferry from Barcelona to Mallorca. They had a movies, magazines and newspapers on what looks like an intranet app. It probably works the same way an airplane's in-flight entertainment.

The US Navy could have their own version of that.


But how can airlines have almost every movie, TV Show and music album on their airplanes?

I recently flew on long flight with Qatar Airways and their library is massive. Almost any movie, show or album I could think of was in there


Why wouldn't it be possible to individually pre-purchase media before deployment?

Purchased (i.e. not rented) media on at least iTunes/Apple TV/Apple Music/Kindle etc. are usable offline indefinitely.


Man I thought the companies that hold legal rights of those medias (movies and shows and games) have some special deals with the army. They should!


that solves 1 of the three content types. the other two are "check sports scores, text home" which an intranet would not solve.


I'd assume "text home" is the one that's explicitly against the rules no matter the method.


If the Navy provided a similar service, they could fully control the time and manner in which is used.

Most of the time these ships are just floating around doing nothing particularly important or sensitive.

The command could enable and disable internet access in response to operational security requirements, as part of regular exercises, or distribute access on the basis of some kind of reward or punishment.


>The point is that there should be no wifi at all during these deployments

You seriously expect a bunch of ~20-year-old people to go without internet access for 6-9 months at a time? Good luck with recruiting.


I joined the Navy in 94 (got out in 98). Reading these comments is giving me PTSD. I still had to mail letters and remember my calling card number to make calls when I got into port. That was the only way I could stay connected with home.

The fact that people serving in the military get ANY connection is blowing my mind right now. Especially given the operational tempo I am assuming they have to deal with day in and day out. I know for me every other day was a 21-hour day. Thinking about having internet while forward deployed just sounds exhausting.


> seriously expect a bunch of ~20-year-old people to go without internet access for 6-9 months at a time?

Yes, we generally want mental stability in the people manning our war machines. (Also discipline.)


Are you seriously willing to volunteer, or is this expecting that others step up where you’d fail?

It’s awfully easy to demand expectations from others behind the safety and comfort of a desk.


> is this expecting that others step up where you’d fail?

This is a nonsense argument. I’m not willing to go med school, that doesn’t mean we shouldn’t require it for doctors.

A fighting force addicted to their phones is vulnerable. You can’t have the first time your Navy goes cold turkey on a psychological dependence be during combat.


Fine, if you want to prevent sailors from having modern internet access, then you just need to accept you're going to have a very small Navy and plan accordingly, because very few young people are going to want to join. You can't force people to agree with your opinion.

Perhaps you could convince the Navy to open their recruitment to the 55+ age segment.


That's quite the hyperbole - I'm pretty sure internet access is a secondary concern at best, when deciding to join the Navy.

Sailors are giving up a lot more in terms of personal life, fixating on internet access as a dealbreaker is such an odd take.


Yes? These people are supposed to go fight wars for us and defend our freedom... I would expect them to be making a lot of sacrifices, the lack of Internet being a relatively minor one.


How many sacrifices would you make for $30,000 a year?


You think people enlist for the money?

You are also overestimating the salary of a fresh enlistee. Everyone below E-3 makes less than 30k


Hence the inability to source recruits. Easier to work at Home Depot or Target.

($30k/year is ~$15-16/hr)

https://www.defense.gov/News/News-Stories/Article/article/36...


and home depot stock has been going up steadily


The article you linked cites competitive pay as reason to join…

It cites a variety of reasons why they are having issues, but pay isn’t one of them.


> The causes of the recruiting challenges "are complex and multifaceted," Vazirani said. They include:

> A strong economy, which has resulted in many more options for young people.

Additional citation:

https://www.aei.org/research-products/report/mcdonalds-or-th...

> McDonald’s or the Army? A California Case Study

> On measures that often matter most to military recruits, such as cash compensation, the military is falling behind civilian wages.

> The need for a large increase in junior enlisted wages becomes apparent when one considers two issues: the looming demographic cliff for America’s youth and competition from the labor market. According to the College and University Professional Association for Human Resources, it is projected that between 2025 and 2029, the US will see its population of 18-year-olds drop from 9.4 million to roughly 8 million, a 15 percent decrease.


The current bonus for Air GUARD is $50k. Your 30k is way off not to mention GI Bill and VA coverage for life.

And yes, I expect “oh gosh we might not have internet” to be something the military can handle.


$50k on a four year contract. That extra $12.5k helps, but the total comp is still way below a civilian job that typically has better work life balance and better working conditions.


> VA coverage for life

How much is this actually worth? If you have a full time job, you'll get insurance through the job. If not, you'll likely qualify for Medicaid. Here in California half the residents get free health insurance via Medicaid


> GI Bill and VA coverage for life

Yeah, sounds good until you see in practice how so many veterans are forgotten, let alone the millions without any healthcare at all. Healthcare should be a human right for everyone.


What years did you serve?


I served from 1998 to 2005. You only get "VA for life" if you incur a permanent service-connected disability. Everyone else who uses VA pays for it and are prioritized lower than disabled veterans. Retirees do not have access to VA care unless they too have a disability.


Another poster posted this link, but I'll post it again: https://news.ycombinator.com/item?id=39169676

If you think it's so important, why aren't you making this sacrifice? The Navy already can't meet its recruitment goals. Where exactly do you think all these selfless, freedom-defending 18-year-olds willing to go without internet are going to come from?


