This is actually quite common: I've been on ferries, at airports, even hotels, which give you some amount of time for free, often anonymously. So just a mac address change gives extra internet.
New Android versions make it especially convenient, with a "Wi-Fi non-persistent MAC randomization" option in the developer options, meaning you can just "forget" the wifi network and connect again with a fresh mac address.
In some cases I've seen networks that allow any traffic on port 53 - it doesn't have to be DNS traffic. The most surprising one was a mobile network with a pay as you go payment model: load money first, buy a data package, when the data package runs out, you get a captive portal that says "you've run out of data" - but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet at unlimited speed, with roaming anywhere in the world (and that was back in the day before SIM card registration was required too, so anonymous, too).
seszett · 4h ago
> port 53
I haven't needed it for... probably 15 years, but in the past (before 3G was common, and all you could rely on was WiFi hotspots) I have used iodine[0] as an IP over DNS tunnel.
My uni friends were always impressed, and it really helped me a few times. The throughput was never great though, but enough for some basic browsing.
Edit you have to be prepared ahead of time though, and it's the main reason I bought my three-letter domain back then (shorter domain means higher throughput as payload is a higher percent of the query response).
The comment to which you replied was talking about networks where port 53 is open. But, given you were using iodide and you got slow throughout, I'm assuming you were on networks which blocked port 53 access to hosts on the internet, but allowed unlimited access to the ISP's own DNS server.
ipdashc · 3h ago
I still find uses for iodine sometimes! Off the top of my head, a hotel basement with no cell service, and once on a flight. It's rare that it works, but quite entertaining when it does.
I think in one of those two (forget which), they just had udp/53 wide open (which works just like any VPN), but in the other, it had to do proper DNS tunneling. And to my surprise, it was entirely fast enough to be usable, which usually is not the case. I felt bad for probably bogging down their DNS server, but hey. (Kept it to a reasonable limit.)
McAlpine5892 · 4h ago
> but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet
The VPN would have to accept a connection over 53 though, right? This also seems like a great way to possibly bypass VPN blocking via DPI, which I've been hit with before on airlines when going over 443.
toast0 · 4h ago
Yeah, but it doesn't cost much to accept connections on all ports (AIM did it in the 90s).
DPI should be able to easily detect and block non-DNS traffic on port 53, as well as IP over DNS. Just a matter of configuration effort; but lots of networks lack configuration effort, so it's worth a try.
sandworm101 · 3h ago
5190 continued well into the 2000s.
toast0 · 3h ago
5190 was the default port, but if it wasn't open, any other port would work. You could have the client do a scan to try ports until one worked.
ethbr1 · 1h ago
It'd be fascinating to get an at-scale timeline of ports blocked from common client connection points.
I assume it's drifted over time, but couldn't guess which ways / why. (Other than converging on blocking all non-443)
Often forbidden on cruise ships as it would be on flights for the same reasons (possible interference). In an airplane it's also impossible to make it work though those tiny windows of course. But on a cruise ship balcony it would probably be fine.
WorldMaker · 2h ago
It's also increasingly forbidden on cruise ships because their internet is today Starlink powered as well and additional Starlink receivers in the area are direct competition for bandwidth from the same satellites at the same time, and a cruise ship full of wifi-using passengers wants all the bandwidth it can get, in theory competition makes things worse for everyone, even the person with a personal Starlink receiver competing against the bandwidth flood of a cruise ship.
ethbr1 · 1h ago
Semi-related, does anyone know what Starlink uses for de-congestion negotiation?
margalabargala · 2h ago
The rea$on that it i$ forbidden on crui$e $hip$ i$ not due to interference, whatever the company may claim.
talkin · 1h ago
Interferes with the business model. ;)
miyuru · 3h ago
My ISP had a captive portal to show when the connection was disconnected and had 1.1.1.1 whitelisted on all ports for some reason.
Back then the CF did not restrict the IP for quad 1 IP, so I could access any CF enabled site without any charges.
jasonjayr · 5h ago
I imagine one of the ships officers will be tipped off by the IT team about the unusual number of free-internet activation attached to your booking id, and either give your room a visit to knock it off, or just bill some multiple of the $170 anyway.
It sounds like it should only be used only a few times per booking, and this is going to hit at least 4/hour for multiple hours a day, so it will stick out like a sore thumb in the logs ....
But, a cool hack, nonetheless :)
JumpCrisscross · 5h ago
> imagine one of the ships officers will be tipped off by the IT team
If it’s any of the major cruise lines there almost certainly isn’t anyone in IT paying that much attention.
ryandrake · 5h ago
Yea, I'd think something like onboard Internet is something set up once for the ship, and then basically forgotten about as long as the overall revenue is above some "reasonable" threshold given the number of passengers. Ain't no security team sitting there monitoring user registration metrics in real-time looking for fraud. At best, they might pull logs every quarter to look for vulnerabilities like this to close.
sodafountan · 1h ago
I haven't been on a cruise in a long time, does anyone know if there are on-board IT people? Might be an interesting job if I ever get bored again.
noboostforyou · 52m ago
I was on a somewhat fancy cruise a short while ago (Celebrity, fwiw) and they had a small live tv production crew that would film around the ship broadcast daily events and stuff on the ship's tv channel. The live shows also had a number of a/v tech crew people so there certainly are some IT folks employed on the ships while it embarks.
dylan604 · 3h ago
Why would someone in corporate IT responsible for this not ask Claude to write a script that does this on a much more frequent basis? That person might get a nice attaboi for it, but much less likely an actual bonus for it. Although, I can't imagine they are losing too much money on each cruise from this hack unless the next DefCon is on a cruise ship. Then realizing that 0 passengers signed up for WiFi might seem strange
JumpCrisscross · 3h ago
> Why would someone in corporate IT responsible for this not ask Claude to write a script that does this on a much more frequent basis
Because they have nine trillion bugs in their booking system that have been on backlog since 1910.
