Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Wi-Fi Fingerprints -- the End of MAC Spoofing? 176

Posted by kdawson
from the place-finger-here dept.
judgecorp writes, "Wireless devices can be identified by variations in their radio signaling, known as their 'transceiverprint,' according to research reported in Techworld. The Canadian researcher, Jeyanthi Hall, related the prints to MAC addresses and got a positive ID for devices connecting to a Wi-Fi network, claiming 95% success with no false positives. Once they work out how to do this without a dedicated signal analyzer and neural network processing, it's the end of MAC spoofing on wireless networks."
This discussion has been archived. No new comments can be posted.

Wi-Fi Fingerprints -- the End of MAC Spoofing?

Comments Filter:
  • by nweaver (113078) on Tuesday September 05, 2006 @12:34PM (#16046033) Homepage
    Cool hack, but who cares. With proper authentication (eg, WPA), you don't need to worry about MAC spoofing as the packets won't authenticate right to the access point.
    • by Bender0x7D1 (536254) on Tuesday September 05, 2006 @12:55PM (#16046199)
      You are forgetting the insider threat. I might have the WPA key because I am an employee with my own laptop. However, if I spoof your MAC, then it looks like you are the one surfing /. (or porn sites) all day and not me.

      Encryption is good, but it doesn't solve every security problem.
      • Re: (Score:3, Informative)

        by finkployd (12902) *
        This is why you use WPA enterprise and not PSK.

        Finkployd
        • Re: (Score:3, Insightful)

          by PCM2 (4486)
          This is why you use WPA enterprise and not PSK.

          Yeah, but let's face it ... you probably don't and neither do I.

          Access control lists are a simple concept that administrators understand. It would be a good thing if they could be implemented reliably with ordinary Wi-Fi.

          • Re: (Score:3, Insightful)

            by finkployd (12902) *
            Sure I do, why wouldn't I? It is not that hard. At work we have WPA enterprise implemented with freeradius (backended by Kerberos), at home I do with freeradius right on the router with openWRT.

            If it seems too complicated to someone, that person should not be responsible for running wireless access points at their organization.

            Finkployd
            • by Sancho (17056)
              I've never been able to get wpa_supplicant to work on a Linux client while using FreeRADIUS on the OpenWRT. Any secrets I'm missing?

              Works fine with Windows. I sadly don't have a Mac to test it with.
    • Re: (Score:2, Insightful)

      With proper authentication? I hope you mean WPA2, because even the FBI can crack WPA in 20 minutes or less (with 2 computers). WPA2 Would just mean you need a more powerful computer to crack it. MAC spoofing combined with WPA crack means that your WAP is open to any hacker with a cd drive and the correct wireless card.
      • by Sethb (9355) *
        I think you mean WEP, I haven't seen an FBI demo of someone breaking WPA-PSK in 20 minutes, assuming a decent passkey was used...
        • Re: (Score:3, Informative)

          by Poltras (680608)
          WPA-PSK can be cracked in small time too. If you use a RADIUS it's a lot harder (which may be what you're thinking), but with PSK you are just step harder to crack than WEP, not more secure.
    • by Znork (31774)
      I dont get the desire to treat wireless networks like an extension of the local wired ones. Treat the wireless like you treat any other insecure transport network; ie, firewalled away and with inwards access granted only via VPN tunnels, and you dont have to care about which wireless encryption gets broken by whom and who tries to spoof what.
    • Beyond that, what difference does it make if the computer is a real Apple computer or not?

  • Anyone seriously into wireless security / hacking probably has 20+ wireless cards. It is common knowledge that a wireless card can be identified by its traffic, so why not just buy one of each vendor's cards and use the relevent one during each hack?

    I expect to see a high-end wireless card come out soon that will 'emulate' the hardware differences quite nicely :)
    • by ergo98 (9391) on Tuesday September 05, 2006 @12:48PM (#16046138) Homepage Journal
      Anyone seriously into wireless security / hacking probably has 20+ wireless cards. It is common knowledge that a wireless card can be identified by its traffic, so why not just buy one of each vendor's cards and use the relevent one during each hack?

      If you RTFA, you would have seen that manufacturing variations yield differences even among the exact make and model -- e.g. that minor circuitry, amplifiers and antenna variations differences yield a unique signature.
      • Re: (Score:2, Interesting)

        If you RTFA, you would have seen that manufacturing variations yield differences even among the exact make and model -- e.g. that minor circuitry, amplifiers and antenna variations differences yield a unique signature.

