Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security Wireless Networking Hardware

Ready, Aim, HACK! 277

Posted by michael from the reach-out-and-touch-someone dept.
KD5YPT writes "According to a story on Wired, Adam Laurie and Martin Herfurt demonstrated that they can hack a Bluetooth enabled phone from up to a mile away using a sniper rifle with yagi antenna. Kinda gives a new meaning to '1337 hAx0r2'."
This discussion has been archived. No new comments can be posted.

Ready, Aim, HACK! More

Ready, Aim, HACK!

Comments Filter:

  • Great (Score:5, Funny)

    by Anonymous Coward on Friday August 06, 2004 @11:13AM (#9899041)
    Now all the people that hack Counter-Strike will be out on the streets with Snipers hacking Bluetooth devices, leaving CS hack-free. Thank god.

  • So? (Score:5, Funny)

    by Zorilla ( 791636 ) on Friday August 06, 2004 @11:13AM (#9899043)
    I'm not impressed. If you really want to impress me, use a Cap'n Crunch whistle over a Bluetooth-enabled phone to switch your neighbor's TV to the Spice channel with the volume up to 50.

    Fun.
  • Kinda gives a new meaning to '1337 hAx0r2'.

    What, so instead of "Fucking tool" it now will mean "Fucking tool who's in jail for aiming a sniper rifle at someone"?

  • guns.. (Score:5, Funny)

    by Anonymous Coward on Friday August 06, 2004 @11:13AM (#9899062)
    If I saw a guy pointing a gun at me from far away (or close), I wouldn't be worried about him taking my contacts out of my phone.

    • Yeah, (Score:2, Funny)

      by Duhavid ( 677874 )
      I would be more worried about him taking the contacts out of my eyes!
    • "If I saw a guy pointing a gun at me from far away (or close), I wouldn't be worried about him taking my contacts out of my phone."

      Come to think of it, guns are a rather impressive hacking tool. I'm gonna go next door and hack my neighbor's porn stash.

  • Camping bastards... (Score:5, Funny)

    by Fulcrum of Evil ( 560260 ) on Friday August 06, 2004 @11:14AM (#9899070)

    Now in real life too. Too bad you can't toss the occasional opportunistic grenade like in Half Life.

    • Re:Camping bastards... (Score:3, Interesting)

      by stienman ( 51024 )
      I don't know about that. If you design and place a very powerful 2.4GHz emitter so it goes right up their Yagi, then I bet you could damage the receiver electronics of the bluetooth device they're using.

      Kind of like sticking a carrot in the gun barrel and letting them blow it up themselves.

      At least these are active attacks - you should be able to honeypot it very easily, or at the minimum detect attacks, and jam them if needed.

      -Adam

  • Sweet (Score:5, Funny)

    by TheSexican ( 796334 ) on Friday August 06, 2004 @11:14AM (#9899078)
    No more paying for those pricey 900 numbers... I'll just hack some poor schmuck's phone and whack o..err... talk for free.

  • It would be interesting... (Score:5, Interesting)

    by AcquaCow ( 56720 ) * <acquacow@nOspAM.hotmail.com> on Friday August 06, 2004 @11:15AM (#9899089) Homepage
    to use this same setup to look down into a city and pick up individual wireless networks.

    War Sniping?

  • Yeah, Except... (Score:5, Funny)

    by JamieKitson ( 757690 ) on Friday August 06, 2004 @11:17AM (#9899113) Homepage Journal
    ...that you have to call the guy at the other end and ask him to stand very very still :)
    • ...that you have to call the guy at the other end and ask him to stand very very still :)

      He might be able to recognize your voice. The really nerdly thing to do would be to send the guy a text message from himself, telling him to stand still.

  • They should paint that thing orange (Score:3, Interesting)

    by Anonymous Coward on Friday August 06, 2004 @11:19AM (#9899139)
    ... or something to make it look like a toy. They're going to have real guns pointed at them if they keep carrying that around, and I'd say anyone that shoots back would be entirely justified.

    • Only a slashdotter would coordinate a BLUEtooth with and ORANGE gun.

      Why not go for LIME GREEN socks and PURPLE sandles to really make a fashion statement.
    • For hunters safety class, you're told to carry binoculars. Sure there's a scope on your rifle, but most things (also read: people) that you want to see up close also run the risk of getting shot.

      You get a different vibe when someone is "just looking" at you with binoculars than with a rifle scope. Also, the environment you're in (hunting season) means that the person you'd be aiming at ALSO has a decent weapon and would be very interested in observing you in the same manner. The person reacting would also

  • L33t? (Score:2, Insightful)

    by Lethyos ( 408045 )
    Kinda gives a new meaning to '1337 hAx0r2'.

