Getting free internet on a cruise, saving $170
138 comments
·June 16, 2025Doohickey-d
seszett
> port 53
I haven't needed it for... probably 15 years, but in the past (before 3G was common, and all you could rely on was WiFi hotspots) I have used iodine[0] as an IP over DNS tunnel.
My uni friends were always impressed, and it really helped me a few times. The throughput was never great though, but enough for some basic browsing.
Edit you have to be prepared ahead of time though, and it's the main reason I bought my three-letter domain back then (shorter domain means higher throughput as payload is a higher percent of the query response).
ipdashc
I still find uses for iodine sometimes! Off the top of my head, a hotel basement with no cell service, and once on a flight. It's rare that it works, but quite entertaining when it does.
I think in one of those two (forget which), they just had udp/53 wide open (which works just like any VPN), but in the other, it had to do proper DNS tunneling. And to my surprise, it was entirely fast enough to be usable, which usually is not the case. I felt bad for probably bogging down their DNS server, but hey. (Kept it to a reasonable limit.)
rahimnathwani
throughput was never great though
McAlpine5892
> but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet
The VPN would have to accept a connection over 53 though, right? This also seems like a great way to possibly bypass VPN blocking via DPI, which I've been hit with before on airlines when going over 443.
toast0
Yeah, but it doesn't cost much to accept connections on all ports (AIM did it in the 90s).
DPI should be able to easily detect and block non-DNS traffic on port 53, as well as IP over DNS. Just a matter of configuration effort; but lots of networks lack configuration effort, so it's worth a try.
sandworm101
5190 continued well into the 2000s.
miyuru
My ISP had a captive portal to show when the connection was disconnected and had 1.1.1.1 whitelisted on all ports for some reason.
Back then the CF did not restrict the IP for quad 1 IP, so I could access any CF enabled site without any charges.
meta_ai_x
I think, in 2025 you are better off with this
wkat4242
Often forbidden on cruise ships as it would be on flights for the same reasons (possible interference). In an airplane it's also impossible to make it work though those tiny windows of course. But on a cruise ship balcony it would probably be fine.
null
jasonjayr
I imagine one of the ships officers will be tipped off by the IT team about the unusual number of free-internet activation attached to your booking id, and either give your room a visit to knock it off, or just bill some multiple of the $170 anyway.
It sounds like it should only be used only a few times per booking, and this is going to hit at least 4/hour for multiple hours a day, so it will stick out like a sore thumb in the logs ....
But, a cool hack, nonetheless :)
JumpCrisscross
> imagine one of the ships officers will be tipped off by the IT team
If it’s any of the major cruise lines there almost certainly isn’t anyone in IT paying that much attention.
ryandrake
Yea, I'd think something like onboard Internet is something set up once for the ship, and then basically forgotten about as long as the overall revenue is above some "reasonable" threshold given the number of passengers. Ain't no security team sitting there monitoring user registration metrics in real-time looking for fraud. At best, they might pull logs every quarter to look for vulnerabilities like this to close.
dylan604
Why would someone in corporate IT responsible for this not ask Claude to write a script that does this on a much more frequent basis? That person might get a nice attaboi for it, but much less likely an actual bonus for it. Although, I can't imagine they are losing too much money on each cruise from this hack unless the next DefCon is on a cruise ship. Then realizing that 0 passengers signed up for WiFi might seem strange
remram
Since the cruise ship is named, there is a good chance someone at the company (even without technical skills) will notice this article and tip off IT this way.
paulpauper
This is why things stop working. they go viral and then get patched soon after
duxup
They probably have some paper pasted next to the equipment to look if the blinky lights are doing the thing, and how to power cycle things.
kccqzy
I imagine the ship officers don't even understand how the internet on the ship works, much less detect fraud. Perhaps all they have is a button to restart the system in case someone complains it's not working.
fn-mote
> the unusual number of free-internet activation attached to your booking id, and either give your room a visit to knock it off
Cruise lines want happy customers. They aren’t going to do something to piss you off for $170.
victorbjorklund
Not sure. They are known to confiscate for example starlink etc.
RajT88
If I was going to go on a cruise, I'd probably bring with my linux laptop for capturing WPA handshakes, and then use the 15 minutes to set up jobs for Hashcat to burn through on my gaming PC at home.
There is A LOT of AP's on cruise ships. Odds are a few are crackable.
dylan604
If I were going on a cruise, I could think of many much better use of my time than cracking APs. This just seems like you're doing cruising wrong if you're so concerned about it that this is where you want to take your experience
exhilaration
Sir, this is Hacker News.