        So, will this mean that if I buy a new antenna or break off my old antenna that my network will no longer recognize me?
        How much variation will it handle? When my antenna heats up will it still have the same signature?
    • Re: (Score:3, Informative)

      by Chanc_Gorkon (94133)
      There are variations in radios even among the same model. You can uniquely identify 2 separate radios of the same model pretty easily. This is something we have done to combat the squirrels (slang for the idiots who think it's fun to screw a ham repeater up) on our ham repeaters in our area....that and triangulation of the perp's signal. Nothing new and about time.

      • by munpfazy (694689) on Tuesday September 05, 2006 @03:19PM (#16047214)
        Yup. Hams have been doing it for decades. (Well, most of us have just been talking about it - since actually doing it requires rather expensive gear and jammers troublesome enough to be worth the effort.) I can only imagine governments have been doing it for a lot longer than that.

        But jumping from its use as forensic tool to something which could be used for authentication / spoofing detection on cheap networking gear is far from trivial. It's hard to imagine most wifi users paying to add the necessary gear to their access points. No matter how wonderful your pattern matching algorithm maybe, you still need a sensitive front end and a very fast sample rate to get the data in the first place. It's hard to imagine a scenario where the hardware needed to identify tiny perturbations on a signal wouldn't be a lot more expensive than the hardware needed to detect the signal itself.

        Even as a forensic tool, the low cost of computer networking gear leaves an obvious out for savvy hackers: just load up on $5 wireless cards whenever you see them on sale, and throw each away after every successful use. It's a whole lot easier for most people to swap out networking hardware than to replace amateur radio transmitters. You could still use it to distinguish in real time between a particular legitimate user and an outsider, but that doesn't buy you very much unless it's cheap and robust enough to leave running at all times on every access point.
  • Nice try, but... (Score:2, Insightful)

    by terrahertz (911030)
    Once they work out how to do this without a dedicated signal analyzer and neural network processing, it's the end of MAC spoofing on wireless networks.
     
    ...and once the paquet warr10rz figure out how to arbitrarily generate and utilise "transceiver prints" it's the end of this method of IDS.

    (any wagers on how many other "first comments" will say the same thing?)
    • by Smidge204 (605297)
      Based on the description of the method, it is the physical characteristic fo the hardware itself that provides the "fignerprint" - not software. It it not something that you "generate" - is it based on the characteristics of the signal itself and not the information carried by the signal.

      =Smidge=
      • by soft_guy (534437)
        it is the physical characteristic fo the hardware itself that provides the "fignerprint" - not software.

        If I take a screwdriver and bend some of the metal around the shielding on the wifi unit, will it alter these characteristics?
      • by fatboy (6851)
        That's correct. The majority of what they see is the "ring" of the VFO when the radio transmits.
      • Yep, but at somepoint the "hardware fingerprint" gets translated to a digital version, or a "software fingerprint" to be processed by the wi-fi router. No routers are able to read "hardware anything" natively.

        This is the same argument why fingerprint/retina scanners can also be hacked - at some point all data, no matter how it is gathered, is converted into 1s and 0s - and can be copied/spoofed.
  • Nothing new. (Score:2, Informative)

    by Anonymous Coward
    This has been in the HAM community for years.

        http://www.motron.com/TransmitterID.html [motron.com]
    • And now it has finally reached the SPAM community.
    • Some years back when mayhem was happening to a local 2m NBFM repeater, I got into the habit of leaving an allmode radio monitoring the input, in USB mode. That lets you hear exactly what the FM carrier is doing.

      All FM radios have a different keyup chirp. That is, when you key up they start on some frequency and drift off to their final frequency over a short period of time. Some do it quickly, some slowly, but all start off on and end on a different pair of frequency. Some would also have a tendency to

  • by giafly (926567) on Tuesday September 05, 2006 @12:38PM (#16046070)
    As a doctoral student, Dr Hall analysed the RF signals of fifteen devices from six manufacturers, and found it was possible to distinguish clearly, even between devices from the same manufacturer. Using "transceiverprints," Dr Hall got a detection rate of 95 percent, and a false positive rate of zero, according to papers submitted to various conferences, including IEEE events on wireless and security.
    So I'm convinced.
    • by slew (2918) on Tuesday September 05, 2006 @12:50PM (#16046155)
      Okay, a show of hands, how many folks use centrino wireless vs buying a wireless card for their old computer? Now how many will buy a computer in the next year which has integrated wireless. How many of those will buy centrino wireless?

