https://techxplore.com/news/2026-01-sky-full-secrets-glaring- vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience,
a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience,
a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers and the terminals were encrypted (I read somewhere long ago that they used the example configuration for encryption, so the key was known). The communications between the towers and the exchanges were not encrypted, unless radio transmission systems employed some encryption of their own.
Can't confirm any of this currently, but it was correct around year 2000.
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience,
a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers and
the terminals were encrypted (I read somewhere long ago that they used
the example configuration for encryption, so the key was known). The
communications between the towers and the exchanges were not
encrypted, unless radio transmission systems employed some encryption
of their own.
Can't confirm any of this currently, but it was correct around year 2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
On 2026-01-22 00:19, c186282 wrote:
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience, >>>> a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers and
the terminals were encrypted (I read somewhere long ago that they
used the example configuration for encryption, so the key was known).
The communications between the towers and the exchanges were not
encrypted, unless radio transmission systems employed some encryption
of their own.
Can't confirm any of this currently, but it was correct around year
2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
I am only talking of SMS and phone calls. The standards are old, it was considered impossible to access the cables carrying the trunks.
Technology was naive.
At some point probably they thought that the transmission department
would do the encryption when possible and advisable. The switching department needed the trunks in the clear. The available machines could
not do encryption.
I don't know if the new methods using VoIP use encryption.
On 1/21/26 21:00, Carlos E.R. wrote:
On 2026-01-22 00:19, c186282 wrote:
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience, >>>>> a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers and
the terminals were encrypted (I read somewhere long ago that they
used the example configuration for encryption, so the key was
known). The communications between the towers and the exchanges were
not encrypted, unless radio transmission systems employed some
encryption of their own.
Can't confirm any of this currently, but it was correct around year
2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
I am only talking of SMS and phone calls. The standards are old, it
was considered impossible to access the cables carrying the trunks.
Technology was naive.
SMS ... CAN be important for 'authentication', but mostly
we're just looking at a code people are supposed to enter
into a site within minutes.
Voice calls ... more likely to have important info for
biz/corporate espionage and even for military. In 60
seconds someone can speak a LOT of important details that
can give competitors, or aggressors, an edge.
At some point probably they thought that the transmission department
would do the encryption when possible and advisable. The switching
department needed the trunks in the clear. The available machines
could not do encryption.
Typical disconnect ... too many players along
the entire chain.
I don't know if the new methods using VoIP use encryption.
Good question. It it's at least https encoded then there's
a fair advantage. I'll have to check to see whether modern
VOIP actually uses secured packets. HTTPS probably CAN be
decoded these days ... but there may be a time delay and
CPU penalty that renders the info mostly useless for biz
purposes - maybe less so for military secrets.
In any case, it's obvious that there's no unified effort
to make sure comms are 'secure'. This is VERY bad in the
modern environment.
On 2026-01-22 04:38, c186282 wrote:
On 1/21/26 21:00, Carlos E.R. wrote:
On 2026-01-22 00:19, c186282 wrote:
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience, >>>>>> a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers
and the terminals were encrypted (I read somewhere long ago that
they used the example configuration for encryption, so the key was
known). The communications between the towers and the exchanges
were not encrypted, unless radio transmission systems employed some >>>>> encryption of their own.
Can't confirm any of this currently, but it was correct around year >>>>> 2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
I am only talking of SMS and phone calls. The standards are old, it
was considered impossible to access the cables carrying the trunks.
Technology was naive.
SMS ... CAN be important for 'authentication', but mostly
we're just looking at a code people are supposed to enter
into a site within minutes.
Voice calls ... more likely to have important info for
biz/corporate espionage and even for military. In 60
seconds someone can speak a LOT of important details that
can give competitors, or aggressors, an edge.
Certainly, but the standard for voice and SMS are not encrypted.
The digital exchanges simply have not the power needed to encrypt all conversations. Encryption has to be done at the client, if he cares enough.
Nowdays, RCS, which is the successor to SMS, is encrypted at the client.
At some point probably they thought that the transmission department
would do the encryption when possible and advisable. The switching
department needed the trunks in the clear. The available machines
could not do encryption.
Typical disconnect ... too many players along
the entire chain.
I don't know if the new methods using VoIP use encryption.
Good question. It it's at least https encoded then there's
a fair advantage. I'll have to check to see whether modern
VOIP actually uses secured packets. HTTPS probably CAN be
decoded these days ... but there may be a time delay and
CPU penalty that renders the info mostly useless for biz
purposes - maybe less so for military secrets.
In any case, it's obvious that there's no unified effort
to make sure comms are 'secure'. This is VERY bad in the
modern environment.
AFAIK it is still up to the client.
On 1/22/26 07:32, Carlos E.R. wrote:
On 2026-01-22 04:38, c186282 wrote:
On 1/21/26 21:00, Carlos E.R. wrote:
On 2026-01-22 00:19, c186282 wrote:
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring-
vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience, >>>>>>> a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And
what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were
not encrypted. This included sensitive data including cellular
text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers
and the terminals were encrypted (I read somewhere long ago that
they used the example configuration for encryption, so the key was >>>>>> known). The communications between the towers and the exchanges
were not encrypted, unless radio transmission systems employed
some encryption of their own.
Can't confirm any of this currently, but it was correct around
year 2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
I am only talking of SMS and phone calls. The standards are old, it
was considered impossible to access the cables carrying the trunks.
Technology was naive.
SMS ... CAN be important for 'authentication', but mostly
we're just looking at a code people are supposed to enter
into a site within minutes.
Voice calls ... more likely to have important info for
biz/corporate espionage and even for military. In 60
seconds someone can speak a LOT of important details that
can give competitors, or aggressors, an edge.