TrackerFF
Internet on any ship is expensive as soon as you're out in maritime area - where data transfer is done via satellite services. So it is not necessarily because a captive market, where the cruise liners can fleece you. They pay crazy prices to the telecom/ISPs.
So if you're getting free internet out at seas, it is really at the cost of the ones actually paying the bills - or in this case, the cruise liner.
skerit
Could be, but getting a Gigsky e-sim is a lot cheaper than the internet on-board. And I was under the impression that in the end, that system is using the same internet uplink as the wifi (since I believe it's the ships themselves that send out the "Cellular at sea" network?)
dylan604
That's like saying your AWS egress fees are so expensive because AMZN pays so much for their bandwidth. Um, no, it's because it is a huge profit center precisely because the profit margin is so high
benbristow
I'm assuming these large cruise corps can get a decent bulk/business discount though.
zinekeller
Pre-Starlink, no, not really. Some discount due to the bulk payment, yes, but the bandwidth is simply not there to allow for such discounts, especially in high-demand areas like Africa and the Pacific where satellites have a double-duty to serve land-based customers.
testing22321
Pre starlink I looked at getting sat internet for 3 years around Africa. For even a few GB per month the cost was more per month than all other costs of the expedition combined.
I just got local sims, worked great
happyopossum
Oh look - I’m smart and made this theft easy, so the company I’m stealing from deserves it. Yay me!
Seriously people, I know that figuring these things out is part of the hacker ethos, but this is still theft of services no matter how you try and justify it.
baq
This horse is pulp and has been for a long while now but theft of services is not a thing, it’s a breach of contract.
bearsyankees
Nice tool for curl -> python requests without an LLM, all static:
yegle
Also `curl --libcurl curl.c https://example.com` to "convert curl to C code" :-)
humanperhaps
[dead]
gwbas1c
Just need to point out: A cruise is a ^%$^#$ expensive vacation. For me, part of vacation is focusing on the moment, place, and people that I'm with. Cruises have plenty of entertainment onboard, so if you feel the need to do something like this to save a buck, maybe take a deep breath and try to take advantage of what's already there for your entertainment.
If I ever take advantage of this hack... It'll be to download an extra book or two to my Kindle. My wife and I took a honeymoon in a remote area and mostly used our devices to take pictures and read books while at a beach.
Fergusonb
The author implies they're a highschool aged programmer. They're likely along for the ride with their parents and very online. I'd probably do the same thing at their age.
bredren
I used a travel router on my recent trip to Argentina and found it quite useful. It will be a permanent part of my travel kit.
Some cooler uses:
- streaming HDR video from closed MacBook running Amphetamine to Vision Pro via Moonlink
- Having a working HomePod mini in the hotel room.
The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Individual connections were free, though and fwiw high speed data over cellular was more reliable.
kennethrc
I have Wireguard (and OpenVPN off TCP/UDP 443 as backup) on a router connected to residential symmetric 1G fiber. Among the many uses for that means I can watch the NFL (et al.) when abroad just as if I were home; there's WG/OPVN clients for the FireSticks I carry when travelling.
bentcorner
> The hotel internet did not like multiple devices off the router. It didn’t reject it outright but it throttled or nerfed it.
Curious - what tools would they use to detect this, and what could someone do to work around this?
bpye
I hit this once - it was using the TTL. I setup an iptables rule on the router to rewrite TTL and then it worked fine.
okdood64
> travel router
What's the difference between that and tethering off your phone?
uudecoded
For what it's worth, based on somewhat frequent posts to r/cruise and Cruise Critic, travel routers are very often confiscated by ship personnel and held for pickup until departure day. They appear on major cruise lines prohibited items list (but curiously are banned on Carnival but not their subsidiary Princess).
isawczuk
I was watching some cruise crew videos, and it turns out their biggest expense is internet. I'm curious why they don’t just install Starlink to cut costs and maybe sell to guests some "piracy" internet?
jasoncartwright
Pirate seaborne internet has been tried.
"A Navy officer is demoted after sneaking a satellite dish onto a warship to get the internet"
https://apnews.com/article/navy-illegal-wireless-internet-53...
https://www.navytimes.com/news/your-navy/2024/09/03/how-navy...
isawczuk
Maybe military is not best place to have "piracy internet", yet I think with current tech - internet access should not be an issue.
ajmurmann
I thought Princess in fact used Starlink https://www.princess.com/en-us/news/news-releases/2024/08/pr...
rahimnathwani
GP is talking about the employees getting their own Starlink sub, and competing directly with their employer's service.
jotux
Went on a cruise last summer, the internet on board was starlink. It was advertised at $30/day.
bryanlarsen
It's interesting to contrast Starlink on airlines vs Starlink on cruises.
