Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers' Flying Drone Now Eavesdrops On GSM Phones

Posted by Soulskill on from the it-slices-it-dices-it-makes-juilenne-fries dept.

Sparrowvsrevolution writes "At the Black Hat and Defcon security conferences in Las Vegas next week, Mike Tassey and Richard Perkins plan to show the crowd of hackers a year's worth of progress on their Wireless Aerial Surveillance Platform, or WASP, the second year Tassey and Perkins have displayed the 14-pound, six-foot-long, six-foot wingspan unmanned aerial vehicle. The WASP, built from a retired Army target drone converted from a gasoline engine to electric batteries, is equipped with an HD camera, a cigarette-pack-sized on-board Linux computer packed with network-hacking tools, including the BackTrack testing toolset and a custom-built 340 million word dictionary for brute-force guessing of passwords, and eleven antennae. On top of cracking Wi-Fi networks, the upgraded WASP now also performs a new trick: impersonating the GSM cell phone towers used by AT&T and T-Mobile to trick phones into connecting to the plane's antenna rather than their carrier, allowing the drone to record conversations and text messages on 32 gigs of storage."

90 comments

  1. Does it actually fly this time? by Anonymous Coward · · Score: 0

    Last time we heard about the WASP, it was with a link to a video of the immediate crash.

  2. RC planes will be illegal in by rbrausse · · Score: 3, Insightful

    3, 2, ....

    cool toy, and the rationale "The number one reason we did this was because we were told it wouldn’t be possible” is THE reason why we as mankind are still innovative (okay, "because I can" is similar important)

    1. Re:RC planes will be illegal in by Anonymous Coward · · Score: 0

      I believe UAVs already are

    2. Re:RC planes will be illegal in by ArhcAngel · · Score: 2

      I believe Rupert Murdoch expressed an interest in this last year.

      --
      "A person is smart. People are dumb, panicky dangerous animals and you know it." - K
    3. Re:RC planes will be illegal in by atomicxblue · · Score: 1

      Why go through all that trouble when your reporters can just give people phones you control?

    4. Re:RC planes will be illegal in by Anonymous Coward · · Score: 0

      Oh, I see... same reasoning why all penises should be illegal...
      Because some are known to be used for raping.

      Oh, and while we're at it, why not ban all houses, as some houses are used to lock rape victims away.

      Then we can move on to the real evil-doers, like fluffy bunnies (carry diseases that in rare cases kill people), adorable puppies (rabies) and sweet tweety birds (can be "the word", causing mass-riots).

      P.S: This comment contains an automatic counter for moderators with lack of sarcasm detectors. The number can be seen, prepended by a minus sign, in the header. ;)

    5. Re:RC planes will be illegal in by Anonymous Coward · · Score: 1

      In the US there are certain conditions with which one can operate a UAV. Here is the fed doc: http://www.faa.gov/about/initiatives/uas/media/UAS_FACT_Sheet.pdf

    6. Re:RC planes will be illegal in by PeanutButterBreath · · Score: 1

      . . . and the rationale "The number one reason we did this was because we were told it wouldn’t be possible” is THE reason why we as mankind are still innovative (okay, "because I can" is similar important)

      Its also the reason why we are plagued by old problems that are either boring or mostly afflict the poor or otherwise powerless, while much of mankind's innovation is focused on re-solving glamours or lucrative problems, creating attention-seeking gimmicks and other stupid-human-tricks.

  3. The missing... by gef7 · · Score: 1

    ....link!

  4. Doesn't matter to me... by Anonymous Coward · · Score: 2, Insightful

    I'm a Sprint customer!

    1. Re:Doesn't matter to me... by Anonymous Coward · · Score: 0

      I get it, you're trying to be funny. But you're actually correct, this only works on GSM 'cause the GSMA "forgot" to add mutual authentication. Meaning, only the handset has to authenticate itself to the nework, but not the other way around (the providers only care(d) about beeing able to bill someone, it was simply unthinkable that an entire GSM network infrastructure will fit into a milk carton in the lifetime of 2G-GSM...)

