 We're going to talk about in-flight Wi-Fi, so this has been the... I actually gave the stock at Torcon in lightning talk mode, 20 minutes. This is going to be an extender version. After Torcon, I got some more material. And actually this... some of the data that we're going to see here, I collected a few years ago on a flight on a note version of the system that was being used by Boeing. And one of the inspirations for that was at Hope, I was talking to somebody here who knows a little bit about wireless. And I said, I have some data, some data, and he was like, well, that's kind of cool. Send me the data. So instead of sending the data, I'll send you the slides. Sounds good? So there we go. Powerpoint works. Who the hell am I? General Security Geek worked with Wi-Fi for quite a while, actually doing some other stuff right now. I do most of the configuration and setup of the wireless network here. So if there's something to blame, buy me a beer later, or I'll buy you a beer later. And I am also one of the organizers of a conference down in Brazil called You Shot the Sheriff. If you've never heard about it, hopefully you will. So what's the motivation to... what's the motivation to do this? I was going to CCC a few years ago, the Computer Chaos Congress in Germany. I think it was 2005. And it was Christmas day or Christmas night. I was flying to Germany from San Francisco and was bored. And there was Wi-Fi service in the airplane. I'm like, oh, cool. Why not? And we're going to see some screenshots that the service was about to be discontinued at the time. I'm like, wow, that's shocking. I knew they had that, but I didn't know it was being discontinued. And that's when I collected some information to get a red-eye flight. Nobody's using the Internet, especially on an international flight. It was kind of not too pricey, but it wasn't really cheap. So I just started poking around, since I've been working with wireless for a while, the motivation initially was just like, see how it works, mostly on the Wi-Fi side inside an airplane. Because if you're familiar with Wi-Fi, if you have an installed Wi-Fi, even sometimes in your house, you know sometimes the environment could be really challenging. So I thought inside an airplane that would be kind of cool to know or try to understand how it works. So I decided to do that, collected some information and pretty much canned that for a few years until last year a few airlines here in the U.S. they started with the service. Announcing like if it was a new thing and this and that. I'm like, wow, that's kind of cool. And so I decided for Torcon, I'm like, let me, I'm going to catch a flight from San Francisco to New York and see what's new. And actually I could get some decent stuff, mostly on how it works. I think if you're looking for some old day on how to do wrong things on an airplane, this might not be your talk. But I guess if you want to learn a little bit of not only Wi-Fi, but some of the implications of Wi-Fi or the usage, not you, but regular users who are addicted to the internet, that could be a problem. So this is the agenda. I have lots of slides, but usually I go really quick on the slides. If there's something that you cannot see, some screen captures are about packets and things like that. I'm going to mention what is interesting, but if we need to come back to a slide, just let me know. Disclaimer, not trying to do anything wrong, or I didn't try to do anything wrong. Motivation went through that already. I don't know, my notes, this sucks. Okay. Did I miss anything? No, and well, and I do lots of travel, too. So hating, this is, yeah. So hating the FAA and TSA rules most of the time, and so it was a combination of the whole thing and understanding how wireless works and not how wireless works. How wireless works inside an airplane, and also the security aspect, of course, because there's so much you can do on Wi-Fi. Look at DEF CON. So we're going to go over the pieces of the puzzle, what is interesting and what is not. So you have, of course, Wi-Fi, you need access points inside the airplane. We're going to talk about that, what channels they usually use. It depends on the aircraft. It depends on the service. There are, like, three or four companies today that are doing that and how they were doing a few days ago and possibly why it didn't really take off. The service, it's a hotspot service. It's pretty much a flying Starbucks, but with some, obviously, some concerns about the airplane and how to get to the Internet. That, for me, was the most interesting part, although I'm a Wi-Fi geek. Of course, the ground-to-air communication or air-to-ground communication or the other ways they've been doing this type of communication, it's good. And I think this is something that, not all airlines have that yet, but one of the reasons is that people are addicted to the Internet. You have your, not only you, we're geeks. We're here. But people, they can't leave without their blackberries. They go to bed. They look check email, send email, wake up in the morning, go to the bathroom, bring the iPhone. So I think the tendency is to use more and more. My notes are screwed up here. Let's see if this works. Not a PowerPoint master. So the old stuff. What was being used? There was a service created and designed by Boeing called Connection. And the service was launched in 2004 and was scanned by the end of 2006. That's when I went to