I’m confused by the end. He implies that the “disablement codes” (geoblock, speed violation, etc.) are enforced by the user terminal, meaning they could be circumvented?
> The user terminal itself has no knowledge of service plans, countries, regional, or velocity restrictions – it simply follows commands received from the Starlink satellite
Surely this would be enforced at DHCP time? Or maybe not, since you could get an IP address then start going too fast… is this blog actually a ”wink wink nudge nudge” guide to bypassing Starlink policy restrictions?
That's not my impression at all, if the terminal does not maintain information on service plans or restrictions then it's maintained higher up. We don't have enough information from this blog post to know if the terminal could be configured to ignore limitations but I would expect just ignoring "disablementCode"s wouldn't be sufficient.
It sounds more like a result-code shared to the terminal to inform it that i.e. "ACCOUNT_DISABLED - The Starlink account has been suspended or permanently disabled" or "UNLICENSED_COUNTRY – The terminal is located in a country where Starlink lacks regulatory approval."
I doubt that the decision to act upon that is left to the terminal instead of the Starlink network.
If they actually figured out which disablement codes can be tricked or circumvented, they wouldn’t share that. I guess it would all depend on how strict Starlink checks and enforces for unauthorised usage. For a US company operating on this scale I wouldn’t be surprised if it’s between very strict to just the basics or on demand.
A commentator here mentioned that Starlink also works in Russia, which it shouldn’t? Maybe some devices delivered to Ukraine can be used in Russia too.
Not all of Russia, but in Crimea and the occupied parts of Donbas and Luhansk. Apparently, also in some border regions, probably because Starlink hasn't bothered to precisely geofence the border.
Can you blame them? I think there's some sort of dispute going on as to where that border is, making it hard to do precision geofencing.
To be fair the 'border' hasn't moved all that much in over 2 years now, save a few fields and ruined hamlets.
Plus they use starlink of drone boats, so some degree of flexibility is needed.
He’s saying the sat sends the code to the terminal because the terminal doesn’t even know it’s blocked. This is so you as a user can see why your internet isn’t working.
Probably it works like all other ISPs and terminal is in a VLAN?
Fascinating that they chose to use modulated board-to-board Ethernet instead of just running RGMII from MAC to MAC.
Ethernet seems far easier to prototype with. There's almost no off the shelf stuff for talking to RGMII whereas Ethernet you can just plug into your laptop for testing. If it's two different teams building things it seems like it would be a lot easier to just agree on Ethernet as the interface and then delay integration testing or release earlier.
RGMII is not some obscure competitor to Ethernet, but rather, Ethernet was designed to be a modular two-part design with "MAC" and "PHY" chips connected via "MII" interface. RGMII is simply the latest version of it.
Many Ethernet-supported SoCs still use various MII style interfaces because it makes more sense to outsource the physical layer to some external chip especially if not everyone is going to use Ethernet.
It's perhaps like the difference between using Thunderbolt vs raw PCIe. You technically shouldn't need Thunderbolt if you're just permanently connecting two things inside a same machine.
Is it smarter to do it proper and make it silicon efficient than just shipping the darn thing ASAP? idk. We'll see.
RGMII requires way more work to run board-to-board (heaps of signals, quite precise length matching, impedance control, etc. on the boards, better board-to-board connectors etc.) and at the end of all that will likely be less robust than just running Ethernet. I'd much rather use SGMII just because it's far fewer signals to match (even if it runs way faster) instead of RGMII.
The chips they're using might already have Ethernet PHYs built in anyway which might also be part of the reason they're using Ethernet.
Eh, it's just a half dozen signals in each direction running at 125Mhz DDR. That's in spitting distance of being able to be bit banged by something like an rpi pico.
A $3 breakout PCB with an RGMII PHY and MagJack on it would solve this problem without resorting to analog communication.
Assembly isn't free, either an engineer or the PCB fabricator has to put that together. Also the design isn't free and it's certainly not necessarily going to match the behavior of the device on the other side.
But your laptop's Ethernet adapter comes free with your laptop (both in terms of money and waiting to get it since it's already on your desk) and possibly even more importantly you know the laptop manufacturer and users have QAed it for you so it's absolutely going to behave the way you expect which is important when the device you're designing isn't behaving.
