Starlink

46 Articles

When [Elon] Says No, Just Reverse Engineer The Starlink Signal

October 22, 2022 by 37 Comments

We all know that it’s sometimes better to beg forgiveness than ask permission to do something, and we’ll venture a guess that more than a few of us have taken that advice to heart on occasion. But [Todd Humphreys] got the order of operations a bit mixed up with his attempt to leverage the Starlink network as a backup to the Global Positioning System, and ended up doing some interesting reverse engineering work as a result.

The story goes that [Todd] and his team at the University of Texas Austin’s Radionavigation Lab, on behalf of their sponsors in the US Army, approached Starlink about cooperating on a project to make their low-Earth orbit constellation provide position, navigation, and timing capabilities. Although initially interested in the project, Starlink honcho [Elon Musk] put the brakes on things, leaving [Todd]’s team high and dry. Not to be dissuaded, they bought a Starlink user terminal, built what amounts to a small radiotelescope — although we’ve seen something similar done with just an RTL-SDR — and proceeded to reverse-engineer the structure of Starlink’s Ku-band downlink signal. The paper (PDF link) on their findings is densely packed with details, such as the fact that Starlink uses an orthogonal frequency-division multiplexing (OFDM) scheme.

It’s important to note that their goal was not to break encryption or sniff in on user data; rather, they wanted access to the synchronization and timing signals embedded in the Starlink data structures. By using this data along with the publically available ephemera for each satellite, it’s possible to quickly calculate the exact distance to multiple satellites and determine the receiver’s location to within 30 meters. It’s not as good as some GPS-Starlink hacks we’ve seen, but it’s still pretty good in a pinch. Besides, the reverse engineering work here is well worth a read.

Thanks to [Adrian] for the tip!

Snooping On Starlink With An RTL-SDR

September 23, 2022 by 21 Comments

With an ever-growing constellation of Starlink satellites whizzing around over our heads, you might be getting the urge to start experimenting with the high-speed internet service. But at $100 or more a month plus hardware, the barrier to entry is just a little daunting for a lot of us. No worries, though — if all you’re interested in is tracking [Elon]’s birds, it’s actually a pretty simple job.

Now, we’re not claiming that you’ll be able to connect to Starlink and get internet service with this setup, of course, and neither is the delightfully named [saveitforparts]. Instead, his setup just receives the beacon signals from Starlink satellites, which is pretty interesting all by itself. The hardware consists of his “Picorder” mobile device, which sports a Raspberry Pi, a small LCD screen, and a host of sensors, including an RTL-SDR dongle. To pick up the satellite beacons, he used a dirt-cheap universal Ku-band LNB, or low-noise block downconverter. They’re normally found at the focal point of a satellite TV dish, but in this case no dish is needed — just power it up with a power injector and point it to the sky. The signals show up on the Picorder’s display in waterfall mode; curiously, the waterfall traces look quite similar to the patterns the satellites make in the night sky, much to the consternation of astronomers.

Of course, you don’t have to have a Picorder to snoop in on Starlink — any laptop and SDR should work, despite [saveitforparts]’ trouble in doing so. You shouldn’t have much trouble replicating the results by following the video below, which also has a few tips on powering an LNB for portable operations.

Continue reading “Snooping On Starlink With An RTL-SDR”

Starlink Ground Stations Successfully Hacked

August 14, 2022 by 18 Comments

Belgian security researcher [Lennert Wouters] has gotten his own code running on the Starlink “Dishy McFlatface” satellite terminals, and you can too! The hack in question is a “modchip” with an RP2040 and a MOSFET that crowbars the power rails, browning out the main CPU exactly when it’s verifying the firmware’s validity and bypassing that protection entirely. [Lennert] had previously figured out how to dump the Starlink firmware straight from the eMMC, and with the ability to upload it back, the circle of pwnership is closed. This was a talk at DEFCON, and you can check out the slides here. (PDF)

The mod chip itself was a sweet piece of work, being tailored to fit into the Starlink’s motherboard just so, and taking good advantage of the RP2040’s PIOs, which are probably the microcontroller’s superpower.

[Lennert] says he submitted his glitch attack to Starlink and they took some precautions to make the glitching harder. In particular, [Lennert] was triggering his timing off of the USART port coming up on the Starlink unit, so Starlink just shut that down. But it’s not like he couldn’t trigger on some other timing-relevant digital signal, so he chose the eMMC’s D0 data line: they’re not going to be able to boot up without it, so this hack is probably final. No shade against Starlink here. It’s almost impossible to shield a device against an attacker who has it on their bench, and [Lennert] concludes that he found no low-hanging fruit and was impressed that he had to work so hard to get root.