AFAICT, all the airlines rolling out Starlink have made it free on their flights. Which implies cooperation from Starlink -- either Starlink has made "free" a condition of their service, or they've just priced it cheap enough to make free a reasonable option for airlines.
There's no good reason why Starlink for cruise ships should be priced significantly higher than on airlines. So either the cruise lines or Starlink are gouging. Or both. Probably both.
ceejayoz
Planes, at most, have a couple hundred people onboard.
Cruise ships are getting towards the 10k person mark.
One cruise ship will be substantially more load on the local satellites and ground station than a plane will.
ajmurmann
Cruises make most of their money now by upselling you on board. Premium drinks and drink cards, more premium restaurants while included buffet and dining room get less love; internet upgrade, excursions, lots of stores selling stuff like diamonds and overpriced fashion, art auctions. It's worse than a floating shopping mall.
rootsudo
Almost, the reason it's free is because competition from t-mobile for the internet provider and that the legacies are providing it free and well almost legacy airlines like southwest and alaska.
Whatever one legacy does, the other do - charge bag fees, the others do too within a quarter. Free internet (Delta afaik was the leader here) the others offer free internet.
Soon it will go the way of having an added fee or being tied to your ticket on the airline, w/ Tmobile its already linked to your phone number.
Tepix
There is one very good reason: Supply and demand.
Most people will manage without internet for a couple of hours.
A cruise takes much longer.
kennethrc
It seems as it would average out, but I wonder if the equation between "<some %age of> ~2500 people for a 7-14 days" vs. "<some %age of> ~175 people for 2-5 hours" incurs more "costs" for the former?
seam
it's unclear to me why Starlink is free on airlines. I currently pay $30-50 per transoceanic flight for crappy internet. I'd pay 2-3X more for something solid with lower latency.
ornel
Regular internet on ships is a flat rate for the ship owner (except for Inmarsat, which is hugely expensive and only used if nothing else works) and the big issue is sharing limited bandwidth with all users. Before Starlink this meant blocking all streaming for our ≈35 people crew, unless you used a VPN, which allowed you to bypass blockage and would get you banned if caught. It's a huge cat and mouse game that burned too much of my time. But then, cruise companies are sleazy as fuck and totally deserve this.
Source: I was a radio operator on Greenpeace ships for nearly 20 years
cr3cr3
Lately they do, along with LTE/5G deployments near docks. Still expensive as they often outsource the networking to external vendors/
JumpCrisscross
> curious why they don’t just install Starlink to cut costs
Cruise ships are tiny cities. The density overloads Starlink.
mmmlinux
Except for all the ships that do use Starlink I guess.
JumpCrisscross
> Except for all the ships that do use Starlink I guess
Hence why they meter and ration its access. Starlink cannot service an entire cruise ship at acceptable speeds for the same reason it can't service a Manhattan city block.
b0a04gl
on a recent trip, i stayed at a hotel that had a 1-hour free wifi trial per device. after it expired, i toggled mac randomisation and reconnected. worked again. did it four times, no issues. never paid.
later checked the captive portal domain. it was hosted by a third-party vendor. not the hotel. same pattern as cruises. backend didn’t care who i was, just tracked mac and time.
this blog just confirmed what i suspected: enforcement is surface-level. they want friction low enough to upsell, but not tight enough to annoy casual users. the systems are optimised for conversion, not for plugging leaks. most abuse is silent and tolerated. these aren't security flaws. they're tradeoffs
whizzzkid
I was able to do something similar on the Celebrity Cruises, however, theirs is more vulnerable as you can overtake a logged-in user's session by changing to their IP addresses. This allows you to take over room-controls, casting and internet in Celebrity's connected rooms.
I didn't try this on Princes, because I had an all-inclusive pricing, but yeah, this is possible.
This is actually quite common: I've been on ferries, at airports, even hotels, which give you some amount of time for free, often anonymously. So just a mac address change gives extra internet.
New Android versions make it especially convenient, with a "Wi-Fi non-persistent MAC randomization" option in the developer options, meaning you can just "forget" the wifi network and connect again with a fresh mac address.
In some cases I've seen networks that allow any traffic on port 53 - it doesn't have to be DNS traffic. The most surprising one was a mobile network with a pay as you go payment model: load money first, buy a data package, when the data package runs out, you get a captive portal that says "you've run out of data" - but port 53 wasn't blocked, so a commercial VPN resulted in unlimited internet at unlimited speed, with roaming anywhere in the world (and that was back in the day before SIM card registration was required too, so anonymous, too).