These days it’s not really a secret that phone companies and other large institutions (ahem, US government) can access your personal information and conversations from your mobile device at any moment. But now, if you’re part of the global population stuck in war torn or natural disaster stricken area, or otherwise off the gird, it’s also a cinch to hack into your satellite phone directly through their satellite connection.

That’s because researchers at the Horst Görtz Institute for IT-Security (HGI) at the Ruhr University Bochum have cracked the encryption algorithms used by the European Telecommunications Standards Institute (ETSI), who controls most satellite controlled wireless systems worldwide, revealing many large security gaps in their security systems. And they did it in under an hour, and using open source equipment.

Satellite controlled cellular systems are still used heavily around the world, particularly in developing countries, open waters, and war torn areas, where the necessary antenna infrastructure necessary for wireless communication is not available. Until now these satellite devices were considered to be pretty secure networks of communication because hacking into a satellite relay is harder than targeting a cell network. This is bad news to anyone who’s relied on them before, like anyone in a conflict zone that absolutely needs a secure, relatively cheap connection.

Most of these phones rely on GMR-1 and GMR-2 satellite communications systems, in which RUB’s quick hack revealed gaping encryption weaknesses. To prove their point, they managed to hack into the Thuraya Satellite Network (which relies on GMR-1), crack the encryption system, and essentially eavesdrop on phone calls using cypher-text in less than 30 minutes, and using an average PC.

RUB’s findings may not apply to the average American citizen, and let’s face it, we all know our cell phones aren’t sacred spaces, and our Friday night conversations are probably on tap in a file somewhere. However, this exercise raises more fundamental issues on how our networks keep us informed of the security measures that supposedly apply to our devices. In their release, RUB wrote,

“We believe that the closed-source nature of security aspects of communication technology is bad. On the one hand, this hinders public understanding of actual privacy guarantees. On the other hand, from the point of a system designer, exposing security mechanisms (such as a stream cipher) to a limited audience also limits the amount of scrutiny. By disclosing the weaknesses we have found, we hope to raise public awareness and discourage the “security-by-obscurity” principle.”

The title of paper documenting this hack sums up the findings pretty succinctly: “Don’t Trust Satellite Phones.” So while you may not be rushing out to buy your retro walkie-talkie look-alike, maybe someday you’ll have to. But don’t say you weren’t warned.