Wireless Communications


#1

Hey all. I’m fascinated by all sorts of wireless communications and was wondering if anyone else shared interest. I’ll share some highlights.

Satellite Communications

I have experience with Dish Network customer installations so I would love to take my skills into open source and software development. You can view Satellite positions in the sky with In-The-Sky.org

Radio, Wifi, and Line-Of-Sight Ground Communications

Also speciality antennas like YAGI, parabolic dishes, Pringles cans, and the like.

I would love to see more Ruby projects in open source communications. There are a very few github projects in Ruby related to Satellites. And I’m aware of MetaSploit being a security auditing tool that works with Ruby. As far as I know most wireless communication software for Linux is done with GNU Radio which is written in C++.

I want to get involved in Ruby with communications and these interests above fit the bill. If these topics also interest you and you have anything to share I’d love to hear about it!


#2

Nice one Dan :+1:

I hadn’t actually heard of Outernet - sounds like a cool project.

I wonder if you could use mruby for something? I’d actually like to see small PI-like devices that run just mruby with usb (maybe micro-usb port) and some memory - they would be tiny!


#3

Yeah! Outernet actually has a related Indiegogo project that offers in-your-pocket access to this library of satellite data. Lantern: One Device, Free Data From Space Forever

But personally I’m more interested in having my own DIY receiver kit because where-as it works with Outernet, it will also allow me more flexibility to experiment.


#4

Sounds good - DIY FTW :smile:

So do you know of any other means of secure communication between two computers that does not rely on the internet (so direct - maybe through a telephone wire?)

The old modems used to let you ‘dial’ in to another computer - you just needed the appropriate software. Wonder if anything like that exists today.


#5

With a parabolic dish you can get peer to peer wireless of 5 to 8 miles within LOS (line-of-sight). And that with only one person using the dish (if I’m not mistaken). One not often talked about is laser light communications… very long distance with direct LOS.

Yes dial-up is still around. And yes you can bypass the internet with it. But I don’t see why anyone would want to use those slow baud speeds. Not ideal for security.

It would be funny to use the old pigeon messaging technique and use a drone instead of a pigeon and a USB stick instead of paper to send communications back and forth. :wink: Although I believe there have been some laws made against flying drones in America out of your own field of vision (Darren Kitchen of Hak5 talks about it on Youtube).

Data drops are potentially secure communication. That’s the whole purpose of PirateBOX … check out their videos. They have an example of a USB drive being cemented into the structure of a building.

I believe that universally VHF and UHF frequencies have become unregulated (open for use) and that’s the future in long distance high-speed wireless communications. There are people working on technologies that will use multiple frequencies and automatically avoid interruptions at any point.

The National Telecommunications and Information Administration have a spectrum chart United States Frequency Allocations (The Radio Spectrum) PDF of the frequencies and what are allowed to be used.

If you’re a HAM operator you may have permissions to broadcast at times at frequencies that bounce off the upper atmosphere and can reach around the globe.

Ideally communities will create their own mesh networks (other-nets). A just in case communication tool in case communications get cut off. Ideal for oppressive nations that don’t allow free speech like China. Mesh networks I think are the best all around solution.

Of course any direct wires you run would be considered more secure if you’re not going through any external sources. But there is also the potential that any machine used is, or can be, compromised. Or; imagine a wire in between two houses… one day some on comes along and cuts it to splice in a LAN Tap. Encryption should be used whatever the case may be.


#6

Here’s an excerpt from a recent Security Now episode. The TL;DR is that some one can get your PGP decryption key from your computer with an AM radio and a phone nearby.

STEVE: Yeah. So, okay. This generated more tweets this last week than anything else. And I have to say that it was the pita bread that really put the icing on the cake. The fact that you could tuck this thing into a piece of pita bread, that - I don’t know. I was going to call it a “tempest in a teapot,” because of course Tempest is the famous technology for using radiation from something for spying, so “tempest in a Teapot.” But I thought, well, no, “Tempest in a Pita Bread” doesn’t quite have the same ring. So this is an early look at a paper that will be presented at the Workshop on Cryptographic Hardware and Embedded Systems this coming September 2015.

