Starlink

[Fallon]

Wireless in any form isn't really any less secure than wired. If you are sending unencrypted traffic out over your Internet connection, it can be sniffed at any point between source & destination. The Internet isn't secure. It may be easier to sniff wireless than wired in many instances. But it's easy to sniff wired if you have access.

Any sane regulation will require encryption. In business that generally means a VPN to the corporate office or application provider. I can't imagine HIPPA requiring wire. I'm sure it specifies encryption & some people are putting in wired for other reasons or incompletely attributing the wired requirement to HIPPA for other reasons. Wire is more reliable, consistent & easier to support.

 

[BigBlue1]

I understand StarLink has a wired Ethernet Adapter. My question is Security from the Dish to the Satellite and back. Is that piece encrypted and secured to meet HIPAA Guidelines? I'm assuming so. And if you think you can run the same speeds wireless as opposed to wired you are sadly mistaken. In my Business you have to have a wired ethernet port to work on our equipment as well as most if not all IT Industry jobs. If your machine doesn't have a NIC Card then you can get a USB to ethernet adapter.

I don't think anyone outside of Starlink knows whether there is encryption for the dish<-->sat path or not. However, that's irrelevant, really. If your needs or the needs of the employer you're working for require security via encryption then your own access path should be providing that. Typically that is done via either HTTPS to/from a web site or via an encrypted VPN connection to your employer (and often both - HTTPS over VPN). To rely on your ISP for that is not adequate management of your or your company's security needs.

As for HIPAA, there are encryption requirements for data at rest and data in transit. But the method of 'transit' (hard-wired or wireless) is something I've never seen called out. And I've been in IT for the healthcare industry for 20+ years.

Networking is often described by the OSI model. This model calls out 7 'layers' involved with networking (see https://www.imperva.com/learn/application-security/osi-model/). Layers 4-7 are where encryption needs can and would be met. Layers 1-3 are involved with the plumbing of getting the bits and bytes where they need to go. Wireless (i.e. wifi or using LTE as your ISP method) vs hardwired (ethernet) is a facet of layers 1-3.

Rob

 

[kcflhrc]

I assume the requirements may be different for different employer's. Just stating what I have ran across for Health Care Employer's here. I even had the same wired requirement for an Insurance Adjuster that worked from home. They required wired ethernet. Farmer's Insurance I believe. And as I stated these machines didn't have wireless capability at all. And yes, all of them use VPN, typically Cisco AnyConnect.

 

[Gale Hawkins]

I don't think anyone outside of Starlink knows whether there is encryption for the dish<-->sat path or not. However, that's irrelevant, really. If your needs or the needs of the employer you're working for require security via encryption then your own access path should be providing that. Typically that is done via either HTTPS to/from a web site or via an encrypted VPN connection to your employer (and often both - HTTPS over VPN). To rely on your ISP for that is not adequate management of your or your company's security needs.

As for HIPAA, there are encryption requirements for data at rest and data in transit. But the method of 'transit' (hard-wired or wireless) is something I've never seen called out. And I've been in IT for the healthcare industry for 20+ years.

Networking is often described by the OSI model. This model calls out 7 'layers' involved with networking (see What is OSI Model | 7 Layers Explained | Imperva). Layers 4-7 are where encryption needs can and would be met. Layers 1-3 are involved with the plumbing of getting the bits and bytes where they need to go. Wireless (i.e. wifi or using LTE as your ISP method) vs hardwired (ethernet) is a facet of layers 1-3.

Rob

https://www.space.com/elon-musk-spacex-starlink-cyber-defense-ukraine-invasion

Musk putting this ahead of Starship development is telling.

 

[dmccarty]

Work requires a VPN to access work systems on work devices. As well as a bunch of other security requirements.

We use a different VPN for our home devices.

The transport method, DSL, cell or now Starlink, matters not. VPN protects over all three.

A coworker was hacked via people accessing their wired router which had a hard drive attached with USB. A VPN, or a wired connection to the router, would not have prevented that hack.

Later,
Dan

 

[dmccarty]

Our Golden Ticket arrived today.
...
Still awaiting the Ethernet adapter and pole mount for the final install, but so far, so good.
...
P.S. 37ms ping, and about twenty five times faster than our DSL. Can't wait to try webex video.

Congratulations!

We are still waiting for the adapter and mount but my hack install is working just fine, even the 40+ mph wind gusts we got yesterday.

Those ping times and data speeds are what we are seeing as well. Sometimes higher though.

Later,
Dan

 

[dmccarty]

Time will tell if providing minimal customer service is a wise business approach.

If a brand becomes tarnished due to poor after-sale support, it is very costly to repair that image. Repair of that damage can be more costly than if you had funded customer service a little better in the beginning.

A coworker and I used to have this conversation years ago about the software business. We could see the decline in quality and support over the years...

The question is, if other companies have the same quality of support, what is one to do?

Customer support with CenutryLink and Verizon is not what I would call good. When we lived in the city, cable was even worse. Starlink only has to be as good, or as bad, as the competition.

Later,
Dan

 

[ponytug]

+1 on @BigBlue1's comments regarding HIPPA. Rob is right on the money. The act requires encryption of data at rest and in motion. There is no requirement about the medium of transmission. There is some further items about what constitutes patient data.

Individual companies are, of course, free to make different regulations that are more restrictive. The act only sets the minimum. The acts also sets monetary fines for data leaks, and for a hospital, the fines for a full scale break in to their patient records could be in the billions of dollars, with a B. Hospitals with on the ball administration and IT departments are spending on HIPPA security like there is no tomorrow. Even just having the Windows PCs go offline is a huge expense for most hospitals.

Wired connections are more difficult to break into than wireless, but certainly not impossible. As this is about Starlink, trying to listen in on a phased array antenna is not going to be trivial, especially an antenna pointed up, but that isn't where I would be looking for hackers to get in. My bottom line is that if someone has a strong incentive to break in, they can. Almost nobody runs a secure privacy centered operating system, and the common operating system has zero day hacks that are purchasable on the dark web for trivial amounts of money. The fact that zero day exploits are so cheap tells you how common they are.

The uplink/downlink for Starlink is said to be encrypted. Personally, I know of nobody who has broken into it, yet.

All the best,

Peter

 

[buckeyefarmer]

What’s up with the adapter that is required? I thought dishy had an Ethernet port.

 

[Roric]

Dishy 2 is rectangular and the router needs an adapter.