  5. Re:What.... by arootbeer · · Score: 0

    Seeing as the point is you wouldn't know it's there, how could you welcome it?

  6. Are you there, Rupert by Anonymous Coward · · Score: 0

    Ah, but this would be a marvelous way to gather news!

  7. can i buy this? by cod3r_ · · Score: 1

    on amazon maybe?

  8. Time to build an open source Stinger clone by Anonymous Coward · · Score: 0

    to bring down the drone...

    1. Re:Time to build an open source Stinger clone by Chronus1326 · · Score: 1

      See my comment, three paragraphs down

  9. Gamers rejoice! by squidflakes · · Score: 1

    Every single day it seems like the future societies described in Shadowrun and Cyberpunk 2020 are that much closer.

    1. Re:Gamers rejoice! by ginbot462 · · Score: 1

      Still waiting on the Glitter Boys

      --
      Atlas Shrugged : Thematic Story :: Battlefield Earth : Organized Religion
  10. If government was doing this by ugen · · Score: 2

    If government was doing this - it'd be an outcry of "oh, the privacy". Hackers - "cool stuff".
    I don't like these guys any more than I like the government and don't trust them any further than I could throw them.

    1. Re:If government was doing this by mjperson · · Score: 1

      Dude, a couple of hacker built a UAV that silently taps into cell phone conversations...

      "If government was doing this..."

      What on Earth makes you think that the army doesn't have this capability if a couple of guys at DefCon put it together in a few months?

    2. Re:If government was doing this by Gr33nJ3ll0 · · Score: 2, Insightful

      If the government was doing this it would be more than one, wouldn't be demoed to the public, and would be abused by the police to stalk ex-girlfriends. I suspect that in these guys hands it's slightly safer, though all bets are off if News Corp gets their hands on it.

    3. Re:If government was doing this by rbrausse · · Score: 2

      I don't like these guys any more than I like the government and don't trust them any further than I could throw them.

      you have a point here. But you can throw those 2 guys much farther than the ~ 5M people of the executive branch of the US government...

    4. Re:If government was doing this by GooberToo · · Score: 1

      +100 Insightful.

    5. Re:If government was doing this by Anonymous Coward · · Score: 1

      Don't need to, they already have a fiber connected to AT&T's headquarters. http://www.wired.com/threatlevel/2009/10/att-doj-foia/

      Ooh, here is what they are using
      "The (Narus) STA Platform consists of stand-alone traffic analyzers that collect network and customer usage information in real time directly from the message.... These analyzers sit on the message pipe into the ISP (internet service provider) cloud rather than tap into each router or ISP device" (Telecommunications magazine, April 2000). http://www.wired.com/science/discoveries/news/2006/05/70908

      It was obvious to Klein that the splitter—a special glass prism—was being used to split the light beams in the fiber-optic cables into two signals—one signal carrying the message to its normal destination, the other carrying a copy to the NSA computers a floor below. Klein writes: “The important fact is that each separate signal contains all the information, nothing is lost, so in effect the entire data stream has been copied. What screams out at you when examining this physical arrangement is that the NSA was vacuuming up everything flowing in the Internet stream: e-mail, web browsing, Voice-Over-Internet phone calls, pictures, streaming video, you name it.” Klein learned from a co-worker that similar splitter cabinets were being used in other cities, including Seattle, San Jose, Los Angeles and San Diego.

      The next big piece in the puzzle came when Klein found out that the NSA’s secret room included a piece of equipment called a Narus STA 6400.
      http://www.icl-fi.org/english/wv/953/spying.html

    6. Re:If government was doing this by element-o.p. · · Score: 3, Informative

      I don't like these guys any more than I like the government and don't trust them any further than I could throw them.

