Though, I hope your family isn't cruising much in the future-- sharing stuff like this, with so many specifics about which cruise line and exact retry methodologies used, is a surefire way to get it shut down. (Or worse, a nasty internet bill from the cruise line.)
I will say, it would be kind of cool if this post gets big enough that someone from the cruise line sees it and actually feels that they need to put in the time to patch it.
Did the article always say REDACTEDCRUISELINE ?
"A Navy officer is demoted after sneaking a satellite dish onto a warship to get the internet"
https://apnews.com/article/navy-illegal-wireless-internet-53...
https://www.navytimes.com/news/your-navy/2024/09/03/how-navy...
---The Starlink dish wasn’t discovered until a civilian technician, installing a Starshield satellite communications system, noted the device and reported it to a senior crew member.
AFAICT, all the airlines rolling out Starlink have made it free on their flights. Which implies cooperation from Starlink -- either Starlink has made "free" a condition of their service, or they've just priced it cheap enough to make free a reasonable option for airlines.
There's no good reason why Starlink for cruise ships should be priced significantly higher than on airlines. So either the cruise lines or Starlink are gouging. Or both. Probably both.
Cruise ships are getting towards the 10k person mark.
One cruise ship will be substantially more load on the local satellites and ground station than a plane will.
The price difference is just based on what the market will bear. Trapped on a cruise for a week, you are much more desperate for Internet. Plus you've paid a lot more for the trip and the fee doesn't feel so large compared to all the other upsells. The cruise often is the vacation, whereas air travel is just the means to an end.
Which is resolved by charging, a lot, so there's enough bandwidth per active paying person.
Personally I would have at least 2 terminals, a low tier and high tier. I would sell only a limited number of high tier connections, good for the entire trip. Probably included as a perk with first-class cabins. The low tier would be a daily purchase. I mean hotels have done this for ages.
Maybe a dedicated business center with wired (dongle) connection and kiosk PCs, that gets the best bandwidth of all, but you're away from ship activities.
Apparently a mid-size ship will have 12 terminals. That same thread talks about other ship sizes but not if they have more terminals.
I still submit that the pricing is entirely a function of what the market will bear, and not the cost of the service.
We know a densely populated land area can saturate the satellites overhead; it's part of the reason we don't use Starlink in, say, NYC. The same math applies to a thousand cruise ship passengers trying to use it at the same time.
(It will absolutely be much better than the previous state-of-the-art, though.)
The major point of a cruise is that there is constantly something to do. It's wall-to-wall entertainment, 24-hours a day.
My 2-year-old was too excited to sleep on a Disney cruise, so we just walked around and found character photos at 10PM. She was too shy to take her picture, so I got my picture taken with her hiding her face on my shoulder.
(FWIW: A cruise is also the kind of vacation that you need to bring some offline entertainment with you. I caught up on reading when I had to stay in the cabin with a sick child.)
I'm a die-hard nerd.
My vision of hell, is a Caribbean beach, mid-80s, warm breeze, clear water, and no internet access.
Most people will manage without internet for a couple of hours.
A cruise takes much longer.
Whatever one legacy does, the other do - charge bag fees, the others do too within a quarter. Free internet (Delta afaik was the leader here) the others offer free internet.
Soon it will go the way of having an added fee or being tied to your ticket on the airline, w/ Tmobile its already linked to your phone number.
There's a technical reason for the case of airlines flying over land. Over land, the connection is just up to satellite and down to a ground station.
Over open ocean (whether airborne or on a ship), Starlink has to use their inter-satellite laser hops to eventually get to a ground station. I don't know for sure that Starlink charges more for this mode but if I ran the company I certainly would because those lasers are a limited resource.
IIRC Starlink gets more expensive when you need to route satellite-to-satellite rather than straight back to a ground station.
Cruise ships are tiny cities. The density overloads Starlink.
Hence why they meter and ration its access. Starlink cannot service an entire cruise ship at acceptable speeds for the same reason it can't service a Manhattan city block.
