this post was submitted on 29 Sep 2024
823 points (98.7% liked)
Technology
59712 readers
5740 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Look at this article from March 2024: https://robertgarcia.house.gov/media/in-the-news/cnbc-house-democrats-probe-spacex-over-alleged-illegal-export-and-use-starlink
So the equipment has to fall into the wrong hands, through a somehow compromised supply chain. Maybe that could happen without starlink knowing, but they really should have figured that out in march. They should have very easily identified the units that were potentially compromised by auditing shipping logs.
Not only did the supply chain have to be compromised, but also the subscription and payments system... How did they not catch it on the subscription payment side? Now in addition to a compromised supply chain, a financial institution was compromised? At the least, they didn't do their due dilligance in customer verification.
How could russia have set up the equipment without some level of development and testing? Geolocation should have given that development away.
Yeah good point, that's called "negligence". Not doing due dilligance or taking the necessary steps to avoid breaking the law, because it isn't profitable, isn't a valid legal defense.
It really would have been as simple as geofencing against devices that weren't preauthorized or whitelisted.
Yepp those are for sure valid points. Seems that it's not such a "high" prio for our Trump lover.
I’m curious on how you envision they identify these units? If they don’t activate until they are near the Ukrainian border, how do they know what is Russian controlled vs Ukrainian controlled?
As for the payment side, YouTube can’t even get a proper handle on users getting region pricing at a fraction of the cost, by simply using a VPN, and they have skin in the game for preventing cross region abuse. Starlink has no reason outside sanctions to give a fuck where their payments are coming from, and you’re talking about state actors that can literally provide a real bank and address owned by a shell individual that passes any check you can think of beyond highly invasive levels no one would accept.
Geolocation is extremely unreliable. Let’s look at one aspect, GPS: In North America you don’t normally deal with it beyond being in between buildings or under a tunnel, but the moment you’re flying in airspace near Russia, GPS can and has literally shown the location being thousands of miles away.
I get the musk hate, but you’re acting like a grandma down the road is illegally using it, and ignoring the fact that it’s a country known to have operatives worldwide, multiple hacking groups, and resources you likely can’t even imagine.
Are you saying that geolocation of a starlink unit is difficult from the starlink satellite network? That seems unlikely to me.
Do you see a moral dimension to this? Keeping technology out of the hands of an aggressor state is an excellent reason. I think that many people feel that because corporate entities behave like criminal organizations (indifferent to anything other than maximizing their own profits) that this is somehow OK. It isn't, and normalizing isn't acceptable either.
In 99% of cases? No. In the case of a state actor intentionally wanting to obsfucate the location? Absolutely.
You’re either missing the point or ignoring it. If you bothered to read around that sentence, you’d realize that in context it has nothing to do with morals, and everything to do with other companies with a financial incentive failing to do it. If a company loses out on 75+% of their profit when I pay for YouTube out of India, and fail to stop me despite active efforts, how do you expect a company to manage it against a state actor.
Yputube ignore it because it is cheaper to ignore than to pay people to fight against it. If enough people do it don't worry they will fund and find methods to block user using VPN to pay abonnement
They do fight it. They cracked down on it a couple months back. Didn’t stop all users, and it wouldn’t stop just asking a friend in the respective country to buy it for you and pay them on the side.
Which is my point. You’re coming at this like it’s Joe Everybody is being discussed, when we are talking about an entire country which is actively succeeding at influencing other countries.
True enough. I wasn't precise enough if they really wanted to crack down on it and reduce it to nearly zero they would have way. But the cost excède the benefit. For starlink that the same. They surely can know where the data are sent and disable suspected starlink asking for them to contact call center for exemple. Which a drone can't do. This wouldn't be trivial or cheap but that doable. We built systems far more complex than that
Its quite simple really: if you want profits then you should get it honestly. Otherwise you don't deserve the profits.
This explains nothing. Russia infiltrates governments and your answer is “yeah, well starlink should just be honest.”
Geolocation is very different when you use an omnidirectional antenna passively listening to multiple signals rather than a directional antenna connecting to a satellite for a bidirectional communication session. And all of this ignores the simple fact there are sanctions against some countries and a war going on in another. They are the seller of their antennas and could easily limit who is allowed to change the region of their antenna to work in the white-list zone. Starlink knows the exact equipment I bought from them, and they will know if I move it, and if I change ownership to another person (who actually uses it). Yes, none of this can happen without some administrative or programming work, but that's the case for many companies if they don't want to break the law.
You are all talking about “happy path” situations. Yeah, if the people involved are honest you’re absolutely right.
I’m talking about when a government funded effort, with agents in all reaches of the world, make a concerted effort to get their hands on tech, and trick that tech into working for them.
Obscufating the location of the starlink unit isn't possible. It inherently requires positioning to function at all.
Starlink uses phased array antennas for beamforming, both on the earth base station and on the satelite station. That means the antenna is very directional by using some complex math and multiple tranceivers feeding an antenna array.
That means the satelite must know where you are within like 10s of km. Otherwise it can't tell where to beam your data.
It's kinda exactly why cell towers can locate you. And why you can't avoid that.
And if that location is within Ukraine?