      Tassey and Perkins will demonstrate the WASP’s high-flying exploits at next week’s Black Hat Security Conference in Las Vegas...Tassey, a security consultant to Wall Street and the U.S. intelligence community and Perkins, a senior security engineer supporting the U.S. government [emphasis mine]...

      In this case, the difference between "hackers" and "the government" appears to be negligible, at best.

      --
      MCSE? No, sir...I don't do Windows. Yes, I am an idealist. What's your point?
    7. Re:If government was doing this by Anonymous Coward · · Score: 1

      The point isn't that you, an insignificant lemming, should like it. The point is that it is possible, contrary to what everyone has been saying, and that security against such things should be increased. Hacking isn't usually about destruction as much as it's about curiosity. The problem with our society is that when people find a glaring security defect the first response is to hate the person who found it, rather than congratulating them for being a pioneer and honest enough to alert people to the problem. Our absurd ostrich approach is the problem. If person X finds an exploit in a system and tells the administrators about it, we act as though they put the defect there... when in reality all they did was discover it.

      Systems are flawed and without people finding the flaws that are willing to come forward about them, they remain open for more nefarious types to exploit.

    8. Re:If government was doing this by Anonymous Coward · · Score: 0

      -200 Just for the hell of it.

    9. Re:If government was doing this by Anonymous Coward · · Score: 0

      WHOOOOOSH!

    10. Re:If government was doing this by Anonymous Coward · · Score: 0

      The gov't already has it.

    11. Re:If government was doing this by houghi · · Score: 4, Insightful

      In the US they do not need one. They have direct access to the towers already. In other countries they already have this.

      Remember the specifics that Bin Laden did not use cell phones? The reason this was mentioned was because if he had, they would have been faster in finding him. And how would they have done that? By using what they already have.

      This all from the standard 'news' places, so basically a reading of the press releases.

      So not only do I think they have it, I know they have it and they told us so.

      --
      Don't fight for your country, if your country does not fight for you.
    12. Re:If government was doing this by cavreader · · Score: 1

      Anyone using this type of tech can abuse it, including the freelance hackers out looking for their Lulz. I am sure the US government already has this capability and most likely some pretty fair defensive systems in place that are constantly evolving as more threats and weaknessess are identified. The increase in UAV reliance in military and intelligence ops alone should keep the sigint R&D adequately funded. Does the government use these types of capabilities illegally? I guess that depends on the area of operations and who is running the ops? This type of capability certainly provides the chance for misuse but do we stop developing this tech just because someone might do something bad with it? Certainly some tech can fall into this category such as the technology behind bio, chemical, and nuclear weapons but sigint tech?

    13. Re:If government was doing this by Anonymous Coward · · Score: 0

      At least you admit your comments should consistently get -200. If only we had a name to go with it.

    14. Re:If government was doing this by GooberToo · · Score: 1

      The problem here is, the security problems are both well known and well documented for over a decade now. No one doubts they exist. No one claims otherwise. The societal value added here, even to the hacking community, is a negative number.

      Cool factor? Yes. Very cool? Yes. Untrustworthy douche bags? Yes!!!

    15. Re:If government was doing this by Danse · · Score: 1

      If the government was doing this it would be more than one, wouldn't be demoed to the public, and would be abused by the police to stalk ex-girlfriends. I suspect that in these guys hands it's slightly safer, though all bets are off if News Corp gets their hands on it.

      Why would the government need it when they can already get all this stuff directly from the telecom companies anyway?

      --
      It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
    16. Re:If government was doing this by wolrahnaes · · Score: 1

      I disagree. The issues are real, but many question the threat posed by them. A few bored hackers building a proof-of-concept in their garage provides undeniable proof that not only is the threat real but it's well within the reach of anyone who cares to try.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
    17. Re:If government was doing this by sjames · · Score: 1

      There are several reasons for this. The hackers won't be knocking at 3 A.M. to drag you off to gitmo if you should say your new suitcase is "the bomb". The hackers won't be compiling a database of everybody's phonecalls in case they need to prosecute and/or blackmail you later. The hackers will not be trying to dun you with 'targeted ads' based on your remarks to your friend on the phone.

