Slashdot Mirror
Build Your Own Bluetooth Sniper Rifle
Jim Buzbee writes "I don't think I'd do it, but these guys built a Bluetooth Sniper rifle, went to the roof of a downtown Los Angles skyscraper and pointed it at nearby buildings. See what they found, and if you're so inclined, they'll show how to build your own and maybe, just maybe, you too can snag Paris Hilton's address book." (Which was not snagged via Bluetooth snooping, as the article points out.) This version looks a bit more polished than the one mentioned last August.
After the DC Sniper incident, this gave me a fright as I thought someone has built a bluetooth-guided sniper rifle, which indicates when your bullet is aligned perfectly with your target's bluetooh tag, and those who auto-accept Bluetooth pairing are in trouble.
Seriously though, I wonder how many people do auto-accept BT connections? My PDA only accepts known pairs, so you need to physically talk to me to pair you up for the first time.
The friendly article seems to mentioned the "success" in BT detection, but didn't go in details of successful connection. It's like car thieves claim to detect 20,000 cars in the city centre, but didn't say how many were unlocked.
Rock that crushes, Paper & Scissors that don't matter.
I guess we will see some more Paris Hiltin porn very soon.
-----BEGIN PGP SIGNATURE-----
12345
-----END PGP SIGNATURE-----
From the article:
We decided to quickly conclude the scan, given police activity in the area earlier in the day from a bomb scare.
You too can get shot for looking like a terrorist!
A latent existence
Snoop my Apple Bluetooth wireless mouse and switch the button (singular) to right-click.
It seems like Bluetooth is in almost EVERYTHING these days (the Power Book I recently ordered, my new cell phone, etc. all are enabled). Is this merely an extention of the ubiquitousness of the technology? Or is there some inherent flaw that makes Bluetooth vulnerable? I'm inclined to believe the former -- that a properly secured Bluetooth system would be safe -- but I don't know much about the technology.
Any experts in the house (of course there are, we're on Slashdot!).
This way the secret service could have identified him, he's the guy with the annoying blue spotlight shining out of his ear while yelling "Can ya shoot her now?"
I think the server just got headshot.
...is human curiosity. Yes, there are many dangers from snooping, and there have been recent reports of prototype Bluetooth viruses - but even upgraded and securer versions of the protocol won't stop the fact that you just won't be able to refuse opening that interesting looking picture somebody is trying to send you.
I've seen it a lot at my school, whereby a particularly dodgy or deprecating picture (no goatse yet, but can't be long) is passed along in the lounges by somebody simply searching for Bluetooth phones and sending a pic, which simply can't be refused ("because it might be something important!!!"). I'd say it's even more tempting to accept a Bluetoothed file than an email attachment, because in Bluetooth you're only getting the bare information about a file (ie, the size of it and file type), whereas you can generally filter out automatically generated email viruses with ease...
The solution is to turn Bluetooth off all the time except when you want to use it (something I do anyway, since it conserves battery power), but a surprisingly large number of people seem to have it on all the time.
Site is dying. Now they're facing the real test: can you use a Bluetooth rifle against a Slashdot attack? There's one Slashdotter... another one... look, over there! But the battle is hopeless, most Slashdotters are secure in their parents' basement.
It's not even funny any more how fast these sites go down. It doesn't do the site owner or us any good - once again, what will it take for Slashdot to implement a mirror system?
For example... this one.
Meep meep
Shouldn't that be http://www.tomsnetworking.com.nyud.net:8090/Sectio ns-article106-page2.php instead?
And from here, I can't connect..
The other
They made the think look like a rifle with collapsing stock etc... A kid almost got killed outside detroit about a year ago for hanging around on a roof with a paintball gun.
So let me get this straight, if you have your device always on and discoverable you are vulnerable? Jesus, I would never expect that. Next thing you know it will be dangerous to be connected to the web without a firewall installed.
Bluetooth is nice, but the security measure do seem pretty weak, no minimum pin length etc.
http://64.233.167.104/search?q=cache:RUM0Y5_0xhEJ: www.tomsnetworking.com/Sections-article106.php+&hl =en&client=safari
how about instead of sniper rifles in a city, binoculars on a nudist beach ?
why do the best inventions always need to be modified to be better.
