Slashdot Mirror
Ready, Aim, HACK!
KD5YPT writes "According to a story on Wired, Adam Laurie and Martin Herfurt demonstrated that they can hack a Bluetooth enabled phone from up to a mile away using a sniper rifle with yagi antenna. Kinda gives a new meaning to '1337 hAx0r2'."
Aim Hack
Is the sniper rifle really necessary?! Unless you're planning on eliminating the cell phone user so they never discover the hack. Otherwise, wouldn't a stand-alone scope do just as well, and get you into a lot less trouble from law enforcement?
Cyde Weys Musings - Scrutinizing the inscrutable
What kind of time do these people have to try these kinds of ridiculous "tests?"
Now all the people that hack Counter-Strike will be out on the streets with Snipers hacking Bluetooth devices, leaving CS hack-free. Thank god.
I'm not impressed. If you really want to impress me, use a Cap'n Crunch whistle over a Bluetooth-enabled phone to switch your neighbor's TV to the Spice channel with the volume up to 50.
Fun.
It would be cool if it didn't suck.
First Post?
Kinda gives a new meaning to '1337 hAx0r2'.
What, so instead of "Fucking tool" it now will mean "Fucking tool who's in jail for aiming a sniper rifle at someone"?
Casual Games/Downloads
The sand color for this topic sucks. My eyes are burning.
I'll get back to you later
If I saw a guy pointing a gun at me from far away (or close), I wouldn't be worried about him taking my contacts out of my phone.
Now in real life too. Too bad you can't toss the occasional opportunistic grenade like in Half Life.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
No more paying for those pricey 900 numbers... I'll just hack some poor schmuck's phone and whack o..err... talk for free.
Hey, guys. Big gulps, huh? Cool. All right! Well, see ya later.
Using the sniper rifle's scope to finely track the location of the phone, and a very, very directional antenna (parabolic) to then capitalize on the parallel incoming waves from the phone's signal? (much other interference would be limited by the polarization effect of the directional antenna...) Sounds interesting..
to use this same setup to look down into a city and pick up individual wireless networks.
War Sniping?
up 12 days, 22:30, 2 users, load averages: 993.20, 994.21, 994.56
*makes note to limit user processes...
There were pictures of this device on the DefCon
:P
webpage posted just yesturday.
It's just mounted on a sniper rifle-like device,
it's not an actual gun
Yay, Free Flat Screens!
...that you have to call the guy at the other end and ask him to stand very very still :)
... or something to make it look like a toy. They're going to have real guns pointed at them if they keep carrying that around, and I'd say anyone that shoots back would be entirely justified.
If they were really 1337 h4x0r2 they'd be using a BFG, not a sniper rifle.
Is there a possibility to create a virus exploiting that bug and start spreading?
Uhm, no, not really. Not at all.
Why bother.
1) Find an attractive person with a bluetooth phone
2) Stalk them from long range and send lovey dovery text messages
3) Get arrested for stalking
4) ????
5) Profit!!!
Rus
Cheap UK and US VPS
Is this a direct line of sight thing?
That's why you should turn bluetooth off when you're not using it.
Is there really any need to have bluetooth turned on all the time? I would think that it just wastes batteries.
To understand recursion,
you must first understand recursion.
Learn something new every day.
You're right, here are the pictures.
-------
Warning: Slashdot may contain traces of nuts.
So where do people who are looking for this sort of capability on their laptops get the software from?
The "rifle" design with a scope actually makes sense. If there's a moving target at a decent enough distance, all you have to do it keep them in the sights while you communicate with the device. Otherwise, a yagi on a stick without sights is probably a little harder to aim precisely, especially if your target is far away.
this is my sig
Was covered in brief on tomshardware in a post on /. yestarday
All spelling mistakes are due to solar flares...honest
It isn't a real sniper rifle It'd still make someone nervous if it was pointed at them I imagine . . .