CCC. Reasons why they shut down. You can search on the Internet, but I think most likely was latency. Like, people could get their emails and stuff like that, but it was really, really slow. You were doing, like, depending on what type of traffic, even basic email or instant messaging was really slow. Then you have the new stuff. That's what happened last year. At least in domestic flights here in the U.S., you have e-video connections from the airplane to the ground. So we're going to talk a little bit about that. And for international flights, now they have a new system as well. But until, like, let's say last year, here in the U.S., what happened there, right? Every time you go on an airplane, you cannot use your cell phone. If you're using your laptop, it's not allowed to use your laptop. So you have to turn on or you can use the laptop. But no Wi-Fi, nothing like that. So what changed, right? So I decided to ask. So I sent a few emails to some of the services and said, why, what changed? I'm like, I'm kind of concerned. Why can I use Wi-Fi right now? And I couldn't. If you cannot read, the interesting part is here. They're saying, oh, no, don't worry. Security is our primary concern. So we're using Wi-Fi. We're not using cellular communication. So you're fine. That pretty much didn't answer my question, right? Although we're going to see that some services, they actually have, you know what? I hate this. I hate standing. I need to move. Anyways, this one. So, oh, they were talking and what I was saying is that voice. And they say, oh, we're not using cellular technology. Guess what? Some of the services now, they're going to have a picocell inside the airplane. So some of the services, this is mostly international. You can use your cell phone. It's going to cost you an arm and a leg. But yes, you can do that. And the other one, this is American Airlines. They say, no, we tested. The airplane is fine. Shocking. This is for some people that I know from Brazil here. Just a plug on what's happening there. I actually exchanged some emails with one of the airlines there that actually they have a cool thing that can send an email to the CEO of the company. And I said, and when you fly down in Brazil, they tell you that you cannot have anything even in airplane mode. So it's not, you cannot use your device at all. And I asked why. And he says, well, because it's a security concern. So if you go to the internet and look for some of the companies that provide the technology, they're actually saying this airline is testing the service. So it's weird. So some people is just, they don't want to know what's happening, I guess, or tell you. So let's talk a little bit about the services that have that or the difference. So we have JetBlue. I think JetBlue was the first one here in the US. It could be wrong, but I think it was the first one. And they use the company that provided, that created the technology that designed the whole thing. It's called Live TV. They use a one-megahertz band to do that in a satellite base. So I told you that the new stuff is EVDO. No, this one is still satellite-based. I haven't had a chance to test it. I really wanted to test. But, and one thing, again, that's one of the reasons I wanted to test is because they only allow certain things to work. Email, instant messaging, and something else, and blackberries. So shockingly, this is an initiative from REM, from Yahoo, and from, I think, both. That's it. So I asked them, I'm like, look, didn't say that, right? But I'm going to do the stock at DEF CON. I'm trying all the services that I can. I want to get the airplane that has Wi-Fi because it's not all the planes. So I sent them an email. I'm like, hey, I want to get a flight with Wi-Fi. What flight do you offer? It varies. It depends on where the airplane is. But if you look at the airplane, you know which one it is. So now, what am I going to do? Go to the airport. I'm like, I want to take that one right now. That's not going to work. So I'm still hoping that one day I'm going to just, like, wave for the airplane. They're going to stop. I'm going to jump in and go there. The other service that is the most, the one that is really last year, they were, like, leveraging a lot. It's called Gogo Wing Flight Service. This has been used by many or most of the carriers that are doing here in the U.S. And I'm going to cover some of them. One is Delta. The other one is Virgin America. Great airline, by the way, as good as an airline could be. That piece of crap. And so my first flight, this is where I'm going to show some information, more detailed information about that. And I'm going to speed up just so we get to the kind of juice and stuff. But this is an aircraft. The American Airlines does on the 767-200. And they use three access points. One on each channel. If you know Wi-Fi, if you're familiar with Wi-Fi, usually use in the U.S. channels 1, 6, and 11. So the channels don't overlap. That totally makes sense on an airplane. You have three APs. The location of the APs, I actually measured. We're going to see that by the signal strength of the APs. Each one of the APs based on where I was sitting. Because it could be kind of weird, you're running with, like, an antennae sniffer and going to the bathroom with your laptop. They're going to create new rules by that. And searching for this drawing, if you put on Google, this is going to tell you it's 567, the result. So