      Does anyone remember the good old days when your garage remote control that you just bought from sears would open the door down the street? That's why they had to put in the codes. Just relying on a "fingerprint" when the majority of devices are from the same manufacturer is just a false sense of security.

      However, if you really want to be scared, just google "bump key"...
      • From the article, (emphasis mine):

        As a doctoral student, Dr Hall analysed the RF signals of fifteen devices from six manufacturers, and found it was possible to distinguish clearly, even between devices from the same manufacturer.

        So it doesn't matter if everyone uses Centrino - they can still tell them apart. The key point is that no two devices are identical - there are always differences in the manufacturing process that makes them behave differently. Sure, at 10 or 54 Mbps they look the same but w
        • FWIW, the paper your reference seems to be circa 2004 and used a Gigahertz scope on 10Mb wired ethernet. Even so, they didn't think they could use the same technique on 100Mb ethernet.

          Initial work has already begun on attempting to profile 100Mb Ethernet signals. Preliminary results indicate that the aforementioned techniques will be adequate for discriminating between different model devices; however, a deeper investigation into the signaling characteristics of 100Mb Ethernet devices may be required in or

      • Fingerprint technology is NOT what they used for garage door openers. They had basically no security on garage door openers for many years. The opener remote used to just send out a signal at a certain frequency that the opener was set to receive. If it received a signal within tolerance, it opened. Now they not only send it out at a pre determined frequency, each remote has codes pre programmed in it that it sends out. You stand on a ladder in your garage and press the remote after pressing the button
      • Actually this is not just gross signal monitoring. The phone company does this with cell phones now. When you look at the signal as a matrix of about 6 to 8 things you can identify 2 cell phones that came off the assembly line sequentially. This type of signal monitoring is looking at things like micro-second variations in responce times, frequency modulation differences, and frequency stability. All of these things are unique to a specific phone, not a brand or model of phone.
        The issue here is figuing out
      • The point of the article is that within supposedly identical devices, the individual electrical components are not exactly the same, and it's the minor faults in capacitors that they're picking up and calling a "transciever print".
    • So I'm convinced

      I think you might be missing the point; It's not that these things are unique, it's that they are semi-unique and hard to replicate.
    • by hey (83763)
      How do you get 95% out of 15.
      14 right of 15 is 93.3333 percent.
      So they did better than 14 but less than perfect - humm.
    • This is a nice academic exercise. If I have an RF spectrum analyser or other very sophisticated equipement then I could do this. The crude RF reciever in my $40 wireless router is just marginally able to recieve and decode the signal. It will never have the capabilities of a rack of expensive RF test equipement. I do not think this capability will end up in any low cost equipement in the next few years.
  • When they develop the hardware that has all of that enabled it does not cost an insane amount over the cost of something without signal analyzation; when they could just use other security measures, or multiple security measures which are cheaper.

    Albeit the military and security conscious would still buy it.
  • Old Idea (Score:5, Interesting)

    by Detritus (11846) on Tuesday September 05, 2006 @12:42PM (#16046095) Homepage
    They were doing this during World War II, using the unique characteristics and variations of transmitters to "fingerprint" them. Similar things were done with the way radio operators send morse code to help detect spies that had been compromised.
    • Re: (Score:2, Funny)

      by VanillaBabies (829417)
      1) Take old idea
      2) Apply to new technology
      3) Patent (Optional)
      4) Profit!

      Sheesh, aren't even any unknowns in this one. Where are you confused?

  • 95 percent is still far too low for a viable consumer product. Can you imagine if 5 percent of the folks buying something based on this technology found that it didn't work? The public outcry would be enormous.
    • Yes, that 5% is definitely a problem. However, you could set the system to log a warning if the fingerprint doesn't match. If nothing else, this would give you a paper trail that you can follow if an incident occurs. Also, if you record the fingerprint and find that same fingerprint trying to be several different MAC addresses you could raise an alarm.

