944
After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship
(arstechnica.com)
That seems like a significant security risk
this post was submitted on 05 Sep 2024
944 points (99.2% liked)
Technology
58072 readers
4131 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Probably not for the reason you think.
Like, it wouldn't be patched into anything official
But it means Musk knew where that ship was 24/7, and I'm pretty sure that's why Ukraine's military stopped using it. Musk tipped off Putin to troop movements.
It's emmitting radio signals that an enemy could use to help locate the ship.
What?
Surface ships are in constant communication with stuff...
You can't just find a signal in the middle of the ocean. Musk can find a starlink signal tho, because he can see what Starlink connects to and it's gps location.
Yeah but if they go on mission and “go dark” then you still have this starlink thing that may or may not be disabled by the person smuggling it on board. It may also be connected to official things if the owner has bad intentions, or if someone else who does finds it and co-opts it.
There is a lot that could go wrong with unauthorized radio transmission equipment on a warship, and not all of it is obvious.
load more comments
(6 replies)
load more comments
(4 replies)
Musk tipped off Putin to troop movements
Wait he did? Can you provide a source for this? I can only find information about him stopping starlink service in crimea
load more comments
(28 replies)
load more comments
(1 replies)
And I'm sure whoever put it there faced way more harsher penalties than a certain someone who willfully hid highly classified documents in his bathroom for months and lied about it to investigators.
Just like a certain someone who had classified documents that they weren't even supposed to have without a handler!
load more comments
(1 replies)
The source story is worth a read.
Marrero’s background is in Navy intelligence, and she earned a master’s degree in business administration with a concentration in information security and digital management
Incredible.
she soon changed the “STINKY” Wi-Fi network name to another moniker that looked like a wireless printer — even though no such general-use wireless printers were present on the ship
Why not just switch off broadcasting the SSID?
[The CO and XO] then conducted another sweep inside the ship. Although the network that appeared to be a wireless printer appeared on their personal devices during their search, neither made additional inquiries regarding that network
No-one's coming out of this looking good.
Marrero’s secret Starlink dish was removed the same day, and Marrero told another unidentified crew member the next day that it was authorized for in-port use — prompting sailors to re-install the illegal Starlink.
It just keeps going!
To be fair, if the lead NCO of a unit is just going to flat out lie then a lot of people are going to believe it. I can't imagine being a lower NCO or enlisted and thinking command actually authorized the chiefs to break operational security for entertainment, but only them. Every chief in that crew should be busted and flagged against promotion again. The investigation was completely right to say if they didn't know, they should have.
I may have missed it in this article, though I believe I read elsewhere, that she got busted down one rank and that's it. I know military in general is having retention and recruitment issues, but to me this is more than just a busting down offense. That the senior enlisted on a ship would so nonchalantly disregard OPSEC demonstrates either a clear lack of understanding, or worse, something more nefarious.
We saw a naval officer relieved of command for having the scope backwards on his rifle. This, to me, rises to a much higher level.
We saw a naval officer relieved of command for having the scope backwards on his rifle.
Well in that case, it was just a matter of bad optics.
load more comments
(4 replies)
There's a lot of punishment that doesn't show up in the top line in the military. She may be flagged to lose her security clearance, (dishonesty, incompetence, and corruption) which would be the end of her career. They may also outright flag her as not eligible for re-enlistment. She's certainly not ever going to live that down and it's not a counseling form that disappears in six months. I'd be very surprised if she ever promotes again.
All that said, where I was, in the infantry, lying to your commander like that, while endangering the unit, would be either an Other Than Honorable discharge or a Big Chicken Dinner. (Bad Conduct discharge, do not pass go, do not bother with the VA, do not collect retirement, hope future employers never ask about your discharge)
load more comments
(1 replies)
First thought I had after read through, how much did that masters cost and you didn't learn that you can turn off the broadcast name so only people who know it's there can connect? Probably not even a real degree, freakonomjcs did an episode maybe 10 years ago that said probably 5% of degrees are fake, bet it's 20% now, lying is culturally through the roof.
load more comments
(8 replies)
load more comments
(1 replies)
What's better is that, thanks to Elon Musk, "STINKY" is the default name for its Starlink wifi. These people didn't even change that.
https://futurism.com/the-byte/elon-musk-starlink-wifi-stinky
Don’t worry! I’m sure the default username and password didn’t get changed either.
load more comments
(1 replies)
load more comments
(3 replies)
To make matters even worse...
The chiefs found that the Wi-Fi signal coming off the Starlink satellite transceiver couldn't cover the entire ship, so during a stop in Pearl Harbor, they bought "signal repeaters and cable" to extend coverage.
This many chiefs (not rank-and-file, chiefs), putting this much effort into breaking Navy protocol, together, is crazy. And for what? Memes?
I know deployment at sea can be boring but Jesus fucking Christ, read a damn book or something.
Here’s the meat and potatoes of the article.
In 2023, they decided that the best way to deal with the problem was to secretly bolt a Starlink terminal to the "O-5 level weatherdeck" of a US warship.
They called the resulting Wi-Fi network "STINKY"—and when officers on the ship heard rumors and began asking questions, the leader of the scheme brazenly lied about it. Then, when exposed, she went so far as to make up fake Starlink usage reports suggesting that the system had only been accessed while in port, where cybersecurity and espionage concerns were lower.
