A research paper being presented this week at the Annual Computer Security Applications Conference reveals that satellite internet services, including T-Mobile's, used unencrypted transmissions that could be intercepted with about $800 worth of gear.
As first reported in Wired, research from scientists at the University of Maryland and the University of California, San Diego, found that users' calls and texts, as well as potentially sensitive data from military and corporate transmissions, could be accessed. (The full research paper, titled "Don't Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites," can be found online.
According to the Wired report and the research paper, providers, including T-Mobile, made changes to address the vulnerability. Other unnamed providers have yet to fix the problem. The researchers declined to name them and said in the article that they've spent the past year warning satellite operators about the dangers of transmitting unencrypted data.
T-Mobile did not immediately return an email about the research.
In a summary of the research paper, the scientists wrote, "We pointed a commercial-off-the-shelf satellite dish at the sky and carried out the most comprehensive public study to date of geostationary satellite communication.
"A shockingly large amount of sensitive traffic is being broadcast unencrypted, including critical infrastructure, internal corporate and government communications, private citizens' voice calls and SMS, and consumer internet traffic from in-flight Wi-Fi and mobile networks."
English (US) ·