Russia is using SpaceX’s Starlink satellite devices in Ukraine, sources say::undefined

  • echo64@lemmy.world
    link
    fedilink
    English
    arrow-up
    72
    arrow-down
    3
    ·
    10 months ago

    I’m confused. Do you think starlink is free to access? You have to have authentication to use it, spacex is allowing russia to use it.

    • Evil_incarnate@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      2
      ·
      10 months ago

      Of course starlink is allowing paying customers to use it, won’t someone think of the shareholders!

    • KairuByte@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      13
      arrow-down
      12
      ·
      edit-2
      10 months ago

      I’m curious, how do you think Starlink can tell the difference between a Ukrainian and a Russian?

      Are you under the impression that Russia is signing up for service transparently? The devices aren’t sold in Russia, and won’t even work within Russia. Meaning they were likely bought through a proxy using aliases, and set up in Ukraine.

      At that point, you cant tell the difference. It’s just data, which can also be easily encrypted and proxied to mask the fact that they are being used for military purposes.

      • rdri@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        6
        ·
        edit-2
        10 months ago

        It’s just data, which can also be easily encrypted and proxied to mask the fact that they are being used for military purposes.

        It’s not though. The data goes both ways. As long as the device id was not altered, its history of movement can be tracked down, provided such a data is being recorded.

        Also, there may be caveats about how accounts are getting created and activated. Those devices bought by Russia may come with pre-activated accounts that can be tracked by origin.

        Finally, billing. Unless Russia is not relying on stolen Ukrainian credit cards it should be easy to identify that a group of devices/accounts is being paid for by entities that are neither Russian nor Ukrainian.

        Based on all of that, they could filter groups of devices by location, confirm it with Ukrainian forces and ban maliciously used ones.

        • UrPartnerInCrime@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          12
          arrow-down
          3
          ·
          edit-2
          10 months ago

          Yeah. Russia crosses many lines but stealing credit cards is NOT one of them /s

          Edit: Null User was right. But just the be sure I’ll edit in the /s

          • rdri@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            8
            ·
            edit-2
            10 months ago

            What do you mean? They steal basically everything they can when destroying cities and killing people. Should I mention it’s a crime to make it more obvious?

            • Null User Object
              link
              fedilink
              English
              arrow-up
              7
              ·
              10 months ago

              Pretty sure the person you’re responding to didn’t think a /s was necessary, seeing how obvious the sarcasm was.

              • rdri@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                9
                ·
                10 months ago

                I don’t get such a sarcasm. It doesn’t target any specific point in my arguments, they are about how Starlink could locate the illegal use of devices, not about how justified or not Russian crimes are.

                • trackcharlie@lemmynsfw.com
                  link
                  fedilink
                  English
                  arrow-up
                  8
                  ·
                  edit-2
                  10 months ago

                  Are you being intellectually dishonest or are you actually missing the point?

                  I seriously can’t tell.

                  For reference, Russian hackers ‘steal everything’ and have agents in every country. Using a stolen UA credit card to purchase access to spacex sattelites and then insuring the direct operator(s) stay in UA as an intel relay is not difficult.

                  • rdri@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    10 months ago

                    insuring the direct operator(s) stay in UA

                    The key point is right here. Staying in UA is not the same as using Starlink modules on the front lines. The UA territory is devided and it’s visible on Starlink’s availability map.

        • KairuByte@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          6
          ·
          10 months ago

          Russia has operatives worldwide. Just like every other country with any sort of intelligence agency. The idea that they aren’t able to come up with a credit card with a Ukrainian name that looks 100% legitimate to a billing company is farcical.

          Let me just ask you point blank, do you think the CIA could manage to purchase a Starlink, activate it, and use it, without anyone having any idea it was the CIA that did all that? Because if so, it’s just as easy for Russia to do it.

          Hell, I could likely do it.

            • KairuByte@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              8
              ·
              10 months ago

              Really? Let’s see…

              • Purchase a prepaid Visa card from somewhere without cameras, preload it with $1k.
              • Using a library computer, order a Starlink device to a post office, general delivery under a pseudonym.
              • Pick up said order using a fake ID with the pseudonym previously mentioned.

              Congrats! You are now the proud owner of a Starlink dish, under a fake name, with no traceable evidence left behind of who you actually were.

          • rdri@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            4
            ·
            edit-2
            10 months ago

            The idea that they aren’t able to come up with a credit card with a Ukrainian name that looks 100% legitimate to a billing company is farcical.

            I see you don’t know how credit card numbers work. You may also not be aware of the fact that credit cards aren’t working in Russia for almost 2 years.

            Let me just ask you point blank, do you think the CIA could manage to purchase a Starlink, activate it, and use it, without anyone having any idea it was the CIA that did all that?

            Just one or two is easy to manage. A dozen is much more difficult already, provided Starlink manages some security and has access to metadata (data that ultimately can’t be faked such as location, accounts, device id).

            • KairuByte@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              4
              ·
              10 months ago

              … meaning that one of their many worldwide operatives could just get a credit card. Like, say, in Ukraine.

