Category: Satellite

Eavesdropping on Sensitive Data via Unencrypted Geostationary Satellites

Recently, Wired.com released an article based on research by researchers at UC San Diego and the University of Maryland, highlighting how much sensitive unencrypted data many geostationary satellites are broadcasting in the clear.

The researchers used a simple off-the-shelf 100cm Ku-band satellite dish and a TBS-5927 DVB-S/S2 USB Tuner Card as the core hardware, noting that the total hardware cost was about $800. 

Simple COTS hardware used to snoop on unencrypted satellite communications.
Simple COTS hardware used to snoop on unencrypted satellite communications.

After receiving data from various satellites, they found that a lot of the data being sent was unencrypted, and they were able to obtain sensitive data such as plaintext SMS and voice call contents from T-Mobile cellular backhaul and user internet traffic. The researchers notified T-Mobile about the vulnerability, and to their credit, turned on encryption quickly.

They were similarly able to observe uncrypted data from various other companies and organizations, too, including the US Military, the Mexican Government and Military, Walmart-Mexico, a Mexican financial institution, a Mexican bank, a Mexican electricity utility, other utilities, maritime vessels, and offshore oil and gas platforms. They were also able to snoop on users' in-flight WiFi data.

Cellular Backhaul
We observed unencrypted cellular backhaul data sent from the core network of multiple telecom providers and destined for specific cell towers in remote areas. This traffic included unencrypted calls, SMS, end user Internet traffic, hardware IDs (e.g. IMSI), and cellular communication encryption keys.

Military and Government
We observed unencrypted VoIP and internet traffic and encrypted internal communications from ships, unencrypted traffic for military systems with detailed tracking data for coastal vessel surveillance, and operations of a police force.

In‑flight Wi‑Fi
We observed unprotected passenger Internet traffic destined for in-flight Wi-Fi users on airplanes. Visible traffic included passenger web browsing (DNS lookups and HTTPS traffic), encrypted pilot flight‑information systems, and in‑flight entertainment.

VoIP
Multiple VoIP providers were using unencrypted satellite backhaul, exposing unencrypted call audio and metadata from end users.

Internal Commercial Networks
Retail, financial, and banking companies all used unencrypted satellite communications for their internal networks. We observed unencrypted login credentials, corporate emails, inventory records, and ATM networking information.

Critical Infrastructure
Power utility companies and oil and gas pipelines used GEO satellite links to support remotely operated SCADA infrastructure and power grid repair tickets.

The technical paper goes in depth into how they set up their hardware, what services and organizations they were able to eavesdrop on, and how they decoded the signals. The team notes that they have notified affected parties, and most have now implemented encryption. However, it seems that several services are still broadcasting in the clear.

A Small 11.2 GHz Motorized Radio Telescope with TV Dish and RTL-SDR

Thank you to Kaustav Bhattacharjee for writing in and submitting to us his project, where he created a small 11.2 GHz motorized radio telescope with a TV dish and an RTL-SDR. A full description of Kaustav's work can be found in a white paper he wrote on behalf of the Department of Physics at the Indian Institute of Technology Roorkee. In summary he writes:

Briefly put, the hardware Setup comprises a 66 cm parabolic dish, a standard Ku-band LNB with bias tee power injection as the frontend, an RTL-SDR V3 tuned to 1.45 GHz (due to downconversion) as the receiver and a Raspberry Pi 5 handling SDR data (via GNU radio) and stepper motor control (using GPIO pins). A heatmap of the southern sky at 0.9° resolution, showing a belt of geostationary satellites, is the primary result of interest!

We also want to point out that his rotor setup involves several 3D printed gears driven by two NEMA17 stepper motors. However, Kaustav notes that the long term resolution is limited due to cumulative backlash errors from the open-loop control scheme.

Kaustav's 11.2 GHz RTL-SDR Radio Telescope
Kaustav's 11.2 GHz RTL-SDR Radio Telescope
Geostationary satellites visualized with the radio telescope
Geostationary satellites visualized with the radio telescope

A Browsable Archive of Historical Weather Satellite Data

Thank you to Meti for writing in and sharing his browsable archive of historical weather satellite data (further information here). The archive is designed to store weather satellite data, whether in baseband IQ format, frames, or images, for scientific, educational, or preservation purposes.