> Assembly isn't free, either an engineer or the PCB fabricator has to put that together
> your laptop's Ethernet adapter
The device as-designed likely wouldn't work with your laptop's ethernet adapter - hence why the author of TFA placed an isolation transformer and jack ...on a breakout board.
Heh I didn't notice it didn't have the isolation transformer. That is odd.
A lot of this is pretty POC-y. Agree digital to analog to analog to digital is kinda inefficient, and in the abstract MAC to PHY (which is probably what you mean when you say MAC to MAC) with RGMII is probably better. My off the cuff guess is that it is likely the written-up interface is easier to access or requires less diving into internals. Not sure where the RGMII lines are, and depending on the design of the Starlink mini itself (I am ignorant of this) the lines might have been buried deeper and less accessible, who knows.
That connector is way cheaper than something that could carry an RGMII signal without major reflections. It's probably cheaper in the end to have the extra silicon than a better connector, and I don't think you need the magnetics if you don't need isolation.
Sure, then you get to write an MDIO emulator so that it actually detects link and since it's a proprietary system you can't exactly comment out the SMI code.. fun!
RGMII isn't really designed to go board-to-board, fairly high data rates, and ideally all of the signals should be delay matched. That gets a bit trickier when there are two boards involved. Also I would expect EMI/EMC issues.
I know people do that sort of thing for evaluation kits, but it doesn't seem like a good idea for production.
I'm not sure I understand the entire point of the exercise. There's already an RJ45 jack on the Mini, so no need to hack the unit to get access to an Ethernet PHY. And the WiFi router can be turned off via the setup page.
Did they remove support for the Ethernet jack on the Minis available in Ukraine? It looks like it's still present on the WiFi board, next to the power jack.
They may want to make absolutly sure no wifi signal emit from the device. Turning it off in the setup page is definitely not enough.
The wifi chip may emit signal during boot. The device may get accidentally reset in the field. SpaceX may push an update that messes with the settings.
I mean, more power to them, certainly, but WiFi emissions seem like the least of your concerns when you're operating an antenna for satellite comms. There will be no shortage of side lobes at Ku band for anyone who cares to listen.
Cutting down on mass would make sense, though.
It will still draw power with wifi turned off, though much less. The most effective way of reducing the P in swap is to remove the unit entirely
it is not just the wifi. its the router.
What does that mean?
You might imagine some use cases where mass is a critical concern.
I know exactly what power-constrained application you have in mind, Oleg, and I like it.
What is the specific use case you have in mind?
Given that the blogger is based in Kiev, Ukraine? Good chance this goes on some sort of long range, Predator-style drone.
I hope that the engineers and scientists contributing to asymmetric warfare technology there aren't designated high-value targets by the adversary.
Wouldn't publicity paint a target on one's back?
Seems likely, just a risk one has to take if you want to actively contribute to a war effort...
Is one increasing the risk by blogging and YouTubing about it?
Ask Gonzalo Lira.
I wonder how SL plans vary in Ukraine / for use in Russia. Assuming US-like pricing and limitations, for low speed drones, this would work. The gotcha is that for jet or fast prop drones in the 250-478 kts range requires a very expensive aviation plan assuming it's similar to US plans.
Could that not also be part of the support being provided to Ukraine in that those prices are not the same as some commercial account? At the end of the day, the billing department could just not issue the bill, or any other method of meaning Ukraine isn't paying for it.
AFAIK US DoD pays for some of the Starlink accounts in Ukraine. The rest are paid for by volunteers at normal prices.
"As of May 2024, Poland continues to pay subcription fees for more than 20 thousand terminals it has bought for Ukraine" https://en.wikipedia.org/wiki/Starlink_in_the_Russian-Ukrain...
I am not sure - afaik there is a speed limit (assumption of satellite visibility and specific latency?) over which starlink won’t work, right? It can however be useful for getting the internet without announcing yourself to a swarm of drones?
>I am not sure - afaik there is a speed limit (assumption of satellite visibility and specific latency?) over which starlink won’t work, right?
The author's youtube channel also contains a video of him doing a speedtest on a starlink mini while driving on a highway.
