> During device initialization, if the system identifies itself as a user terminal, the initialization script automatically writes 41 SSH public keys into /root/.ssh/authorized_keys. Notably, port 22 on the UTA remains open to the local network at all times.<p>Forty-one? So who does <i>not</i> have root access to "your" user terminal?
Discussions on similar submissions:<p><i>Teardown of the SpaceX Starlink User Terminal</i> <a href="https://news.ycombinator.com/item?id=25277171">https://news.ycombinator.com/item?id=25277171</a> (December 2, 2020 — 158 points, 138 comments)
I'm surprised to hear all packets are processed in userspace...<p>If one is doing 1Gbps of traffic which is 100 byte UDP packets, that's a million packets per second you're gonna need to process.<p>A 1Ghz CPU only then gets 1000 cycles to process each one...<p>Very doable, but certainly not easy unless your engineers like hand coding assembly and having to think about every lookup table trick in the book...
How do you even get into doing this sort of thing? Reverse engineering stuff is hard and all trolling is either really expensive, or old and no longer developed; with a few exceptions, I'm sure.
I’m interested in how to secure the firmware from reverse-engineering in a product. Is there somewhere an introduction to the techniques used by SpaceX there?
> DARKNAVY built a basic QEMU-based emulation environment for the Rev3 firmware<p>Anyone has links to resources about how to emulate a firmware that connects to external devices (GPS here), any ready solutions?