Surviving the 21st century:
Pencil
Pocket knife
Pad of paper
Water bottle
&
Towel
BTW the Hitchhikers Guide is now considered a bad idea, as even it has proven to be hackable, particularly by those who consider themselves to be hoopy froods (though inaccurate entries may be inserted, and attempts to modify the operating system of all versions of the Guide result in the brief appearance of a hungry ravenous bugblatter beast of Traal, followed shortly by the departure of a not quite as hungry ravenous bugblatter beast of Traal.)
A feeling of having made the same mistake before: Deja Foobar
If deployed in the field, special ops soldiers can approach a terrorist safehouse, and activate this device to hack into any cell phone that may be vulnerable. Then they could simply listen in on the safehouse without ever being even 500 feet away, and can discern their movement if necessary.
All this translates into being able not to tip off the bad guys that you are coming, and still able to glean important intel.
WhyTF does the geek with the 'rifle' have that smug expression? I mean, if he really wants to feel like a big man, I got the impression that right now its pretty easy in the US to sign up and go play with the real thing in a real conflict?
...somebody tk'd them for hogging the AWP and being all sux0r with it.
www.HearMySoulSpeak.com
A telescope or transit tripod. You're going to be a little obvious pointing any object that looks like a rifle at someone only 50' away. Especially in an urban area. I would also imagine that the weight is more than it needs to be, since the stock and grip are designed to resist the kick. It still gets "cool points" in my book though. Parhaps it would work out better to build a directional antenna within a telescope or transit, so as to be a little more inconspicuous.
www.facebook.com/DareDefendOurRights
www.fairtax.org
"The BlueSniper rifle for capturing data from Bluetooth-enabled phones is constructed from a Choate Ruger Mini-14 stock, 14dbi semi-directional Yagi antenna, standard rifle scope, electrical tape, zip ties and cardboard."
They really should have used duct tape rather then electrical tape. It would have been much more Chic!
rejected (19) accepted (0)
Is there a psychological term related to getting your stories rejected on slashdot?
No, more like "C/\mp1ng 8a5tard!"
${YEAR+1} is going to be the year of Linux on the desktop!
Authority questions you. Return the favor.
http://www.tomshardware.com/business/200408021/ima ges/bluesniper.jpg
serves me right, RTFA :-))) - Sniper-Geek-Boy is an Old European whose company lives in a Cold War Bunker... nuff said, maybe there is a pattern here. Maybe you guys can help him join the Army over there, our Army is getting cut back...
Makes a guy wonder how good the politicos are at securing their phones. Need to call a campaign manager directly? I'd bet a person could collect interesting phone numbers from a motorcade driving by. Not that that would be legal or ethical, of course. I'm merely postulating.
This is yet another reason NOT to buy those stupid phones with 14 different features. Every time I buy a cell phone, I buy the cheapest one available, so it doesn't have all of this crap associated with it. I just want a cell phone that *works*. The last thing I want is a phone with so many useless features that it actually has *security* holes! That's insane. So if it comes to the point where the only phone I can get has this stupid Bluetooth stuff, then I have to worry about feds wiretapping me AND kids hacking in? Great. I'm going back to cans and string.
I believe almost none of this.
I have a bluetooth phone and it simply won't do all those things. You *can't* just connect to it and make it bug you or relay your calls.
Where is the evidence that any of this is even remotely true?
I wonder whether there are other Bluetooth devices that could be attacked this way. For example, it seems theoretically possible to also listen in on data transfers - say between PDAs or cameras and laptops.
Now if only the hacker community could put together a convention of sorts to tell us about neat toys like this, they could call it deft-con or something like that; then cheesy hardware site employees could attend and say its for work (tax-deductible trip to vegas?)C'mon Wired, its only DEFCON12, you'd hope that converage of that event would be their leading story.
f con-05.html
a ges/bluesniper.zip
Hmm... the linked article (i almost read it) didn't mention such an idea, only that the gun was tested in las vegas.