I would if I could but time, age, and circumstances prevented it.

I just think "not having internet" is very low on the list of concerns, and if it isn't, maybe those people need to re-evaluate their situation and priorities.

You are on a ship, where you can't visit friends or family and loved ones, where you have given up your rights and freedom, your choice about anything you consume or do, and you might literally not make it back home.

I think the recruitment goals are caused by other things.


If you think constant recreational internet access is necessary to live a worthwhile and tolerable life, you would probably benefit from a pause in recreational internet use.


There's surveys people would rather give up food, alcohol, socialization, sex, basic hygiene etc than internet. It's crazy but it's increasingly not a small sacrifice if navy wants billets filled by newer gens.


Recruitment is down because one key demographic is no longer signing up. WiFi speeds are the least of that demographic's concerns.


Those very same electronic-warfare concerns might be what's preventing that, barring something really fancy like hyper-directed satellite communication using lasers etc.

Considering that "streaming movies" figured prominently in the illicit data stream, I would strategically reframe the problem like so:

"America's excessively-restrictive copyright laws are putting our troops in danger!!!1"

Clearly, the only possible choice is for Congress to make explicit and broad copyright exemptions for public libraries, and then put one on the ship. :D


Video disks might not be superduper convenient; I don't know what kind of leisure devices navy peeps have, but you don't need a copyright exemption to lend them. If you don't mind tossing the cases, binder sheets for discs are pretty high density.


Those portable DVD players were hot items on the ship


On the one hand I’d love to be a vendor to make deployments suck less and more entertaining for servicemen.

On the other hand I don’t want to deal with procurement.


Related: The US Navy Is Going All In on Starlink https://www.wired.com/story/us-navy-starlink-sea2/


Meanwhile, second paragraph of the article:

> For a variety of reasons, including operational security, a crew’s internet access is regularly restricted while underway, to preserve bandwidth for the mission and to keep their ship safe from nefarious online attacks.


This is not a case of failing to serve a fucking market. Holy shit.


It literally is, as others have elaborated on: https://news.ycombinator.com/item?id=41441755


The Navy have invested heavily in Starlink by now. They could just have waited a little longer.

https://www.twz.com/sea/starlink-now-being-deployed-on-u-s-n...


/insert picture of a tree full of smartphones nailed to it in russian deployment camp inside Ukraine


So does the NSA or NRO run the daily Starlink standup meetings ?


Does the Starlink router not allow a hidden SSID? I’d imagine the EW equipment might still notice but it reads like every seaman’s phone was finding it.


Hidden SSIDs are a hack on the wifi protocol and don’t really do anything. Windows 11 just shows ‘Hidden Network’ for example.


They're even worse than useless, because the devices paired to those hidden SSIDs have to probe for them explicitly. So instead of having the base station broadcast its SSID in one spot, you instead have clients broadcasting that SSID everywhere they go, disclosing not only the SSID itself but also their association to it. I wish OSes would go a step further and deanonymize hidden SSIDs, just to drive home to everyone that this feature sucks and doesn't work.


There is a way to combat this: https://f-droid.org/packages/be.uhasselt.privacypolice/

No idea if it works, but it has been around a long time.


I would hope that our warships have sophisticated enough counter signals intelligence systems to detect the presence of rogue transmitters regardless of if they are broadcasting an SSID or not. Even a run of the mill corporate security setup will pick up rogue wifi networks on premises and pinpoint their location.


Agreed. While other commenters say that this can't be stopped, humans need their wifi, etc., I sincerely hope naval intelligence caught this nearly immediately and determined it wasn't an operational hazard, or even better that their new relationship with starlink gave them "enterprise visibility" into this unauthorized civilian link that just happened to be following the path of one of their ships and allowed them to do packet sniffing, etc. and then left it to the normal system to sort it out.


Given a navy ship is a collection of conductive metal boxes bolted together , would there be an issue with radiation hazards from (introduced consumer grade) RF bouncing around each container? Equally, probably also not nice to have fuel or munitions ignite just when you start watching the big game.


Given a naval ships radar systems power output can be 200,000x (or much higher) than your WiFi access point.. no. Also there is absolutely no chance WiFi could ignite munitions.


You realize Starlink Tx power is 0.5W right? It's less than a wifi AP: https://www.reddit.com/r/Starlink/comments/ndh92t/dishy_rf_o...


> Command Senior Chief Grisel Marrero—the enlisted shipboard leader—led a scheme to buy a Starlink for $2,800 and to install it inconspicuously on the ship's deck. The system was only for use by chiefs—not by officers or by most enlisted personnel—and a Navy investigation later revealed that at least 15 chiefs were in on the plan.

So a "screw it, security reg's are for the little people" conspiracy by at least 15 of the ship's most-senior NCO's. Wow. Talk about leading by example, eh?

If China started a real fight with the USN, I wonder how many seconds it'd take the PLA Navy to win. :(

(Back in the Day, one of the Ars Technica editors was a former USN surface warfare officer - https://arstechnica.com/author/sean-gallagher/ It would be extremely interesting to hear his take on this story.)


I would think a ship would have sensors for this sort of thing




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: