After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship

return2ozma@lemmy.world to Technology@lemmy.world – 18 points –
After seeing Wi-Fi network named “STINKY,” Navy found hidden Starlink dish on US warship
arstechnica.com
70

That seems like a significant security risk

Probably not for the reason you think.

Like, it wouldn't be patched into anything official

But it means Musk knew where that ship was 24/7, and I'm pretty sure that's why Ukraine's military stopped using it. Musk tipped off Putin to troop movements.

It's emmitting radio signals that an enemy could use to help locate the ship.

What?

Surface ships are in constant communication with stuff...

You can't just find a signal in the middle of the ocean. Musk can find a starlink signal tho, because he can see what Starlink connects to and it's gps location.

Yeah but if they go on mission and “go dark” then you still have this starlink thing that may or may not be disabled by the person smuggling it on board. It may also be connected to official things if the owner has bad intentions, or if someone else who does finds it and co-opts it.

There is a lot that could go wrong with unauthorized radio transmission equipment on a warship, and not all of it is obvious.

You can't connect a star link to siprnet.

The worst a bad actor could do is constantly transmitting location and other combat data.

You can't connect a star link to siprnet.

Can you connect a computer? Because if so, that same computer can then be connected to the starlink, no?

I know absolutely nothing about secure government networking, I'm just kind of assuming that something has to be able to connect to both individually and also simultaneously.

sipr is very strict about what it is letting connect to it. Which is why you rarely hear about breaches. Notable incidents like Manning or Snowden both involved usage of physical media, which has been severely restricted since. Plus Snowden was an admin, and not on SIPRNet, but some NSA systems.

To add, SIPRNet is entirely isolated from NIPRNet or the Internet.

Well, the Starlink could be connected by an admin to a computer that is connected to SIPRNet, right? It exposes itself as just a router.

I mean, assuming the Starlink was brought on board by someone with authorization to be on board, any possible adversarial situation would necessarily be an internal issue to begin with.

Personally, I think the most likely answer involves an Xbox.

Nothing Sipr is going to have a wi-fi. At least, not at the tactical level. God knows what goes on with secure cellphones and stuff. However a Sipr computer is still a computer and if you hook in the wrong cable then you've breached the network. Any bad actor knowing where the ship is and with sufficient information is going to try and drop malware to the router. That malware would load to any computer attached and if it happens to find itself on a secure computer it then attempts to phone home or cause havoc.

Which is why hooking a green cable into a red computer usually means you unhook it, power it down, cart it off to IT, and then hope the punishment isn't too bad. (Ranges from push ups to half pay for an honest mistake.)

You say that like Elon is personally looking at that information.

Presumably, there would be a large number of people at the company with access to that information, all of whom could be bribed or otherwise persuaded to share it.

You can’t just find a signal in the middle of the ocean.

Uh, this was the primary way the Allies defeated the U-Boats in WWII.

No they actually do go dark sometimes for exactly this reason. Of course there's always some signal source but it's the difference between lighting up like a Christmas tree and running a single IR light.

The reason I think is because any unofficial and potentially unsecured communications access point seems like a vulnerability. If some moron posts a picture using that unofficial access point I’d be worried it could be traced to the ship’s location.

Musk tipped off Putin to troop movements

Wait he did? Can you provide a source for this? I can only find information about him stopping starlink service in crimea

They can't, because it doesn't exist.

Which also doesn’t definitely mean it didn’t happen.

Everybody knew were the ship was, because at that time star link usage by area was shown publicly. There was map online that showed all clients online.

It wouldn't be... Until it is.

No it just wouldn't.

Like, are you imagining a modern US warship doesn't have internet 24/7?

This was for porn and maybe streaming services and social media, but mostly porn.

It wasn't for any official use, because they have that covered.

You're acting like surface ships are submarines....

Like, are you imagining a modern US warship doesn’t have internet 24/7?

last I checked, no, they don't. they had shitty service while in port, and not much else.

https://www.navytimes.com/news/your-navy/2023/12/29/new-in-2024-better-wi-fi-for-sailors/

fuck mate they only recently started giving their people access ON SHORE.

https://www.stripes.com/branches/navy/2024-01-25/navy-free-wi-fi-pilot-program-12796438.html

so no, I don't think for the average sailor a US warship provides internet access 24/7

That article is about wifi for personal use...

And the second one is about it being free and you're acting like they didn't have Internet before then?

so no, I don’t think for the average sailor a US warship provides internet access 24/7

Yeah man, you have zero idea what people are talking about about.

That article is about wifi for personal use…

do you think the starlink terminal in the OP article was for military use?? bwahahaha

Yeah man, you have zero idea what people are talking about about.

ok buddy, have a nice life.

