Notebookcheck Logo

All Starlink dish locations identified via AirTag-like tracking bug as Elon Musk says 'significant resources' go to prevent jamming

Apple geolocation bug finds Starlink locations (image: SpaceX)
Apple geolocation bug finds Starlink locations (image: SpaceX)
The precise geolocation that Apple considers to be a feature of its device tracking system has been deemed a security bug that allowed the mapping of all Starlink access points.

Apple's tracking technology is in hot water again, as a bug that could be exploited by enterprising hackers has allowed researchers to map all Starlink dish locations, including in conflict zones.

Unlike Google's Wi-Fi Positioning Systems (WPS) that calculates and reports exact location based on at least two nearby access points, Apple casts a much wider net.

It scoops up the Basic Service Set Identifier (BSSID) MAC addresses of up to 400 devices in the vicinity, and uses eight of those on average for a more precise geolocation.

This has allowed for the famed iPhone tracking, for example, to ping their whereabouts globally, so for Apple this is more of a feature rather than a bug.

Researchers from the University of Maryland, however, managed to exploit Apple's generous BSSID sharing function to discover 488 million devices already stored in its system.

These included a subset of all Starlink satellite Internet kit locations, for example, and about the only places they couldn't geolocate anything were deserts, rainforests, and China.

Starlink says that it has started to fix the static address issue with an update that is gradually being rolled out, but is yet to cover all of its gear:

In early 2023 a software update was released that randomized the main router BSSID. Subsequent software releases have included randomization of the BSSID of WiFi repeaters associated with the main router. Software updates that include the repeater randomization functionality are currently being deployed fleet-wide on a region-by-region basis. We believe the data outlined in your paper is based on Starlink main routers and or repeaters that were queried prior to receiving these randomization updates.

As an example of how Apple's WPS storing practices can be used for nefarious purposes, the researchers geofenced conflict zones and mapped devices there, including Starlink dishes in Ukraine.

The Starlink kits there have been subject to a lot of contention as SpaceX sometimes restricted their use, for example to coordinate drone strikes over Crimea, worried about retaliation.

Still, despite that Starlink dishes there sometimes fall in Russian hands, Elon Musk seems to be proud that SpaceX has the only satellite Internet system still standing in Ukraine. 

"SpaceX is spending significant resources combating Russian jamming efforts," informed Elon, adding that "they have succeeded in shutting down every communications system, except Starlink."

As for Apple, it quickly issued a silent update that allows those in the know to opt out by adding a "_nomap" suffix to their SSID access point name.

"I would hope Apple would put further restrictions on the use of its API, like rate-limiting these queries to keep people from accumulating massive amounts of data like we did," says UMD Associate Professor David Levin who is the security study's lead.

Get Starlink satellite Internet at Best Buy

Source(s)

Read all 5 comments / answer
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2024 05 > All Starlink dish locations identified via AirTag-like tracking bug as Elon Musk says 'significant resources' go to prevent jamming
Daniel Zlatev, 2024-05-27 (Update: 2024-05-28)