According to this source [1] (of dubious quality, granted) Royal Caribbean's entire IT department is about 140 people headed by an electrical engineer.
That's even more reason to have LLMs do their work for them, not less.
JumpCrisscross · 1h ago
> more reason to have LLMs do their work for them, not less
Nobody argued for or against LLMs. Just that IT isn't a major investment for any cruise line. And that fixing a problem like this isn't even rationally high on a cruise liner's list of priorities.
If the payment portal is bugging out and the engineer tasked to fixing it is off vibe coding on the off chance that a high schooler is using too much internet (versus trying to steal mom and dad's drinks), I'm not sure I'm unsympathetic to the manager's very predictable reaction.
sheiyei · 2h ago
Break things, break fast, break more, break the rest of it, keep breaking... What was the catchphrase? Breaking things doesn't help broken systems.
dylan604 · 1h ago
what exactly would this be breaking? it's an analysis of logs, not providing access to services.
JumpCrisscross · 1h ago
> what exactly would this be breaking?
Whatever those nine trillion bugs the developer is supposed to be working on are up to.
dylan604 · 57m ago
they're clearly not fixing those either, so yet again, what's being broken that wasn't already broken?
maerF0x0 · 1h ago
> If it’s any of the major cruise lines there almost certainly isn’t anyone in IT paying that much attention.
Until everyone is doing it and their revenue stream falls off.
remram · 4h ago
Since the cruise ship is named, there is a good chance someone at the company (even without technical skills) will notice this article and tip off IT this way.
paulpauper · 4h ago
This is why things stop working. they go viral and then get patched soon after
duxup · 4h ago
They probably have some paper pasted next to the equipment to look if the blinky lights are doing the thing, and how to power cycle things.
kccqzy · 4h ago
I imagine the ship officers don't even understand how the internet on the ship works, much less detect fraud. Perhaps all they have is a button to restart the system in case someone complains it's not working.
fn-mote · 4h ago
> the unusual number of free-internet activation attached to your booking id, and either give your room a visit to knock it off
Cruise lines want happy customers. They aren’t going to do something to piss you off for $170.
victorbjorklund · 4h ago
Not sure. They are known to confiscate for example starlink etc.
MBCook · 2h ago
They want money more. Otherwise there wouldn’t be a $170 fee.
keyringlight · 54m ago
I'd wonder what the costs and risks are of trying to get that $170, assuming it's one or a tiny amount of passengers compared to dozens each sailing who tell their friends. If you get someone who's got nothing better to do than argue on the topic, make you prove that the charge is justified and not just some misconfigured device that "didn't go online because I only use it for reading ebooks, honest", then it could get ugly including legal or press routes.
On a small scale for a cruise liner scaled operation I'd be prepared to say "huh, that's odd" or turn a blind eye to just one.
shrubble · 2h ago
They likely have a canned solution like the Cisco Meraki or similar setup and are not looking for extra work; whatever they have is seen as in the category of set-and-forget.
RajT88 · 4h ago
If I was going to go on a cruise, I'd probably bring with my linux laptop for capturing WPA handshakes, and then use the 15 minutes to set up jobs for Hashcat to burn through on my gaming PC at home.
There is A LOT of AP's on cruise ships. Odds are a few are crackable.
dylan604 · 3h ago
If I were going on a cruise, I could think of many much better use of my time than cracking APs. This just seems like you're doing cruising wrong if you're so concerned about it that this is where you want to take your experience
exhilaration · 3h ago
Sir, this is Hacker News.
dylan604 · 2h ago
Right, but even HN peeps need a vacay
RajT88 · 1h ago
Well, I don't hack wifi networks as part of my day job.
I'm an older dude, and no longer find talking to strangers all that fun.
I like nature and the outdoors, but that can be admired only from a great distance until you make port. Going fishing off a moving cruise ship will end your vacation rather quickly (aside from not being feasible - you're going too fast for anything which is catchable on light tackle).
I love the swimming pools and such, but my wife can't swim.
There's all kinds of gambling and stuff, but I don't gamble.
I spent much of the cruise wishing for better internet... Or that I'd brought more books.
We spent a good amount of time playing FF7 in the evenings on our hotel TV wired up to a PSP.
dylan604 · 58m ago
clearly, we're all free to do whatever for our precious time off, but you just listed a whole lot of things that you don't like to do yet you paid for it anyways. again, we all like different things, but i'd prefer to spend money doing things I enjoy, but you do you
bearsyankees · 5h ago
Nice tool for curl -> python requests without an LLM, all static:
Also `curl --libcurl curl.c https://example.com` to "convert curl to C code" :-)
TrackerFF · 4h ago
Internet on any ship is expensive as soon as you're out in maritime area - where data transfer is done via satellite services. So it is not necessarily because a captive market, where the cruise liners can fleece you. They pay crazy prices to the telecom/ISPs.
So if you're getting free internet out at seas, it is really at the cost of the ones actually paying the bills - or in this case, the cruise liner.
dylan604 · 3h ago
That's like saying your AWS egress fees are so expensive because AMZN pays so much for their bandwidth. Um, no, it's because it is a huge profit center precisely because the profit margin is so high
skerit · 4h ago
Could be, but getting a Gigsky e-sim is a lot cheaper than the internet on-board.
And I was under the impression that in the end, that system is using the same internet uplink as the wifi (since I believe it's the ships themselves that send out the "Cellular at sea" network?)
zamadatix · 1h ago
In the "Cruise Only" section of https://www.gigsky.com/data-cruises it's $112 for 10 GB over 30 days. Per day that's certainly cheaper than $170 for 7 days but it's hard to say it's actually any cheaper per GB without knowing the other option's limit. Of course if 10 GB is enough for what you wanted to do in a week then it doesn't really matter but it might explain some of the pricing difference (ignoring bulk provider to provider pricing or other factors before we finally get to the "what do we think we can charge" pricing).
benbristow · 4h ago
I'm assuming these large cruise corps can get a decent bulk/business discount though.
testing22321 · 3h ago
Pre starlink I looked at getting sat internet for 3 years around Africa. For even a few GB per month the cost was more per month than all other costs of the expedition combined.