wicked smart. So some of the information, this is basically just information on how many megabits per second. It's EVDO. And there's marketing in there. So the top speed, and you can find different information. I really didn't gather what I would consider would be really accurate information about the speeds. But they say it's up to three mags, downlink, and 1.8 uplink. We're going to see some speed tests that I did see how good or bad it is. And they say if you go on the terms and conditions, they say no voice applications. Which is kind of good. And we're going to see the problems coming with that because I don't want the person next to me talking on the phone when they're not seeing anything, anything that could be freaking annoying already. Mostly how the EVDO stuff works. They have 92 or 98 base stations. Let me go back here. 92. They have 92 base stations that transmit or gather the information from there or do the communication for the airplane internet. The role me is the challenging part, of course. I really wanted to understand the handoff between one base station and another. And when I go to lessons learned towards the end, we're going to see that why I didn't get that information or why I didn't want to get that information. But one interesting stuff. I have a slide, but I think when I talked at Torcon about that, I kind of forgot to mention or I mentioned with my, the way that I mentioned was misunderstood. I said that the airplane doesn't, like when you go to what'smyip address.com or something like that. Your IP address, your valid IP address, that doesn't change. Some people thought you're dumb. You're doing a security talk and you don't know that DHCP has a lease. It's not internally. But the airplane doesn't change the IP address. So I don't know if it is an MPLS network. I don't know what type, exactly type of communication they use for the ground network. But what I do know is that maybe for security reasons or not, the IP address doesn't change. Maybe that's the way they know. And apparently the same airplane is also always going to have the same IP address, valid IP address on the internet. They have an antenna down the, of the airplane to do the communication. So when you're doing air to ground using a video, the antenna is down. It's this antenna, not that one. And I don't know where I got this. I didn't count 92, but it sounds more than 92. So disregarded. So I was pretty convinced with the basic testing that I could do from the airplane and actually from the outside that this was, this is some type of MPLS network. Everything, every one of the, all of the base stations, they should be all interconnected and it's totally like, whatever routing happens in the middle is actually more at a layer two level, not at a layer three. Again, it could be totally wrong. But that's my guess. So first talk of DaftCon, video man who works with me here in the knock, he showed this on his presentation talking about GNU radio. And I didn't know that. You can actually go to the FCC's website and you can gather information about whatever licenses are being used, who are using that and look for transmitters. This is really cool. But looking at some of the information that we look here, and again, when you download the updated slides, you can see that you have, it actually shows you the coordinates. Oops. It's going to show you the coordinates where the transmitters are. So you can kind of put on Google Maps and see if there's one by your house. But searching on FCC's website, number one, I didn't find 92, maybe because I'm dumb and didn't look correctly. The other thing is that the frequency they use, this appears to be a point to point communication on microwave, not exactly the video stuff, which they actually inherited this from Verizon's phone service. This is actually three megahertz, the video stuff. So again, I don't know if I use this correctly or not, but all here indicates what there are parts that indicate that it is what I was looking for, like the vertical, the antenna polarization was vertical. But again, some information seems to be like point to point. Finally, with some Google who I found exactly like the company that does that air cell, they had a beautiful diagram on how this works. So the part that I was talking about is this private packet network, or all of this, of course, they monitor all your traffic for, because that's how it works now, right? But VPN works. Thank God. But again, this is for me, this is a cloud. I don't know if it is like a point to point wireless communication using microwave or what I thought would be like an MPLS network. So, and then we have the newer stuff that is used overseas, mostly for international flights, because you cannot put ships with the base stations using doing a video. So this uses satellite again, uses the Hughes network system network. And I haven't tried that one, but apparently is much faster than the one that Boeing used to have. Looking for my notes here. And the name of the company that does that is called on air. Looking at the details that I could get actually this is where it gets. These are like some of the differences from the other services. One is that they allow self cell phone usage for cell phones. So there's a pico cell inside the airplane that transmits using the same frequency but then they say this is data, this is voice. Well, obviously all the data goes the antenna is on top of the airplane