With 5000 people on a ship, that's enough bandwidth for half of them to watch HD video at the same time.
On land they want to spread out the bandwidth as much as possible, but on the ocean most cells are empty or only need a time share fraction of a beam, so they might as well focus on those mini cities.
Source for this capability?
Beams are 250MHz wide and they have 2GHz of allocation.
Source: I was a radio operator on Greenpeace ships for nearly 20 years
It sounds like it should only be used only a few times per booking, and this is going to hit at least 4/hour for multiple hours a day, so it will stick out like a sore thumb in the logs ....
But, a cool hack, nonetheless :)
If it’s any of the major cruise lines there almost certainly isn’t anyone in IT paying that much attention.
Because they have nine trillion bugs in their booking system that have been on backlog since 1910.
According to this source [1] (of dubious quality, granted) Royal Caribbean's entire IT department is about 140 people headed by an electrical engineer.
[1] https://rocketreach.co/royal-caribbean-cruises-ltd-it-depart...
Whatever those nine trillion bugs the developer is supposed to be working on are up to.
Nobody argued for or against LLMs. Just that IT isn't a major investment for any cruise line. And that fixing a problem like this isn't even rationally high on a cruise liner's list of priorities.
If the payment portal is bugging out and the engineer tasked to fixing it is off vibe coding on the off chance that a high schooler is using too much internet (versus trying to steal mom and dad's drinks), I'm not sure I'm unsympathetic to the manager's very predictable reaction.
Until everyone is doing it and their revenue stream falls off.
Cruise lines want happy customers. They aren’t going to do something to piss you off for $170.
On a small scale for a cruise liner scaled operation I'd be prepared to say "huh, that's odd" or turn a blind eye to just one.
There is A LOT of AP's on cruise ships. Odds are a few are crackable.
I'm an older dude, and no longer find talking to strangers all that fun.
I like nature and the outdoors, but that can be admired only from a great distance until you make port. Going fishing off a moving cruise ship will end your vacation rather quickly (aside from not being feasible - you're going too fast for anything which is catchable on light tackle).
I love the swimming pools and such, but my wife can't swim.
There's all kinds of gambling and stuff, but I don't gamble.
I spent much of the cruise wishing for better internet... Or that I'd brought more books.
We spent a good amount of time playing FF7 in the evenings on our hotel TV wired up to a PSP.
Also depends on who you're traveling with / anyone.
I've been on trips with the "I have to work" folks, it's a pain, they're not really "there" you end up trying to schedule around them. Then they just show up unaware / uninvolved in whatever is going on.
Vacations are a great time for that.
But yeah, it's nice to be disconnected on vacation.
Actually, the benefit is not having her phone not constantly buzzing.
Some cooler uses:
- streaming HDR video from closed MacBook running Amphetamine to Vision Pro via Moonlink
- Having a working HomePod mini in the hotel room.
The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Individual connections were free, though and fwiw high speed data over cellular was more reliable.
Curious - what tools would they use to detect this, and what could someone do to work around this?
What's the difference between that and tethering off your phone?
1. Turn on travel router
2. Connect to its network
3. Go to travel router's admin page (192.168.8.1 or similar)
4. Click buttons and join the Hotel/Cruise/Flight WiFi
5. Go to neverssl.com (or google.com or whatever)
6. See the captive portal of Hotel/Cruise/Flight and follow instructions.
In other words, for the portal, it is no different than using your phone. The extra step is logging into the admin portal and having the router join the public wifi first.
I didn't try this on Princes, because I had an all-inclusive pricing, but yeah, this is possible.
New Android versions make it especially convenient, with a "Wi-Fi non-persistent MAC randomization" option in the developer options, meaning you can just "forget" the wifi network and connect again with a fresh mac address.