Starlink satellites orbit at 17,000 miles per hour, so I doubt receivers lose signal just from going at a few hundred miles per hour.
Unless there's a software limit built in that turns them off, or the drone's doing some crazy high-G-force acrobatics.
Wouldn’t this give Starlink the ability to track and/or turn off operations in real time?
Yes, you may recall some controversy a few years back when Musk made some threats along those lines.
There are alternatives if you only need short range, or if you can tolerate high latency. And of course there are fire-and-forget cruise missiles that don't need communications at all.
But there aren't all that many other options. Historically, satellite internet companies like Iridium, Globalstar and Teledesic have not fared well.
It was only made to appear a controversy for clicks and Ukrainians (understandably) trying to bend the rules.
The thing came with a clear limit "this thing works in these cells of this big hex grid". And they drove it off that hex grid. Plan and simple.
Its like if the US-supplied HIMARS came with some built-in limit that it cannot be used to target known Russian nuclear installments, and they'd try to do that.
It's not that those things are unquestionable, but they are limits that would need US consultation as US obviously doesn't want the thing to escalate from being a defensive war to something else.
Is Crimea on "this big hex grid" or not? If not, why not?
Starlink both in technology, availability and regulation angle is advancing so fast that saying "is it now" and "was it then" are quite different.
This is where the hex grid was previously on. Wayback machine doesn't seem to work as it's a web app https://www.starlink.com/map
Because the US military/govt has a say in what US companies sell to foreign militaries and that's what the restrictions were at the time. Remember this was early on in the full invasion.
Starlink is prohibited for use in Crimea because of US sanctions against Russia, and not because "Musk turned Starlink off during a Ukrainian attack".
Well, per other comments, Starlink terminals apparently do work in Russia.
And Musk did exactly that per numerous reports. Given his erratic behavior since around 2018, it's not hard to believe. The other day he was literally threatening to stop Dragon launches for NASA.
"per other comments" Lol.
The geoblocks are quite hard. The only situation where Russians have managed to use them for a short while is when they've managed to capture a terminal, and it hasn't been cut off because it's been unclear who was in control of it, and Ukranians benefit more of them as they've built a lot of things and process around them as it such a massive battlefield advantage if used right.
>Given his erratic behavior it's not hard to believe
Congratulations, you've managed to slip in to a sea of misinformation and media spin. Place a check on this in 5 years, these things tend to be silently put under the rug. It's like you're saying it wouldn't be a surprise if all future Falcon 9 rockets just blew up because they've done so at testing and because Starship does so too. Learn some distinction.
Iridium works extremely well for what it was designed for – truly global, low latency communications without requiring a directional antenna. Unfortunately, that also means very low data rates.
It only gained packed-switched data with the second generation satellite network, but data rates are still very low (think hundreds of kbps, and I believe even that needs high-gain antennas).
~Iridium~ devices were bricked in the first days of the invasion, iirc. That's why starlink was such a big deal, and that's why the usmil wanted it "yesterday" after it proved itself in ua. They had to set up a dedicated unit to deal with starlink, as every branch was trying to get it on their own and complicated purchasing. That unit / project was also called starshield, confusing the matter with the other starshield project that uses starlink buses + ng sensor packages.
edit: it was Viasat not Iridium, I got them mixed up.
Viasat fixed modems got bricked at start of the war in Ukraine and some collateral one's in border areas.
Interesting how the US goes absolutely ballistic about some random dude violating the "Computer Security Act" on a small scale, but didn't react at all to this massive, incredibly impactful, attack.
it didn't impact Americans. it impacted us Europeans but at the time this went down we were too dependent on Russia's cheap gas (and, frankly, lacked the military power) to raise the appropriate level of stink.
Hell we let Russia freely execute dissidents (Skripal or the Berlin Tiergarten murder come to my mind) and tolerated a land-grab war by little green men in 2014. Either of these actions would have warranted serious consequences, the Crimea/Donbas grab would be a casus belli if you ask me. But again, we were too busy sucking Putin off for cheap gas.
so as far as the US is concerned it's fair game to attack US companies as long as it doesn't impact US citizens?