      So, 5% is far too high to be used on its own, but it isn't completely useless.
    • "95 percent is still far too low for a viable consumer product. Can you imagine if 5 percent of the folks buying something based on this technology found that it didn't work? The public outcry would be enormous."

      You mean like getting the cheap wireless card to work on my Linux laptop?
  • by Keebler71 (520908) on Tuesday September 05, 2006 @12:44PM (#16046118) Journal
    On behalf of the DoD, I would like to welcome IT geeks to antiquated military technology! [google.com]
  • by crush (19364) on Tuesday September 05, 2006 @12:51PM (#16046167)
    This is interesting but the sample size is too small to let us know how accurate this technique really is.
    http://www.mathworks.com/company/user_stories/user story10433.html?by=company [mathworks.com]
  • by Anonymous Coward on Tuesday September 05, 2006 @12:53PM (#16046186)
    Wi-Fi fingerprinting is nothing new and we have tried the various techniques at our university but it simply does not work because the number of false positives is way too high for it to be practical and to be deployed in an environment with many users. We had support from one of the developers of the technology and after looking at the data and the floods of user complaints he even admitted that Wi-Fi fingerprinting is not practical and we had to give up on it.
  • by llZENll (545605) on Tuesday September 05, 2006 @12:58PM (#16046235)
    Why would hackers not simply spoof the RF fingerprint. Some ideas come to mind. 1) dynamic adjust the outgoing signal digitally to imitate the fingerprint 2) add interference around the transmitter so the signal looks the same 3) use specialized analog electronics to imitate the fingerprint
    • by Chanc_Gorkon (94133) <[moc.liamg] [ta] [nokrog]> on Tuesday September 05, 2006 @01:05PM (#16046284)
      Cuz you likely can't. To do so would require a microscope on alot of WiFi cards and even then it you likely won't come close enough. The fingerprint is possible because of minor variations in the signal that is caused by variations in the caps and resistors used. You don't really think they can create a 0% tolerance cap do you?? The tolerances on caps and resistors can be 0.05%...that is still not 0%. A 0% tolerance cap or resistor is not possible. Spoofing a RF fingerprint is practically impossible with today's technology.
      • by robertjw (728654) on Tuesday September 05, 2006 @01:15PM (#16046347) Homepage
        OK, but will the variation on the caps and resistors remain consistent over the life of the WiFi card? Will an allowance be made for ongoing variations in the signal? If so, will it be exploitable?
        • by Have Blue (616)
          And what allowances will be made for the ~5% of devices that according to this article will never pass the test?
        • Lifetime, heck - capacitor and resistor values can significantly drift over temperature.
      • Cuz you likely can't. To do so would require a microscope on alot of WiFi cards and even then it you likely won't come close enough. The fingerprint is possible because of minor variations in the signal that is caused by variations in the caps and resistors used. You don't really think they can create a 0% tolerance cap do you?? The tolerances on caps and resistors can be 0.05%...that is still not 0%. A 0% tolerance cap or resistor is not possible. Spoofing a RF fingerprint is practically impossible with to
      • by tppublic (899574) on Tuesday September 05, 2006 @01:34PM (#16046472)
        Trying to spoof using a hardcoded solution out of a fab is borderline impossible - I agree. However, you seem to presume that the only method of spoofing is to have (hardcoded) hardware that is identical. Given some (albeit not complete) knowledge of how analog electronics work, I'm not sure that is the only method of achieving such a result.

        It seems to me one could build analog electronics that allows signal parameters (frequency, rise time, etc.) to be electronically tuned based on the detected signal... after all, if they can identify a signal with high accuracy, then the traits to be spoofed may be distinguishable enough to be accurately measured.

        Given a sufficiently powerful software defined radio, a tunable amplifier and a tunable antenna, I don't think this is impossible. It's a heck of a lot more expensive than a WLAN card, for sure. It's also a problem that a neural network is used for identification, since neural networks are a notoriously poor analysis tool from which to extract usable rules. However, given their sample size and lack of other info in the article (of other methods of forecast analysis), it is difficult to say whether the required system is so complicated that it is an intractable problem to reverse engineer the measured characteristics. I'm not convinced it is.

      • by Shotgun (30919)
        Minor nit:

        Those tolerances are more like 5 and 10%. At least that is what is guaranteed by the manufacturer. Actual tolerances are usually much closer.

