Don’t Look Up: The Satellites Are Talking
Satellite communications — the backbone of global data, logistics, and internet connectivity — remain alarmingly insecure. Despite decades of advancement, many systems still rely on outdated protocols and unencrypted signals, leaving sensitive transmissions vulnerable to interception.
By: Paco Campbell
Published: Thursday, October 16th, 2025
I know, I teased Jurassic Park. And it’s written, it’s coming! I just could not let this pass…
In Don’t Look Up, scientists discover an asteroid on a collision course with Earth. They run the numbers, double-check, shout from rooftops, and still — the world shrugs. Not because the math is wrong, but because the news is inconvenient. We’d rather believe the sky is fine.
That’s about where we are with satellite communications.
For decades, we’ve been launching miracles into orbit — pieces of aluminum and code that can talk across continents, stream 4K video, coordinate global logistics, and deliver broadband to the middle of the Pacific. It’s extraordinary engineering. But it’s also, apparently, running on a mix of legacy trust, unencrypted signals, and “hope no one’s listening.”
And people are listening.
Wired’s piece about satellites “leaking the world’s secrets” hit like that Don’t Look Up moment — except the asteroid isn’t coming. It’s been overhead the whole time, quietly rebroadcasting your calls, your company’s telemetry, your data center’s heartbeat. The surprise isn’t that someone can intercept these signals. It’s that we ever believed they couldn’t.
We’ve Been Here Before
This isn’t new. In the early days of satellite TV, anyone with a big parabolic antenna could pull down HBO or Showtime for free. It was literally called “free-to-air.” People bought DIY kits, pointed them at the sky, and watched whatever they wanted.
HBO’s answer was scrambling the signal, but even that was half-hearted. The encryption wasn’t end-to-end — more like a polite suggestion. It took a guy named Captain Midnight (a satellite uplink engineer, of all people) to hijack HBO’s feed in 1986 and broadcast his own protest message:
“GOODEVENING (sic) HBO FROM CAPTAIN MIDNIGHT. $12.95/MONTH? NO WAY!”
That was almost forty years ago. The message back then wasn’t “the hackers are coming.” It was “the gate is wide open.”
Fast forward to now — 2025 — and we’re still flying open gates. Except this time, they’re orbiting the planet at 7 km/s.
The Illusion of Progress
We tell ourselves it’s different now because everything’s digital, encrypted, authenticated, hardened. We’ve got AES, TLS, VPNs, post-quantum-this and zero-trust-that. Surely if we can build satellites, we can keep them secure.
Except apparently, no — we can’t.
Many of these systems still rely on outdated protocols, poorly implemented encryption (if any), and ground station infrastructure that predates your favorite meme format. The satellites themselves are often constrained by “bandwidth” or “processing power” — as if computing at scale is some exotic frontier. It’s 2025. We can train 600-billion-parameter language models in the cloud, but we can’t put basic crypto in orbit?
Bandwidth and CPU aren’t the problem. The problem is the assumption that security is optional because physics will protect you. That no one would ever bother listening. That the RF noise floor is high enough, or the modulation obscure enough, or the link budget tight enough that the attack surface is theoretical.
It’s not. $800 worth of SDR hardware can do it. That’s not theoretical — that’s the hobbyist tier.
(Will) The Real Risk Register (Please Stand Up)
What blows my mind is how this ends up in risk registers. You can practically see the spreadsheet:
| Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|
| Anyone can read our satellite communications | Low | Medium | Accepted, encryption too costly |
(The above table is scrollable on the web. It might not look the prettiest on mobile.)
That last column — “accepted” — is where the asteroid hides.
Because “too costly” usually means “technically annoying.” Someone weighed the inconvenience of retrofitting crypto against the entire planet’s data exposure and decided, “Eh, we’ll take the hit.”
But accepted by whom? Not by the people whose comms are being relayed. Not by governments, companies, or users downstream. Accepted by a handful of engineers and program managers on behalf of everyone — on behalf of mankind, really. The hubris is staggering.
If “bandwidth” or “power budget” is the defense, that’s not an engineering constraint — that’s an excuse. It’s saying: We could fix it, but then it wouldn’t be elegant. Or worse: We’ll fix it in the next generation.
That’s like telling the pilot, “Don’t worry, the parachute’s optional — the next model will have one.”
Don’t Look Up
In Don’t Look Up, the tragedy isn’t the asteroid. It’s the denial.
The data is clear, the models are solid, but the response is a mix of PR spin and magical thinking. Everyone’s waiting for someone else to take it seriously.
That’s what this feels like. The signals are out there. The leaks are measurable. Researchers and security analysts have been shouting for years that satellite communications are exposed — military, corporate, civilian. But it’s inconvenient to acknowledge because it breaks the narrative of “space is secure.”
We love to mythologize our tech. We call satellites “birds,” “constellations,” “eyes in the sky.” We forget they’re just computers with long ping times, running firmware that probably hasn’t been updated since Obama was in office (the first term, at best).
And now “birds on the wire” isn’t a metaphor. It’s literal.
They’re listening.
The Price of Ignoring
Here’s the part that stings: encryption would help. It’s not magic, but it would make passive interception exponentially harder. Yet the same institutions that insist on two-factor authentication for interns somehow treat space comms like a trust fall.
Every decade we rediscover this lesson. HBO learned it in the 80s. The telecom industry learned it with SS7. Wi-Fi learned it with WEP.
Each time, the pattern’s the same:
- The system works great.
- The system gets popular.
- Someone pokes at it.
- Surprise — it’s wide open.
- Everyone scrambles to patch it.
- (Optional, one day, hopefully; rinse and repeat.)
Except you can’t patch something that’s already 400 miles up and doing 15,000 mph.
So we shrug. We look down.
We accept the risk, again.
A Glimpse of the Future
The irony is that the same open signals that make interception easy also make research, transparency, and awareness possible. The “bad guys” aren’t the only ones listening. The security community, academics, and hobbyists are too — and that’s what’s finally forcing the conversation.
Maybe this is our Don’t Look Up moment: the point where denial is no longer plausible. The data’s in. The asteroid’s visible. The sky isn’t falling — it’s leaking.
And maybe, just maybe, the next generation of engineers won’t dismiss encryption as “too expensive” or “too heavy.” Maybe they’ll remember that every time we’ve said that before, it’s ended the same way: someone finds the signal, points the dish, and proves the gate was never locked.
Because in space, no one can hear you scream —
but they can definitely hear your unencrypted downlink.
I can already read it. You have been impacted by leaky satellites; this court-approved notice of settlement yada yada yada. Sigh.