Some beautiful engineering on the part of these researchers. And quoting from their page, they said: “We successfully extracted encryption keys from laptops of various models running GnuPG - popular open source encryption software implementing the OpenPGP standard - within a few seconds. The attack sends a few carefully crafted ciphertexts.” This is the brilliant part. “The attack sends a few carefully crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially structured values inside the decryption software. These special values cause externally observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends upon the pattern of key bits - specifically, the key bits window in the exponentiation routine. The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.”

PADRE: Wow.

STEVE: It’s just a beautiful piece of work. So, oh, and so they have multiple versions of this. In their first one, they use an SDR, a software-defined radio, and a wire going off to about a six-inch diameter loop, which they hold near the laptop. It can work a few feet away, but it still needs relative proximity. And of course if they improve, if they invested time in directionality and signal amplification, they could end up with a gun sort of thing that you point at a laptop. But, I mean, it isn’t the case that the key bits are just tumbling out.

The secret to their cleverness is that they exactly understood the open source algorithm. They were able to determine that, by causing it to decrypt a specific ciphertext, the act of decrypting it would generate relatively low-frequency transience. That’s the other thing, is even though the processor is cranking away at 3GB, the actual signal that comes out is about in the 1.7 MHz range, way lower.

And in fact, I said that that first attack used a USB SDR connected to a big loop. Then they came up with a battery-powered one - that’s where the pita bread comes in - because they demonstrate, in fact, that’s the picture of the week on the show notes this week is their loop with a power supply, four AA batteries, the SDR, and a small battery-powered computer to drive it and collect the signal, all sitting on top of a piece of pita bread, which you imagine you might be able to slice open and just tuck it in there. And if you just sort of - if there was a lumpy-looking pita bread sitting next to your laptop at Starbucks, you might want to think twice about using PGP to decrypt incoming mail that you weren’t expecting because that could contain the special ciphertext and leak your PGP keys to the pita bread which is nearby.

PADRE: If you’re in the office, and one of your coworkers is walking around with a gyro all day, then, no, maybe you want to take a look at it, just a little.

STEVE: Well, and I loved - their final refinement of this was the so-called “consumer radio attack,” which is the last picture there on the page, showing an AM radio with its earphone jack plugged into a standard smartphone. They said of the consumer radio attack: “Despite its low price and compact size, assembly of the pita device still requires the purchase of an SDR device. As discussed, the leakage signal is modulated around a carrier of around 1.7 MHz, located in the range of the commercial AM radio frequency band. We managed to use a plain consumer” - I don’t even know where they found a plain consumer-grade radio receiver. You know, it look like something with a nine-volt, well, it’s called a transistor radio battery for that reason, you know, that we listened to in the '70s. But so they used “a plain consumer radio to acquire the desired signal, replacing the magnetic probe and the SDR receiver. We then recorded the signal by connecting the radio to the mic input of an HTC EVO 4G smartphone.” And still pulled off the attack with the radio sitting next to the laptop.


#7

Unsurprising really :neutral_face: I did wonder whether something like that was already happening.


#8

Other than wirelessly seeing what was on a CRT monitor I don’t believe computers generally have this kind of data leakage. Of course wireless keyboards are a security risk (beyond wifi and bluetooth). Oh, and there is the “alleged” computer access through power lines story old news stories published (via uneducated news reporters that is).


#9

Awesome new device available for VHF/UHF communications. HamShield turns an Arduino into a VHF/UHF transceiver


#10

Want! WiFi Pineapple Mark V Ultra Directional Kit


#11

I spent half a day trying to set up a Transparent Tor Proxy. Basically adding a second network card to my PC which acts as an internet connection… from which I run a wire to a Linksys router. Everything the Linksys router receives runs through the computer which then proxies it through Tor. My own anonymous wifi hotspot :smiley:

I tried 3 different ways of doing it. Lots of annoying manual configurations. But one of the simplest ones that finally worked for me is this one: How to setup Tor as a Transparent Proxy on Ubuntu Linux

Also one noticeably interesting thing about the router I’m using is it’s compatible with dd-wrt should I want to go uber geek on it.

I’m using a TRENDnet USB 2.0 to 10/100 network device as the second Nic, name-brand item, and the Linksys router is a WRT54G2(v1)


#12

I’m going to be getting really familiar with wireless diagnostic tools. I’m planning a project for site-surveying which will include Wifi, GPS, and Cellular strength/data. If anyone knows of great tools or suggestions for getting started on this I’d love to hear it!


#13

This looks like an interesting project: