Digital privacy usually feels like a problem that lives on the ground - in our phones, apps, and servers. But the internet doesn’t stay on Earth. A large share of the world’s traffic travels through satellites orbiting 36,000 kilometers above us, connecting ships, aircraft, and regions with no cables at all.

For decades, those links were assumed to be safe by distance and complexity. Few expected that ordinary equipment could listen in. That changed in October 2025, when a team from the University of California, San Diego and the University of Maryland published research showing that geostationary satellites were transmitting sensitive data without encryption.

What the researchers found

The study, titled “Don’t Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites,” analyzed 39 geostationary satellites used for commercial and government communication. Roughly half of them were sending IP traffic in plain text - fully unprotected.

With a small antenna and about US $600 of equipment, the team captured live traffic from cellular backhaul (calls, SMS), in-flight WiFi systems, industrial control networks, and remote utility networks. A single GEO satellite transponder may cover an area of up to around 40% of the Earth’s surface, making the traffic visible to many locations.

When the researchers traced the cause, it came down to cost, outdated technology, and misplaced trust. Many operators believed their satellite links were private by nature. Encryption, which adds expense and complexity, was often left out of the system design.

Why this matters

At first glance, this sounds like a space-industry problem, while in reality, it highlights something broader: our digital communication depends on infrastructure we rarely think about.

The research shows that privacy depends both on how messages are encrypted and on how they travel. Even when a platform uses encryption, messages usually move through company servers before reaching their destination. Those servers don’t reveal the content, but can still expose connection details or metadata if the underlying network is insecure.

The most resilient approach for protecting your digital communication combines end-to-end encryption with a peer-to-peer architecture and ephemeral design. In this model, messages are encrypted on the sender’s device, delivered directly to the recipient, and deleted once viewed. It shortens the message’s lifespan and limits the points where it can be observed or copied - addressing exactly the weaknesses this research uncovered.

How EXTRA SAFE addresses this risk

EXTRA SAFE is built around this idea - protecting both the message and the path it takes.

• Peer-to-peer connections: Communication travels directly between devices rather than through central servers.

• Asymmetric encryption: Your device generates a public and private key locally. These keys establish a secure end-to-end encrypted session for your conversations.

• Anonymous identity: Each user has a random 9-digit EXTRA SAFE Number instead of personal identifiers.

• Ephemeral sessions: Chats, calls, and files can automatically disappear after a set time in vanish mode.

• Zero data approach: EXTRA SAFE doesn’t store chat histories or call logs; conversations exist only during their active sessions.

With encryption handled fully on your device, before data is even transmitted, EXTRA SAFE puts control in your hands, rather than relying on the network's security. Communication remains private, direct, and time-bound by design.

Take control of your private conversations. Download the EXTRA SAFE app for iOS and Android

Prefer a browser version? Visit extrasafe.chat