It flies. It spies. It is the color of sunshine, and it has googly eyes.
Meet WASP, the Wireless Aerial Surveillance Platform, one of the star attractions of this yearâs Black Hat conference for computer security professionals in Las Vegas.
It’s a remote-controlled plane with a computer in its belly that can fly up to 400 feet above the ground, snoop quietly on wireless networks below and attack one if it wants to. It can also pretend to be a GSM cellphone tower, eavesdropping on calls and text messages that pass through.
The WASP was built by Richard Perkins and Mike Tassey using hobby materials, including Styrofoam plane body, plastic propeller and foam tires, along with circuit boards and wires. The materials are all off the shelf, costing $6,190 â" a fraction of the cost of a spy plane, with cyber weapons included.
Its creators eschew the term âspy planeâ for their device. âThereâs a negative connotation to a spy plane,â Mr. Tassey said. âThis was done in an attempt to prove a concept.â
What concept?
âThat it can be done,â he said.
His sentiment perfectly embodied the ethos of Black Hat, a spirited gathering of technologists who sometimes make scary things to show that they can be made, and other times break things to show how badly they need to be fixed.
At the same conference, for instance, a diabetic hacked into his electronic insulin pump and demonstrated how easily it could be shut down remotely, depriving a patient of insulin or worse, pumping in far more insulin than he needed. And a pair of security researchers demonstrated how easy it was to extract money from stolen credit cards, using the card-reading device distributed by Square.
The bird conjured by Mr. Perkins and Mr. Tassey is barely four feet long and becomes an imperceptible, quietly humming little creature when it hovers overhead. Its vital assets are distance and anonymity. It would be easily deployed over, say, an office building to sniff out information going across its wireless network. Or if the office network is well secured, the plane could follow one of its employees on a trip to a neighborhood Starbucks to use the cafeâs Wi-Fi network. The WASP could mimic the cafeâs network, luring the unwitting employee and allowing access to a laptop or cellphone. As Mr. Tassey put it, âIn Starbucks, no one can hear your laptop scream.â
Both men have day jobs helping the federal government keep their information systems secure. They say they have no plans to make money on their device, nor to snoop on anyone, only to show how cheap and easy it can be to snoop and attack.
0 komentar :
Post a Comment