[Freedombox-discuss] freedombox & blackhats

Matt Joyce matt at nycresistor.com
Mon Feb 28 19:01:47 UTC 2011


There are some serious concerns regarding any real wireless mesh networks.
Isolating high power transmitters and tracking them is kinda old hat to the
point of being packaged products.  Unless you present too many targets to
dent, you are just pointing out where to send the goons.

RINT = Radiological Intelligence gathering has been a part of most
governments defense for a very very long time.  And if you step outside the
parameters of what is normal radio transmissions you will be very easy to
identify and / or silence.

So we should be targeting known and heavily used data transmission
frequencies.  That means 1.3ghz and 2.4ghz for the most part.  But of course
these are not advantageous in some environments.  The alternative is low
power AM ( very low bandwidth ).

The other problem we have is that in most countries there is fairly strict
control of radio spectrum.  You can't just start bursting encrypted traffic
in AM land without getting the FCC to send you a very large fine in the US
for instance.  And god help you if you start fucking around on GSM bands
with any real power and get caught.

There are people looking for this sort of thing.  And they will notice it
eventually.

So there are concerns beyond the normal.

In some areas of california ( where I am for instance ) there are guys who
will fine you for having a 2.4ghz transmitter above a certain wattage if it
causes any interference with anything.  Like this actually happens.

=/  - Matt

On Mon, Feb 28, 2011 at 10:47 AM, Thomas Lord <lord at emf.net> wrote:

> I didn't mean to distract with a big long
> discussion of freedombox & blackhat.   Not
> worth it.   Distracting.
>
> My main point for the FreedomBox project remains:
>
> 1) Don't act so surprised if we experience
> overt or covert resistance.
>
> 2) A vigorous market for countermeasures to our network
> hardening and stealth communications features
> won't be surprising either.
>
> What I really DON'T want to do here - aside from
> distract from the mission - is have us all
> brainstorming attacks and countermeasures.   That
> can get not just distracting but downright counter
> to mission, quickly.  Thanks.
>
>
> One last reply, from me, for fun, breaking my
> own brainstorming rule just this once:
>
>
>
> On Mon, 2011-02-28 at 10:31 -0800, Matt Joyce wrote:
> > Most large networks I've been to that care about security would notice
> > a machine hardwired into their network that wasn't pre-approved based
> > off the mac address of the ethernet interface alone.  They'd be able
> > to locate it just by the wirepath.
>
> You don't a mac address to sniff ethernet.  You do need
> unusual hardware.   My point is that, having done that --
> FreedomBox style robust / stealth comms software helps
> your mission.
>
> Also it's not only network.  As the article mentions:
> "Attach a camera or other sensor payload and use as
> an over-the-internet video bug."  A (very slightly)
> sophisticated MAC-less ethernet tap would be an
> example of a "sensor payload".
>
> > Wireless is a different issue, but most internal wireless is
> > configured to only allow vpn traffic to their own gateway... so again
> > blocked.
>
> As the article puts it:
>
> "Most locations have multiple 3rd party networks overlapping
> their physical space, which, if cracked, could be used as
> back channels for the plug computer to phone home."
>
> Of course, in spaces that don't have such 3rd party networks,
> an ambitious party could create some at just barely enough
> power and just barely the right locations to work while
> hopefully being unnoticed by anyone sitting across the
> hall hunting for them.
>
> Again, the mesh features we're talking about are an example
> of what really helps with that.
>
> I should emphasize that the emerging threat is not unique
> to plugs or solely related to plugs.   There's a whole
> trend in building "smart buildings" and "environmental
> sensors" with lots of very low power, mesh-forming, very
> dumb devices.   It will be easy to hide stealthy IP
> connectivity and such in all that noise.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20110228/d154b960/attachment-0001.htm>


More information about the Freedombox-discuss mailing list