    Uhm, no, not really. Not at all.

  • that's why (Score:5, Interesting)

    by eoyount ( 689574 ) on Friday August 06, 2004 @11:21AM (#9899184)
    That's why you should turn bluetooth off when you're not using it.

    Is there really any need to have bluetooth turned on all the time? I would think that it just wastes batteries.

    • Is there really any need to have bluetooth turned on all the time?

      Only if you live in the UK [wired.com].

    • Re:that's why (Score:4, Interesting)

      by whorfin ( 686885 ) on Friday August 06, 2004 @11:54AM (#9899557)
      Toothing [wired.com] is why you leave it on. I would have figured that /. of all places would be all over this one.
    • I have been using the t616 since it came out a yea ago, by far the best phone I ever owned. Having bluetooth on wil only drain your batteries, and you receive random advertisements from phone co.'s and misc. online services on mMode. There is no point to leaving it on until you are transferring your phonebook, sending images, or in class, waiting to battle someone else in mini-golf!

  • I didn't realize that ... (Score:3, Funny)

    by burgburgburg ( 574866 ) <splisken06NO@SPAMemail.com> on Friday August 06, 2004 @11:22AM (#9899199)
    Microsoft's security division designed bluetooth phones.

    Learn something new every day.

  • Sensible design for its purpose (Score:4, Insightful)

    by Glendale2x ( 210533 ) <[su.yeknomajnin] [ta] [todhsals]> on Friday August 06, 2004 @11:26AM (#9899247) Homepage
    The "rifle" design with a scope actually makes sense. If there's a moving target at a decent enough distance, all you have to do it keep them in the sights while you communicate with the device. Otherwise, a yagi on a stick without sights is probably a little harder to aim precisely, especially if your target is far away.
    • A telescope or transit tripod. You're going to be a little obvious pointing any object that looks like a rifle at someone only 50' away. Especially in an urban area. I would also imagine that the weight is more than it needs to be, since the stock and grip are designed to resist the kick. It still gets "cool points" in my book though. Parhaps it would work out better to build a directional antenna within a telescope or transit, so as to be a little more inconspicuous.
    • It would also be really cool if you could plant a pre-determined bug from the laptop with a squeeze of the rifle trigger.

      1) Look through rifle sight and find vulnerable phone
      2) Pull trigger to plant bug (to whatever end)
      3) ???
      4) Profit?
    • The "rifle" design with a scope actually makes sense. If there's a moving target at a decent enough distance, all you have to do it keep them in the sights while you communicate with the device. Otherwise, a yagi on a stick without sights is probably a little harder to aim precisely, especially if your target is far away. Well, it doesn't make that much sense. A 14dbi Yagi has a beamwidth of about 30 degrees or so. A 4x sniper scope probably has a field of 10 degrees or so, an 8x scope, more like 7 deg

  • More info (Score:5, Informative)

    by AngryScot ( 795131 ) on Friday August 06, 2004 @11:28AM (#9899270)
    Here [tomshardware.com]

    Was covered in brief on tomshardware in a post on /. yestarday

  • It looks nifty, but its not a sniper rifle (Score:5, Informative)

    by millisa ( 151093 ) on Friday August 06, 2004 @11:28AM (#9899271)
    It isn't a real sniper rifle [tomshardware.com] It'd still make someone nervous if it was pointed at them I imagine . . .

  • Luddites Rejoice (Score:3, Funny)

    by ackthpt ( 218170 ) * on Friday August 06, 2004 @11:29AM (#9899283) Homepage Journal
    According to a story on Wired, Adam Laurie and Martin Herfurt demonstrated that they can hack a Bluetooth enabled phone from up to a mile away using a sniper rifle with yagi antenna.

    Surviving the 21st century:

    Pencil

    Pocket knife

    Pad of paper

    Water bottle
    &

    Towel

    BTW the Hitchhikers Guide is now considered a bad idea, as even it has proven to be hackable, particularly by those who consider themselves to be hoopy froods (though inaccurate entries may be inserted, and attempts to modify the operating system of all versions of the Guide result in the brief appearance of a hungry ravenous bugblatter beast of Traal, followed shortly by the departure of a not quite as hungry ravenous bugblatter beast of Traal.)

  • Interesting Military Application (Score:5, Interesting)

    by Vexler ( 127353 ) on Friday August 06, 2004 @11:29AM (#9899296) Journal
    If deployed in the field, special ops soldiers can approach a terrorist safehouse, and activate this device to hack into any cell phone that may be vulnerable. Then they could simply listen in on the safehouse without ever being even 500 feet away, and can discern their movement if necessary.