Business Voyeur
In other words, users are generally right in their expectance of some form of protection of their privacy. You could argue that BT devices should have been built in a way that would prevent any of that from happening, but it's easy to criticize with hindsight. I think some line in the sand would have to be drawn on this one too, the problem is that it would be technologically ignorant lobbying-prone politicians who would do the drawing. It's enough to look at the case of good, old-fashioned radio scanners to foresee results.
If I build the rifle, can I read their site by bluetooth?
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
...this is idiotic. Not their little invention (which is pretty slick), but their test on top of a skyscraper. Are you really that fucking stupid? A couple of guys with a sniper rifle sitting on top of a tall building is just asking for trouble. Probably doesn't even have a license for it. This is even more stupid than that guy who shined a laser into an airplane cockpit on more than one occasion. I've done some dumb things in my life, but Jesus Fucking Christ. Cops have killed people for less than that.
Really, they should of called it something besides a 'Sniper Rifle' I'm sure that'd go down well when the cops ask what you're doing.
."
"Oh i'm just pointing my Bluetooth Sniper Rifle at that crowded building of . .
*insert police beatdown here*
Your hair look like poop, Bob! - Wanker.
It would make interesting news if he tried this in, oh, say Washington, DC. He would been carried off the roof in a black rubber bag. I'm surprised downtown LA doesn't have better surveillance. However, I'm sure he'll be getting a visit from the FBI in 5..4..3...
Crazy.
This article shows that "short range" RF technologies such as bluetooth or RFID are only short range in the context of a particular transceiver. If someone wants to access an RF device from a greater distance, they need only build a high-gain antenna.
Two wrongs don't make a right, but three lefts do.
www.tomsnetnotworking.com
Yes it would. Actually it would be easier to buy a rifle
You know the Tom's Hardware web admin is sitting in a family room somewhere wondering why his pager keeps going off.... Sunday Slashdottings must be one of the most evil things inflictable on a person ;-)
readsite()
{
buildrifle();
}
buildrifle()
{
readsite();
}
main()
{
buildrifle();
}
An Unexpected error has occured: "Stack Overflow"
Report to slasdot? YES|NO
if you snooped my slashdot login just now, I know you're within 30 meters
you'll recognize me from my baseball bat and my tinfoil hat
There are no atheists when recovering from tape backup.
"slashdot" did 46723723346844684 damage to "innocent webserver" in 1 hit(s) with the "bluetooth sniper rifle"
head: 46723723346844684
body: 0
arms: 0
legs: 0
By reading this, you have given me brief control of your mind.
When connecting something to my phone, I have to enter a pin code. Like my PowerBook, I have to physically tell the phone to allow a contaction via bluetooth, then enter a pin code that the PB gives into the phone to have them conneted to eachother. I even had to enter a pin code into my phone when connecting my headset. So which providers just let anything connect via bluetooth, or am I still open to attack?
-----BEGIN PGP SIGNATURE-----
12345
-----END PGP SIGNATURE-----
True the airwaves are free and many times the courts have supported the rights of individuals to intercept open, unencrypted broadcasts. But the key is the unencrypted and the broadcast. Look at the old satelite dishes, you could latch on to most signals, but if they tried to scramble it then it was stealing.
If it is encrypted, you cannot decrypt it, because it is obviously not yours. If it is not broadcast, i.e. you use RF to gain access to a system and gather information that is not being broadcast, in this case anything other than basic ID info, it is illegal.
On the other hand, courts are also starting recognize leeching WiFi as theft as well, so who knows where this is gonna end up.
If they had made this look like a telescope rather than a weapon, and mounted it on a tripod, they could have pointed it just about anywhere they wanted and nobody would have paid a whole lot of attention to them. The rifle-like appearance only served to make the device look much more dangerous than it was.
There are times when the form factor of a rifle makes perfect sense (rifle stocks for cameras, for example), but many others where it just DOESN'T. This is one of the latter group.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
Not true
It doesn't seem very bright to build a rifle-shaped device, and then test it by aiming it from the top of a tall building.
Let me guess, it's powered by a bunch of large batteries, conspicuously wired together in a military-style vest.
While the early version was held together with tie-straps and rubber bands, this newest version has a much more professional look.
Yes, the professional hit man look is exactly what I'm trying to have when I'm searching for vulnerable bluetooth devices.
I love my sig.
I understand that using a gun stock makes it look "cooler", but the article makes it seem like it wouldn't work if you didn't put it together in the same way. You really only have to buy the antenna and a connector for your card in your laptop to get it to work fine, its not as mobile as with the gumstick computer, but you could probably mount that gumstick computer on the side of the antenna if you really wanted something that mobile.