goes to the satellite satellite then has the big dish down here that collects everything and then goes to the inner webs. They allow 12 simultaneous voice calls. And one thing is that they can shut that on and off. Thank God, that's a great feature, right? You're the one in the middle of the night, somebody yapping by your side. Another interesting might be interesting fact here is that they only support 2.5g. They are not doing 3g. Talk about that. And the uplink speed. Well, it says here I put here that it depends on the technology but it's not only the technology depends I think where the location of the satellite and all the latency and stuff like that. At least on the flights that I took when I was measuring like speed and latency. It really depends on the turbulence of the of the airplane. So when it gets really turbulent you can actually even lose your connection. We kind of talked about that. So to be a little bit more interesting the test drives that I did. First one I went to Germany. That was the name of the service. It's called connection. This is a little, even inside the airplane was a little different. They had, I want to say, I can't read it. They had three APs. It was a weird configuration. So it was the same thing. Three access points inside the airplane. But like this is looking for the SSIDs, not the APs themselves. So at the time I didn't have a decent spectrum analyzer to take beautiful pictures. But apparently they had like three physical APs. And back then I already noticed that they had some encrypted SSIDs. So if you're providing a hot spot why do you have some hidden encrypted SSIDs? Because they might use it for other things. I can't get to it in a little bit. It was a long flight. I think I was the only one really using that, which I thought was going to be decent, the speed, but really not, then I understood why the service was going downhill. It was really, really slow. Stuff worked. You see the latency, information here, really like sometimes it just drops. But most of the time it's really slow, but you can connect to pretty much anything. You just cannot talk on Skype and stuff like that. Beautiful picture showing the connections. I was the only one using it. And again, it worked. I don't remember how much it was. It wasn't really cheap. It was more expensive than the 13 bucks that most of the airlines are charging here. But it wasn't like outrageous. But the bang for the buck wasn't that good. Then I went to New York. That was the flight last year. So I'm like, okay, now I kind of know what I'm doing. It's not that I'm just like fucking around and okay, I don't want to sleep. I'm going to go to CCC. Let me see the wireless network. This is what I tried to gather some more information. So the first run and this was presented at Torcon is how the Google service works. They turn it on and off. So before you reach 10,000 feet, it's off. If you try to connect, there's Wi-Fi. So they don't shut off Wi-Fi when the plane is taking off and landing, but they shut off the service. So if you try to use it, you get this. It's not working yet. So after our friends, they realize before chicken and pasta, they're going to say, okay, I'm going to give you Wi-Fi. So you can enjoy that. Interesting enough, this was a little different from the one that I collected from Boeing. They have a shitload of the SSIDs. If they're all being used or not, question mark. You see packets, but again, packets are, could be just beacons. So again, poking around after my talk at Torcon, talking actually to some cool people that you're going to see at the end, some credits. They told me that some of this, as I suspected, was being used, is going to be used or is being used already for the point of sale machines, for the credit card machines. So it better be encrypted. It better be good. No, I didn't try to break it. What else? And you have, again, you see the three SSIDs, the three P's for the service. Again, you see all the SSIDs, you see the some are encrypted. I suspect that some of them, they are used by the crew as well. That's why you don't get your snack box. I was sitting kind of in the middle, not in the middle, but towards first class. When you're almost there, you're like, ah, no. So along flight, but again, the system, talking about wireless, the coverage is really good. So three P's do a great job doing, covering the airplane. Then back to our talk from last year, here at Defconn about something else about wireless, talking about beacons. An AP sends beacons to say, here's the network. Most of the vendors today, they give you more information, because sometimes they want to, they're doing some type of mashing connections between AP's. That means that AP's don't need to be directly connected to a wired cable. By the way, from what I know, well, not from what I noticed. The three AP's, they're all wired. So there's like ethernet going to the AP's and it's not mashing inside the airplane. That's why you see three different channels. But it gives you some information, like AP name. That's why you see this, called CWAP-1. And you'll get some other information that is not really relevant here. What was interesting here is that, obviously, this is a cookie cutter, right? They made one airplane, it works, and everything else is going to be the same. So most of the AP's, they're called CWAP-1, CWAP-2, et cetera. As for authentication, it's a freaking hot spot. So no difference