Rather unsurprisingly, the story ends badly, with a full-on Navy investigation and court-martial.
when officers on the ship heard rumors
Lol not only is this an incredible violation of security, they couldn't even keep their fucking mouths shut about it.
load more comments
(1 replies)
load more comments
(1 replies)
Dude isn't American. More money than a sovereign nation. Space level ballistic capabilities. Openly aligned with our enemies and their values.
How the fuck does he have a penny of my federal fucking tax dollars? We're funding fucking terrorists that don't even need the subsidies.
What dude are you referring to? I'm confused how your comment relates to the article.
load more comments
(12 replies)
I mean, u know that SpaceXs main income is flying shit around for NASA? If that was unexpected for you, I have bad news.
Unexpected? Did my comment convey surprise? I think I'm upset bc I'm informed.
load more comments
(4 replies)
Sailors on the ship then began finding the STINKY network and asking questions about it.
Oh, c’mon. it is trivial to make an SSID “hidden” for any networking tech that you have administrative control over. That way, only those “in the know” will know the SSID name to type in, in order to access said wireless network. It would not be “discoverable” by standard wireless-connectivity gear such as the default wifi interface in mobile phones.
Hidden WiFi networks are not actually hidden in the literal sense. They still broadcast beacons that your wifi chip will see as basically “hidden network beacon lives here”. Your network connect interface just decides not to show you a list with a bunch of useless “(hidden)” entries you can’t do anything with.
Also, when a new client wants to connect to the hidden network, the first thing it does is broadcast an unencrypted message saying “HEY, I’M LOOKING FOR [hidden network name]” so it’s completely trivial to unveil the name of hidden networks given enough time.
I think it'd be more for obfuscation than completely hiding it. As long as there are other hidden networks on the ship you just name it something generic that blends in. I mean this whole thing is a really stupid idea, but naming it something like "COM.NAB_ISO:4133" would draw less attention.
It’s absolutely mind-boggling that the existing WiFi infrastructure on the military ship didn’t trigger any alarms. This is the kind of thing that you can get from “pro-sumer” grade hardware/software like Ubiquiti, let alone corporate-grade or military-grade stuff. The feature is called “Rogue Access Point Detection” and it’s built into literally every WiFi solution on the market. Like, your local library is analyzing this stuff it’s that basic.
Edit: To more directly address your point, the name shouldn’t matter at all. Rogue AP detection doesn’t give a shit about the display names of things, it looks at the actual hardware addresses and compares them to known things that are owned by your network.
load more comments
(4 replies)
That’s why I put that term in quotes, and was specific about default networking interfaces. I didn’t go into detail because that confuses a lot of people.
Source: working with wireless networks professionally for pretty much the last quarter century.
load more comments
(1 replies)
load more comments
(1 replies)
load more comments
(1 replies)
What really surprises me is that the ships equipment never picked up on those unauthorized signals. Hell they can pick up pavarotti in pearl harbour on their sonar. (Red oktober reference) . but they cant pick up multiple unknown signals in the 2.4 and 5 GHz band
Command Senior Chief
The person who came up with the scheme is also the most senior NCO on the ship. All the enlisted people in charge of monitoring that activity knew, they just knew not to ask questions.You would be surprised how much pull an E-8 or E-9 has in the military.
load more comments
(9 replies)
load more comments
(10 replies)
Between Trump stealing national security secrets and shit like this, it's honestly shocking the USA hasn't already become a full-fledged fascist hell-hole. It's currently only half-fledged.
But seriously, it must be fucking child's play for other nations to spy on us with dumb fucking shit like this happening.
Hey, give us a chance. We have another election right around the corner and things are really looking good for a solid commitment to fully flegged hell-holism.
load more comments
(1 replies)
load more comments
(3 replies)
i was wondering why would you choose such a stupid WiFi access point name, then I read that it was Elon musk that decided that the default starlink AP name has to be that stupid so people would change it
load more comments
(1 replies)
The fact that they didn't even try to hide their ssid (or at least, the report doesn't say they did) shows how stupid people can be with cybersecurity.
Apparently "STINKY" is the default StarLink SSID (Another Musk joke), so yeah...
load more comments
(1 replies)
can we just fucking all take a break for a month? just have things go to being boring?
I attended a fucking ethics of ai talk at my work, only to run into a fucking knockoff nazi complaining about the founding fathers images being generated with black people, and talking about how silicon valley is too left wing.
either you're so stupid that you don't understand it's a fucking alt-right dog whistle, or you're a fucking nazi who gets very, very upset if you see a black person in any context. Either way, just shut the fuck up.
Still, the ambassador had nothing on senior enlisted crew members of the littoral combat ship USS Manchester, who didn't like the Navy's restriction of onboard Internet access. In 2023, they decided that the best way to deal with the problem was to secretly bolt a Starlink terminal to the "O-5 level weatherdeck" of a US warship. They called the resulting Wi-Fi network "STINKY"—and when officers on the ship heard rumors and began asking questions, the leader of the scheme brazenly lied about it. Then, when exposed, she went so far as to make up fake Starlink usage reports suggesting that the system had only been accessed while in port, where cybersecurity and espionage concerns were lower. Rather unsurprisingly, the story ends badly, with a full-on Navy investigation and court-martial. Still, for half a year, life aboard the Manchester must have been one hell of a ride.
But wait! There's more!
view more: next ›