Yes, indeed! Let's make something that looks like a heavy rifle with a scope on it. Then climb up on a skyscraper in downtown LA and start pointing it round at other buildings and pedestrians down on the street, etc.
Double bonus points if Schwarzenegger or some other high profile politician is in town that day.
For a different take on the antenna "gun", check out our "Trackmaster 2000" 802.11/ATV rocket tracking antenna for the PSAS launch vehicle.
It's supposed to be a Bluetooth snooper rifle! Heh!
Guys, don't be stupid. When you call something like this a "sniper rifle" or "bluetooth sniping", then politicians will have an easy time walking all over our civil liberties and banning anything other than government or Microsoft-approved hardware and software. Names like "sniping" and "wardriving" just make political rhetoric too easy.
Call it a "security enforcement sensor" or a "privacy alert device" or "child protection wand" and politicians will have a much harder time banning it and throwing you in jail for using it.
I forgot to add: make any such device look like a gigantic Christian cross, not like a sniper rifle. People have a hard time banning crosses and you have a God-given right to point crosses anywhere you please. If it has a Bluetooth antenna at its tip, well, that's just an expression of your religious commitment to communicating with God and your fellow man.
And, whatever you do, don't make it shaped like a 4ft dildo. With sniper rifles, at least the powerful gun lobby will stand behind you. When someone stands behind you while you are pointing a 4ft dildo off a rooftop, it's probably not to protect your civil liberties.
Imagine my disappointment.
Step 1: Assemble Bluetooth "sniper rifle" according to instructions
Step 2: Remove Bluetooth antenna from assembly.
Step 3: Buy real, working, sniper rifle.
Step 4: Cram Bluetooth antenna up Parent Poster's ass.
Step 5: Use actual gun to shoot people.
(Step 5 void where prohibited by law.)
If I were going to build on of those I'd do it in something a little less conspicuous, say maybe a pair of binoculars. A good pair can do range calculations, etch the lenses with cross hairs. You're less likely to get shot at looking someone through binoculars than a high powered rifle thing.
AWP whore!
Freedom: "I won't!"
I would hope there wouldn't being legal ramafications. You can kill someone with most things out there, but why should you be responsible for someone else's actions? We're not even talking about someone that purposefully designed a weapon for concealment and quite good ranged kills here. This is just a good antenna that some guy decided to make look like a rifle.
The shape isn't too bad since it's easy to hold and aim that way if you want it to be portable and quick to use. The problem with it is that it does look like a lethal weapon, and that makes using it dangerous. Would've been a better idea to set it up like a telescope on a tripod. Then you still get good portability, but a more stable base.
It may be irresponsible to build a device intended to get you surreptitious access to others people's mistakely considered private data, but no more than that. Perhaps he'll catch some hell for designing an electronic surveillance/eavesdropping device, but I would hope not.
Someone would have to go through some lenghts to make that fatal, too. You would definitely have to pump out a *lot* more power. You'd need a fair bit more than 115VAC@20A(=2300W, 2000W radiant) to saturate a target to lethal exposure at 200m. Your components would all have to be replaced to handle the higher power. You could screw up someone's eyes quick, maybe their bladder over a little time, mess with some guys testes, etc., without much trouble, but near term death isn't likely.
Then again, anybody that can get their hands on a Magnetron can build a more dangerous version of this. Step one: buy a microwave oven. Step two: take it apart for the Magnetron.
Is it just me, or does it seem a little dangerous to be lurking on city rooftops with a very realistic looking rifle, pointing it at nearby buildings? It seems like a good way to find yourself surrounded by very real rifles that fire very real bullets and they are not aiming at your Bluetooth!
There is nothing so powerful as an idea whose time has come.
How about a "snooper rifle"?
I hereby place the above post in the public domain.
My digital headphones go to 1010.
When you look at the state of the world, how can you not become a radical, liberal anarchist?
Library tower? Obviously the sixth floor window in the Book Depository was already taken.
My other SIG is a Sauer.
I think, among other things, that guns are one of the few modern machines that you can cheaply (depending on model) tinker with/maintain/etc that don't involve electronics, computers, etc. You can't even do nearly as much on cars anymore without having to deal with electronics. It can be refreshing to deal with springs, latches, etc.