What can you do with this? Not much, yet. But in principle, it could be used to explore the security of the rest of the Starlink network. As reported in Wired, Starlink says that they’ve got a defence-in-depth system and that just getting into the network doesn’t really get you very far. We’ll see!

Thanks [jef] for the tip!

Hackaday Links Column Banner

Hackaday Links: July 3, 2022

July 3, 2022 by 10 Comments

Looks like we might have been a bit premature in our dismissal last week of the Sun’s potential for throwing a temper tantrum, as that’s exactly what happened when a G1 geomagnetic storm hit the planet early last week. To be fair, the storm was very minor — aurora visible down to the latitude of Calgary isn’t terribly unusual — but the odd thing about this storm was that it sort of snuck up on us. Solar scientists first thought it was a coronal mass ejection (CME), possibly related to the “monster sunspot” that had rapidly tripled in size and was being hyped up as some kind of planet killer. But it appears this sneak attack came from another, less-studied phenomenon, a co-rotating interaction region, or CIR. These sound a bit like eddy currents in the solar wind, which can bunch up plasma that can suddenly burst forth from the sun, all without showing the usually telltale sunspots.

Then again, even people who study the Sun for a living don’t always seem to agree on what’s going on up there. Back at the beginning of Solar Cycle 25, NASA and NOAA, the National Oceanic and Atmospheric Administration, were calling for a relatively weak showing during our star’s eleven-year cycle, as recorded by the number of sunspots observed. But another model, developed by heliophysicists at the U.S. National Center for Atmospheric Research, predicted that Solar Cycle 25 could be among the strongest ever recorded. And so far, it looks like the latter group might be right. Where the NASA/NOAA model called for 37 sunspots in May of 2022, for example, the Sun actually threw up 97 — much more in line with what the NCAR model predicted. If the trend holds, the peak of the eleven-year cycle in April of 2025 might see over 200 sunspots a month.

So, good news and bad news from the cryptocurrency world lately. The bad news is that cryptocurrency markets are crashing, with the flagship Bitcoin falling from its high of around $67,000 down to $20,000 or so, and looking like it might fall even further. But the good news is that’s put a bit of a crimp in the demand for NVIDIA graphics cards, as the economics of turning electricity into hashes starts to look a little less attractive. So if you’re trying to upgrade your gaming rig, that means there’ll soon be a glut of GPUs, right? Not so fast, maybe: at least one analyst has a different view, based mainly on the distribution of AMD and NVIDIA GPU chips in the market as well as how much revenue they each draw from crypto rather than from traditional uses of the chips. It’s important mainly for investors, so it doesn’t really matter to you if you’re just looking for a graphics card on the cheap.

Speaking of businesses, things are not looking too good for MakerGear. According to a banner announcement on their website, the supplier of 3D printers, parts, and accessories is scaling back operations, to the point where everything is being sold on an “as-is” basis with no returns. In a long post on “The Future of MakerGear,” founder and CEO Rick Pollack says the problem basically boils down to supply chain and COVID issues — they can’t get the parts they need to make printers. And so the company is looking for a buyer. We find this sad but understandable, and wish Rick and everyone at MakerGear the best of luck as they try to keep the lights on.

And finally, if there’s one thing Elon Musk is good at, it’s keeping his many businesses in the public eye. And so it is this week with SpaceX, which is recruiting Starlink customers to write nasty-grams to the Federal Communications Commission regarding Dish Network’s plan to gobble up a bunch of spectrum in the 12-GHz band for their 5G expansion plans. The 3,000 or so newly minted experts on spectrum allocation wrote to tell FCC commissioners how much Dish sucks, and how much they love and depend on Starlink. It looks like they may have a point — Starlink uses the lowest part of the Ku band (12 GHz – 18 GHz) for data downlinks to user terminals, along with big chunks of about half a dozen other bands. It’ll be interesting to watch this one play out.

Hackaday Links Column Banner

Hackaday Links: June 19, 2022

June 19, 2022 by 11 Comments

The James Webb Space Telescope has had a long and sometimes painful journey from its earliest conception to its ultimate arrival at Lagrange point L2 and subsequent commissioning. Except for the buttery-smooth launch and deployment sequence, things rarely went well for the telescope, which suffered just about every imaginable bureaucratic, scientific, and engineering indignity during its development. But now it’s time to see what this thing can do — almost. NASA has announced that July 12 will be “Image Release Day,” which will serve as Webb’s public debut. The relative radio silence from NASA on Webb since the mirror alignment was completed — apart from the recent micrometeoroid collision, of course — suggests the space agency has been busy with “first light” projects. So there’s good reason to hope that the first released images from Webb will be pretty spectacular. The images will drop at 10:30 AM EDT, so mark your calendars and prepare to be wowed. Hopefully.