This was in the (/. linked) tomshardware coverage of defcon 12
on this page http://www.tomshardware.com/business/200408021/de
and a video http://www.tomshardware.com/business/200408021/im
I wondered why my phone's display kept changing to "OMG PWN3D U FAG". I thought it was Verizon getting uppity.
..."fucking tool taking a dirt nap."
.30-06 will just get you plugged, with the PD Sportsman's Club gaining a new rifle.
You aim a gun in public at someone, and most urban police forces will just shoot you, since it will be presumed that you pose an immediate threat to someone's life.
If you painted the fucking thing blaze orange, removed the bolt and trigger assembly (or some other suitable field-strip) and had the barrel obviously plugged, you'd get a chance to surrender. A run of the mill
Whoever isn't using mod points on this is dumb.
It surprises me how retarded people on a technology site can be.
Do you avoid those stupid computers and just buy 4-function calculators to avoid all those viruses, trojans, spam and all the other crap associated with the internet and modern computing? I guess not.
If you look closely, people being hax0r3d are almost always the ones who don't understand what they're doing.
-Don't enable full read/write access to all files while using broadband without a firewall.
-Don't leave bluetooth enabled when not using it.
-Don't park your car with the keys in the ignition and the doors open.
If any of the above didn't seem blatantly obvious to you, you are ignorant about the technology involved. Any problems you have are your own fault and do not make the technology bad.
Where there's a will, there is a way. This is similar to the spam issue. Many arguethat spam would be reduced adn sys admins would have an easier life if curious people did not impulsively click on evrey ad that they see, nor respond to every question about income or dick size that landed in your email.
In the caseof bluetooth, people need to realize that these are phones, not safes with locks. tThe average person takes data security for granted, because they don't understand or care to consider the functionality of the device or the technology they are carrying. "If it's in my pocket, it's safe." BS. If you can send signals with it, it can receive signals. Similarly, if you park your car for three days with the driver side door open, most likely it will not be there when you come back (Unless you live on an island where yours is one of five cars, easily recoverable). Getsmart people!
[Please sign here]
Some researchers found a way to completely destroy bluetooth-enabled cellphones from up to a mile away with a sniper rifle by failing to RTFA.
It looks like English and it smells like English but it doesn't quite read like English. Can I get a translation?
s/symbian/debian/ig
First off the gain of the antenna is quite low for a "1 mile away" hack. if they had a custom bi-directional amplifier that was not only a preamp on the incoming signals but bosting the transmit I would start to agree.
I can also see 1 mile away with a dish antenna giving them more in the 25-30db gain range... espically considering that they are losing at least 3db in the cable it's self.
It's a neat idea, and the close range (100-500 feet) possibilities with a basic directional antenna are certianly possible but not a full mile with what the article is talking about.
Bluetooth makes 802.11b look like a commercial broadcaster in power differences. celphones are Class II bluetooth devices, the lowest power output level type. Class I has a 100 meter max range and would be a better device to attack from afar but certianly not a Class II BT device like a cellphone.
Low gain and low directionality of their antenna are what makes me really ssupect their 1 mile claim.
Do not look at laser with remaining good eye.
I would be more worried about him taking the contacts out of my eyes!
emt 377 emt 4
When did the Ghostbusters become hackers??
I'd think a pringles or coke can would be a bit less conspicuous..
On the other hand you know those security video cameras used in public places which can be remote controlled to rotate and zoom in on someone's face? They are usually hidden in smoked glass domes in ceiling or, I suppose, in less conspicuous ways in places like casinos or board rooms. Sounds like another good aiming device, I saw one $500 dollar model in Akihabara recently you can operate from a web page. Same shop for a few hundred bucks also sold remote cameras accessible via UHF.
I'd be worried if I carried anything with Bluetooth (so far I've resisted..) The more it penetrates it seems the more tiny yagi antennas you'll see. Only saving grace I could imagine is if the yagi antenna is left powered up maybe you could detect it as the camera pans across you... IANA EM Engineer but would not a yagi antenna also transmit towards you any noise from say the video camera's motor or power supply? If so a detector might be in order..