I just got local sims, worked great
zinekeller · 3h ago
Pre-Starlink, no, not really. Some discount due to the bulk payment, yes, but the bandwidth is simply not there to allow for such discounts, especially in high-demand areas like Africa and the Pacific where satellites have a double-duty to serve land-based customers.
isawczuk · 5h ago
I was watching some cruise crew videos, and it turns out their biggest expense is internet. I'm curious why they don’t just install Starlink to cut costs and maybe sell to guests some "piracy" internet?
jasoncartwright · 5h ago
Pirate seaborne internet has been tried.
"A Navy officer is demoted after sneaking a satellite dish onto a warship to get the internet"
Maybe military is not best place to have "piracy internet", yet I think with current tech - internet access should not be an issue.
emchammer · 1h ago
How in the bloody hell do you install a Starlink on a submarine?
jimmydddd · 1h ago
---The Starlink dish was secretly installed on the Independence Class vessel’s weather deck, where it was relatively out of view. The network was initially named “Stinky”, but it was later renamed to appear to be a wireless printer – despite there being no such devices aboard.
---The Starlink dish wasn’t discovered until a civilian technician, installing a Starshield satellite communications system, noted the device and reported it to a senior crew member.
emchammer · 42m ago
Arg, thanks. I literally read that, but there was too much advertising on that site. Maybe the Navy needs to provide Wi-Fi to sailors if it means that much for their morale. And maybe consumer endpoint security needs to be so rock-solid that a sailor can trust their phone/laptop on a voyage.
jotux · 5h ago
Went on a cruise last summer, the internet on board was starlink. It was advertised at $30/day.
bryanlarsen · 4h ago
It's interesting to contrast Starlink on airlines vs Starlink on cruises.
AFAICT, all the airlines rolling out Starlink have made it free on their flights. Which implies cooperation from Starlink -- either Starlink has made "free" a condition of their service, or they've just priced it cheap enough to make free a reasonable option for airlines.
There's no good reason why Starlink for cruise ships should be priced significantly higher than on airlines. So either the cruise lines or Starlink are gouging. Or both. Probably both.
dreamcompiler · 2h ago
> There's no good reason why Starlink for cruise ships should be priced significantly higher than on airlines.
There's a technical reason for the case of airlines flying over land. Over land, the connection is just up to satellite and down to a ground station.
Over open ocean (whether airborne or on a ship), Starlink has to use their inter-satellite laser hops to eventually get to a ground station. I don't know for sure that Starlink charges more for this mode but if I ran the company I certainly would because those lasers are a limited resource.
ceejayoz · 4h ago
Planes, at most, have a couple hundred people onboard.
Cruise ships are getting towards the 10k person mark.
One cruise ship will be substantially more load on the local satellites and ground station than a plane will.
Spooky23 · 3h ago
I’d guess that concurrent demand would be lower on a plane. A cruise ship has people with nothing to do wandering around, presumably screwing around on the internet being one of them.
gwbas1c · 3h ago
> A cruise ship has people with nothing to do wandering around
The major point of a cruise is that there is constantly something to do. It's wall-to-wall entertainment, 24-hours a day.
My 2-year-old was too excited to sleep on a Disney cruise, so we just walked around and found character photos at 10PM. She was too shy to take her picture, so I got my picture taken with her hiding her face on my shoulder.
(FWIW: A cruise is also the kind of vacation that you need to bring some offline entertainment with you. I caught up on reading when I had to stay in the cabin with a sick child.)
sheiyei · 2h ago
Cruises sound and look like absolute nightmares. Physical manifestation of brainrot. Cyberpunk hell
ChrisMarshallNY · 2h ago
I can't stand them, myself. There's also tons of really good food. You need a forklift to disembark.
I'm a die-hard nerd.
My vision of hell, is a Caribbean beach, mid-80s, warm breeze, clear water, and no internet access.
jiveturkey · 4h ago
The bandwidth of a single starlink terminal is going to be saturated at airplane capacity anyway. The extra number of people on a cruise ship just means service degradation, not excess bandwidth consumption.
The price difference is just based on what the market will bear. Trapped on a cruise for a week, you are much more desperate for Internet. Plus you've paid a lot more for the trip and the fee doesn't feel so large compared to all the other upsells. The cruise often is the vacation, whereas air travel is just the means to an end.
ceejayoz · 4h ago
> The extra number of people on a cruise ship just means service degradation, not excess bandwidth consumption.
Which is resolved by charging, a lot, so there's enough bandwidth per active paying person.
jiveturkey · 3h ago
Yeah, but there is a limit to the price the market will bear. At 10k users and assuming a single terminal, and a single price, you are going to not going to be able to price it so as to optimize price vs performance.
Personally I would have at least 2 terminals, a low tier and high tier. I would sell only a limited number of high tier connections, good for the entire trip. Probably included as a perk with first-class cabins. The low tier would be a daily purchase. I mean hotels have done this for ages.
Maybe a dedicated business center with wired (dongle) connection and kiosk PCs, that gets the best bandwidth of all, but you're away from ship activities.
baq · 2h ago
A cruise ship shouldn’t have any issues with having 10 or 20 terminals installed and the clear skies in all directions could mean each has its own bird.
Apparently a mid-size ship will have 12 terminals. That same thread talks about other ship sizes but not if they have more terminals.
I still submit that the pricing is entirely a function of what the market will bear, and not the cost of the service.
ceejayoz · 1h ago
Those 12 terminals still need to talk to satellites. Only a certain number will be in reach, and if the ship is significantly out to sea, those satellites will need to pass data along to others to reach the ground.
We know a densely populated land area can saturate the satellites overhead; it's part of the reason we don't use Starlink in, say, NYC. The same math applies to a thousand cruise ship passengers trying to use it at the same time.
