The Last Days Of The Wild West

We loved it a few weeks ago when an international team of hackers managed to record and decode telemetry and images from SpaceX launches. And now it looks like SpaceX has started encrypting it all in response. Booo!

Decoding satellite and other space ship transmissions has been a great hacker pastime. Most recently, we’ve seen a group working on listening in to the Chinese Tianwen-1 Mars probe shortly after its launch, but listening to the Deep Space Network or even just decoding weather satellite broadcasts can give folks a reason to stretch their radio muscles.

We understand that SpaceX runs some contract missions for US gov’t agencies that don’t appreciate leaking info about their satellite’s whereabouts, but for non-secret missions, we don’t see the harm in letting the amateurs listen in over their shoulder. Maybe they’re doing it for PR reasons if/when something goes badly wrong?

Whatever the reasons, it’s a shame. Space has been open to hackers for a long time, knowingly in the case of amateur satellites, and unknowingly in the case of many other satellites which until the mid-90s had command channels that were unencrypted. (I’ll have to stick with “unnamed sources” on this one, but I do know a person who has rotated a satellite that he or she didn’t own.) There’s a lot to be learned by listening to signals from above, and while you can still decode weather satellite data yourself, it’s not quite as sexy as downloading images straight from a Falcon 9.

The cool hand for SpaceX to have played would have been to say “of course — we broadcast unencrypted as PR to our biggest fans” but it looks instead like they simply didn’t think that anyone would be listening in, and this caught them by surprise and they panicked. In 2021, with something as complicated as a space mission, that’s a little bit embarrassing. Anyway, to those of you who managed to get in before encryption, kudos!

21 thoughts on “The Last Days Of The Wild West

    1. Thanks for mentioning them. I referenced them in a comment to the previoys post abput space encryption, but I couldn’t remember the name.

      I read about them in the paper about 1972, something about confirming a launch.

      And they had to make do with surplus and maybe home made equipment. No SDRs.

  1. “We understand that SpaceX runs some contract missions for US gov’t agencies that don’t appreciate leaking info about their satellite’s whereabouts ”

    It could be a legal issue. I vaguely remember reading something about regulations controlling the use of cameras on spacecraft.

    1. That would probably be Earth observation licensing, which is managed (in the US) by NOAA. I seem to recall SpaceX having to get a license for their GoPros a few years ago. I’m pretty sure NOAA doesn’t care whether EO data legally captured under a valid license is broadcast or not, and SpaceX releases some of the data publicly in their launch streams anyway. NOAA’s own satellites broadcast openly, as mentioned in the article.

    2. My understanding was that they forbid cameras because they posed a massive distraction to the flight crew, and in an emergency, a camera can easily become a projectile bouncing around the craft causing damage to equipment and people.

  2. If they were unencrypted unless they were launching a secret military mission, then they’d leak data by which ones were encrypted.
    Routine boring satellite launch encrypted? Oooh, interesting…

    1. Everyone already knows which launches are classified, because SpaceX and the customer announce the launch as such. What they may want to keep secret in those cases is the exact orbit to which the satellite is delivered, not that a satellite was launched at all (hard to keep that secret when it’s such a spectacle). (Related: I hear that spy satellite operators often get around the UN rules on registering space objects by simply claiming to have lost the satellite after launch.) Also, intelligence customers probably want to avoid releasing images of the satellite that might give clues to its capabilities, but they’ll surely still want video to be sure it deployed correctly.

      1. Yup, its hard to hide launches, there aren’t that many launch facilities in the world. But also it becomes obvious if its sensitive based on the launch facility. I mean, something launching from Vandenburg AFB isn’t likely to be innocent…

    1. In your dreams ! (if it was a US DoD bird) – or hollywood nonsense. Having worked in the industry for the past 30 or so years, including the height of the cold war. The claim that an unauthorized source could control the bird is pure fiction. We routinely employ 100% encryption. If it were so easy to intercept and manipulate, our adversaries would’ve done it a long time ago (kind of like these moon-landing-never-happened kooks – you can bet your first born, that the USSR would’ve gone out of their way to disprove it happened).

      You can also be damn sure NASA has secured one of their most high priority command channels, the RSO destruct uplink. Would be somewhat embarassing if a rogue 14 yr old in their backyard sent a spoofed command to the booster.

      The old “if-I-tell-you-I-have-to-kill-you” applies.

      As for encryption of commercial traffic – keep it to yourself probably applies. The morons over at the Radio Reference website streaming police scanner traffic is a good example. If they did not stream their local scanner traffic, the cops would not have further excuses to encrypt their communications. So they are slowly contributing to the death of their own hobby. Why these idiots insist on streaming that traffic is beyond comprehension. The site owner makes a mint of their stupiditiy.

      1. Ah, yeah, the joys of “moon landing is a hoax” lunatics. The USSR wouldn’t really even have to go out of their way to disprove it. A lot of nations and amateur astronomers witnessed Apollo 11 lift off and perform a few orbits before heading off to the moon before coming back and orbiting earth a few more times before making its decent. There were a lot of opportunities for the USSR, and every other nation on earth, and even people with a cheap telescope, to disprove the moon landing. Faking the moon landing would’ve taken so, so much effort to cover up that it would be easier to just land some people on the moon…

        But then conspiracy theorists gotta conspiracy. Although most conspiracy theories are started by governments themselves to make them sound stronger and better organized than they really are, and not just a bunch of random jaggoffs that kinda bumbled their way into power and working off the backs of the tiny number of people that actually know what they are doing and are keeping everything together.

      2. “Having worked in the industry for the past 30 or so years, including the height of the cold war.”

        Dude, you are super confused about the Cold War. 1991, 30 years ago, was well after “the height of the cold war”. Makes me not trust anything you say.

    2. I honestly don’t have any evidence that it happened — I wasn’t there. Just a credible story from a reasonably credible source: the kind of person who’s done earth-moon-earth ham radio bounce experiments and who, in his or her youth, was reckless / stupid enough to have done something like that.

      (But, if you think critically about it, who’s also the kind of person who would tell stories.)

  3. I’m worried that those signals will go from “Encrypted” to “Using a proprietary format so that only SpaceX can read them” and then to “Oh, you want to know what happened? That’ll be $10 million dollars, please”

  4. People are saying they should encrypt military launches but leave standard launches open are missing the fact that having two duplicated systems like that is one of the worst kinds of complexity there is. It doesn’t matter if you need a feature. If the feature doesn’t reduce reliability, leaving it there all the time is way better than having 47565 ways to do the same thing with “just enough”.

    The encryption probably has authentication which they probably always want. And it’s probably symmetric so they can’t just give away the key without giving up authentication.

Leave a Reply to DanCancel reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.