              You’re focused way too hard on “following the law and doing things by the book” without realizing Russia is more of a “do what it takes.”

              • rdri@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                4
                ·
                10 months ago

                Yeah okay. Let’s say we covered the billing. What about devices id, their origin and location? Those are not purchased through Ukraine and Starlink is ought to know that.

                  • rdri@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    arrow-down
                    2
                    ·
                    10 months ago

                    They can’t be. Ukraine must have them under full control because they rely on them too much.

                    Also it’s much easier to assume that these modules, like any other modern tech these days are bought by Russia through other countries who it still does business with like China, Turkey etc.

                • fatalError@lemmy.sdf.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  10 months ago

                  Since when can you not spoof any of that? Grab a used android phone from local used market. Put any rooted rom on it. Spoof the gps… Device id is irrelevant at that point. As for origin, not sure what you mean by that, you can just order the starlink equipment to a random address in a different country, it will look legit. As others said, it’s trivial to bypass/spoof all that metadata.

                  Once you got the connection up and running you just use a vpn to hide everyrhing.

                  The only thing they could do is block starlink for a whole region, that would affect everyone in there. But you still couldn’t distinguish who is using the service.

                  • cole@lemdro.id
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    10 months ago

                    you don’t even need to root to spoof gps, you can just do that on android

                  • rdri@lemmy.world
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    arrow-down
                    2
                    ·
                    10 months ago

                    Since when can you not spoof any of that? Grab a used android phone from local used market. Put any rooted rom on it. Spoof the gps… Device id is irrelevant at that point.

                    Starlink modules are not Android devices.

                    Device ids should be required for pairing with the satellite from my understanding. Same with IMEI on smartphones - except it should be useless to try to fake it as the number of devices is magnitudes lower than smartphones and it should be possible to pin-point any misbehaving device.

                    Spoofing GPS is not exactly useful. Starlink satellites are very low-orbit so again misbehavior should be detectable. I mean you can connect to some satellite but if you report location that should be served by a different satellite then you got yourself caught.

                    you can just order the starlink equipment to a random address in a different country

                    Starlink is shipping devices to Ukraine directly for the military it seems. It should know the difference between these and others that are shipped all over the world by anyone.

                    Once you got the connection up and running you just use a vpn to hide everyrhing.

                    VPN is out of scope for this I think. It’s about locating the device physically by the provider, not about specific sites trying to watch actual internet activity.

                    they could do is block starlink for a whole region

                    They are already doing this but not the whole region. Occupied territories of Ukraine are selectively blocked according to their own availability map.

        • LarmyOfLone@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          This is kinda scary. Sanctions are one thing, but do you really want your internet provider to investigate people and act like an intelligence service for the state?

          • rdri@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            10 months ago

            It’s not about what I want. It’s about what Starlink can do to make sure their help to Ukrainian army (which is paid by the US department of defense) goes only to Ukrainian army.

      • KrapKake@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        6
        ·
        10 months ago

        You see, you are supposed to have a “musk bad” comment, not a rational comment.

    • con_fig
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      10 months ago

      You don’t own the sky, nasa does!

    • jonne@infosec.pub
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      6
      ·
      10 months ago

      Yeah, it’s totally impossible for Russia to register these using an Ukrainian VPN with Ukrainian ID. It’s not like they have access to tons of POWs or even Ukrainians that are sympathetic to Russia.

      • echo64@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        10 months ago

        So now you think that it’s… Ukrainian traitors or pows? You think they don’t deactivate clearance for anyone captured?

        If you’re going to make up fan fiction for Russia, at least suggest something more realistic, like espionage

        • jonne@infosec.pub
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          10 months ago

          Is registration only limited to military personnel? My guess is that anyone except citizens of sanctioned countries can register one of those, so you just need any kind of Ukrainian (or even non-Russian) ID, which are probably plentiful if you have access to POWs or the population of Donbass.

    • Thorny_Insight@lemm.ee
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      11
      ·
      edit-2
      10 months ago

      spacex is allowing russia to use it

      Bold claim to suggest they would be defying US sanctions to Russia like that. Got anything to back that up? Not even the article that you didn’t read implies that.

      • gmtom@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        2
        ·
        10 months ago

        Bold claim to suggest they would be defying US sanctions to Russia like that

        I’m no diplomat but I’m pretty sure this doesn’t break any laws.

        And if you know anything about Musk then it’s really not a bold claim.

        • Thorny_Insight@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          It’s against US sanctions. Starlink doesn’t work in Russia (or Crimea) for this very reason.

          “If SpaceX obtains knowledge that a Starlink terminal is being used by a sanctioned or unauthorized party, we investigate the claim and take actions to deactivate the terminal if confirmed.”

        • locuester@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          10 months ago

          But you clearly didn’t read the article. This makes having dialog in the comments frustrating.

          • gmtom@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            I did though. Nowhere in the article does it mention this breaking any laws. Just that spacex doesn’t sell to Russia.