(It will absolutely be much better than the previous state-of-the-art, though.)
ajmurmann · 4h ago
Cruises make most of their money now by upselling you on board. Premium drinks and drink cards, more premium restaurants while included buffet and dining room get less love; internet upgrade, excursions, lots of stores selling stuff like diamonds and overpriced fashion, art auctions. It's worse than a floating shopping mall.
rootsudo · 4h ago
Almost, the reason it's free is because competition from t-mobile for the internet provider and that the legacies are providing it free and well almost legacy airlines like southwest and alaska.
Whatever one legacy does, the other do - charge bag fees, the others do too within a quarter. Free internet (Delta afaik was the leader here) the others offer free internet.
Soon it will go the way of having an added fee or being tied to your ticket on the airline, w/ Tmobile its already linked to your phone number.
saalweachter · 2h ago
Were these airplanes over land or see, OOC?
IIRC Starlink gets more expensive when you need to route satellite-to-satellite rather than straight back to a ground station.
Tepix · 4h ago
There is one very good reason: Supply and demand.
Most people will manage without internet for a couple of hours.
A cruise takes much longer.
xdfgh1112 · 3h ago
Being away from the internet for a week is settling point imo. I hope they keep the price high so I won't cave in and buy it.
kennethrc · 4h ago
It seems as it would average out, but I wonder if the equation between "<some %age of> ~2500 people for a 7-14 days" vs. "<some %age of> ~175 people for 2-5 hours" incurs more "costs" for the former?
seam · 4h ago
it's unclear to me why Starlink is free on airlines. I currently pay $30-50 per transoceanic flight for crappy internet. I'd pay 2-3X more for something solid with lower latency.
GP is talking about the employees getting their own Starlink sub, and competing directly with their employer's service.
JumpCrisscross · 5h ago
> curious why they don’t just install Starlink to cut costs
Cruise ships are tiny cities. The density overloads Starlink.
Dylan16807 · 2h ago
Starlink can do half a gigabit per beam and point 8 beams at the same cell.
With 5000 people on a ship, that's enough bandwidth for half of them to watch HD video at the same time.
On land they want to spread out the bandwidth as much as possible, but on the ocean most cells are empty or only need a time share fraction of a beam, so they might as well focus on those mini cities.
Beams are 250MHz wide and they have 2GHz of allocation.
JumpCrisscross · 1h ago
I don't think a single satellite can saturate a cell, but I think you're right on a couple gateways being able to soak up a couple beams from multiple birds. That might work on rare trans-oceanic cruises. But for the most-common routes, which nose along coastlines, there are other beam uses.
mmmlinux · 3h ago
Except for all the ships that do use Starlink I guess.
JumpCrisscross · 3h ago
> Except for all the ships that do use Starlink I guess
Hence why they meter and ration its access. Starlink cannot service an entire cruise ship at acceptable speeds for the same reason it can't service a Manhattan city block.
ornel · 4h ago
Regular internet on ships is a flat rate for the ship owner (except for Inmarsat, which is hugely expensive and only used if nothing else works) and the big issue is sharing limited bandwidth with all users. Before Starlink this meant blocking all streaming for our ≈35 people crew, unless you used a VPN, which allowed you to bypass blockage and would get you banned if caught. It's a huge cat and mouse game that burned too much of my time. But then, cruise companies are sleazy as fuck and totally deserve this.
Source: I was a radio operator on Greenpeace ships for nearly 20 years
jlarocco · 2h ago
Probably because they've had internet on cruises since long before Starlink existed and it's expensive to change. And why bother if people are willing to pay for it?
cr3cr3 · 4h ago
Lately they do, along with LTE/5G deployments near docks. Still expensive as they often outsource the networking to external vendors/
bredren · 5h ago
I used a travel router on my recent trip to Argentina and found it quite useful. It will be a permanent part of my travel kit.
Some cooler uses:
- streaming HDR video from closed MacBook running Amphetamine to Vision Pro via Moonlink
- Having a working HomePod mini in the hotel room.
The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Individual connections were free, though and fwiw high speed data over cellular was more reliable.
bentcorner · 4h ago
> The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Curious - what tools would they use to detect this, and what could someone do to work around this?
bpye · 3h ago
I hit this once - it was using the TTL. I setup an iptables rule on the router to rewrite TTL and then it worked fine.
kennethrc · 4h ago
I have Wireguard (and OpenVPN off TCP/UDP 443 as backup) on a router connected to residential symmetric 1G fiber. Among the many uses for that means I can watch the NFL (et al.) when abroad just as if I were home; there's WG/OPVN clients for the FireSticks I carry when travelling.
okdood64 · 3h ago
> travel router
What's the difference between that and tethering off your phone?
blacksmith_tb · 57m ago
Possibly ethernet from the cabin wall to the travel router? I haven't ever taken a cruise, but I could imagine that, some hotels have ethernet in their rooms.
vntok · 1h ago
Phone-based tethering is not nearly as configurable as a router.
b0a04gl · 4h ago
on a recent trip, i stayed at a hotel that had a 1-hour free wifi trial per device. after it expired, i toggled mac randomisation and reconnected. worked again. did it four times, no issues. never paid.
later checked the captive portal domain. it was hosted by a third-party vendor. not the hotel. same pattern as cruises. backend didn’t care who i was, just tracked mac and time.
this blog just confirmed what i suspected: enforcement is surface-level. they want friction low enough to upsell, but not tight enough to annoy casual users. the systems are optimised for conversion, not for plugging leaks. most abuse is silent and tolerated. these aren't security flaws. they're tradeoffs
WhyNotHugo · 1h ago
When dealing with security issues, organisation typically lost likelihood of occurrence and impact. The impact for these is negligible, so they don’t invent in fixing them. There’s absolutely nothing to be lost if this gets explotes by the ocasional tinkerer.
uudecoded · 3h ago
For what it's worth, based on somewhat frequent posts to r/cruise and Cruise Critic, travel routers are very often confiscated by ship personnel and held for pickup until departure day. They appear on major cruise lines prohibited items list (but curiously are banned on Carnival but not their subsidiary Princess).
robocat · 1h ago
> confiscated
Detection? APs are scanning for SSIDs and then staff are notified? Or multiple devices are detected on one connection?
whizzzkid · 4h ago
I was able to do something similar on the Celebrity Cruises, however, theirs is more vulnerable as you can overtake a logged-in user's session by changing to their IP addresses. This allows you to take over room-controls, casting and internet in Celebrity's connected rooms.
