Online Anonymity Box Distances Your IP Address

Uploaded on 2015-07-06 in TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

IMG_0638-582x388.jpg

This Online Anonymity Box Puts You a Mile Away From Your IP Address

In the game of anonymity-versus-surveillance online, the discovery of the user’s IP address usually means game over. But if Ben Caudill has his way, a network snoop who successfully hunts a user through layers of proxy connections to a final IP address would be met with a dead end—while the anonymous user remains safe at home more than a mile away.

At the upcoming DefCon hacker conference in Las Vegas next month, Caudill plans to unveil ProxyHam, a “hardware proxy” designed to use a radio connection to add a physical layer of obfuscation to an internet user’s location. His open-source device, which he built for $200, connects to Wi-Fi and relays a user’s Internet connection over a 900 megaherz radio connection to their faraway computer, with a range of between one and 2.5 miles depending on interference from the landscape and buildings. That means even if investigators fully trace the user’s Internet connection, they’ll find only the ProxyHam box the person planted in a remote library, cafe, or other public place—and not their actual location.
Caudill, a researcher for the consultancy Rhino Security Labs, compares his tool to typical tactics to hide the source of an Internet connection, like using a neighbor’s Wi-Fi, or working from a coffee shop instead of home. But “the problem with Wi-Fi as a protocol is that you can’t get the range you need. If the FBI kicks down the door, it may not be my door, but it’ll be so close they can hear me breathe,” says Caudill. “[ProxyHam] gives you all the benefits of being able to be at a Starbucks or some other remote location, but without physically being there.”

ProxyHam, which Caudill says he’ll offer for sale at cost to DefCon attendees and will also teach users how to build with instructions on his website and ProxyHam’s Github page (both available after DefCon), is actually two devices. The first part is a box the size of a large dictionary, containing a Raspberry Pi computer connected to a Wi-Fi card and a small 900 megaherz antenna, all of which is meant to be plugged in at some inconspicuous public place—Caudill suggests a dark corner of a public library. On the other end of a radio connection, the user plugs in a 900 megaherz antenna into his or her ethernet port. (In the picture above, Caudill uses a giant Yagi antenna, but he says a much smaller $57 flat patch antenna works, too.)

Caudill intends ProxyHam to protect sensitive Internet users, such as dissidents and whistleblowers, for whom tools like VPNs and even the anonymity software Tor may not provide sufficient security. If an attacker can manage to install malware on the user’s PC, for instance, that malware can circumvent Tor and send the user’s IP address directly to the attacker. But with ProxyHam, that malware attack would only lead investigators to the ProxyHam device, not the user. “The KGB isn’t kicking in your door,” says Caudill. “They’re kicking in the door of the library 2.5 miles away.”
To avoid radio detection on the user’s end, ProxyHam’s wireless signals are designed to look indistinguishable from the many cordless telephones that use the same frequency. And Caudill says the rise of more internet-connected wireless gadgets will provide further cover for ProxyHam users over time. “There are a ton of devices jumping into that space and communicating there,” he says. “It’s not feasible to say ‘we’ll chase down everyone who has this device communicating on this frequency.’ It’s a needle in a haystack.”

No one should depend on ProxyHam alone—particularly until its security has been proven in real-world testing, says Micah Lee, a security technologist for The Intercept and occasional developer for the anonymous whistle-blowing software SecureDrop. But Lee points out that it can be used in combination with existing anonymity software like VPNs and Tor. “It seems like a thing to augment your Tor usage rather than replace it. In that sense, it seems like a good idea,” he says. Lee himself counsels anonymous leakers who use SecureDrop to send secrets to a news organization to first connect to a public Wi-Fi network. ProxyHam, he says, could accomplish something similar. “No matter how many hops over the Internet you use, if there’s someone spying on everything, they can connect all the dots. But if one of the hops isn’t over the Internet and is instead over a radio link, it’ll be a lot harder to connect those dots.”

The version of ProxyHam Caudill intends to sell at DefCon will be fairly basic. But in future versions he’s still developing, Caudill says the device will also include accelerometers designed to detect and warn users if it’s been moved from its hiding place. He’s even hoping to include a microphone that can act as a “black box” recorder to relay to the owner the last few moments of audio the ProxyHam hears before it’s disconnected. All of that, says Caudill, is intended to prevent investigators from discovering a ProxyHam and then tampering with it to eavesdrop on its communications or to trap a user who comes to fix or retrieve it.

Going to the trouble of buying and planting a ProxyHam device—one that if used safely, you may never see again—may sound like paranoia. But Caudill intends ProxyHam to protect the very most sensitive people on the Internet, those for whom mere software protections aren’t good enough. “Journalists and dissidents in Arab Spring countries, for instance…these people have very high security requirements,” Caudill says. “This is that last-ditch effort to remain anonymous and keep yourself safe.”
Wired:  http://wrd.cm/1GML22a

 

« Cyber Command: A War That Started Long Ago
Google’s Robot Intelligence Help Desk »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Grid32

Grid32

Grid32 provides independent computer system and physical security audit services to government and corporate clients of all sizes.

Dataguise

Dataguise

Dataguise provides a data-centric security solution to detect, protect, and monitor sensitive data in real time across all data repositories, both on premises and in the cloud.

Chubb

Chubb

Chubb is the world’s largest publicly traded property and casualty insurer. Commercial services include Cyber Risk insurance.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

Delta Risk

Delta Risk

Delta Risk is a global provider of managed security services and cyber security risk management solutions to government and private sector clients.

Berwick Partners

Berwick Partners

Berwick Partners’ Cyber Security Practice is a leading recruiter of senior management positions in this field; we have an exceptional understanding of the constantly changing Cyber landscape.

Cryptovision

Cryptovision

cv cryptovision GmbH is one of the leading specialists for modern, user-friendly cryptography and solutions for secure electronic identities.

Eseye

Eseye

Eseye is a global specialist supplier of cellular internet connectivity for intelligent IoT (Internet of Things) devices.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

Aligned Technology Solutions (ATS)

Aligned Technology Solutions (ATS)

ATS manage, monitor, and maintain everything from your network and servers to your workstations and mobile devices, and we do it proactively to eliminate downtime and keep hackers at bay.

Buchbinder Information Technology Solutions

Buchbinder Information Technology Solutions

Buchbinder Tunick & Company is a premier CPA and advisory firm offering a broad range of assurance, tax, business consulting and IT consulting services.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

BigBear.ai

BigBear.ai

BigBear.ai delivers high-end analytics capabilities across the data and digital spectrum to deliver information superiority and decision support.

Circle Security

Circle Security

Circle’s breakthrough security API unifies solutions for identity and data security into one architecture and empowers organizations to secure their identity, data and privacy in their applications.

BioID

BioID

BioID are a German company offering deepfake detection, liveness detection, facial authentication & identity verification as a Service.