        A published .05% part will be a military grade part destined for the space shuttle.
        • And thus, they exist. The fact is, once perfected, this method of aplying some sort of security can be done or it at least can tell you if the Mac on one particular radio is changing. I don't know that I would base a security system on this, but basing a intrusion detection system on this could probably work. You could even possibly lock out intruders for a 10-15 minute period or even longer.
      • by ratboy666 (104074)
        Of course you can. The "fingerprint" is being measured -- somehow. So, the characteristic that IS the fingerprint must be resolvable. If its measurable in that sense, it can be generated. How else would the testing gear itself be tested?

        Now the COST of the generating gear may be prohibitive, but it certainly MUST be practical.

        Ratboy
      • Cuz you likely can't. To do so would require a microscope on alot of WiFi cards and even then it you likely won't come close enough.

        You are WAY out in left field man.

        Doing so requires adding a digital filter to the digital output of the DSP that is the matched filter of the difference between your card and their card.

        It doesn't matter what in the RF section is different because you will be compensating for that digitally.
        The are going to be cases where the filter can't adjust enough, but for practic
  • Given:

    1) MAC addresses are easily cloned; it's child's play
    2) Spoofing above the MAC layer is difficult
    3) This methodology produces no false positives
    4) The hacker community will find what the characterizations are then
    5) Find nice and easy ways of memorizing the characterizations so that
    6) They can continue to spoof whatever they want, whenever they want.

    So, yes, there is are additional authentications that make things easier to secure-- but changing the character of a card isn't difficult to do as today,
    • Re: (Score:2, Insightful)

      by flynns (639641)
      Spoken like someone who's never touched a radio outside of the one GM sold him with his car.

      Each radio in existence has a unique signal generated, mostly due to component variation in each production run. Resistors and capacitors in circuits are designed to tolerate a certain amount of variation in resistance, capacitance, etc etc. It's difficult to replicate - and by 'difficult', I mean an electrical engineer with a laboratory full of equipment and a team working for him would find it difficult. A signal
      • These are cookie cutter devices. Their deltas are uber-thin. You'd need to resolve various characteristics to the femto-side of things. I'm sure that there's a lot of demand for high-resolution characterization gear out there that will slice things into ultra-tiny pieces, then have the ability to keep them in a useful db, then use that db to effectively serve as the gate of admittance control.

        I don't think so.

        Instead, a few little twigs will be used, and those twigs will define what's going on. Call it engi
  • by User 956 (568564) on Tuesday September 05, 2006 @01:17PM (#16046363) Homepage
    the End of MAC Spoofing?

    Nah, we'll only see the end of Mac spoofing when they stop making commercials with that goofball that looks like Bill Gates.
  • wow, lots of work (Score:3, Insightful)

    by Geekboy(Wizard) (87906) <spambox@the a p t . org> on Tuesday September 05, 2006 @01:23PM (#16046396) Homepage Journal
    for no benifit. I have a 100% solution with no false positives. it's called 'VPN'.
  • Nothing new (Score:2, Interesting)

    by Knightman (142928)
    This is really nothing new. A friend did something similair in the early 90's to catch a guy that was spoofing false calls on the police band.

    He had a very (VERY) expensive reciever that had a built in spectrum analyzer, and they logged all calls with a timestamp and the frequency drift (stored as a 512 bit word) of the transmitter currently using the channel. Each time the operator suspected that he/she had a spoofed call they pushed a button that activated 4 direction finders that logged the timestamp and
  • Hell, they could just download this program.

    http://xmit.penguinman.com/xmit_id.html [penguinman.com]

    This is old tech that Amateur radio users have had for 10 years now.
  • Seen it before (Score:5, Interesting)

    by tsotha (720379) on Tuesday September 05, 2006 @01:35PM (#16046478)
    The Canadian researcher, Jeyanthi Hall, related the prints to MAC addresses and got a positive ID for devices connecting to a Wi-Fi network, claiming 95% success with no false positives.
    I'm sure it works great in her lab, but here in the real world...

    I work for Big Cellphone Company. We tried the same scheme in the mid '90s when analog phone cloning was all the rage (remember when it used to cost $1.50/minute? Ahhhhh, the good old days). It works, kind of.