      The hackers are forthcoming and letting us all know about gaping security holes in public announcements. Odds are this has been around classified top secret in various government agencies that aren't actually supposed to be using the technology at all but do so daily.

    18. Re:If government was doing this by Anonymous Coward · · Score: 0

      Hackers don't have mandatory KPPs?

  11. Will it decrease dropped call by Bob+the+Super+Hamste · · Score: 1

    So will it decrease dropped calls or extend the range? Well either way AT&T can still claim "More bars in more places".

    --
    Time to offend someone
    1. Re:Will it decrease dropped call by Chronus1326 · · Score: 1

      LOL neither, it just takes them, and sends them to the blackhole. It just pretends to be a cell tower. Just like visiting www.BankofAmerica.geocities.com Go ahead...give me your information

    2. Re:Will it decrease dropped call by Anonymous Coward · · Score: 0

      no, it must be proxying them. it talks about recording conversations, so it must be completing
      the phone call for you or else all the recordings are just "Hello? .... Hello? ... Hello? - click"

    3. Re:Will it decrease dropped call by justforgetme · · Score: 1

      I just put an order for a dozen of those to extend my WiFi network to the beach!

      --
      -- no sig today
  12. Is this really a good thing? by Chronus1326 · · Score: 1

    A product such as this, even if only used as a proof of concept, is quite dangerous, and I'd like nothing more than to shoot it down with a Stinger, and destroy all the R&D material. I find it interesting that they label this as a black-hat project, with malicious intentions, which it clearly is. They could have had a better public reception if it was pitched as a military tool to enable battlefield communications by the drone claiming to be a cell-phone carrier tower, like a temp cell tower.

    1. Re:Is this really a good thing? by Anonymous Coward · · Score: 0

      Because without those R&D materials it will be gone forever.
      It's not like some people could independently create it themselv- oh wait.

    2. Re:Is this really a good thing? by Registered+Coward+v2 · · Score: 1

      A product such as this, even if only used as a proof of concept, is quite dangerous, and I'd like nothing more than to shoot it down with a Stinger, and destroy all the R&D material.

      The beauty of it is tab a Stinger would probably never hit - no IR signature of note.

      I find it interesting that they label this as a black-hat project, with malicious intentions, which it clearly is. They could have had a better public reception if it was pitched as a military tool to enable battlefield communications by the drone claiming to be a cell-phone carrier tower, like a temp cell tower.

      It's not so much malicious as a way to show that communications are more vulnerable than we realize - and that with some ingenuity people can do some pretty good snooping. If they really were malicious they'd never tell anyone about it - and they seem to be pretty careful about how they go about it to avoid legal or ethical problems as well.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    3. Re:Is this really a good thing? by sycodon · · Score: 1

      Seems kinda like shooting you the chest with a .22 to show how vulnerable you are to lead bullets.

      --
      When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
    4. Re:Is this really a good thing? by Registered+Coward+v2 · · Score: 1

      Seems kinda like shooting you the chest with a .22 to show how vulnerable you are to lead bullets.

      No, I'd say it's more alike shooting a 22 into a gel target with a cheap ballistic nylon shirt to show how much damage it can do in an effort to ducat people who think that they are safe from a 22 bullet because they wear a "ballistic" nylon shirt.

      --
      I'm a consultant - I convert gibberish into cash-flow.
  13. WASP? by balaband · · Score: 1

    Abbreviation seems relevant: W.A.S.P.?

    1. Re:WASP? by Anonymous Coward · · Score: 0

      METAL!

  14. Can't resist by spaceplanesfan · · Score: 1

    I for one welcome our new warflying overlords...

  15. Hacking phones is much easier than that by phonewebcam · · Score: 1

    If you work in a newspaper all you do is befriend a victim of crime, "donate" one to them out of the goodness of our heart and - wahay! - all your base are belong to us.