I didn't try this on Princes, because I had an all-inclusive pricing, but yeah, this is possible.
larrykluger · 4h ago
By the way, this is called theft of services.
kylehotchkiss · 2h ago
Maybe next time the author will get thrown in the brig!
bodhi_mind · 2h ago
Side note, I’m pretty sure you can send iMessage on a cruise ship when connected to their WiFi with no internet package because apple has a mesh network between unrelated devices and finds one with an internet endpoint to funnel messages in and out.
I’m just basing this on usage experience and my hypothesis.
codazoda · 2h ago
I did not find Apple iMessage to work on my recent cruise without the room Wifi. I didn't really need internet with a tiny bit of planning though.
The cruise line had its own app and THAT had a chat feature. We didn't find it very reliable, however. You would eventually get messages, but it wasn't instant.
I downloaded my ebooks in advance and installed a small LLM on my laptop. I could read and code but I didn't get much of the latter done.
frenchtoast8 · 2h ago
I've tried this on a RCL ship and it didn't work, so YMMV
mr_mitm · 4h ago
I did something similar at the Zürich airport and gained access to a second four hour window of free wifi. You had to bind your MAC to your identity either via SMS or via boarding pass, two independent channels. Only problem was that I only had an android phone without root. So I disabled MAC randomization for that wifi, deleted the cookie, and signed up via boarding pass. Never felt more like a hacker (and I hacked dozens of active directory domains to domain admin on my job).
bowmessage · 5h ago
OP, great work, bypassing internet restrictions is always fun.
Though, I hope your family isn't cruising much in the future-- sharing stuff like this, with so many specifics about which cruise line and exact retry methodologies used, is a surefire way to get it shut down. (Or worse, a nasty internet bill from the cruise line.)
humanperhaps · 5h ago
Thanks! My thought process was that realistically, a negligible amount of people will even attempt this. Also, there will always be a way to bypass internet restrictions.
I will say, it would be kind of cool if this post gets big enough that someone from the cruise line sees it and actually feels that they need to put in the time to patch it.
matt_heimer · 3h ago
Next time you might want to wait until your are off of the cruise ship before posting about it on a blog with your name. They'd probably be within their stated passage contract ( https://www.princess.com/en-us/legal/passage-contract/pcl ) to disembark you at the next port.
amendegree · 4h ago
You’re on the front page of hn… while they may not see it right away it’s possible some bored tech blogger picks up the story
axus · 4h ago
Cruise ship passenger saves $170, thousands of hours and even more money are spent ensuring it can't ever happen again.
Did the article always say REDACTEDCRUISELINE ?
amendegree · 3h ago
No, it named the cruiseline
chillers · 4h ago
On Royal Caribbean, it's much simpler. You can open a hotspot and allow other devices to connect. We paid for one device, and friends and family could connect whenever they were nearby. At one point, we had up to 8 connected devices with no issues.
whizzzkid · 4h ago
This doesn't really work with iOS devices. You need to have an android or better a travel router.
mixmastamyk · 3h ago
How do you get through a portal on a travel router?
bitpush · 2h ago
The steps are as follows
1. Turn on travel router
2. Connect to its network
3. Go to travel router's admin page (192.168.8.1 or similar)
4. Click buttons and join the Hotel/Cruise/Flight WiFi
5. Go to neverssl.com (or google.com or whatever)
6. See the captive portal of Hotel/Cruise/Flight and follow instructions.
In other words, for the portal, it is no different than using your phone. The extra step is logging into the admin portal and having the router join the public wifi first.
mixmastamyk · 1h ago
Ok, so once connected any client can authenticate at the portal page.
The picture you (or OP) provided has an on-board restaurant in the background that reveals the cruise line they tried to redact.
vanschelven · 5h ago
For those complaining about "first world problems"... for me this would be both about the sense of injustice and the joy finding a technical solution. We're on Hacker News, after all.
pcthrowaway · 4h ago
I'm not sure what you mean by this, but anyone on a cruise is almost certainly wealthy by global standards; it's not like there are poor people there to feel bad about for not having faster internet
landl0rd · 3h ago
Global standards aren't really relevant to how people think of things around them. Protesting this fact is tilting at a windmill. The hedonic treadmill does not stop and nobody in America living in section 8 housing thinks "well at least my apartment doesn't have a dirt floor!!"
mkesper · 3h ago
Workers maybe?
pcthrowaway · 3h ago
Well fair, but the above commenter seemed to be suggesting there may be people who couldn't afford better internet packages, and my assumption was that workers would get access to the internet as part of their employment, but perhaps I'm assuming wrong.
yegle · 3h ago
FWIW: to "repeat a command until it succeeds" the right way is to do `until $command; do $some_back_off; done`.
billfor · 4h ago
Does the SNI tunnel trick (changing the SNI to match the AP) not work on cruise ships?
kylehotchkiss · 2h ago
Perhaps the real solution here is to vacation where the wifi or 5g are abundant!
greenchair · 2h ago
and this is why we can't have nice things.
jl6 · 3h ago
I’m not going to cry hard about stealing from one of the scummiest industries on the planet, and a good hack is a good hack, but man, what a wasted opportunity to disconnect! I guess OP is a kid and gets the FOMO itch from being offline. I feel we as a society are not good at helping people grow out of that.
mattgreenrocks · 1h ago
Finally, a reasonable comment on this thread.
Hacking around things is fun, yes. Another thing that is also enjoyable is resting your brain from the Internet for a bit.
sergiotapia · 3h ago
With the picture + your name, Princess Cruises will find your booking and probably bill and ban you from their cruiseline?
haunter · 4h ago
I've never been to a cruise but want to go one day
LtWorf · 4h ago
It's quite boring to be honest. I think it can be good if you have small kids.
pcthrowaway · 4h ago
I'd be interested in a hacker cruise.
A boat with 100 hackers on board is in the middle of the ocean when the nav system gains self-awareness and decides not to return to land.
The boat is equipped with satellite communication devices, but passenger internet access is off.
Only 40 days of rations.
Will they be able to hack their way back to shore before they run out of red bull? Or will they turn to a life of piracy instead?
ellisv · 2h ago
They typically have much less than 40 days of rations…
Jonovono · 4h ago
Hmm, seeing someone fall/jump overboard and then subsequently getting interrogated by the fbi upon docking was anything but boring,
LtWorf · 1h ago
Do you honestly think that happens in most cruises?
jeffbee · 5h ago
I would never take a cruise but in other places with paid wifi that I did not want to pay for, IP-over-DNS tunneling worked well.
Back in the Before Times when my wireless telephone didn't support tethering / hotspot iodine was very handy, albeit excruciatingly slow.
Very rarely did I find a network I couldn't tunnel out of. Virtually nobody thinks about DNS exfil.
(Did a gig one time where we did live-off-the-land exfil of base64 encoded data using CERTUTIL, CMD, PING, and tcpdump running on an off-site DNS server.)
dale_huevo · 5h ago
One of the fringe benefits of going on a cruise is that you can disconnect from the Internet for a week. Hit up the bar, make love to your wife, gamble a bit. All without your phone constantly buzzing in your pocket. If you go on a cruise to immediately open your laptop it seems like a waste of time and money.
unsnap_biceps · 4h ago
The author is "a high school student and aspiring software developer" and I know at their age, being disconnected wasn't a benefit :)
c22 · 4h ago
What if you're a teenager, traveling with your family, and the internet is your lifeblood?
You can't gamble or go to the bar and you have no wife, so this sort of activity is respectable.
duxup · 4h ago
Some of my best experiences as a teen were those that took me out of whatever bubbles I was in at the time.
Vacations are a great time for that.
bestouff · 4h ago
Then that's a sad story.
humanperhaps · 3h ago
To be fair, I was trying to be humorous with that phrasing.
lainzhow · 4h ago
If I got it right, it was a high schooler that posted. So I guess that's not an option
But yeah, it's nice to be disconnected on vacation.
BeetleB · 3h ago
> All without your phone constantly buzzing in your pocket
Actually, the benefit is not having her phone not constantly buzzing.
lagadu · 4h ago
I hate to sound preachy so I apologize if I'm coming off like that but if someone's relationship with the internet is so bad that being put in a situation where being forced to stay off it is seen as a positive, perhaps the whole relationship should be taken a hard look at?
asadm · 4h ago
Unless you LOVE your work and just want a change of scene while doing what you love.
jonas21 · 4h ago
Then don't go on a cruise. There are plenty of places with great scenery AND great connectivity. But a cruise ship is not one of them.
duxup · 4h ago
Just seems like a lot of expense that by working you're decreasing the value.
Also depends on who you're traveling with / anyone.
I've been on trips with the "I have to work" folks, it's a pain, they're not really "there" you end up trying to schedule around them. Then they just show up unaware / uninvolved in whatever is going on.
asadm · 4h ago
i think you needed to set expectations. on every trip, i reach a point where i don't have any social-interaction points and so i go back to my cave and code.
duxup · 4h ago
Oh I have, I just don't go with the "I have to work" people, or everyone is on the same page and it's just not a thing.
kennethrc · 4h ago
... and even if you're just on vacation it's not like you're doing nothing else but being online, OP ...
tossandthrow · 5h ago
Unless you are on a cruise to work remotely and flee soaring rental prices.
LtWorf · 3h ago
There is no way that a cruise is cheaper.
happyopossum · 3h ago
Oh look - I’m smart and made this theft easy, so the company I’m stealing from deserves it. Yay me!
Seriously people, I know that figuring these things out is part of the hacker ethos, but this is still theft of services no matter how you try and justify it.
baq · 2h ago
This horse is pulp and has been for a long while now but theft of services is not a thing, it’s a breach of contract.
archagon · 2h ago
Some of the earliest hackers were phone phreakers, and this is essentially a victimless "crime." (Cost of maritime internet for a cruise line is probably a rounding error in their budget.)
gwbas1c · 3h ago
Just need to point out: A cruise is a ^%$^#$ expensive vacation. For me, part of vacation is focusing on the moment, place, and people that I'm with. Cruises have plenty of entertainment onboard, so if you feel the need to do something like this to save a buck, maybe take a deep breath and try to take advantage of what's already there for your entertainment.
If I ever take advantage of this hack... It'll be to download an extra book or two to my Kindle. My wife and I took a honeymoon in a remote area and mostly used our devices to take pictures and read books while at a beach.
ellisv · 2h ago
I disagree that cruises are expensive. Cruises can be expensive but many cost roughly the same per night in a hotel but includes your food and entertainment. No, they're not as cheap as camping at your local campground or a staycation. Yes, they're more expensive if you have to fly to/from the port.
Our most recent cruise was less than $1,200 for 6 nights, $556 for airfare, and $127 for a hotel the night before. This was more expensive than usual because it was during a popular time of year to fly.
However I completely agree that vacation is meant to be focusing on the present. One of the main appeals of cruises to me is being disconnected from the Internet.
Fergusonb · 2h ago
The author implies they're a highschool aged programmer.
They're likely along for the ride with their parents and very online.
I'd probably do the same thing at their age.
ellisv · 2h ago
Agreed and there are likely relatively few similarly aged kids, even on one of the larger ships.
gwbas1c · 1h ago
They aren't, look at their comments in this thread.
archagon · 2h ago
I've taken transatlantic repositioning cruises for a few hundred bucks back when I was in my twenties and funemployed. Feels appropriate for that scenario.
