Slashdot Mirror
ICMP_HOST_BELOW_HORIZON - TCP/IP Into Orbit
Christopher Neufeld writes "As reported on ScienceDaily today, on April 10 of this year, some standard IP modules were uploaded to UoSAT-12, and got it answering pings. "
← Back to Stories (view on slashdot.org)
I wonder what UoSat-12's IP address is?
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
The rest is left as an excercise for the reader.
...phil
...phil
"For a list of the ways which technology has failed to improve our quality of life, press 3."
As much as I respect this as a really, really cool hack (installing IP software alongside the old stuff is a pretty nifty trick) you really have to wonder if this is a great idea. No matter how much security they put in, this makes either the satellite or their router vulnerable to a lot of the stuff people pull with TCP/IP these days. I have to think that maybe a completely private TCP/IP based intranet (as opposed to the "engineer logging in from home" image the article presents) is probably the only way that they could make this secure. :)
OTOH, the idea of DOSing a TV sat is pretty cool
~luge
IAAL,BIANLY
Slashdot will have that thing DOS'd out of the sky by this evening, I'm sure.
-- Truth goes out the door when rumor comes innuendo. -- Groucho Marx
The real question becomes: "How do we extend internet protocols to handle ping latencies ranging anywhere from seconds to centuries?" The new protocols should have redundant transmissions and *very* large buffer caches. Timeouts shouldn't occur until some multiple of the latency has passed.
How about this, if the objective is Earth<->Mars, you have several artifical sats that orbit the sun. You route through these sats using a potocol _LIKE_ BGP routing. You may even be able to make the routing protocol smart enough to know its position in space and select the best next hop. By breaking the trip down into smaller hops, data integrity can be checked at each hop.
--fatboy
This is cool and all, but, all jokes aside, isn't this a security nightmare. Sure, you can put up a firewall, password proection, IP filtering, PGP, etc., but is that really enough?
From the article:
From the comfort of home, an engineer logs onto the Internet using a laptop computer and communicates with an orbiting spacecraft. Using industry standard Internet protocols, simple keystrokes send commands adjusting the spacecraft's attitude.
"Comfort of home"? Pretending that I'm a $6/hour ISP admin, couldn't I trap those packets and crash a satellite?
I'm not trying to be a fearmonger, but I really do think that this is a case of Too Much Stuff Connected To The Internet. We all laughed a few years ago when kooks started saying that "Internet hackers" could shut down power plants and kill small woodlands animals. At the time, of course, none of these things were net connected.
Now, between IPv6-addressable squirrels and this satellite, we really could have a problem on our hands.
-Waldo
Mission operations, such as tracking, telemetry and command, are on a private Internet. You can't get there from here.
Mea navis aericumbens anguillis abundat
Hard drives contain air at normal atmospheric pressure, not a vacuum. Most of them are not completely sealed, there is a small air filter that allows for pressure equalization. You would need to mount the hard drive inside a pressurized container on the spacecraft.
Mea navis aericumbens anguillis abundat
i am actually suprised this wasn't done earlier with amateur satellites, as it is (aside from the issues involving communication with orbiting communications systems) just a wireless network connect. if the satellite was in polar orbit you'd have availability problems, but a sat in the clarke belt would be nifty.
anyone know of plans in the amateur community to do this?
oh, and check out AmSat for info on amateur satellites and whatnot.
cvoid - satellites are cool
I think scientists are mostlikely smart enough to sit the thing on a private network behind a firewall ;)
This story is good news for the Save Iridium project. If the technology can be transferred to run on the Iridium satellites they could be used to enhance the internet backbone. Any idea what the ping is to a satellite from earth? AFAICT it will be in the 1 to 2 seconds range, which isn't terribly ideal but would suffice for large downloads with large packet sizes, making the ping time have little effect.
Just my 2c.
