Hacking the world – Making your own “Stingray”
It’s hard to be anonymous online.
You can use Tor, the anonymizing tool originally funded by the US Navy. But even Tor isn’t bulletproof, as there are various ways spies can still identify you. You can use a Virtual Private Network (VPN), but some of them keep logs of customers that can be given away if they get a subpoena.
Now, a researcher has created a device to give whistleblowers, dissidents, and perhaps criminals, an extra layer of anonymity. It’s called Proxyham and it’s essentially a hardware proxy that allows real paranoids to connect to a far-away public Wi-Fi network over a low frequency radio connection, making it more difficult for cops or spies to find the real source of the internet traffic.
“We consider this the last or worst case scenario, the absolute fallback plan if everything else fails,” Benjamin Caudill, the founder of Rhino Security Labs, told Motherboard, explaining that Proxyham is a complement to traditional anonymizing tools such as Tor.
Proxyham is made of a Raspberry Pi computer with a Wi-Fi card, connected to three antennas, a Wi-Fi one that connects to the internet at a public space (think Starbucks or a public library) and a dual antenna that transmits at 900MHz, this is used to communicate and beam data back and forth with the user, who can be as far as 2.5 miles from the device, according to Caudill.
To connect to the ProxyHam, the user needs a 900Mhz antenna, such as this one, plugged into his or her computer’s ethernet port.
This way, if an attacker is trying to track the user, they will only see the IP address of the Proxyham, which will be conveniently located far from him or her.
“You can have it all the way across town, and worst case scenario the police go barge into the library across town,” Caudill said.
Caudill is aware that this technology could be used to protect criminal hackers or even dark web drug lords, but the tech can’t make a distinction between a good and a bad user, he said.
The internet signal travelling back to the user is at such low frequency, Caudill added, that it’s really hard for anyone to track it down. At that frequency, “the spectrum is crowded with other devices,” such as baby monitors, walkie talkies, and cordless phones.
Michael Carbone, a technologist for the human rights organization Access, warned that Proxyham is a good concept, but it shouldn’t be seen as a panacea.
“It expands the physical location an IP address could be associated with, so that’s good,” he told Motherboard. “It’s just that it doesn’t do anything on the user side, where identity leak would most likely happen.”
That can happen in many ways, by tracking cookies or logging into personal social media sites at the wrong time.
“Proxyham is one tool to aid in this effort, but it needs to be combined with user practices for setting up and managing anonymous identities safely,” he added. “By default on its own it’s not going to be helpful.”
Caudill will showcase the Proxyham at the Def Con hacker conference in Las Vegas in August, where he will also release the source code, the blueprint, and hardware specs so anyone can create their own. He also plans to sell it “at cost” for $200, “as a service to the community.” (He hopes he will be able to drop the price to $150 eventually).
Caudill and his colleagues are also working on additional features to add to Proxyham. One is a self-destruct function if the device is found and tampered with. Another is a system to record and send the audio of the last few seconds before the destruction to the user. This would be a sort of digital black box that could help figure out what went wrong and who might be after the Proxyham user.
For the future, Caudill and his colleagues are also working to fit Proxyham into other objects, such as a book, to make it easier to hide.
“If you throw this in a library it would take you years to be able to identify it,” he said.