Slashdot Mirror
Anonymizing Wi-Fi Device Project Unexpectedly Halted
An anonymous reader notes that a project to develop an anonymizing Wi-Fi device has been canceled under mysterious circumstances. The device, called Proxyham, was unveiled a couple weeks ago by Rhino Security Labs. They said it would use low-frequency radio channels to connect a computer to public Wi-Fi hotspots up to 2.5 miles away, thus obscuring a user's actual location. But a few days ago the company announced it would be halting development and canceling a talk about it at Def Con, which would have been followed with a release of schematics and source code. They apologized, but appear to be unable to say anything further.
"In fact, all [the speaker] can say is that the talk is canceled, the ProxyHam source code and documentation will never be made public, and the ProxyHam units developed for Las Vegas have been destroyed. The banner at the top of the Rhino Security website promoting ProxyHam has gone away too. It's almost as if someone were trying to pretend the tool never existed." The CSO article speculates that a government agency killed the project and issued a gag order about it. A post at Hackaday calls this idea absurd and discusses the hardware needed to build a Proxyham. They say using it would be "a violation of the Computer Fraud & Abuse Act, and using encryption over radio violates FCC regulations. That’s illegal, it will get you a few federal charges — but so will blowing up a mailbox with some firecrackers." They add, "What you’re seeing is just the annual network security circus and it’s nothing but a show."
"In fact, all [the speaker] can say is that the talk is canceled, the ProxyHam source code and documentation will never be made public, and the ProxyHam units developed for Las Vegas have been destroyed. The banner at the top of the Rhino Security website promoting ProxyHam has gone away too. It's almost as if someone were trying to pretend the tool never existed." The CSO article speculates that a government agency killed the project and issued a gag order about it. A post at Hackaday calls this idea absurd and discusses the hardware needed to build a Proxyham. They say using it would be "a violation of the Computer Fraud & Abuse Act, and using encryption over radio violates FCC regulations. That’s illegal, it will get you a few federal charges — but so will blowing up a mailbox with some firecrackers." They add, "What you’re seeing is just the annual network security circus and it’s nothing but a show."
True this....
I'm one of those hams who would hunt you down for sport. Actually it IS a sport for some hams and we have competitions to see who of us can find hidden transmitters the fastest. We call it "Fox Hunting" and believe me, there are some folks who take this kind of thing very seriously and can find you, on or off the ham bands in pretty short order.
So, go ahead.... Interfere with the ham bands or some other radio service who knows to ask us for help, let us have some real fun. We'd be happy to find you and report you to the FCC...
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Encryption IS allowed on the Ham bands, within certain narrow constraints.
You can use encryption to protect traffic used to control a system. You can use digital codes that leave the meaning of the message intact.
Encryption with intent to obscure the meaning of the message is not allowed on the Ham bands. However, that does not mean the technology is not allowed to be built and communicated.
For the purpose of demonstrating the technology, the demonstrators can get around the encryption rule by publishing the actual message and making the content a matter of public record, Then the purpose of performing the encryption is To make a personal demonstration of the technology to enthusiasts, and it cannot possibly be intended to obscure the meaning of the message, since the actual message content is being published openly and widely for all to see, and you can be clear on the decrypted message not being used for a pecuniary purpose ------ this is assuming that the presenter does not receive payment in exchange for demonstrating their work.
The technology could be developed and experimented with for demonstration purposes, AND then if you want to use it, you could go purchase a license for some frequency ranges to use with the technology.
The correct thing to do, then, would be to leak schematics and software on the Internet, and let the chips fall were they may. PGP got "opened" exactly in the same way, I expect this project to do the same.
That was the correct thing to do. Now, "leaking" could get the developer(s) in much more [legal] trouble [they probably had to sign something prohibiting disclosure in any form]. More likely, and better now, would be for a developer not connected with the original group to recreate the design from scratch (ala Brian Benchoff)
The joke's on them. I've been building these things and giving them away for years. There are multiple-hundreds of them out there right now. Wouldn't be surprised if their 'project' was a direct ripoff. I built the 1st one years ago to connect to my home router from work 5 miles away to bypass workplace internet filters.