Whether they have wifi on ship or not isn't the issue. Sometimes, when a ship goes into an operation, they will turn off all signals except passive or directed signals so that they can't easily be detected. Having a communications signal that isn't under the control of the ship's officers is a huge security risk during operations.

Someone is going to be court martialed over this.

Musk tipped off Putin to troop movements.

I'm sorry, this made me laugh. Is that a widely accepted conspiracy theory in this community? That Elon Musk is a Russian spy?

Did you miss the part where he sent a militarized Cyber Truck to a Russian war criminal, or are you conveniently ignoring it?

The Russian war criminal stated he got it from musk but that hasn't been confirmed and I don't think we should be taking Kadyrov's word as truth on anything he's a literal war criminal.

What about the Russian oligarchs backing twitter?

If Musk isn't a Russian asset, it's only because he's a Saudi asset. And there's no reason he can't be both.

The source story is worth a read.

Marrero’s background is in Navy intelligence, and she earned a master’s degree in business administration with a concentration in information security and digital management

Incredible.

she soon changed the “STINKY” Wi-Fi network name to another moniker that looked like a wireless printer — even though no such general-use wireless printers were present on the ship

Why not just switch off broadcasting the SSID?

[The CO and XO] then conducted another sweep inside the ship. Although the network that appeared to be a wireless printer appeared on their personal devices during their search, neither made additional inquiries regarding that network

No-one's coming out of this looking good.

Marrero’s secret Starlink dish was removed the same day, and Marrero told another unidentified crew member the next day that it was authorized for in-port use — prompting sailors to re-install the illegal Starlink.

It just keeps going!

To be fair, if the lead NCO of a unit is just going to flat out lie then a lot of people are going to believe it. I can't imagine being a lower NCO or enlisted and thinking command actually authorized the chiefs to break operational security for entertainment, but only them. Every chief in that crew should be busted and flagged against promotion again. The investigation was completely right to say if they didn't know, they should have.

I may have missed it in this article, though I believe I read elsewhere, that she got busted down one rank and that's it. I know military in general is having retention and recruitment issues, but to me this is more than just a busting down offense. That the senior enlisted on a ship would so nonchalantly disregard OPSEC demonstrates either a clear lack of understanding, or worse, something more nefarious.

We saw a naval officer relieved of command for having the scope backwards on his rifle. This, to me, rises to a much higher level.

We saw a naval officer relieved of command for having the scope backwards on his rifle.

Well in that case, it was just a matter of bad optics.

There's a lot of punishment that doesn't show up in the top line in the military. She may be flagged to lose her security clearance, (dishonesty, incompetence, and corruption) which would be the end of her career. They may also outright flag her as not eligible for re-enlistment. She's certainly not ever going to live that down and it's not a counseling form that disappears in six months. I'd be very surprised if she ever promotes again.

All that said, where I was, in the infantry, lying to your commander like that, while endangering the unit, would be either an Other Than Honorable discharge or a Big Chicken Dinner. (Bad Conduct discharge, do not pass go, do not bother with the VA, do not collect retirement, hope future employers never ask about your discharge)

i was wondering why would you choose such a stupid WiFi access point name, then I read that it was Elon musk that decided that the default starlink AP name has to be that stupid so people would change it

And I'm sure whoever put it there faced way more harsher penalties than a certain someone who willfully hid highly classified documents in his bathroom for months and lied about it to investigators.

Just like a certain someone who had classified documents that they weren't even supposed to have without a handler!

According to Navy Times, reduction in rank. According to my experience, likely going to be told they can't re-enlist after the end of their current term. Likely shipped stateside and in charge of mowing the lawn somewhere.

Dude isn't American. More money than a sovereign nation. Space level ballistic capabilities. Openly aligned with our enemies and their values.

How the fuck does he have a penny of my federal fucking tax dollars? We're funding fucking terrorists that don't even need the subsidies.

Read the article

What? Why is my comment invalid in the context.

No it isn't because Elon Musk has nothing to do with this receiver so having to go at him for this is stupid.

What dude are you referring to? I'm confused how your comment relates to the article.

Lemmy, where you get downvoted for being confused and asking for clarification. Good job everyone.

It's baffling how people on Lemmy hate Musk so much and yet can't stop mentioning him in every random, unrelated thread.

The starlink was privately bought as per the article, it wasn't officially procured using federal funds. So the comment I responded to doesn't really make any sense in the context of this post.

But it gets 50 upvotes because Musk is very bad man. I guess that answers my own question about why people can't stop mentioning him on Lemmy: it's free upvotes to shit on him. That's fine I guess, but it can be annoying when it clogs up the discussion in unrelated threads.