Actually, after a thorough study of alien communication protocols and network topologies, I have determined that this is not likely. Their computing systems are based on ternary numbering (their equivalent to bytes, which they call munches, are 9 ternary integers, or tits, wide). Furthermore, they have not developed star based network topologies - all of their systems connect using token ring topologies. Also, they are more advanced than us in certain areas: they never developed stupid connectionless protocols like UDP - they always had sockets and streams. Go figure.
With the tits and everything, it is doubtful they will send a virus that is even executable on whatever processor is in there. We're safe for now.
-Leo
when Napster was loaded onto it and a Metallica song uploaded. This is confirmed to be the highest upload recorded. The spacecraft has no comment at this time
e to the i pi equals negative one
You would need to mount the hard drive inside a pressurized container on the spacecraft.
:-)
Actually, you would need to mount two disks, back-to-back, otherwise, when the drives spin up, the whole satilite will start rotating in the other direction. Newton's Third Law makes working in space a pain in the butt at times.
When I was working at the Space Science Center at Unnamed U., they were building instruments for data collection. They found it cheaper in the long run to simply use hundreds of megabytes of static RAM (what we computer geeks call "cache RAM"). RAM because disks are a pain to work with in space, and static RAM because it resists radiation better and doesn't need to be refreshed.
I wonder what 192 MB of cache RAM goes for?
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
~/linux/net/ipv4$ grep martian * /* Check for the most weird martians, which can be not detected
devinet.c: {NET_IPV4_CONF_LOG_MARTIANS, "log_martians",
devinet.c: &ipv4_devconf.log_martians, sizeof(int), 0644, NULL,
route.c:
route.c: goto martian_source;
route.c: goto martian_source;
route.c: goto martian_destination;
route.c: goto martian_source;
route.c: goto martian_destination;
route.c: goto martian_source;
route.c: goto martian_source;
route.c: * Do not cache martian addresses: they should be logged (RFC1812)
route.c:martian_destination:
route.c: printk(KERN_WARNING "martian destination %08x from %08x, dev %s\n", daddr, saddr, dev->name);
route.c:martian_source:
route.c: * RFC1812 recommenadtion, if source is martian,
route.c: printk(KERN_WARNING "martian source %08x for %08x, dev %s\n", saddr, daddr, dev->name);
(yes, I am kidding, and yes, that grep will actually print out what I posted)
Vinton Cerf (the "father" of the Internet, perhaps even without the quotes) is constantly talking about Internet in space, interplanetary Internet and so on. For example, in his celebrated essay (an Internet draft) "The Internet is for Everyone" (now the official motto of the ISOC), he writes:
To be quite honest, if I didn't have so much admiration for him, I would say that Vint is going just a bit off his rocker, there. But, who cares? The idea is fun, and if a man can't dream, what's left for him to do?
Did you know it, the ISOC has even formed an "Interplanetary International Special Interest Group" (IPNSIG).
--
David A. Madore (ISOC member)
I just hope that it is not made into another Iridium-like network. The reason the current satellites are not too busy right now is the need for an amateur radio license and the skills needed involved to track a low-orbit satellite. If TCP/IP is used for this purpose in the future, don't expect to have it on your cell phone or anything.
Visit Amsat if you want more information about the current state of amateur radio in the sky.
"Comfort of home"? Pretending that I'm a $6/hour ISP admin, couldn't I trap those packets and crash a satellite?
That's why things https and ssh exist. If I were a $6/hour ISP admin and could crack those, I wouldn't be a $6/hours ISP admin for long. There's tons of RSA encrypted traffic that's way more juicy.
Combine VPN, strong encryption, and vigilant system administration and I don't think anyone will be sending spurious orders. Other than that I would see potential DOS problems, especially if the engineer is sending a sequence low level maneuvering orders that could be interrupted during execution. However you'd have to be brain damaged to design the system to work that way anyway -- what if your transmitter failed?
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Sorry, I had to do this. Puns are way too much fun.
On a more serious note, this bodes well for network engineers who want to get into the satcom industry. The differences between the computer industry and the communications industry are rapidly disappearing.
-Josh
So what do we call it? The OuterNet?