If you would run around with your bluetooth turned on and advertising itself, of course there's a risk. Lots of features on phones are silly, but bluetooth is genuinely useful. I sit at my PC at work, and my address book syncs with my phone while it's still in my pocket. When I'm listening to music from my computer on my headphones, I can make calls on my phone, and use my microphone and headphones as a headset. I already mentioned the networking.
Bag on polyphonic ringtones if you want, but bluetooth is an excellent technology.
"0300 - Meet maker" :D
Let the guy rest in peace and come up with some new material, guys.
You might be writing from England, I don't know, but the part about "illegal to have a handgun in safe at your home unless you're licensed, registered, and have passed a background check" is most certainly NOT true in America.
Perhaps England has a division called "Homeland Security" as well, and that's why I'm confused?
Don't leave bluetooth enabled when not using it? Jesus christ... we're talking about a PHONE here? That's entirely too complicated. That's like saying that you should disconnect your computer from the Net when you're not using it. It's very simple... bluetooth is insecure, and is not used by probably 99% of people with cellphones. Thus, the smart thing to do is to avoid it like the plauge.
If you combine this concept with Sun's wireless motherboard ( chips talking to each other wirelessly ), then the sky's the limit for hacking.
As I was reading the only thing I could think about was James Bond standing on top of a building and spying on someone's conversation using the Bluetooth rifle...now that is an awesome hack.
SIGFAULT
so you can hack the moto iTMS enabled phone via the blue shotgun ? insert new songs ? R.E.M. anyone ? or... play with the ringtone... this guys phone rings and Jimmy Hendrix starts whaling with the Star Spangled Banner... I like it !
This msg is brought to you by the letter 'W'.. for Worthless Wuss
I could care less if you hack my BlueTooth phone.
:-[
If some asshat need in you arises that demands that you must listen in on a conversation with my wife as she bitches at me for buying ROMA TOMATOES instead of CHERRY TOMATOES (they're fucking red, for Christ's sake), you go right ahead.
And if it gets your lollies off to hear that, wait until she calls me to inform me that I, once again, forgot to let the dog shit before going to work. And I must clean up what ensued.
Yeah -- hack that. All you want.
IronChefMorimoto
Fantastic mental image! You and about 50 other people in a public square, each with a can, and "any-to-any" strings attached between all of the cans.
This would accomplish two things: make your network visible; and ensure that anyone trying to "hack in" would get tangled up and become "the biggest ball of string in" wherever you might be.You were 80% angel, 10% demon. The rest was hard to explain. - Over The Rhine
"Math in a song is good."-Linford
because most of you have never even hel a real firearm and you have NO idea how they work! Just beacuse they used a scoped rifle stock doesnt mean it can aim worth a shit! The scope works off of the fact that the barrel has already been sighted at the factory. When mounting a scope you are required to "zero" your sights by way of laser sighting or trial and error at a firing range. If you pointed this device at someone holding a cell phone you are likely to "miss" and pick up the guy behind and to the right, or left, of him. How the hell are you going to zero a fucking antenna? hmmm?! You cant, not with a scope anyway. The only way this would be dead on accurate is to employ the use of a mounted laser sight, however; who knows what effect that would have on transmission? Also, now you are pointing a laser sighted rifle-like object at people which is a sure fire way of getting doubletapped in the forehead, especially if I'm around with my MP5! SOF2 rules, and simple* ownz u foolz!
"Patience is not a virtue, it's a waste of time."
I always suspected that that show was fixed.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
In a related story, Las Vegas police department sharpshooters shot two men who they say were preparing to assassinate random pedestrians from an 11th floor window of the Aladdin Hotel. When the concept of the "Bluetooth rifle" was explained to the police spokesman, he said, and we quote, "what a pair of f***ing idiots." Since the pair was shot approximately 10,000 times by the nice policemen with *real* rifles, only splinters of the "Bluetooth rifle" remain. Film at 11.