from whatever is out there. But the main thing here is that they have, of course, the authentication server is not going to be inside the airplane, right? It's going to be in a centralized site. So obviously, you need communication to be able to authenticate, and you can actually buy prepaid passes before. So, again, since everything's kind of netted, if you know what net is, hopefully, the IP address that you get is on a private network. You have some type of proxy, that is actually the authentication server proxy kind of thing. It's on a totally different network. So I was on a 172.30 network. The other thing is on the 10, 241 network. I found some weird-ass protocols. I don't know if other people was using that, but things like something called Flamenco proxy. I don't know if that's a protocol, a type of proxy, or what they are. The MAC address of the gateway is kind of interesting. It's all the same. I was trying to find out what type of black box is that is doing whatever Linux box running squared and Apache that is doing that. But the MAC address of the interface is from the same vendor, some vendor that I don't remember now. But I didn't find anything really interesting. When you get turbulence, that's the page that you get, and automatically you get redirected to 1.1.1. So anything you try to do, it kind of black holes to this thing there that's probably not. But it's for sure running on that same server. So there is, when it senses that it lost connection, something happens there. And here, yeah, that's a great job doing these slides. The valid IP address that you get, at least on this flight, I had 12.130.106.111. If you do a who is on, who owns this, shocking air cell. So they have a whole slash, what, they have a whole bunch of IP addresses. There's a lot of airplanes here, right? So they have a whole bunch of IP addresses. And again, that goes together with, it glues with whatever I said that I think once one airplane, an airplane is also always going to have the same IP address. Different from the satellite-based one from Boeing, this one was, actually, I could actually talk on Skype and not really have a decent conversation, because it's really choppy. But my friend who was on the other side, both on Skype and on a soft phone, could hear beats and pieces of what was going on. So that's, again, they probably say it doesn't work, because they don't want to deal with people bitching about that. They bought the service to talk to their mom and it doesn't work. As for speed tests, I ran some basic speed tests and it go, I got like 1.3 megabits per second. Worst case scenario, when it was working, not when it dropped, was like 258. So it could get a little annoying. But again, I was using a laptop. I had two laptops on me, which was kind of weird. People were looking, are you a blogger? I'm like, yeah. So after that, I flew from San Francisco to Boston using Virgin America, great airline. Again, not being paid for that. So I took the red eye on a Friday night. Here are some basic stats, just to see mostly utilization. I don't know where the physical IP, MAC addresses were, to be honest with you. They didn't have that many people using the network, like real clients. I think this was from my sniffer, my Wi-Fi sniffer. So it gets all the MAC addresses for all the access points for each one of the SSIDs, etc., etc. The interest, kind of interesting part here is that to correlate that to traffic, I only saw 28 IP addresses, meaning conversation-wise, people outside and inside the airplane, sites that people were going to. Again, the name of the piece were the same as, so this is Virgin America, the other one was American Airlines. Shocking is the same service, no secret there. And they have five DSSIDs, and four of them are hidden. I still don't know if they're being used or not. On the flight back on a Sunday afternoon, then it's different. You have more people using, you see more traffic, so communication between 200 to 38 IP addresses, and the distribution of clients per AP actually doesn't, it depends on where the guy's sitting. But luckily Virgin America has something cool that allows you to upgrade, not selling your house, just like I think was 50 bucks, if you want to go to first class. And I'm fucking around with like wireless, I have everything, and then I'm like, reach over, I'm like, ethernet port. Like, oh, so the port was actually live, but I saw no traffic. I was so disappointed. I thought I was going to get something on the entertainment system, but that didn't, that didn't fly. Didn't get an IP address, didn't see any traffic at all, so it all indicates it's possibly a switch port, but I don't, I think my guess is that they're not using that yet, but probably it's going to be used. As for APs, that's different, oh yeah, I forgot to mention that, different from American Airlines on the air buses, they put two access points, they don't need three access points, apparently two access points to the job, they do a fantastic job, it's something really basic for somebody who knows wireless, but they put one, one AP in channel one, one in channel 11, so they really don't interfere with each other, and looking at wireless installations all over the place to see that usually not, people don't follow some basic stuff. The regular price is this, 13 bucks per flight, once you're authenticated, you don't have to re-authenticate, there's no timeout, I think when they shut