With NOAA POES now fully shut down, the archive could be useful for individuals who didn't have the opportunity to decode a NOAA satellite for real, or perhaps for those who will want to relive their old hobby one day. Meti writes:

I've been working on setting a weather satellite data archive up; a lot of these incredible satellites are lost to time because people didn't save the data or had it deteriorate over the years, as has been proven with the ongoing POES decommissioning!

My goal is to create a browsable archive of historical satellite data that is downloadable and re-decodable by others who didn't and/or don't have the opportunity to catch the satellites in question themselves for scientific, educational, or just preservative purposes.

I've been working hard asking around various people and groups for the possibility of them keeping some data from as many different satellites as possible, but still have large gaps in several satellites. I was wondering if it were possible to try to publish this archival effort on the blog to try to get more outreach than word of mouth?

The archive currently stands at 430 gigabytes of data with about 100 more awaiting processing due to missing pipelines, already spanning more than 4 decades!

The archive currently stores a variety of different satellites and their data products, and some in the archive even have the raw IQ data, which occupies a significant amount of hard drive space.

However, Meti notes that many satellites are still missing from the archive, and he would like to reach out to the community for submissions. If you have any data from the following, please reach out to Meti.

GEO:
- Meteosat wefax
- Meteosat xRIT (Only have very limited data)
- GOES-N LRIT/MDL/GVAR/Sounder SD (Before it became EWS-G! So over the US)
- Elektro-L1 xRIT/RDAS

LEO:
- NOAA APT older than NOAA 12
- NOAA HRPT from any sat besides 15/18/19
- Seastar (OrbView-2) HRPT
- MetOp LRPT !!! (Metop-A transmitted for a few days) - Meteor M1 HRPT
- Meteor 3M APT/HRPT
- Meteor 1/Priroda/2 APT (other than Meteor 2-21. NOT M2!)
- FengYun 2A/B/C/D/E/F (S-)VISSR (Or LRIT)
- Fengyun 1 CHRPT

Catch-all
- Any L-band prior to ~2000
- Any VHF prior to ~1990
- Any anomalies - instrument failures leading to strange receptions (i.e. NOAA 17 failing APT broadcasts). THIS IS EXCLUDING NOAA-15 post 2020 and any user-side issues (weak reception, sample drops etc.)

You can find more information about the project and how to contribute on this linked page.

Satellite Archive. Currently over 430 GB Archived.
Satellite Archive. Currently over 430 GB Archived.

Amateur Weather Satellite Reception Beyond NOAA POES

With the recent decommissioning of NOAA POES (NOAA-15, NOAA-18, NOAA-19), many amateur weather satellite hobbyists might be asking themselves if the hobby is now dead.

While NOAA POES satellites were the easiest stepping stones into amateur weather satellite reception, the hobby has seen massive strides in enabling easier reception of other satellites over the past few years. Furthermore, in the near future, various new satellites are scheduled for launch, which should be receivable by amateurs.

Over on his blog, Jacopo has created a detailed post showing what satellites amateur hobbyists can still receive on the L-band and S-band. Some receivable satellites include Meteor-M,  Metop, Arctic Weather Satellite (AWS), STERNA, Elektro-L, GOES, EWS-G, Jason-3, UVSQSat-NG, DMSP, HINODE, ISS DATV and Proba 2.

While almost all of these satellites (apart from Meteor-M's LRPT 137 MHz signal) require a satellite dish and L-band, S-band, or X-band feed, recent products like our Discovery Dish can make setting up an L-band or S-band system significantly easier.

The Meteor-M series of satellites
The Meteor-M series of satellites

Moving SatDump Towards V2.0.0

Over on the SatDump blog developers Aang23 and Lego11 have recently uploaded a post discussing their plans to move SatDump towards Version 2.0.0. SatDump is currently the most comprehensive and popular software for SDR users wanting to decode images and data from satellites. 

The developers note that their update frequency has slowed down recently due to their focus on V2.0.0. The new version introduces significant under-the-hood changes that will make SatDump easier to manage and develop in the future, and also focuses on improved documentation.  

Users of SatDump will also see an improved GUI, new functionality such as crop, an SSTV decoder, support and improvements for a wide range of satellites, any many other improvements discussed in the post. 