Certainly, but the standard for voice and SMS are not encrypted.
The digital exchanges simply have not the power needed to encrypt all
conversations. Encryption has to be done at the client, if he cares
enough.
Nowdays, RCS, which is the successor to SMS, is encrypted at the client.
At some point probably they thought that the transmission department
would do the encryption when possible and advisable. The switching
department needed the trunks in the clear. The available machines
could not do encryption.
Typical disconnect ... too many players along
the entire chain.
I don't know if the new methods using VoIP use encryption.
Good question. It it's at least https encoded then there's
a fair advantage. I'll have to check to see whether modern
VOIP actually uses secured packets. HTTPS probably CAN be
decoded these days ... but there may be a time delay and
CPU penalty that renders the info mostly useless for biz
purposes - maybe less so for military secrets.
In any case, it's obvious that there's no unified effort
to make sure comms are 'secure'. This is VERY bad in the
modern environment.
AFAIK it is still up to the client.
That's how it IS ... but that's not how it MUST
be - and Really Soon.
Doing passable encryption is not that CPU intensive,
the GUI on yer iPhone uses a lot more. CARRIERS have
plenty of CPU ... NO excuse for them not relaying
nothing but encrypted through satellites.
As said, super-duper NSA grade encryption may not
be needed. The info in phone calls and SMS messages
is generally 'volatile' - doesn't help you much if
you decode them a month or two later. Bank and some
mil info is less volatile and needs better protection.
On 2026-01-22 18:13, c186282 wrote:
On 1/22/26 07:32, Carlos E.R. wrote:
On 2026-01-22 04:38, c186282 wrote:
On 1/21/26 21:00, Carlos E.R. wrote:
On 2026-01-22 00:19, c186282 wrote:
On 1/21/26 16:42, Carlos E.R. wrote:
On 2026-01-21 00:51, c186282 wrote:
https://techxplore.com/news/2026-01-sky-full-secrets-glaring- >>>>>>>> vulnerabilities.html
With $800 of off‐the‐shelf equipment and months' worth of patience,
a team of U.S. computer scientists set out to find out how
well geostationary satellite communications are encrypted. And >>>>>>>> what they found was shocking.
Close to half of the communications beamed from satellites to
the ground that the researchers were able to listen in on were >>>>>>>> not encrypted. This included sensitive data including cellular >>>>>>>> text messages, voice calls,
SMS were never encrypted. I think voice calls between the towers >>>>>>> and the terminals were encrypted (I read somewhere long ago that >>>>>>> they used the example configuration for encryption, so the key
was known). The communications between the towers and the
exchanges were not encrypted, unless radio transmission systems >>>>>>> employed some encryption of their own.
Can't confirm any of this currently, but it was correct around
year 2000.
At least cell towers are kind of "local" - however
this involves the geostationary relay sats, meaning
anyone with an antenna kind of a third of the way
around the globe can tune in to the rebroadcast.
So, you move funds from your Credit Suisse acct to
Bank Of America in NYC, spies in Iceland, or Paraguay,
can maybe grab all your numbers.
This is like 1980 thinking, back when the net was tiny
and only a few 'professionals' sent important stuff back
and forth. Security ? Who NEEDS it ???
I am only talking of SMS and phone calls. The standards are old, it >>>>> was considered impossible to access the cables carrying the trunks. >>>>> Technology was naive.
SMS ... CAN be important for 'authentication', but mostly
we're just looking at a code people are supposed to enter
into a site within minutes.
Voice calls ... more likely to have important info for
biz/corporate espionage and even for military. In 60
seconds someone can speak a LOT of important details that
can give competitors, or aggressors, an edge.
Certainly, but the standard for voice and SMS are not encrypted.
The digital exchanges simply have not the power needed to encrypt all
conversations. Encryption has to be done at the client, if he cares
enough.
Nowdays, RCS, which is the successor to SMS, is encrypted at the client. >>>
At some point probably they thought that the transmission
department would do the encryption when possible and advisable. The >>>>> switching department needed the trunks in the clear. The available
machines could not do encryption.
Typical disconnect ... too many players along
the entire chain.
I don't know if the new methods using VoIP use encryption.
Good question. It it's at least https encoded then there's
a fair advantage. I'll have to check to see whether modern
VOIP actually uses secured packets. HTTPS probably CAN be
decoded these days ... but there may be a time delay and
CPU penalty that renders the info mostly useless for biz
purposes - maybe less so for military secrets.
In any case, it's obvious that there's no unified effort
to make sure comms are 'secure'. This is VERY bad in the
modern environment.
AFAIK it is still up to the client.
That's how it IS ... but that's not how it MUST
be - and Really Soon.
Doing passable encryption is not that CPU intensive,
the GUI on yer iPhone uses a lot more. CARRIERS have
plenty of CPU ... NO excuse for them not relaying
nothing but encrypted through satellites.
Carriers, and I worked there, did not have plenty of CPU, but just
enough cpu for the calculated job.
Encrypting at the client is safer and more sane. If the carriers do the encryption, there is danger that some rogue intermediary has the key to decrypt.
As said, super-duper NSA grade encryption may not
be needed. The info in phone calls and SMS messages
is generally 'volatile' - doesn't help you much if
you decode them a month or two later. Bank and some
mil info is less volatile and needs better protection.
| Sysop: | DaiTengu |
|---|---|
| Location: | Appleton, WI |
| Users: | 1,096 |
| Nodes: | 10 (0 / 10) |
| Uptime: | 402:10:25 |
| Calls: | 14,036 |
| Files: | 187,082 |
| D/L today: |
198 files (74,138K bytes) |
| Messages: | 2,479,256 |