off, that's when it kills all the, not the sessions, but the entries there. If you take the red eyes, since they know people don't really use it, they want to sleep, they, it's a little cheaper, and we talked about how it works, but how about security, right, is the secure or not, and again, this is not a no-day talk, I'm sorry. What I can say in general about all this, number one, they really put some thought about what they're doing, not only security-wise, but like the Wi-Fi network is separated from the airplane, from the aircraft network, wireless-wise is really well designed, but of course it's a hot spot. They might be thinking about doing some wireless IDS stuff there, but again, I don't know if they're doing it. Of course you have the technology limitation, there's so much you have to, you can do on a Wi-Fi network, I don't know what they do on the encrypted, they better be doing, they better be, of course they're all PCI compliant and they care about that, so they better be using strong keys for the encrypted ESS IDs and hopefully I don't want the captain using my network, he better be using his, don't want to be able to see the packets of whatever porn he's looking at, and the fact that mostly concerns me, so in the beginning the motivation was to say, oh wireless, oh whatever, but you know what, the thing is that everything merges, right, privacy, like the guy opens his laptop, he doesn't care, you see the whole spreadsheet he's working on, the proposal he's working on, has his business card taped on his laptop, you know everything about the guy, if you want to target somebody that's really easy. The other thing is that everybody's using black berries and iPhones, yes that's pretty cool, but you have a lot of important information there, so some people they can get in trouble or get their company in trouble because of that, if they don't take care, and how many people went to walk into an elevator and people are like yapping about important stuff on their cell phones, imagine when people can talk on airplanes besides being fucking annoying, right, they're gonna be this is, again, everything merges together, and unpatched OS or unpatched devices, that's amazing, I think, simple nomad gave a talk schmuck on two or three talking about a bug that Windows had that I was at the airport, I was in McCarron and I connected to the Wi-Fi, I shut off my laptop, I go to the airplane, I open the laptop, it looks for networks, goes through the whole preferred list, doesn't find anything, guess what it does, or used to do, Microsoft fixed that, people didn't patch it yet, that's the problem, it starts advertising an ad hoc network with the name of the same network that they lastly connected, so that's why you open your laptop and it says, hey, you open that number or whatever you use for, like, to look for networks, it says, oh, there is a McCarron Wi-Fi here, you're like, no, I left McCarron three hours ago, what's wrong here, so it's, people really didn't patch that and we actually can kind of see that, oh, this sucks, can we see that? Yes, we can, so sorry for the people in the back, but so one thing, when I went from San Francisco to Boston, of course, you see, these are the names of the BSSIDs or ESSIDs, so you have, of course, Google wireless, or Google InFlight, that's a valid one, and then you see, like, the broken ones, T-Mobile, that are, like, laptops trying to advertising that, but a really interesting one, Google-A, like, oh, okay, there's somebody who works for Google here in my airplane, that's quite interesting, I don't know who he is, but if you have anything against a company, or if you have some clue, or if you want to target something, that could be a problem, right, and on the flight back, guess who was on my plane again, so somebody went to spend a weekend in Boston too and came back on the same flight as me, so that same person was there, so you can start, use stupid flaws, just like to enumerate and look for people, I guess, oh, this really, you're not going to see, but yes, people still use unencrypted traffic, yes, you can see what websites they were using, some of them of course require authentication, but guess what, if you're late enough, you can figure that out, right, or use your backtrack CD and have fun. Lessons learned, I have to read this, or not, yes, I do, so after my talk at, like, the exposure that I got to the companies, I didn't really, as you see, I didn't find anything extremely interesting, but when I give my talk at Torcon, some people approached me, they said, I work with this, I design this, we were really concerned you were going to say something really bad, luckily I'm, you're dumb, and I'm like, okay, cool, and actually they offered to provide me more information for the stuff that I didn't know, but I said, they're like, well, but depends on how you're going to use this information, I'm like, okay, I don't want to know, that's better, not that I want to, I'm just curious to know, like, stuff about that, but again, everything seems to be really solid, at least on the infrastructure side, that's kind of like, usually my concern, like, providing the network here at Defcon, if you don't use encryption, that's your problem, but I want to make sure that the system is robust, so if they're going to start doing point of sales and God knows what, inside the airplane, the whole concern always is security, so hopefully they, apparently they