Have a Happy.
Comment removed based on user account deletion
Vernor Vinge already covered that in his two books "A Fire Upon The Deep" and "A Deepness In The Sky". Granted, the protocols being used are not IP, but the basic technologies, etc. are clearly (and at one point, explicitly) descended from modern-day networking.
Vinge does better than most SF authors about having believable (from a tech and programming standpoint) computer systems. It is clear from his writing that he has thought about such things as "how would robust communications protocols work among civilisations that are spread out to interstellar distances and relativistic velocities" -- and his solutions are more than just handwaving. Of course, Vinge's day job is a CS professor...
I remember hearing about a new TLD, ".orb", for things in orbit. At the time, it was "shuttle.orb" for communicating with STS missions.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
If you want some geniune spaced bits, just do a traceroute to mcmsun5.mcmurdo.gov. It goes through a geosynchonous sat along the way, and your bits will pick up lots of frequent flier miles.
-- There is no truth. There is only Perception. To Percieve is to Exist.
standard Internet software modules were uploaded to the spacecraft.
Brings new meaning to the term "upload".
-Michael
Do you have ESP?
w^HWell i finally got a shee^Hll on the satellite, but thhe lag is so bad i can'''t ^H^H^H^H''^Ht even use lynx well. Man, and theres something wrong with they^Hir stty settings. Anyway, FIRSTT POST FROM SPP^HACE! :wq^H^H^H oh yeah, i'm not in vii^H
Packing a TCP/IP stack into one of the Voyagers would be tougher than a PIC! And of what use would it be? You'd have to ping it before you went to bed to see the result in the morning, and 90% of your packets would be lost!
.sig: Now legally binding!
What the article is talking about is different. The satelite is actually part of the network and not just a transfer medium. They are talking "to" it. A paragraph in the article points this out:
Satelites have never really been used in this way before and I'm interested in it. It has the potential to speed up intercontinental communication quite a bit. I would think that it is a lot faster to bounce a signal through the air to a satelite to another satelite and then back to land on the other side of the planet than it is to pass the signal under the ocean via copper or fiber. Fiber is a faster medium for transfer but the routers and things slow it down.
On another note, it would be a lot of fun to play with this. Anyone want to upload the source for DeCSS to an orbiting satalite?
-magicsloth
TCP/IP essentially doesn't work over such distances. On the other hand, schemes like Fidonet and Usenet News would work fine as long as they had a transport scheme underneath. You can forget a System-Wide Web, but a system of caching servers for Usenet posts, static web pages, or any other kind of content that doesn't require active communication with the originator will work fine. All you have to do is broadcast everything that's new or changed, and use appropriate encoding to guarantee that the receiver can reconstruct any data errors (something like trellis encoding would be appropriate). What you'd get at Pluto would be some hours out of date and Alpha Centauri would be years behind the fashions, but it would get there.
--
This post made from 100% post-consumer recycled magnetic
Time is Nature's way of keeping everything from happening at once... the bitch.
If you have your own radio gear, you could have sent commands to the satellite using whatever protocol and authentication it wants even without TCP/IP. Adding TCP/IP, if the satellite functions are protected with the same authentication codes, doesn't make it significantly easier.
The other way is to hack through someone else's gateway. If they've firewalled it, you've got the problem of defeating the firewall before you get to the satellite and its authentication mechanisms. Of course, if someone has left the authentication info lying around in an accessible place on their Internet-accessible computer, you're all set... assuming the satellite will accept configuration commands over the TCP/IP channel (it might not, the article didn't say if this was only used for the store/forward system or command and control as well).
It's a pity we can't just ask Bruce Schnier for his opinion of their security model.
--
This post made from 100% post-consumer recycled magnetic
Time is Nature's way of keeping everything from happening at once... the bitch.
--
This post made from 100% post-consumer recycled magnetic
Time is Nature's way of keeping everything from happening at once... the bitch.
