Researcher Creates Handheld Hacking Tool

Kickball Notches writes "Immunity's Dave Aitel plans to start selling a portable hacking device equipped with hundreds of exploits. The wireless handheld, called Silica, comes equipped with more than 150 exploits from Canvas and an automated exploitation system that allows simulated hacking attacks from the palm of your hand. It supports 802.11 (Wi-Fi) and Bluetooth wireless connections and is based on Linux."

Re:But does it run... oh wait

[daveaitel]

Functionality errors and UI issues mostly. In terms of security it's just a Linux on ARM with SSHD turned off. CANVAS itself is pure Python, so although there may be overflows in there somewhere, it's not going to be an every-day occurance.

The Nokia 770, the Sony Mylo, and the Trolltech Greenphone are just the start of how Linux + Wifi + mobile devices are going to change the world, imho. If you've done your development correctly you can do a LOT on these devices in very little time. It's the perfect thing for a small company or startup.

-dave

Re:Proximity is no problem.

[Amouth]

you are thinking of sitting there and using it..

if you don't have the screen on or the back light you can run for over a day and more if you only run wifi or bluetooth...

i have a dell axim x30 with the extended battery - internal wifi .. i have turned on the wifi and logged into aim and forgot.. it went to sleep (cut the screen off) but it kept the wifi going.. came back to it a day later and the battery was at around 30-40

if you design something to last you can pull it off..

Re:Nifty

[BootNinja]

(Personally, I see no reason why hardware device makers should keep driver code proprietary, much less the hardware specifications needed to produce an open source driver. After all, isn't their bread and butter the hardware itself?)

As far as wireless cards go, what I have heard is that many of the wireless manufactureres will not release proper specs because transmission strength is soft-coded into the driver. an open source driver would allow people to increase the strength of the signal broadcast by the wirless card. This would violate FCC regulations and possibly open up the manufacturer to legal trouble for selling a device that is not FCC compliant.

Closed source device

[DrYak]

Personally, I see no reason why hardware device makers should keep driver code proprietary, much less the hardware specifications needed to produce an open source driver. After all, isn't their bread and butter the hardware itself?

Hardware *was* those companies' bread and butter a long time ago, when hardware was a big bunch of complicated dedicated chip cummunicating together. All the secret was in the hardware. And due to the diversity of OSes back then, a company had better to show specification in order to catch more market (An old ATI SVGA card I had back then was packaged together with complete register specifications so one could hack it's own drivers in adition to the few packaged in (Windows, AutoCAD, etc.)).

Today, hardware is mostly a third party chip slapped on a reference board. The company that sells them (like D-Link) get the chip and the drivers in the same package (like, say, from realtek) they don't develop anything and thus don't have anything to document.
And nowadays, more and more of those chips aren't dedicated chip, but in fact some highly programmable chip with somewhat customized IO ports and special hardware (connectors, antenas, etc.) connected to the Port. Most of the magic is in the drivers and the firmware (look at how much gizmo - like routers - today are a plain SoC with special IO. Some run linux, most run secret software). And such chip producer have a lot of incentive NOT publish standarts, because :

• voluntary product limitations and/or segmentation (some /. mentionned the signal power limitation. I may mention the number of computer that can be connected to a xDSL modem) may more often be limitations in the drivers and/or firmware. By making it open, chip maker will enable user to remove such limitations and exploit their hardware to its full potential, THUS REMOVING THE POSSIBILITY TO EARN MORE CASH by selling them a more expensive version without the limitations. (just have a look on all "I converted my dual controller to Full RAID or converted my plain celeron to SMP capable, just by flashing and/or rewiring a pin"-type of guide that you can find all over the internet).

• a lot of bugs and such other limitations may not be due to br0ked hardware, but circumvention around the bugs may be done in the firmware and/or the drivers. Making the drivers and/or specification available will enable the users to circumvent the bugs, THUS REMOVING THE POSSIBILITY TO EARN MORE CASH by removing the incentive that users have to buy a newer fixed version of the same hardware they already have paid for

• Because the chip are rather multi-purpose, opening the specification, firmware and/or drivers would enable users to hack their hardware and find new creative and useful way to use the hardware, in ways which wasn't intended initially by the creators, THUS REMOVING THE POSSIBILITY TO EARN MORE CASH by selling a new different product to do the new activity to users who already bought before the same hardware for another purpose under a different product name. (As a counter exemple just look at what hapenned with the small WiFi-enabled routers that run linux. Since the system is open, users group found a lot of creative way to abuse the hardware, like giving it mesh ability, or converting to a low-power war-driving box, etc. Excpet that Linksys and other using the same design understood the oportunity and even started selling "deluxe" box with more memory and CPU speed to attract more hackers to buy the product)

• As the magic is more in the software than in the hardware, there's a risk that user and competitor realise that 99% of the processing is done in software on the CPU and the last 1% could be swapped with any other similar hardware from other manufacturer, THUS REMOVING THE POSSIBILITY TO EARN CASH by selling this 1% themselve. (as an example see the WinModems who only were glorified sound cards with most decoding work done in the CPU. The same could be done wit