Slashdot Mirror

← Back to Stories (view on slashdot.org)

The DARPA-Funded Power Strip That Will Hack Your Network

Posted by timothy on from the ok-but-how-is-it-powered? dept.

An anonymous reader writes "The Power Pwn may look like a power strip, but it's actually a DARPA-funded hacking tool for launching remotely-activated Wi-Fi, Bluetooth, and Ethernet attacks. If you see one around the office, make a point to ask if it's supposed to be there. Pwnie Express, which developed the $1,295 tool, says it's 'a fully-integrated enterprise-class penetration testing platform.' That's great, but the company also notes its 'ingenious form-factor' (again, look at the above picture) and 'highly-integrated/modular hardware design,' which to me makes it look like the perfect gizmo for nefarious purposes."

11 of 176 comments (clear)

  1. There is a perfectly logical explanation by Tastecicles · · Score: 5, Insightful

    ...for the appearance of this device.

    Part of a penetration test should be, and I don't think I need to remind those who are active in the cybersecurity industry of this(!), creating hacking devices that look as if they're part of the furniture - like they're supposed to be there.

    Discuss.

    --
    Operation Guillotine is in effect.
  2. Re:That looks nothing like a power strip by Zontar+The+Mindless · · Score: 4, Insightful

    Oh, really? Guess you've never seen a surge-suppressing power strip with sockets for phone and Ethernet to protect those lines as well?

    Looks to me almost exactly like the one I used when I still lived in the States.

    --
    Il n'y a pas de Planet B.
  3. Re:EMF interference by Zontar+The+Mindless · · Score: 4, Insightful

    Grab an RF meter and go to town.

    Right.

    And just how many network admins do you know who actually keep one of those around?

    I'd ask ours where he keeps his (assuming he even has one), but he's on vacation until mid-August, and his stand-in works in a different building in another part of town.

    I think even you can see where I'm going with this... :)

    --
    Il n'y a pas de Planet B.
  4. Re:$1,295? by Osgeld · · Score: 2, Insightful

    and how much will the insurance cost to cover your 200$ shit homebrew shoebox power strip when it burns a multi-million dollar factory down.

    development cost pennies, to prove you can produce the product in quantity with consistent results is what cost you genius

  5. Re:$1,295? by Fjandr · · Score: 5, Insightful

    Minus the development of capital costs of mass production facilities and the engineering to make the internals readily production-capable.

    There are actual issues involved in a production product which homebrew doesn't solve, but you'd never know that to read Slashdot.

  6. Re:$1,295? by The+Master+Control+P · · Score: 5, Insightful

    And yet while every single time someone does something interesting there's a snivelling asshole like you there to poo-pooh how "easy it would be to just...", we never, ever hear of your much cheaper yet equally effective copies of the thing in question for some reason which I just can't figure out.

    Instead of being bitter and resentful towards those who actually create new things, why don't you go and invent some yourself?

    Oh wait, that's like... real work and effort and thinking and shit. Back to the TeeVee it is!

  7. Re:Only in America... by jamesh · · Score: 4, Insightful

    Only in the USA, because large parts of the world use other outlets and voltages....

    Yep. The development effort to retool for 240v and Australian power sockets would be prohibitive. I guess we don't need to worry about them over here.

  8. Re:$1,295? by Dodgy+G33za · · Score: 5, Insightful

    I work for the government, and if I were ever to contract to the government to make something I would charge an arm and a leg for it because they burn a lot of time in pointless changes, process and administration. Plus they haven't got a clue and pay whatever you charge.

  9. Re:Nasty piece of work by tftp · · Score: 5, Insightful

    It should be a dismissable offence it bring this thing any where near where you work.

    All you need is to ship with UPS a sealed carton of ten or twenty of these devices, each in its own professionally printed box, to the maintenance department of the target company. Lowly workers, just a notch above janitors, will not be asking their bosses about such a simple item, and power strips are always needed. You can do this even if you never set foot into the country where the target company resides.

  10. Re:$1,295? by Runaway1956 · · Score: 4, Insightful

    Think about what you just said. Some cosmetic damage might make the hacked powerstrip more acceptable. Slap a shiny, new bit of equipment into an office, and it might raise a little curiosity.

    Now, take a somewhat abused looking home-brew unit, and put it someplace in the same office. No curiosity, at all. Where I work, there is no shiny, pretty, new, or nice. Everything is beaten to hell and back!!

    --
    "Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
  11. Re:Made in China ? by Jeremiah+Cornelius · · Score: 4, Insightful

    So easy to make your own.

    DARPA paid for this? It's Backtrack/Aircrack/Metasploit on a board.

    Hello, Raspberry Pi!

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."