VIDEO: Researchers at DefCon reveal the truth behind how ProxyHam technology works, enabling an attacker to proxy traffic wirelessly over a long distance.
LAS VEGAS—Part of the drama at any Black Hat or DefCon security conference in any given year usually revolves around a talk that is cancelled for some mysterious reason, typically over fears that it could reveal something truly disruptive. Such is the case in 2015 at DefCon with a talk called ProxyHam, which was supposed to reveal technology that could enable an attacker to wireless proxy traffic over long distances, hiding their true location.
The original ProxyHam talk was also set to be accompanied by the sale of ProxyHam devices that could have enabled purchasers to conduct the wireless proxy attack at their leisure. Speculation around why the ProxyHam talk was cancelled involved theories that the Federal Communications Commission got the talk cancelled, though that has never officially been confirmed or denied.
While the ProxyHam talk was cancelled, it has been replaced, by a talk set to be delivered at 4 p.m. PT at DefCon and titled “HamSammich—long-distance proxying over radio” in which security researchers Robert Graham, CEO of Errata Security, and David Maynor, chief scientist at Bastille Networks, will reveal how ProxyHam works and how it can be built using off-the-shelf technology today.
In an exclusive video interview with eWEEKprior to the talk, Graham and Maynor detail the technology and its shortcomings, as well as suggestions for how an organization can attempt to protect itself from a ProxyHam-type risk.
“With ProxyHam, the idea was to take a little box, hide in a bar or a Starbucks, tap into their WiFi and then use a long-distance point-to-point link in order to tap in remotely from many miles away to the bar’s WiFi network,” Graham told eWEEK.
The technique that ProxyHam uses involves the use of a Raspberry Pi device and a large antenna. The HamSammich approach does the same thing in terms of long-distance proxy, but with an off-the-shelf WiFi router and a 900MHz radio transmitter that, according to Graham and Maynor, can be used legally within the confines of FCC regulations. The promise of using 900MHz is that it’s a piece of radio spectrum that is typically not monitored by organization. The challenge is that it generally requires line of sight, meaning that a proxied attacker could likely be easily located as well.
Maynor noted that there was a backlash on social media when the original ProxyHam talk was cancelled.
“Our goal is to show that ProxyHam did not actually enhance security,” Maynor said. “It does the exact opposite, causing more trouble than you can fix.”
Watch the full video discussion of how ProxyHam works with Graham and Maynor below:
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.