  16. somewhere, somehow by nimbius · · Score: 1

    Dick Cheney is wiping salty tears of joy from his puffy alabaster jowels,
    as janitors for major wireless carriers are busy hefting cinderblocks from the toiletbowls of executive office bathrooms.

    me? i take comfort in knowing as a cavedwelling nerd this might not affect me much. The only wireless I use is dedicated to reheating my pizza, and until proven otherwise my celluar conversations are typically deemed 'uncool' and of very little tactical value.

    unless you too hate the fourth edition of DnD...

    --
    Good people go to bed earlier.
    1. Re:somewhere, somehow by Sir_Eptishous · · Score: 1

      DnD died after 2nd edition... Long live TSR!

      --
      We play the game with the bravery of being out of range
  17. I wonder how by bugs2squash · · Score: 1

    they got a license to use the GSM spectrum.

    --
    Nullius in verba
    1. Re:I wonder how by Anonymous Coward · · Score: 0

      That's a long story. They *think* they have a license, but they really don't. According to Chris Paget's slides (slide 6), they believe that they are in the clear because they think they are operating in a ham band.

      FTFA:

      That GSM hack is based on a demonstration that security researcher Chris Paget performed at Defcon last year, showing that with a powerful enough antenna placed close enough to target phones, the victims’ handsets can be tricked into connecting to Paget’s setup instead of the carrier’s tower. Perkins and Tassey have implemented the same tools in their airborne hacking machine, and like Paget, used a portion of the radio frequency band set aside for Ham radios to avoid violating FCC regulations.

      There's supposedly an overlap in the Euro GSM 900 band and our Ham band between 902-914MHz, but this is actually incorrect (just see every other GSM frequency chart online). The Cell phone (uplink) is actually in this band, and the tower (downlink) is 45 MHz greater. It's unfortunate that this little typo is cropping up like this.

  18. Information is good! by bshourd · · Score: 2

    A lot of people seem to be upset that this hack exists. It's used for evil, after all.

    But that's not the point. Aren't you *glad* that you know this is possible? Now that we are aware this can be done, we can start trying to protect against it. The real crime here would have been for these hackers to see a vulnerability, and ignore it. Then anybody else who found the vulnerability could exploit it without knowledge of it even existing. That's a hundred times more dangerous.

    Kudos to these guys on their brilliance, and ethical kudos on unveiling it. Without people like this, we would never know that we were in danger. Although, as they say, ignorance is bliss.

    1. Re:Information is good! by TheLink · · Score: 1

      AFAIK companies were already selling equipment for listening in on GSM calls back in the 1990s. This was normally installed at the telco level.

      The thing is such telco equipment in those days was usually very expensive, so it's not likely that some random hacker would be able to afford one for personal use, add the necessary other equipment and run his own "proxying" cellphone station.

      But the TLAs/secret services of many countries were certainly already eavesdropping on GSM calls back then.

      That said, back then (and even today) HAM radio enthusiasts could listen in on analog cellphones and cordless phones.

      --
    2. Re:Information is good! by Anonymous Coward · · Score: 0

      Availability of information as a concept or theory is one thing, these guys built a tool to screw us all.

    3. Re:Information is good! by Anonymous Coward · · Score: 0

      Doesn't matter. There's already a tool out there called OpenBTS that's open source and easy as heck to get running. Been out for a few years too.

  19. Re:What.... by Anonymous Coward · · Score: 1

    Pascal's Wager?

  20. Re:What.... by arootbeer · · Score: 1

    Well played!

  21. Emergency cell tower by Viadd · · Score: 5, Interesting

    How often have you heard of people who are lost in the woods/at sea, and who could have called for help if they had cell phone connectivity?

    They could fly one of these as part of a search. Even if the owner isn't actively using the phone, the drone could detect the electronic serial number of each phone in its coverage area and match it against the lost person's phone.