    All this translates into being able not to tip off the bad guys that you are coming, and still able to glean important intel.
    • I wonder whether there are other Bluetooth devices that could be attacked this way. For example, it seems theoretically possible to also listen in on data transfers - say between PDAs or cameras and laptops.

    • ...except that in about ten years, the sms kiddies of today will be in the military and terrorists will get stuff like:

      OMG! U R B-ing h@X0ReD!!1!11! We R listen 2 U!!111oneone!!!one!eleven!! USA R0X0r2! U SuX0r2!

      Something tells me they are going to notice.

  • Yeah but then.... (Score:3, Funny)

    by dmorin ( 25609 ) <dmorin@g[ ]l.com ['mai' in gap]> on Friday August 06, 2004 @11:33AM (#9899340) Homepage Journal
    ...somebody tk'd them for hogging the AWP and being all sux0r with it.

  • They missed something (Score:3, Funny)

    by tyrani ( 166937 ) on Friday August 06, 2004 @11:35AM (#9899355)
    "The BlueSniper rifle for capturing data from Bluetooth-enabled phones is constructed from a Choate Ruger Mini-14 stock, 14dbi semi-directional Yagi antenna, standard rifle scope, electrical tape, zip ties and cardboard."

    They really should have used duct tape rather then electrical tape. It would have been much more Chic!

  • Blue War Walking....? (Score:3, Interesting)

    by d474 ( 695126 ) on Friday August 06, 2004 @11:37AM (#9899384)
    He conducted a similar test at Britain's House of Parliament, carrying a laptop in his backpack. After going through security, he wandered the ground floor for 14 minutes looking at paintings and passing politicians while the attack ran automatically from his backpack. Of 46 Bluetooth devices he found, eight phones were vulnerable to attack.
    Using this hack in the 'research' stage of a social engineering attack would be quite useful. Between this and the photos of the blue tooth sniper rifle, why hasn't MI5 highered these guys? Honestly! The guy in the photo reminded me of 'Q' in James Bond. Brilliant work.

  • Yet another reason to get the *cheap* phones (Score:5, Insightful)

    by NineNine ( 235196 ) on Friday August 06, 2004 @11:39AM (#9899407)
    This is yet another reason NOT to buy those stupid phones with 14 different features. Every time I buy a cell phone, I buy the cheapest one available, so it doesn't have all of this crap associated with it. I just want a cell phone that *works*. The last thing I want is a phone with so many useless features that it actually has *security* holes! That's insane. So if it comes to the point where the only phone I can get has this stupid Bluetooth stuff, then I have to worry about feds wiretapping me AND kids hacking in? Great. I'm going back to cans and string.
    • It surprises me how retarded people on a technology site can be.

      Do you avoid those stupid computers and just buy 4-function calculators to avoid all those viruses, trojans, spam and all the other crap associated with the internet and modern computing? I guess not.

      If you look closely, people being hax0r3d are almost always the ones who don't understand what they're doing.

      -Don't enable full read/write access to all files while using broadband without a firewall.
      -Don't leave bluetooth enabled when not using
      • Don't leave bluetooth enabled when not using it? Jesus christ... we're talking about a PHONE here? That's entirely too complicated. That's like saying that you should disconnect your computer from the Net when you're not using it. It's very simple... bluetooth is insecure, and is not used by probably 99% of people with cellphones. Thus, the smart thing to do is to avoid it like the plauge.
      • Yeah, but all I want my phone to do is store numbers and call numbers. Seriously. I'll get a seperate PDA for the rest of the crap. And no f'ing way I want a camera on there either. If I wanted a camera, I'd get a nice slim digital, or a real SLR camera.
    • I hear ya! I'd never want a cellphone I could wirelessly connect up to my PDA to give me the internet whereever I am anywhere in Europe. That sounds horrible.

      If you would run around with your bluetooth turned on and advertising itself, of course there's a risk. Lots of features on phones are silly, but bluetooth is genuinely useful. I sit at my PC at work, and my address book syncs with my phone while it's still in my pocket. When I'm listening to music from my computer on my headphones, I can make ca

  • That explains a lot. (Score:5, Funny)

    by Mr. Bad Example ( 31092 ) on Friday August 06, 2004 @11:45AM (#9899465) Homepage
    I wondered why my phone's display kept changing to "OMG PWN3D U FAG". I thought it was Verizon getting uppity.

  • Ignorant Users make this possible (Score:3, Interesting)

    by JawFunk ( 722169 ) on Friday August 06, 2004 @11:51AM (#9899537)
    Laurie said most people don't think they have valuable data on their phones, but many people store passwords, PINs and financial account numbers in their phones.