You got me. I don't have a problem with him being given the security liabilities of a defense contractor and control over people's Internet access. I posted for upvotes.

I still use Lemmy and Reddit side by side. I find a lot of submissions and comments on Reddit downvoted, where they're nothing burger contributions; some of the most non-divisive, non-offensive, and opinionless contributions I've come across.

I don't recall this behaviour when I first started using Reddit about 10 years ago. It makes me wonder if the world has become a lot more bitter in recent years since this type of behaviour is seen across platforms.

I just feel like people are just too quick to assume the question is asked with bad intentions nowadays. It might be more bitterness, as you said, and it could also be more cynicism from most people. All I know is that it makes a lot of platforms more unpleasant to participate in.

It's because no one ever reads the article they just read the headline and make up their own story.

In this guy's head Elon Musk personally did this.

How was that implied by the comment? Tell me what's in my head please.

I mean, u know that SpaceXs main income is flying shit around for NASA? If that was unexpected for you, I have bad news.

Unexpected? Did my comment convey surprise? I think I'm upset bc I'm informed.

What's better is that, thanks to Elon Musk, "STINKY" is the default name for its Starlink wifi. These people didn't even change that.

https://futurism.com/the-byte/elon-musk-starlink-wifi-stinky

Don’t worry! I’m sure the default username and password didn’t get changed either.

Can't speak to starlink specifically, but I know some shittier router brands would often reset to factory defaults every time you updated the firmware. Can easily see starlink doing that with a pushed firmware with the expectation some additional cell phone app would restore the correct settings.

So they very well might have turned off broadcasting but it got popped back on while they were on shift and it was detected.

Here’s the meat and potatoes of the article.

In 2023, they decided that the best way to deal with the problem was to secretly bolt a Starlink terminal to the "O-5 level weatherdeck" of a US warship.

They called the resulting Wi-Fi network "STINKY"—and when officers on the ship heard rumors and began asking questions, the leader of the scheme brazenly lied about it. Then, when exposed, she went so far as to make up fake Starlink usage reports suggesting that the system had only been accessed while in port, where cybersecurity and espionage concerns were lower.

Rather unsurprisingly, the story ends badly, with a full-on Navy investigation and court-martial.

To make matters even worse...

The chiefs found that the Wi-Fi signal coming off the Starlink satellite transceiver couldn't cover the entire ship, so during a stop in Pearl Harbor, they bought "signal repeaters and cable" to extend coverage.

The fact that they didn't even try to hide their ssid (or at least, the report doesn't say they did) shows how stupid people can be with cybersecurity.

To be fair, this is a navy ship. If they got the sniffers out and found a hidden one then the officers would be tearing the ship apart to find it right then and there. Hiding in plain view was the better choice.

To be mean, because these chiefs deserve it, Stinky is apparently the default name. These fucking geniuses left the default name up rather than try to camouflage it as a legitimate network. So I'm pretty sure none of the top part went through their smooth brains. They just assumed it would go unnoticed. Then they assumed they had enough privilege to make the enlisted think this was proper. Forgetting just how pugnacious the middle enlisted can be when they feel something is both unfair and know it's against regs. (They will make it their life's mission to humble a leader, and they win more often than not)

What really surprises me is that the ships equipment never picked up on those unauthorized signals. Hell they can pick up pavarotti in pearl harbour on their sonar. (Red oktober reference) . but they cant pick up multiple unknown signals in the 2.4 and 5 GHz band

Between Trump stealing national security secrets and shit like this, it's honestly shocking the USA hasn't already become a full-fledged fascist hell-hole. It's currently only half-fledged.

But seriously, it must be fucking child's play for other nations to spy on us with dumb fucking shit like this happening.

Oh it's the same with other countries too. We all regularly have breaches due to the dumbest shit. Just ask the War Thunder community. It's about time for them to have another one.

Still, the ambassador had nothing on senior enlisted crew members of the littoral combat ship USS Manchester, who didn't like the Navy's restriction of onboard Internet access. In 2023, they decided that the best way to deal with the problem was to secretly bolt a Starlink terminal to the "O-5 level weatherdeck" of a US warship. They called the resulting Wi-Fi network "STINKY"—and when officers on the ship heard rumors and began asking questions, the leader of the scheme brazenly lied about it. Then, when exposed, she went so far as to make up fake Starlink usage reports suggesting that the system had only been accessed while in port, where cybersecurity and espionage concerns were lower. Rather unsurprisingly, the story ends badly, with a full-on Navy investigation and court-martial. Still, for half a year, life aboard the Manchester must have been one hell of a ride.

But wait! There's more!