    1. Re:Emergency cell tower by digital+photo · · Score: 1

      +1 Thank you. A positive use for military grade technology.

      --

      Winged Power Photography
    2. Re:Emergency cell tower by gknoy · · Score: 1

      Wow. That's actually really brilliant.

    3. Re:Emergency cell tower by Thud457 · · Score: 1

      How often have you heard of people who are lost in the woods/at sea, and who could have called for help if they had cell phone connectivity? They could fly one of these as part of a search. Even if the owner isn't actively using the phone, the drone could detect the electronic serial number of each phone in its coverage area and match it against the lost person's phone.

      +1 Thank you. A positive use for military grade technology.

      Sarah Conner disagrees.
      (not quite sure of the correct plural usage here. Sarahs Conner ? Sarah Conners ? But what about Saras ? And O'Conners? Do T-800s implement Soundex? )

      --

      the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff

    4. Re:Emergency cell tower by Thail · · Score: 4, Informative

      After Hurricane Katrina, T-Mobile did something very similar. The mounted what is commonly referred to as a COW (Cell on Wheels) onto a helicopter, then flew over the flooded areas. If a cell phone attempted to connect to the tower (Any GSM handset, didn't have to be t-mobile) they were then able to fly around and triangulate the position and find survivors.

    5. Re:Emergency cell tower by Anonymous Coward · · Score: 0

      I was thinking this same thing, but my idea took it a step further. Put some satelite phone circuitry in the thing and presto! you restored cell service to that lost, injured, buried, etc person so they can describe their surroundings to rescuers in situations where the drone wouldn't be able to zero in on their location. This has the added benefit of allowing the operator at the other end to keep the person calm, and stationary. An injured person is much more likely to stay put and not risk injuring themselves further if they actually know help is on the way.

  22. 340 million word dictionary? by seven+of+five · · Score: 1

    So how long does it take to go through 340 million words? And wireless networks aren't smart enough to lock you out after 10 failed attempts?

    1. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      What do they lockout? The MAC Address, easily spoofable, same as IP address and in the event that it did lock out it would simply deny service for any legitimate user.

      You might want to search for aircrack-ng and see how it exactly works.

    2. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      Just for the record, if they are referring to WPA attacks then the attacking is done off-line using captured traffic from the target network. Since the brute force attack is done offline, the victim access point isn't being interacted with and would have no indications of an attack in progress.

      WEP doesn't require a dictionary based attack.

    3. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      And wireless networks aren't smart enough to lock you out after 10 failed attempts?

      When doing this, you'd probably take a sample of data from the network and try to decrypt it yourself, away from the prying eyes of the network. Then, once you've worked out what the password probably is, you can attempt a connection, and the network will treat you like its best friend.

    4. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      So how long does it take to go through 340 million words? And wireless networks aren't smart enough to lock you out after 10
        failed attempts?

      They also aren't dumb enough to let someone else lock YOU out by sending 10 garbage attempts to the access point.

    5. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      So how long does it take to go through 340 million words? And wireless networks aren't smart enough to lock you out after 10
        failed attempts?

      I am assuming that having access to college, junior college of some sort, with the right amount of ambition or imagination, one can create such a dictionary within weeks, may be less in a year. Another idea is t0 daisy chaining multiple ps3s.

    6. Re:340 million word dictionary? by Anonymous Coward · · Score: 0

      And wireless networks aren't smart enough to lock you out after 10
        failed attempts?

      You're a silly man.

  23. CDMA by Bengie · · Score: 1

    I wonder if this attack would work on CDMA. Even though it's a lot more expensive, can it be done? It's a basic MTM attack. Without some sort of public key system, how can we know if we're talking to a legitimate tower?

    1. Re:CDMA by Anonymous Coward · · Score: 0

      All US CDMA phones have a shared secret with the network used to derive the A-key. There's been little research into CDMA interception as it's quite a bit harder and GSM is just such an easy target.

