Starlink Got Hacked And SpaceX’s Response Was Incredible

Wouters submitted all of his findings to SpaceX in a responsible way: through its dedicated bug bounty program. In fact, this got him inducted into the SpaceX bug hunting hall of fame, in which he now holds the second place. SpaceX presumably paid the hacker for finding the bug, as that’s the whole point of the program, although the amount hasn’t been disclosed. Many large organizations rely on third-party researchers to help them track down bugs and vulnerabilities that may slip through the cracks during testing. For instance, Apple recently paid a PhD student $100,000 for successfully hacking a Mac.

Once Wouters published his side of the story, SpaceX responded with a six-page paper (PDF), and it’s hard not to admire the enthusiasm shown in that response. Right from the very headline, SpaceX is inviting people to do what Wouters just did by saying, “Starlink welcomes security researchers (bring on the bugs).” The giant goes on to describe Starlink and its impact on the world, especially visible now during the war in Ukraine, where Starlink has become one of the sources of connectivity for some of the Ukrainian citizens who remain in the country. 

SpaceX congratulated Wouters on this achievement, but also made sure to point out that this kind of hack is low-impact for the network and its users. “We aim to give each part of the system the minimal set of privileges required to get its job done,” said SpaceX, affirming that one piece of compromised equipment should not affect the entire network. With that said, SpaceX also notes that it’s hard to protect a device to which a hacker has constant unmonitored physical access — so the bug hunting continues.