all thought about that, and I'm still, I still want to try the international flights just to see how it works with the newer technology, and I still cannot drive PowerPoint, so I don't know how much time we have, probably 10 minutes, I guess, where's my speaker goon, not here, 10 minutes, thank you, so if you have any questions, yes, I'm going to post, yes, of course you do, the question was, did I see any changes on the systems that I saw over and over again, changes you mean, like, behavior of, like, channels and things like that, or just configuration-wise? No, it's a cookie cutter, it's the same brand of access point, it's the same channels, it's the same everything, even the APs are named the same, the only difference is the IP address of the airplane, anybody else? Here, the question was, did I try to use SSH or anything else to tunnel out? Yes, that's totally, they don't block anything, they say voice doesn't work, but everything works even without tunnel right now, right, if I ran trace path, that was the question, I actually ran trace route, and again, that was another, that's a pretty good question, because that was an indication for me that is some type of layer 2 network, or like MPLS or something like that, because it didn't really work, so I just saw like, I saw a few hops, but they were all like star, star, star, I think I have a slide about this, it really didn't, didn't show me much, the question was, what program I used for this slide, this one, oops, that one? That's a cog, yeah, that's a spectrum analyzer. Ben, one thing that Ben brought up is the whole, like for the for legality of like, okay, I mean in a national flight, in the US, of course you have the loss here, but what if you take an international flight, how about eavesdropping and things like that, that's actually a great point. The question was, did I try to see porn on the airplane, because apparently they blocked that, the answer is no, I didn't try. I felt bad for a person next to me, I had two laptops already, I'm like, I'm going to get tossed out from like, 30,000 feet, that's not good. Rick was saying that driftnet is not safe to run on the plane. The question was, for the new international service, if it is satellite, is that correct? Oh, what sort of satellite, they're using the hugues network system, the one, the same as like the type of direct TV, or they call it direct PC before? Yes, so yeah, I haven't tried, and I'm like, in the paper, it looks like it's much better than the other satellite system, but yeah, it could, there's a difference when you're running, actually I read a paper that says, there's a difference in bandwidth when you're going international and national flights, which totally makes sense, but again, I don't know. Yes, because it all depends on your, it depends on the exit point, I forgot to mention that when I went to Germany, like doing trace routes, that one worked, my point, like until I reached, was almost an over Scotia or something like that, my exit point was layer 3 in Denver, then like when I was about to land, that's when you switch to the Amsterdam internet exchange. The question was, if I know if there's like, if people are working on standards that are using encryption and not, but not really requiring any type of key or password or something like that, the answer, as far as I know, is no, until they come out with the whatever new 802 something. There, of course, 802.11 is broken by nature, just because it's a shared medium, so you have to rely on other things, I don't know if they're going to be, I guess they're going to be implementing some type of try to protect the users, but again it's it's something that is really, I don't know, again I should have read on the terms of service what they say they they're responsible for or not, but again it's really hard to protect users on a corporate environment that's easier, but it's already a lot of work. Now imagine that when you have no access to devices, you have different devices, if you want to try to run some type of network access control, something like that is really, really hard. Can't hear you. The question was, since the airplanes had apparently static addresses, did I try to ping or communicate back to those IP addresses? Yes, I did, and really didn't get anything. I don't want to get into trouble either, so I didn't, I didn't try hard. No, yeah, but yeah, they're live IPs, and again, Aircel has that block of IPs, and they're live on the internet, but obviously they're going to, oh, actually I don't know if they have ports open or not. They might have some ports open, but since it's usually an exit point for traffic, I don't think there's anything interesting in there. I have three minutes, so let me take one more question. Rick, so what Rick mentioned is that some, apparently some, besides the VPN on the ground network, which is already important, some are offered, some companies are actually offering for you to download some type of client. Is that what it is? So you don't have the encryption at the wireless level, but you can download a client if you run Windows and use that client that is going to, just like a T-Mobile does for Starbucks and things like that. But now I don't know, do you happen to know where they exit or where they terminate that encryption? Before the Kalea box, right? Anybody else? I'm going to be around after we tear down the network and I drink beer, so thank you very much.