How 'bout this?
I've seen Sixteen Candles WAY too many times. Sigh...
Wouldn't you have to recalibrate the scope to take into account the fact that the radio signal isn't going to drop the way a bullet does? I would think that you could just wire-tie the scope to the axis of the antenna, maybe inserting some insulation in between them. No need to go around upsetting people who are afraid of guns.
A question: If my rifle is a muzzleloader, does this mean I have to use Morse code instead of Bluetooth?
"Who controls the past controls the future. Who controls the present controls the past." -- George Orwell
For hunters safety class, you're told to carry binoculars. Sure there's a scope on your rifle, but most things (also read: people) that you want to see up close also run the risk of getting shot.
You get a different vibe when someone is "just looking" at you with binoculars than with a rifle scope. Also, the environment you're in (hunting season) means that the person you'd be aiming at ALSO has a decent weapon and would be very interested in observing you in the same manner. The person reacting would also be more likely to want to "feel safer" while looking.
The picture in the article: he looks like he's holding a chainsaw or a seriously bayonetted rifle. Basically, it LOOKS dangerous.
Point that thing at someone's head (it's for cell phones - right?) and you're ASKING for trouble.
As for painting it bright colors: it would be better to just use a less threatening design - an orange weapon is still a weapon.
This is not my sig.
Yeah, of course, the 50' was without the rifle. They did 1.1 miles with the rifle. So that's a little less obvious.
Sitting in an office building in the middle of a city, looking out reflective windows, you can see a LOT of bluetooth cell phones within a mile or less range.
--
Money Book Review
Gives a whole new meaning to the term bluebox now doesn't it?
...unfortunately no one can be told what The Mat^H^H^HGoatse is...they must experience it for themselves...
So buy a BlueTooth phone and TURN THE DAMN BLUETOOTH OFF! You're like a Windows user, whining: "but I can't turn it off, it was enabled by default".
yo sterling, wazz up Sterling S Wei 2930 Grants Lake Blvd - Apt 2604 Sugar Land TX 77479 USA
Ack... damnit! Now there are snipers in my cell phone!
"Our funds have never taken part in toxic or death spiral convertible financings of any sort" -BayStar's managing partne
I am more concerned about phones that have built in cameras. I have worked for two different companies now who both have a very strict no cameras on the premises rule. This also means no cell-phones with cameras built in. It is starting to get to the point where you can't get a high end phone without a camera. I want to see one of the phone manufactures make a phone that is as small, has a color screen, but doesn't have a camera built in. Is that too much to ask?
Yeah, but all I want my phone to do is store numbers and call numbers. Seriously. I'll get a seperate PDA for the rest of the crap. And no f'ing way I want a camera on there either. If I wanted a camera, I'd get a nice slim digital, or a real SLR camera.
SIG: HUP
which American idol I voted for!!!
What is this world coming to?
This should invalidate SMS usage in courts as evidence.
/ 07 /29/malaysia.divorce/
http://www.cnn.com/2003/WORLD/asiapcf/southeast
This problem seems like one that could be fixed in software. Turning BT on and off as required is a great intermediate solution, but a lot of cellphone and PDA people have implemented their software such that turing it on and off requires walking through several menus. It's a chore for something that should be as simple as 2-3 button presses.
;)
The people who whine to not buy BT cellphones and devices are, of course, as retarded as the companies who did not implement a secure standard
--
Internet Explorer (n): Another bug -- that is, a feature that can't be turned off -- in Windows.
How about War Toothing.
I, for one, fail to be impressed by this. The idea of adding a scope/stock to a surveillance device isn't a new one -- I've done the same thing myself, but it wasn't pointed at bluetooth devices. Sure, it's a good idea, but there's nothing revolutionary here that I can see. Am I missing something? (Other than the 'wow kewl' factor)
Fill in your four or five-letter word of wisdom here _ _ _ _ _.