New Android versions make it especially convenient, with a "Wi-Fi non-persistent MAC randomization" option in the developer options, meaning you can just "forget" the wifi network and connect again with a fresh mac address.
In some cases I've seen networks that allow any traffic on port 53 - it doesn't have to be DNS traffic. The most surprising one was a mobile network with a pay as you go payment model: load money first, buy a data package, when the data package runs out, you get a captive portal that says "you've run out of data" - but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet at unlimited speed, with roaming anywhere in the world (and that was back in the day before SIM card registration was required too, so anonymous, too).
I haven't needed it for... probably 15 years, but in the past (before 3G was common, and all you could rely on was WiFi hotspots) I have used iodine[0] as an IP over DNS tunnel.
My uni friends were always impressed, and it really helped me a few times. The throughput was never great though, but enough for some basic browsing.
Edit you have to be prepared ahead of time though, and it's the main reason I bought my three-letter domain back then (shorter domain means higher throughput as payload is a higher percent of the query response).
[0]https://github.com/yarrick/iodine
I think in one of those two (forget which), they just had udp/53 wide open (which works just like any VPN), but in the other, it had to do proper DNS tunneling. And to my surprise, it was entirely fast enough to be usable, which usually is not the case. I felt bad for probably bogging down their DNS server, but hey. (Kept it to a reasonable limit.)
The VPN would have to accept a connection over 53 though, right? This also seems like a great way to possibly bypass VPN blocking via DPI, which I've been hit with before on airlines when going over 443.
DPI should be able to easily detect and block non-DNS traffic on port 53, as well as IP over DNS. Just a matter of configuration effort; but lots of networks lack configuration effort, so it's worth a try.
I assume it's drifted over time, but couldn't guess which ways / why. (Other than converging on blocking all non-443)
https://www.starlink.com/us/roam
Back then the CF did not restrict the IP for quad 1 IP, so I could access any CF enabled site without any charges.
It sounds like it should only be used only a few times per booking, and this is going to hit at least 4/hour for multiple hours a day, so it will stick out like a sore thumb in the logs ....
But, a cool hack, nonetheless :)
If it’s any of the major cruise lines there almost certainly isn’t anyone in IT paying that much attention.
Because they have nine trillion bugs in their booking system that have been on backlog since 1910.
According to this source [1] (of dubious quality, granted) Royal Caribbean's entire IT department is about 140 people headed by an electrical engineer.
[1] https://rocketreach.co/royal-caribbean-cruises-ltd-it-depart...
Nobody argued for or against LLMs. Just that IT isn't a major investment for any cruise line. And that fixing a problem like this isn't even rationally high on a cruise liner's list of priorities.
If the payment portal is bugging out and the engineer tasked to fixing it is off vibe coding on the off chance that a high schooler is using too much internet (versus trying to steal mom and dad's drinks), I'm not sure I'm unsympathetic to the manager's very predictable reaction.
Whatever those nine trillion bugs the developer is supposed to be working on are up to.
Until everyone is doing it and their revenue stream falls off.
Cruise lines want happy customers. They aren’t going to do something to piss you off for $170.
On a small scale for a cruise liner scaled operation I'd be prepared to say "huh, that's odd" or turn a blind eye to just one.
There is A LOT of AP's on cruise ships. Odds are a few are crackable.
I'm an older dude, and no longer find talking to strangers all that fun.
I like nature and the outdoors, but that can be admired only from a great distance until you make port. Going fishing off a moving cruise ship will end your vacation rather quickly (aside from not being feasible - you're going too fast for anything which is catchable on light tackle).
I love the swimming pools and such, but my wife can't swim.
There's all kinds of gambling and stuff, but I don't gamble.
I spent much of the cruise wishing for better internet... Or that I'd brought more books.
We spent a good amount of time playing FF7 in the evenings on our hotel TV wired up to a PSP.
https://curlconverter.com/
So if you're getting free internet out at seas, it is really at the cost of the ones actually paying the bills - or in this case, the cruise liner.
I just got local sims, worked great
"A Navy officer is demoted after sneaking a satellite dish onto a warship to get the internet"
https://apnews.com/article/navy-illegal-wireless-internet-53...
https://www.navytimes.com/news/your-navy/2024/09/03/how-navy...
---The Starlink dish wasn’t discovered until a civilian technician, installing a Starshield satellite communications system, noted the device and reported it to a senior crew member.
AFAICT, all the airlines rolling out Starlink have made it free on their flights. Which implies cooperation from Starlink -- either Starlink has made "free" a condition of their service, or they've just priced it cheap enough to make free a reasonable option for airlines.
There's no good reason why Starlink for cruise ships should be priced significantly higher than on airlines. So either the cruise lines or Starlink are gouging. Or both. Probably both.
There's a technical reason for the case of airlines flying over land. Over land, the connection is just up to satellite and down to a ground station.
Over open ocean (whether airborne or on a ship), Starlink has to use their inter-satellite laser hops to eventually get to a ground station. I don't know for sure that Starlink charges more for this mode but if I ran the company I certainly would because those lasers are a limited resource.
Cruise ships are getting towards the 10k person mark.
One cruise ship will be substantially more load on the local satellites and ground station than a plane will.
The major point of a cruise is that there is constantly something to do. It's wall-to-wall entertainment, 24-hours a day.
My 2-year-old was too excited to sleep on a Disney cruise, so we just walked around and found character photos at 10PM. She was too shy to take her picture, so I got my picture taken with her hiding her face on my shoulder.
(FWIW: A cruise is also the kind of vacation that you need to bring some offline entertainment with you. I caught up on reading when I had to stay in the cabin with a sick child.)
I'm a die-hard nerd.
My vision of hell, is a Caribbean beach, mid-80s, warm breeze, clear water, and no internet access.