    Where there's a will, there is a way. This is similar to the spam issue. Many arguethat spam would be reduced adn sys admins would have an easier life if curious people did not impulsively click on evrey ad that they see, nor respond to every question about income or dick size that landed in your email.

    In the caseof bluetooth, people need to realize that these are phones, not safes with locks. tThe average person takes data security for granted, because they don't understand or care to consider the functionality of the device or the technology they are carrying. "If it's in my pocket, it's safe." BS. If you can send signals with it, it can receive signals. Similarly, if you park your car for three days with the driver side door open, most likely it will not be there when you come back (Unless you live on an island where yours is one of five cars, easily recoverable). Getsmart people!

  • In other news ... (Score:5, Funny)

    by cccpkgb ( 793118 ) on Friday August 06, 2004 @11:54AM (#9899558)
    Some researchers found a way to completely destroy bluetooth-enabled cellphones from up to a mile away with a sniper rifle by failing to RTFA.
  • First off the gain of the antenna is quite low for a "1 mile away" hack. if they had a custom bi-directional amplifier that was not only a preamp on the incoming signals but bosting the transmit I would start to agree.

    I can also see 1 mile away with a dish antenna giving them more in the 25-30db gain range... espically considering that they are losing at least 3db in the cable it's self.

    It's a neat idea, and the close range (100-500 feet) possibilities with a basic directional antenna are certianly poss

    • Re:i'm suspect at the lack of details. (Score:4, Informative)

      by carbolic ( 616993 ) on Friday August 06, 2004 @03:00PM (#9901706)
      I was there - holding the Nokia out in front of me. TechTV was there filming the test from both sides. It will appear on The Screen Savers at some point.

      We used a high gain, 19dBi, panel antenna attached to a Linksys Class 1 Bluetooth adapter - picture [wifi-toys.com].

      Using this equipment, last week we transferred a few pictures from 3300 feet (1 km). This week we bluesnarfed from about 5300 feet (1.08 miles).

      The whole point of these experiments is to show that Bluetooth can go a lot further than previously suspected. Witness the 55.1 mile link [wifi-toys.com] using 30 mw wifi.

      Lack of details is because it's in Wired News. Look for a writeup on www.wifi-toys.com [wifi-toys.com] later today.

      --
      Carbolic
      wifi-toys.com [wifi-toys.com]
      bluedriving.com [bluedriving.com]

  • Less conspicuous in wild.. cans and cameras (Score:4, Interesting)

    by mattr ( 78516 ) <mattr.telebody@com> on Friday August 06, 2004 @12:09PM (#9899721) Homepage Journal
    I'd think a pringles or coke can would be a bit less conspicuous..

    On the other hand you know those security video cameras used in public places which can be remote controlled to rotate and zoom in on someone's face? They are usually hidden in smoked glass domes in ceiling or, I suppose, in less conspicuous ways in places like casinos or board rooms. Sounds like another good aiming device, I saw one $500 dollar model in Akihabara recently you can operate from a web page. Same shop for a few hundred bucks also sold remote cameras accessible via UHF.

    I'd be worried if I carried anything with Bluetooth (so far I've resisted..) The more it penetrates it seems the more tiny yagi antennas you'll see. Only saving grace I could imagine is if the yagi antenna is left powered up maybe you could detect it as the camera pans across you... IANA EM Engineer but would not a yagi antenna also transmit towards you any noise from say the video camera's motor or power supply? If so a detector might be in order..

  • James Bond (Score:4, Funny)

    by dfj225 ( 587560 ) on Friday August 06, 2004 @12:38PM (#9900069) Homepage Journal
    As I was reading the only thing I could think about was James Bond standing on top of a building and spying on someone's conversation using the Bluetooth rifle...now that is an awesome hack.

  • If you really must hear... (Score:4, Funny)

    by IronChefMorimoto ( 691038 ) on Friday August 06, 2004 @01:03PM (#9900342)
    I could care less if you hack my BlueTooth phone.

    If some asshat need in you arises that demands that you must listen in on a conversation with my wife as she bitches at me for buying ROMA TOMATOES instead of CHERRY TOMATOES (they're fucking red, for Christ's sake), you go right ahead.

    And if it gets your lollies off to hear that, wait until she calls me to inform me that I, once again, forgot to let the dog shit before going to work. And I must clean up what ensued.

    Yeah -- hack that. All you want. :-[

    IronChefMorimoto

Slashdot Top Deals

"Gravitation cannot be held responsible for people falling in love." -- Albert Einstein

Close