We note that V2.0.0 has not yet been released. The post notes that at some point in the near future they will begin merging the new V2.0.0 branch into master, followed by frequency alpha releases, before finally releasing an official V2.0.0. 

SatDump V2.0.0 ALPHA with new GUI
SatDump V2.0.0 ALPHA with new GUI

Saveitforparts: Receiving NOAA-15 One Last Time

Over on YouTube Gabe from the saveitforparts channel has uploaded a new video discussing the decommissioning of NOAA-15 and NOAA-19. We also previously posted about this topic a few days ago, if you are interested.

NOAA-15 was scheduled to shut down on August 12, 2025, but due to anomalies with NOAA-19, the decommissioning date of NOAA-15 has been extended by a few days until the week of August 18th. NOAA-19 has recently been experiencing transmitter failures, and it may be impossible to receive signals from it at the moment, despite its expected decommissioning date of August 19, 2025.

In the video, Gabe also rushes to try and receive signals from all transmitters on NOAA-15 one last time, setting up VHF, L-Band, and S-Band receivers. He experiences some issues with weak signals, interference, and recording failures, but ultimately succeeds in capturing all three signals during one of the final passes of NOAA-15.

US Government Shutting Down More Weather Satellites

Tech Minds: Testing out Discovery Dish for Inmarsat and Hydrogen Line Radio Astronomy

Over on YouTube Matt from the Tech Minds YouTube channel has recently uploaded a new video where he tests out our Discovery Dish antenna. Discovery Dish is designed to be a low-cost, portable solution for receiving L-band and S-band weather satellites, Inmarsat satellites, conducting amateur hydrogen line radio astronomy, and more.

In the video, Matt unboxes the Discovery Dish and provides an overview of the build process before demonstrating its use in decoding AERO and STD-C messages on Inmarsat. He then shows the dish and Inmarsat feed being used to receive Iridium satellites, and how they can be decoded using iridium-extractor with a HackRF or Airspy R2.

Finally, Matt swaps out the Inmarsat feed for the Hydrogen Line feed. Using SDR#, the IF AVG plugin, and Stellarium, he was able to obtain a clear hydrogen line peak.

This Discovery Dish Is The ONLY Satellite Dish You Will Need!

NOAA 15 and 19 To Be Decommissioned Within the Next Two Weeks

The National Oceanic and Atmospheric Administration (NOAA) have recently announced that they are planning to decommission NOAA 15 and NOAA 19 on August 12, 2025 and August 19, 2025 respectively.

Update #7: NOAA has completed End of Life (EOL) testing activities for NOAA-15 and NOAA-19 and will commence the decommission process shortly. These two remaining satellites in the NOAA Polar Operational Environmental Satellites (POES) Constellation are far beyond their primary mission design life. All have incurred subsystem and instrument degradation or failures and have entered a "twilight phase" where failure modes are increasingly likely. As a reminder, NOAA-18 was decommissioned on June 6, 2025 at 1740 UTC due to an unrecoverable failure to the S-Band transmitter. The remaining satellites in the legacy POES constellation will be decommissioned as follows: NOAA-15 on August 12, 2025 and NOAA-19 on August 19, 2025.

NOAA-15, NOAA-18, and NOAA-19 have long been core satellites for RTL-SDR users. For many of us, one of these would have been the first satellite from which we received weather data via the 137 MHz APT signal.

These NOAA satellites were marked end-of-life (EOL) back on June 16, 2025. However, EOL status still meant that transmissions would continue as normal. The EOL status simply marked that the satellites should no longer be used for mission-critical services, and that no attempts at repair or recovery would be made if needed.

On June 06, 2025, just before the EOL status officially went into effect, NOAA-18 was decommissioned and shut down due to a prior transmitter failure that left ground control in danger of being unable to control the satellite in the future. 

While nothing critical appears to have happened to the remaining NOAA-15 and NOAA-19 satellites as of yet, these are ageing satellites with various ongoing issues. NOAA-15 was launched in 1998, and NOAA-19 in 2009. They have long exceeded their design life.

As with NOAA-18's decommissioning, it does not appear that NOAA will deorbit the satellites. Instead, they will be left in orbit and put into a safe electrical state, with the transmitters shut down.

You can find more information about the decommissioning over on Carl Reinmann's usradioguy blog.

A Drawing of NOAA-19
A Drawing of NOAA-19