Online Anonymity Box Distances Your IP Address

IMG_0638-582x388.jpg

This Online Anonymity Box Puts You a Mile Away From Your IP Address

In the game of anonymity-versus-surveillance online, the discovery of the user’s IP address usually means game over. But if Ben Caudill has his way, a network snoop who successfully hunts a user through layers of proxy connections to a final IP address would be met with a dead end—while the anonymous user remains safe at home more than a mile away.

At the upcoming DefCon hacker conference in Las Vegas next month, Caudill plans to unveil ProxyHam, a “hardware proxy” designed to use a radio connection to add a physical layer of obfuscation to an internet user’s location. His open-source device, which he built for $200, connects to Wi-Fi and relays a user’s Internet connection over a 900 megaherz radio connection to their faraway computer, with a range of between one and 2.5 miles depending on interference from the landscape and buildings. That means even if investigators fully trace the user’s Internet connection, they’ll find only the ProxyHam box the person planted in a remote library, cafe, or other public place—and not their actual location.
Caudill, a researcher for the consultancy Rhino Security Labs, compares his tool to typical tactics to hide the source of an Internet connection, like using a neighbor’s Wi-Fi, or working from a coffee shop instead of home. But “the problem with Wi-Fi as a protocol is that you can’t get the range you need. If the FBI kicks down the door, it may not be my door, but it’ll be so close they can hear me breathe,” says Caudill. “[ProxyHam] gives you all the benefits of being able to be at a Starbucks or some other remote location, but without physically being there.”

ProxyHam, which Caudill says he’ll offer for sale at cost to DefCon attendees and will also teach users how to build with instructions on his website and ProxyHam’s Github page (both available after DefCon), is actually two devices. The first part is a box the size of a large dictionary, containing a Raspberry Pi computer connected to a Wi-Fi card and a small 900 megaherz antenna, all of which is meant to be plugged in at some inconspicuous public place—Caudill suggests a dark corner of a public library. On the other end of a radio connection, the user plugs in a 900 megaherz antenna into his or her ethernet port. (In the picture above, Caudill uses a giant Yagi antenna, but he says a much smaller $57 flat patch antenna works, too.)

Caudill intends ProxyHam to protect sensitive Internet users, such as dissidents and whistleblowers, for whom tools like VPNs and even the anonymity software Tor may not provide sufficient security. If an attacker can manage to install malware on the user’s PC, for instance, that malware can circumvent Tor and send the user’s IP address directly to the attacker. But with ProxyHam, that malware attack would only lead investigators to the ProxyHam device, not the user. “The KGB isn’t kicking in your door,” says Caudill. “They’re kicking in the door of the library 2.5 miles away.”
To avoid radio detection on the user’s end, ProxyHam’s wireless signals are designed to look indistinguishable from the many cordless telephones that use the same frequency. And Caudill says the rise of more internet-connected wireless gadgets will provide further cover for ProxyHam users over time. “There are a ton of devices jumping into that space and communicating there,” he says. “It’s not feasible to say ‘we’ll chase down everyone who has this device communicating on this frequency.’ It’s a needle in a haystack.”

No one should depend on ProxyHam alone—particularly until its security has been proven in real-world testing, says Micah Lee, a security technologist for The Intercept and occasional developer for the anonymous whistle-blowing software SecureDrop. But Lee points out that it can be used in combination with existing anonymity software like VPNs and Tor. “It seems like a thing to augment your Tor usage rather than replace it. In that sense, it seems like a good idea,” he says. Lee himself counsels anonymous leakers who use SecureDrop to send secrets to a news organization to first connect to a public Wi-Fi network. ProxyHam, he says, could accomplish something similar. “No matter how many hops over the Internet you use, if there’s someone spying on everything, they can connect all the dots. But if one of the hops isn’t over the Internet and is instead over a radio link, it’ll be a lot harder to connect those dots.”

The version of ProxyHam Caudill intends to sell at DefCon will be fairly basic. But in future versions he’s still developing, Caudill says the device will also include accelerometers designed to detect and warn users if it’s been moved from its hiding place. He’s even hoping to include a microphone that can act as a “black box” recorder to relay to the owner the last few moments of audio the ProxyHam hears before it’s disconnected. All of that, says Caudill, is intended to prevent investigators from discovering a ProxyHam and then tampering with it to eavesdrop on its communications or to trap a user who comes to fix or retrieve it.

Going to the trouble of buying and planting a ProxyHam device—one that if used safely, you may never see again—may sound like paranoia. But Caudill intends ProxyHam to protect the very most sensitive people on the Internet, those for whom mere software protections aren’t good enough. “Journalists and dissidents in Arab Spring countries, for instance…these people have very high security requirements,” Caudill says. “This is that last-ditch effort to remain anonymous and keep yourself safe.”
Wired:  http://wrd.cm/1GML22a

 

« Cyber Command: A War That Started Long Ago
Google’s Robot Intelligence Help Desk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

CyberDef

CyberDef

CyberDef is a consulting company specialising in cyber defence services for small and medium enterprises.

Savanti Consulting

Savanti Consulting

Savanti provides practitioner-led cyber security services tailored to meet each organisation’s unique requirements.

101 Blockchains

101 Blockchains

101 Blockchains is a professional and trusted provider of enterprise blockchain research and training.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

ForAllSecure

ForAllSecure

ForAllSecure’s mission is to make the world’s software safe by pioneering autonomous cybersecurity tools that automatically find and fix vulnerabilities in run-time executable software.

Avertium

Avertium

Avertium is the managed security and consulting provider that companies turn to when they want more than check-the-box cybersecurity.

CyberClan

CyberClan

CyberClan’s carefully selected team of experts is capable of solving complex cyber security challenges – keeping your data secure and your businesses running as usual.

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

CISO Global

CISO Global

CISO Global (formerly Cerberus Sentinel) are on a mission to demystify and accelerate our clients’ journey to cyber resilience, empowering organizations to securely grow, operate, and innovate.

DatChat

DatChat

DatChat Inc. is a blockchain, cybersecurity, and social media company that focuses on protecting privacy on our devices and also protecting our information after we have shared it with others.

Route1

Route1

Route1 is an advanced provider of secure data intelligence solutions to drive your business forward.

ClosingLock

ClosingLock

ClosingLock is the leading provider of wire fraud prevention software for the real estate industry.

Airgap Networks

Airgap Networks

Airgap is fixing the fundamental flaw of excessive trust. We help enterprises modernize their network for a simple and secure infrastructure.

ActiveFence

ActiveFence

ActiveFence enables Trust & Safety teams to be proactive about online integrity so they can keep their users safe from online harm – across content formats, languages, and abuse areas.