University of Twente in the Netherlands has a great websdr[1] running some custom hardware that can tune into pretty much the entire shortwave spectrum. I've spent countless hours tuning in to various European radio stations and broadcasts (you can even pick up the odd number station if you are on the right frequency and get lucky with timing).
I've enjoyed playing around with this product, but I wish there was a tier between free and pro that added infinite drawing without such a steep price. I'm not really interested in the sync stuff, but would happily pay a little to add infinite grid to the features otherwise included in the free tier.
From what sparse info I can find, it appears ground > sat > ground comms will be encrypted in some fashion so listening with an SDR and doing anything meaningful with the data might be hard, but I'm curious if there will be opportunities for it to be abused for anonymous downlink connections like the Turla spyware group used to do (https://arstechnica.com/information-technology/2015/09/how-h...)
Mostly just a toy to learn some AWS/Serverless and security stuff, but a tool similar to burp collaborator for dns / http canaries tied into a slack bot. Essentially request a new canary url, you get back a unique endpoint such as 123456789abcd.detect.domain.com, and any time there is a DNS request or http request of any kind to that canary url it sends a message to a slack bot with relevant info, and includes some geoip data and a static map image of IP locations (via mapbox static image api). Considering doing my own plugin for mitmproxy (similar to burp collaborator everywhere) that can be useful in looking for ssrf vulnerabilities. A couple tools out there that do this, kind of just wanted to build one myself for the learning experience.
While 10./192. private addresses in IPv4 were in largely designed to help deal with address space exhaustion, they also are important because organizations can use them without having to own the addresses or register them in any way with IANA (or equivalent) since they are not publicly routable. IPv6 still maintains this feature with unique local addresses, and the entire fc00::/7 address range in IPv6 is allocated to private networks and is not routable on the public internet (not that AWS uses these, any IPv6 address they assign to you is a globally routable address). A lot of stuff just still doesn't support IPv6 yet (RDS for example https://aws.amazon.com/premiumsupport/knowledge-center/rds-i...) so you're options are to either give that endpoint a public address and manage your security groups well, or give it only a private address which gives you the added benefit of the endpoint not being publicly routable (which is a nice second layer of security beyond security groups), downside being the things that need to talk to it must now also live in your private subnet, hence Lambda launching in a VPC.
1. https://www.youtube.com/@landgrenwilliam 2. https://www.youtube.com/@IanHubert2