Even if we have near light speed vehicles, radio waves are still faster. Barring communication via quantum entanglement (which seems fairly unlikely), the speed of light will likely be the limiting factor in social homogeneity once we start spreading out. This isn't entirely a bad thing, though. We're already too homogenized now, in my opinion.
Maybe I'm showing my age here, but does anyone else remember "Packets from Mars"?
martian: n. A packet sent on a TCP/IP network with a source address of the test loopback interface [127.0.0.1]. This means that it will come back labeled with a source address that is clearly not of this earth. "The domain server is getting lots of packets from Mars. Does that gateway have a martian filter?" Compare Christmas tree packet, Godzillagram.
jargon/m/martian.html
From The Jargon file (4.2)
LongTail SSH Brute Force analysis tool is here!
With the tits and everything, it is doubtful they will send a virus that is even executable on whatever processor is in there. We're safe for now.
;-)
You've forgotten about Java - write once (on alien mothership), run everywhere (once the worm hits our Net).
James.
...Is not advanced antisat missiles, but scr1pt k1dd13s with airforce commissions...
'The Chinese tanks are advancing on our position sir!' '"ping -F north-hem.GPS" soldier!'
Tyranny = Government choosing how much power to give the people.
This is definitely the way to go IMO. It will allow easier access to satellites or whatever in space and when this kind of thing becomes more common, the general public will be able to perhaps interact with satellites over the internet from their own computer.
Now the satellite is going to get slashdotted, and the whole thing is going to come crashing down on our heads.
Okay, here's my take on the security thing. As of now, they are implementing TCP/IP over their satellite signals. I assume that they do not have the ground-based receiver connected to the public Internet, so there's not a whole lot of risk. Of course, then we get to the fun part.
At some point in time, it is likely that researchers using the Internet proper will be able to communcate with a satellite. At that point, yes, there is a possibility of malicious individuals (or groups) getting into your sattellite. At least one barrier to entry would be the ground station-to-satellite link. If you kept this secure (using open and tested protocols and such), a malicious entity would require both a ground station of their own and strong knowledge of the ground-satellite signal specifications and protocols.
If you set the satellite to only act on signals coming from known-good ground stations (based on geophysical location), then a ground station would have to be compromised in order to take over a satellite. This would add another layer of security.
If you, say, hard code those coordinates and the verification routines (and make sure you don't pull a Hubble), you could be fairly certain that your satellite can't be controlled by anyone else, except through your links. If, then, you use secure connections through said link (which means keeping the stuff current, of course), you should be fine.
All in all, it should be no easier to maliciously control a 'Net sat than it is to use an existing attack against the current generation. (Disclaimer: I am not a rocket scientist, although I did take a class covering the basics.)
Check out direcpc.com I have had satelite internet from them for months - about 9 times faster than a 56k modem.
Granted it is just a router really but still - it's cool. I get the internet and Directv off of one dish.
(You still have to have a modem and dialin for the outgoing traffic...)
Frankly, I'm a little worried. Sure, it's way cool to have a satellite on the Internet, but, come on, control it's position from the Internet? At least I hope they have some very good VPN and authentication set up (for when they do have control- I get the impression it wasn't set up for that yet, heres hoping it never does.)
Security critical components should be on a private network. Sure, use TCP/IP, TCP/IP rocks, but if you are going to have remote control I for one would be far more relaxed if you were on a private network (the solar system intranet!).
Maybe I'm overreacting, but I can't help looking up to the sky, thinking of a script kiddy, and ducking under cover.
This reminds me of a comment I once read in the source of a TCP/IP stack (KA9Q probably) to the effect that IP would be no good for communication in space as the round trip time to Mars would cause standard IP to time out every packet. Damnit, why didn't they see this coming back in the seventies? :-)
--
Everyone and their brother would then /. the server so that they can have orbital tcp/ip traffic...
Not to mention the script kiddies wanting to "0w/\/" it...
BlackNova Traders
Wait a minute ... now aliens can come down and upload a virus to our satelites. We're opening the backdoor to alien hackers!