As much as I hate to say it: Trump got a point in saying that Europe should have been responsible for its security / military even 10 years back.
Sure, but don't ignore the fact that Viasat is a US company
As far as the US is concerned, it's fair game to drone-strike US citizens [0,1,2] from time to time.
[0] https://en.wikipedia.org/wiki/Anwar_al-Awlaki#Death
[1] https://en.wikipedia.org/wiki/Killing_of_Abdulrahman_al-Awla...
[2] https://en.wikipedia.org/wiki/Killing_of_Nawar_al-Awlaki
You are right, thanks. I mixed them up. Iridium is also providing service in ua now, and was unaffected at the start of the war.
"Some" is an understatement lol. Here in Germany 3.800 (!) wind turbines lost remote control (and thus were forced offline) until the terminals could be changed because their command uplink was via Viasat.
Yes but they’ve mostly not been doing that (they probably are selling a lot of dishes) and what’s the alternative?
Russians also use Musk's satellites and might find the information useful.
Also as I understand, satellites do not work over Russian territory so guess where this can be used.
Actually, they do work is Russia. You need account registered in some allowed country and also use RV plan (or maybe it is called 'roam' now). I know some ppl who use it. Was thinking to get one myself, to have a reliable bypass of pathetic russian firewall.
> Actually, they do work is Russia.
Aren't starlink have some kind of geolock?
> to have a reliable bypass of pathetic russian firewall
All data shows that Russia have one of the strongest and best firewall in the world, in many aspects even better than in China. And all the Russians I spoke with say that VPN is not blocked and any service for a couple of bucks does its job.
> Aren't starlink have some kind of geolock?
Perhaps. Apparently, it isn't applied in RV mode
> All data shows that Russia have one of the strongest and best firewall in the world
If you have a pile of shit in the world right in front of your house, it is pathetic, even if it is the biggest and the stinkiest pile of shit in the world.
> And all the Russians I spoke with say that VPN is not blocked and any service for a couple of bucks does its job.
I am Russian. This is not true. All regular vpn protocols (OpenVPN, Wireguard) are outright blocked. Shadowsocks is blocked on most ISPs, including all major mobile ones. VLESS works, for now, mostly, but sometimes the IP address of the server I run become unavailable.
They use it at front lines for fighting Ukraine. Not for reading cnn
Ppl I know use it live in Yekaterinburg, rather far from the front lines.
Kazakhstan is near by, maybe service spills over . sure that yekaterinburg and not Kaliningrad ?
Living in Chelyabinsk, I believe I'm rather capable to recognize the difference. Yekaterinburg is at least 300km from the nearest part of Kazakhstan (which up to a few days ago wasn't even officially permitted there). So no, there is no indication that there is any kind of geo-fencing for roaming devices, be them in Russia, China, Iran or Afghanistan.
Kyiv
Maybe just for front-line deployment, it would suck to be targeted by a glide bomb because the Russians located some WiFi signal.
Well the author is Ukranian so I have a guess.
Based on recent events I would guess an explosive-laden drone.
Starlink is already used for «Nemesis» night bombers as well as «Magura» sea drones.
Riding piggy back on a drone?
This was great. I wish Starlink actually provided a dish+modem service exactly like this and real IPv4 not CGNAT nonsense. I think they do for business plans which are much more expensive though.
You can tunnel through Starlink to get a public IP. Not 100% efficient due to MTU reduction and the extra hop to the tunnel end, but it works.
This is the name of the game in new ISPs. You can’t get v4 block purchases approved without a good address utilization plan. Giving a public IP to every residential customer doesn’t really pass muster anymore as a good use of v4 space.
How did the author figure out the pin out for Ethernet? Wild stuff.
Also kudos for them using GRPC. Suggests that there are some competent folks around not rushing things.
Archived version: https://archive.ph/UTFTK
What SoC does Starlink use? Broadcom?
MediaTek
Hasn't Broadcom bought them yet? What an evil company.
Only evil since Hock Tan
Maybe. So? That seems like a decade ago, a lifetime in this industry.
And it's not just vmware. They're predatory, they make Google or Oracle seem like good guys in comparison. They take acquire + squeeze customers to a new level.
If you have any contact with any broadcom product, you'll bleed.