Continue reading “Hackaday Links: June 19, 2022”

Hackaday Links Column Banner

Hackaday Links: February 13, 2022

February 13, 2022 by 31 Comments

If you need evidence that our outwardly peaceful little neck of the solar system is actually a dangerous place, look no further than the 40 newly launched Starlink satellites that were just clobbered out of orbit. It seems that the SpaceX launch on February 3 was ill-timed, as it coincided with the arrival of energetic plasma from a solar storm that occurred a few days before. The coronal mass ejection followed an M-class flare on the Sun, which was aimed just right to hit just as the 49-satellite addition to the Starlink constellation was being released. This resulted in an expansion of the upper atmosphere sufficient to increase drag on the newborn satellites — up to 50% more drag than previous launches had encountered. Operators put the satellites into safe mode, but it appears that 40 of them have already met a fiery demise, or soon will. Space is a tough place to make a living.

Continue reading “Hackaday Links: February 13, 2022”

Hackaday Links Column Banner

Hackaday Links: January 23, 2022

January 23, 2022 by 14 Comments

When Tonga’s Hunga-Tonga Hunga-Ha’apai volcano erupted on January 15, one hacker in the UK knew just what to do. Sandy Macdonald from York quickly cobbled together a Raspberry Pi and a pressure/humidity sensor board and added a little code to create a recording barometer. The idea was to see if the shock wave from the eruption would be detectable over 16,000 km away — and surprise, surprise, it was! It took more than 14 hours to reach Sandy’s impromptu recording station, but the data clearly show a rapid pulse of increasing pressure as the shockwave approached, and a decreased pressure as it passed. What’s more, the shock wave that traveled the “other way” around the planet was detectable too, about seven hours after the first event. In fact, data gathered through the 19th clearly show three full passes of the shockwaves. We just find this fascinating, and applaud Sandy for the presence of mind to throw this together when news of the eruption came out.

Good news for professional astronomers and others with eyes turned skyward — it seems like the ever-expanding Starlink satellite constellation isn’t going to kill ground-based observation. At least that’s the conclusion of a team using the Zwicky Transient Facility (ZTF) at the Palomar Observatory outside San Diego. ZTF is designed to catalog anything that blinks, flashes, or explodes in the night sky, making it perfect to detect the streaks from the 1,800-odd Starlink satellites currently in orbit. They analyzed the number of satellite transients captured in ZTF images, and found that fully 20 percent of images show streaks now, as opposed to 0.5 percent back in 2019 when the constellation was much smaller. They conclude that at the 10,000 satellite full build-out, essentially every ZTF image will have a streak in it, but since the artifacts are tiny and well-characterized, they really won’t hinder the science to any appreciable degree.

Speaking of space, we finally have a bit of insight into the causes of space anemia. The 10% to 12% decrease in red blood cells in astronauts during their first ten days in space has been well known since the dawn of the Space Age, but the causes had never really been clear. It was assumed that the anemia was a result of the shifting of fluids in microgravity, but nobody really knew for sure until doing a six-month study on fourteen ISS astronauts. They used exhaled carbon monoxide as a proxy for the destruction of red blood cells (RBCs) — one molecule of CO is liberated for each hemoglobin molecule that’s destroyed — and found that the destruction of RBCs is a primary effect of being in space. Luckily, there appears to be a limit to how many RBCs are lost in space, so the astronauts didn’t suffer from complications of severe anemia while in space. Once they came back to gravity, the anemia reversed, albeit slowly and with up to a year of measurable changes to their blood.

From the “Better Late Than Never” department, we see that this week that Wired finally featured Hackaday Superfriend Sam Zeloof and his homemade integrated circuits. We’re glad to see Sam get coverage — the story was also picked up by Ars Technica — but it’s clear that nobody at either outfit reads Hackaday, since we’ve been featuring Sam since we first heard about his garage fab in 2017. That was back when Sam was still “just” making transistors; since then, we’ve featured some of his lab upgrades, watched him delve into electron beam lithography, and broke the story on his first legit integrated circuit. Along the way, we managed to coax him out to Supercon in 2019 where he gave both a talk and an interview.

And finally, if you’re in the mood for a contest, why not check out WIZNet’s Ethernet HAT contest? The idea is to explore what a Raspberry Pi Pico with Ethernet attached is good for. WIZNet has two flavors of board: one is an Ethernet HAT for the Pico, while the other is as RP2040 with built-in Ethernet. The good news is, if you submit an idea, they’ll send you a board for free. We love it when someone from the Hackaday community wins a contest, so if you enter, be sure to let us know. And hurry — submissions close January 31.