  24. Record Conversations? by stinkyj · · Score: 1

    Sadly I've been stuck in telecom the last 10 years. I have to admit I scanned the article, but I missed the part where they connect their 'tower' to the phone company's network. So for argument's sake, let's pretend the mobile registers with the simulated BTS. What magic will connect them to another phone to record a conversation? I suppose they could fake the traffic to get the call connected, oh wait that would require another simulation of an SGSN and multiple protocol message, that I'm having real doubts about, but lets say they have done it somehow. We have an AT&T microcell here because of shotty coverage and that's a piece of junk.
    What are you going to talk to? a prerecorded message that you've never heard before? then again some granny may tell them her shopping list...

    1. Re:Record Conversations? by Anonymous Coward · · Score: 0

      I have to admit I scanned the article, but I missed the part where they connect their 'tower' to the phone company's network.

      Maybe you should go back and read the full article instead of "scanning" it

    2. Re:Record Conversations? by hrimhari · · Score: 1

      Once the phone accepts the fake BTS, every request can be intercepted, which clearly includes dial-out with target ISDN. Then the other side of the hack only has to repeat the request with whatever connection it has.

      They don't have to bridge it to AT&T or any real cell phone network. It suffices to bridge it to the fixed phone network or use a VOIP access like Skype-out.

      I think the article mentions that the only drawback is the wrong caller-id info, but if memory serves caller-id can be faked on the fixed phone network. I believe it has been ruled illegal, but guess how effective that would be to stop this hack.

      --
      http://dilbert.com/2010-12-13
    3. Re:Record Conversations? by wolrahnaes · · Score: 1

      I think the article mentions that the only drawback is the wrong caller-id info, but if memory serves caller-id can be faked on the fixed phone network. I believe it has been ruled illegal, but guess how effective that would be to stop this hack.

      It's trivial for anyone with a VoIP line or ISDN/T1 to send whatever number they want with a call, so if their carrier will accept and pass it along it'll reach the other end without trouble. Some carriers block sending any numbers which are not associated with the customer, but this is uncommon in my experience outside of residential-focused providers.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
  25. Time to wear the foil hat. by russryan · · Score: 1

    Combine this cracking technology with the Japanese flying sphere (http://slashdot.org/index2.pl?fhfilter=flying+sphere ) for very flexible snooping.

  26. I see a huge job offer in their future. by pushf+popf · · Score: 1

    I'm sure any number of military and intelligence agencies would be thrilled to give them a pile of money and all the cool toys they could handle.

  27. To the builders and flyers of these spycraft by Anonymous Coward · · Score: 0

    Let it be known, there is much interest in anti-spycraft technology and that they should be willing to shoot down their own crafts lest they be captured by some law-abiding citizens/hackers out there, somewhere.

  28. hack into their rc and crash it into the by Anonymous Coward · · Score: 0

    ground

  29. i am sure the Feds want one of these.... by hesaigo999ca · · Score: 1

    Where are they taking orders, I want to get one..... before they become illegal to purchase.

    1. Re:i am sure the Feds want one of these.... by clanrat · · Score: 1

      They already have much better ones: http://en.wikipedia.org/wiki/RC-12_Guardrail

  30. Bugs? by clanrat · · Score: 1

    Insects have antennae; radios use antennas. Sorry, pet peeve.

  31. H.a.r.m. by Anonymous Coward · · Score: 0

    Oh no, were in H.A.R.M.'s way!

  32. Er... think a bit harder by brunes69 · · Score: 1

    Your line of thinking should be more along the lines of "if these hackers with next to no money can do this, odds are the government is already doing it, has been doing it for a long time, time, and simply no one knows about it yet".

    1. Re:Er... think a bit harder by Anonymous Coward · · Score: 0

      Everyone knows the government can get into your phone conversations. But now the government knows that everyone can get into theirs. THAT is the point of this.