    The problem is you're not trying to decide whether or not to retry a packet, or what the transmit power should be. You're trying to decide whether or not to provide service, so you really can't afford to be wrong. We were never really able to get an acceptable reliablility in the wild.

    Believe me, we had a huge incentive to roll this out to our network. The marginal bandwidth costs from fraud didn't hurt much, but when someone made a call to, say, Saudi Arabia on a cloned phone we got stuck with all the fees on the other end. A single cloning ring could cost millions, so Big Cellphone Company was willing to break the bank to get this to work.

    Eventually we rolled out digital service, so the project got shut down. Cloning fraud was one of the reasons we were willing to give you a free phone if you switched over to digital. Well, that and the long-term contract.

  • This technology has been used successfully on AMPS (analog cellular network) to get rid of ESN/MIN spoofing and it for the most part works. The result is that when spoofing calls with acoustic fingerprinting enabled, the call will get torn down if a fingprint for that cell phone exists in HLR (Home Location Register -- the central database that authenticates the subscriber).
  • Is this type of thing similar to Van Ecks effect?
  • 95%, no false positives -- == 5% false negatives. It also doesn't clearly define positive and negative in this context. Does this mean that 1 time in 20 when a valid card attempts a connection, it is refused? or that 1 time in 20, a spoofer gets in?
  • Apple will be glad to hear that. I think they're getting tired of people making fun of their ads.

    • What? Making fun of the Apple ads? But they so accurately depict the state of computing circa 1997 so well...

      "Peabody, set the wayback machine to the time of rampant computer viruses in the wild..."
  • Quoth the posting:

    "... it's the end of MAC spoofing on wireless networks ..."

    If implemented, of COURSE it is the end of MAC spoofing. But it is only the BEGINNING of WiFi fingerprint spoofing ...

  • by Ancient_Hacker (751168) on Tuesday September 05, 2006 @02:16PM (#16046770)
    waay back at the very start of real "Wireless" communication, the transmitters were these hefty spark-gaps, often modulated by a spinning set of electrodes. And back then most houses had DC power, and unsteady power at that.

    And each transmitter was hand-built, using rather rough tools.

    All these things ensured that each signal had it's own quirks, in time, frequency, and temperature. Radio ops could often identify transmitters by thepaerticular yawps, swooshes, and zaps of the signal. ot to mention, identifing the morse code operator by his particular "fist", i.e. spacing and other personal quirks.

    Then during WW2 our side started using spectrumanalyzers to categorize each model of German and Japanese radar. Here again each transmitter tended to have its own set of quirks.

    Now, surprise, the same thing gets rediscovered. On some low level each wireless card has some (shuddrr) analog controlled oscillators, frequency dividers, duplexers, antennas, and amplifiers, each with it's own slight amplitude, frequency, and phase characteristics.

    So nothing new here. Not by like, almost 100 years.

  • by TomRC (231027) on Tuesday September 05, 2006 @02:16PM (#16046771)
    If this is an analog fingerprint, there's a chance it'll change over time, under different conditions of heat, etc. Doesn't sound trustworthy.
  • by smcavoy (114157) on Tuesday September 05, 2006 @02:28PM (#16046851)
    Why would you rely on such a silly system?
    • by Shotgun (30919)
      Because, it is extremely simple and a very effective lock against 99.9% of the people out there. The time and energy needed to implement more advanced solutions are then balanced against the time and energy required to recover from a hack times the possibility of it occuring. The latter is generally found wanting.

    • ...because I'm not particularly concerned about snooping and it's an easy way to keep out the casual leechers without affecting bandwidth in the slightest?
    • by izomiac (815208)
      You rely on it about as much as you would a lock on your door. Easily defeated, but it keeps honest people honest. I, for one, live on a college campus. I prefer using WPA, but one of my devices doesn't support it. Rather than memorize long WEP keys (as I inevitably have to re-enter them from time to time), I just use MAC filtering. It keeps clueless people off my router, and since there's one "linksys" network in range, I doubt anyone is going to bother trying to get onto mine. The lack of encryption
  • it's the end of MAC spoofing on wireless networks.

    That would be nice. Wake me when it happens.

    Of course, there goes your defense when the RIAA sues you for filesharing, and your defense is, "It musta been someone hacking into my wireless network."

"Is it really you, Fuzz, or is it Memorex, or is it radiation sickness?" -- Sonic Disruptors comics

Working...