In some cases I've seen networks that allow any traffic on port 53 - it doesn't have to be DNS traffic. The most surprising one was a mobile network with a pay as you go payment model: load money first, buy a data package, when the data package runs out, you get a captive portal that says "you've run out of data" - but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet at unlimited speed, with roaming anywhere in the world (and that was back in the day before SIM card registration was required too, so anonymous, too).
The VPN would have to accept a connection over 53 though, right? This also seems like a great way to possibly bypass VPN blocking via DPI, which I've been hit with before on airlines when going over 443.
DPI should be able to easily detect and block non-DNS traffic on port 53, as well as IP over DNS. Just a matter of configuration effort; but lots of networks lack configuration effort, so it's worth a try.
I assume it's drifted over time, but couldn't guess which ways / why. (Other than converging on blocking all non-443)
I haven't needed it for... probably 15 years, but in the past (before 3G was common, and all you could rely on was WiFi hotspots) I have used iodine[0] as an IP over DNS tunnel.
My uni friends were always impressed, and it really helped me a few times. The throughput was never great though, but enough for some basic browsing.
Edit you have to be prepared ahead of time though, and it's the main reason I bought my three-letter domain back then (shorter domain means higher throughput as payload is a higher percent of the query response).
throughput was never great though
I think in one of those two (forget which), they just had udp/53 wide open (which works just like any VPN), but in the other, it had to do proper DNS tunneling. And to my surprise, it was entirely fast enough to be usable, which usually is not the case. I felt bad for probably bogging down their DNS server, but hey. (Kept it to a reasonable limit.)
Back then the CF did not restrict the IP for quad 1 IP, so I could access any CF enabled site without any charges.
A boat with 100 hackers on board is in the middle of the ocean when the nav system gains self-awareness and decides not to return to land.
The boat is equipped with satellite communication devices, but passenger internet access is off.
Only 40 days of rations.
Will they be able to hack their way back to shore before they run out of red bull? Or will they turn to a life of piracy instead?
later checked the captive portal domain. it was hosted by a third-party vendor. not the hotel. same pattern as cruises. backend didn’t care who i was, just tracked mac and time.
this blog just confirmed what i suspected: enforcement is surface-level. they want friction low enough to upsell, but not tight enough to annoy casual users. the systems are optimised for conversion, not for plugging leaks. most abuse is silent and tolerated. these aren't security flaws. they're tradeoffs
So if you're getting free internet out at seas, it is really at the cost of the ones actually paying the bills - or in this case, the cruise liner.
I just got local sims, worked great
Seriously people, I know that figuring these things out is part of the hacker ethos, but this is still theft of services no matter how you try and justify it.
Hacking around things is fun, yes. Another thing that is also enjoyable is resting your brain from the Internet for a bit.
Detection? APs are scanning for SSIDs and then staff are notified? Or multiple devices are detected on one connection?
If I ever take advantage of this hack... It'll be to download an extra book or two to my Kindle. My wife and I took a honeymoon in a remote area and mostly used our devices to take pictures and read books while at a beach.
Our most recent cruise was less than $1,200 for 6 nights, $556 for airfare, and $127 for a hotel the night before. This was more expensive than usual because it was during a popular time of year to fly.
However I completely agree that vacation is meant to be focusing on the present. One of the main appeals of cruises to me is being disconnected from the Internet.
I’m just basing this on usage experience and my hypothesis.
The cruise line had its own app and THAT had a chat feature. We didn't find it very reliable, however. You would eventually get messages, but it wasn't instant.
I downloaded my ebooks in advance and installed a small LLM on my laptop. I could read and code but I didn't get much of the latter done.
jeffbee•6h ago
OutOfHere•5h ago
EvanAnderson•4h ago
Back in the Before Times when my wireless telephone didn't support tethering / hotspot iodine was very handy, albeit excruciatingly slow.
Very rarely did I find a network I couldn't tunnel out of. Virtually nobody thinks about DNS exfil.
(Did a gig one time where we did live-off-the-land exfil of base64 encoded data using CERTUTIL, CMD, PING, and tcpdump running on an off-site DNS server.)