Godammit you stupid MS bashing parents basement dwellers can`t even think up a good joke...jeez
for reminding people that they don't gain karma for a funny mod.
Funny how that works.
I modded the parent interesting because this might be an appropiate name to be used for these types of devices. Would you have this in mind before metamodding, please?
BTW, I think it should be something like 1/3 interesting, 2/3 funny, thanks.
No. But when I install a Linux distro I do not get all the 100 million packages. I just get what I need, mainly because additional services means more vector points for hacking into the box. With phones the way to choose which features you get is to select a particular model which is exactly what the parent poster is talking about.
Informative? Sheesh, more like complete luddite.
If you actually KNEW anything about bluetooth, you know there are simple ways to secure the connections (which the article conveniently leaves out). Here's a hint; how many simultaneous connections can most bt enabled phones host on the stack?
Every fucking week they have to remind us that wireless technologies are shitty.
Idiot: hey guess what, wireless is insecure!
Me: no shit
Wireless tech makes it so i dont have to be in your building to hack you. I can be in your parking lot.
In reality wired networks are 10x more insecure than wireless. There is an assumption of protection because they could see the black hat walk in the door.
Bullshit, I'm the repair man, the delivery boy, the lunch guy, or even ur mom.
Walk in, plug in, and masqerade as someone else.
Why are we focusing on wireless insecurities when our wired networks are even worse...
PRINT "Signature line broken."
GOTO 1
I thought: Tusken Bluetooth Raiders!
Just give me a sniper rifle and I'll "hack" (more like crack, to pieces) a phone from a long distance.
That rifle is awsome! where can I buy one?
Oh well just shoot the guy that made blue-tooth have no security. Simple.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
This:
What is the Philosophy of Full Disclosure, and why are we providing the tools and detailing the methods that allow this to be done?
Followed by this:
Tools will not be released at this time, so please do not ask. However, if you are a bona-fide manufacturer of bluetooth devices that we have been otherwise unable to contact, please feel free to get in touch for more details on how you can identify your device status.
Seems to think that either they didnt check the article, or are not really wanting to do Full Disclosure. The cat's out of the bag, when would they release it, despite it being hardware that's vulnerable? If they really wanted to know what works and what doesnt, they'd release it to the rest of the world and let a wider base and accept the (minor) collateral damage that might ensue.
we'll show you ours if you show us yours
Well, I truly doubt ALD would in any case given how they respond to this one.
I'd consider mailing them on this one: adam@algroup.co.uk and ben@algroup.co.uk
"Forget the engineers." -Carly Fiorina, briber of MIT Technology Review.
So it doubles as long-range Bluetooth and a rifle? What would really be fun to do is take over hack someone's phone to dial out to the Carribean or something and snipe them. Leave their next of kin with the phone bill.
Um, do you know about Bluetooth hands-free headsets? I use mine all the time - which mines my BlueTooth is always on (though it doesn't authorize automaticallyl, of course - do you know how BlueTooth pairing works?)
You're not talking about a simple security precaution, you're talking about removing the functionality of the device. It's like telling someone who has been mugged, "well, you shouldn't use cash, anyway!" It's a stupid remark.
Of course, from a privacy perspective, a good parabolic mike would pick up on any conversation you're having, anyway. It's the damage to the unit that's a problem.
I was replying to NineNine, who said that this was a reason to buy a phone without BT, then bemoaned the lack of phones without it. I use a Jabra headset myself; my point was, if you don't want BT, you can turn it off.
Thus, it would be more analogous to someone saying, "I keep getting mugged - I wish I didn't have to carry my wallet with me when I'm not paying for stuff" and replying "Then leave your wallet in the car when you don't need it".
And yes, I do know how pairing works. Or are you saying that there are phones that do the headset BT without the other BT stuff?