The price difference is just based on what the market will bear. Trapped on a cruise for a week, you are much more desperate for Internet. Plus you've paid a lot more for the trip and the fee doesn't feel so large compared to all the other upsells. The cruise often is the vacation, whereas air travel is just the means to an end.
Which is resolved by charging, a lot, so there's enough bandwidth per active paying person.
Personally I would have at least 2 terminals, a low tier and high tier. I would sell only a limited number of high tier connections, good for the entire trip. Probably included as a perk with first-class cabins. The low tier would be a daily purchase. I mean hotels have done this for ages.
Maybe a dedicated business center with wired (dongle) connection and kiosk PCs, that gets the best bandwidth of all, but you're away from ship activities.
Apparently a mid-size ship will have 12 terminals. That same thread talks about other ship sizes but not if they have more terminals.
I still submit that the pricing is entirely a function of what the market will bear, and not the cost of the service.
We know a densely populated land area can saturate the satellites overhead; it's part of the reason we don't use Starlink in, say, NYC. The same math applies to a thousand cruise ship passengers trying to use it at the same time.
(It will absolutely be much better than the previous state-of-the-art, though.)
Whatever one legacy does, the other do - charge bag fees, the others do too within a quarter. Free internet (Delta afaik was the leader here) the others offer free internet.
Soon it will go the way of having an added fee or being tied to your ticket on the airline, w/ Tmobile its already linked to your phone number.
IIRC Starlink gets more expensive when you need to route satellite-to-satellite rather than straight back to a ground station.
Most people will manage without internet for a couple of hours.
A cruise takes much longer.
Cruise ships are tiny cities. The density overloads Starlink.
With 5000 people on a ship, that's enough bandwidth for half of them to watch HD video at the same time.
On land they want to spread out the bandwidth as much as possible, but on the ocean most cells are empty or only need a time share fraction of a beam, so they might as well focus on those mini cities.
Source for this capability?
Beams are 250MHz wide and they have 2GHz of allocation.
Hence why they meter and ration its access. Starlink cannot service an entire cruise ship at acceptable speeds for the same reason it can't service a Manhattan city block.
Source: I was a radio operator on Greenpeace ships for nearly 20 years
Some cooler uses:
- streaming HDR video from closed MacBook running Amphetamine to Vision Pro via Moonlink
- Having a working HomePod mini in the hotel room.
The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Individual connections were free, though and fwiw high speed data over cellular was more reliable.
Curious - what tools would they use to detect this, and what could someone do to work around this?
What's the difference between that and tethering off your phone?
later checked the captive portal domain. it was hosted by a third-party vendor. not the hotel. same pattern as cruises. backend didn’t care who i was, just tracked mac and time.
this blog just confirmed what i suspected: enforcement is surface-level. they want friction low enough to upsell, but not tight enough to annoy casual users. the systems are optimised for conversion, not for plugging leaks. most abuse is silent and tolerated. these aren't security flaws. they're tradeoffs
Detection? APs are scanning for SSIDs and then staff are notified? Or multiple devices are detected on one connection?
I didn't try this on Princes, because I had an all-inclusive pricing, but yeah, this is possible.
I’m just basing this on usage experience and my hypothesis.
The cruise line had its own app and THAT had a chat feature. We didn't find it very reliable, however. You would eventually get messages, but it wasn't instant.
I downloaded my ebooks in advance and installed a small LLM on my laptop. I could read and code but I didn't get much of the latter done.
Though, I hope your family isn't cruising much in the future-- sharing stuff like this, with so many specifics about which cruise line and exact retry methodologies used, is a surefire way to get it shut down. (Or worse, a nasty internet bill from the cruise line.)
I will say, it would be kind of cool if this post gets big enough that someone from the cruise line sees it and actually feels that they need to put in the time to patch it.
Did the article always say REDACTEDCRUISELINE ?
1. Turn on travel router
2. Connect to its network
3. Go to travel router's admin page (192.168.8.1 or similar)
4. Click buttons and join the Hotel/Cruise/Flight WiFi
5. Go to neverssl.com (or google.com or whatever)
6. See the captive portal of Hotel/Cruise/Flight and follow instructions.
In other words, for the portal, it is no different than using your phone. The extra step is logging into the admin portal and having the router join the public wifi first.
Hacking around things is fun, yes. Another thing that is also enjoyable is resting your brain from the Internet for a bit.
A boat with 100 hackers on board is in the middle of the ocean when the nav system gains self-awareness and decides not to return to land.
The boat is equipped with satellite communication devices, but passenger internet access is off.
Only 40 days of rations.
Will they be able to hack their way back to shore before they run out of red bull? Or will they turn to a life of piracy instead?
Back in the Before Times when my wireless telephone didn't support tethering / hotspot iodine was very handy, albeit excruciatingly slow.
Very rarely did I find a network I couldn't tunnel out of. Virtually nobody thinks about DNS exfil.
(Did a gig one time where we did live-off-the-land exfil of base64 encoded data using CERTUTIL, CMD, PING, and tcpdump running on an off-site DNS server.)
Vacations are a great time for that.
But yeah, it's nice to be disconnected on vacation.
Actually, the benefit is not having her phone not constantly buzzing.
Also depends on who you're traveling with / anyone.
I've been on trips with the "I have to work" folks, it's a pain, they're not really "there" you end up trying to schedule around them. Then they just show up unaware / uninvolved in whatever is going on.
Seriously people, I know that figuring these things out is part of the hacker ethos, but this is still theft of services no matter how you try and justify it.
If I ever take advantage of this hack... It'll be to download an extra book or two to my Kindle. My wife and I took a honeymoon in a remote area and mostly used our devices to take pictures and read books while at a beach.
Our most recent cruise was less than $1,200 for 6 nights, $556 for airfare, and $127 for a hotel the night before. This was more expensive than usual because it was during a popular time of year to fly.
However I completely agree that vacation is meant to be focusing on the present. One of the main appeals of cruises to me is being disconnected from the Internet.