A project to build a $200 DIY Wi-Fi router to help whistleblowers hide online just disappeared under bizarre circumstances
ProxyHam (as the device was called) was essentially a router broadcasting on a 900MHz connection, letting the owner - with the right antenna - connect from up to several miles away. It could be stashed in any public place with an internet connection (think library/coffee shop/co-working space) and then utilised by the owner. That way, even if the router itself is tracked down, its owner won't necessarily be discovered.
It was being built by Ben Caudill, founder of security consultancy Rhino Security Labs. Like with any anonymising tool, the potential for abuse by criminals evading law enforcement was obvious. But Caudill framed it as a boon to whistleblowers. Scheduled to formally unveiled at the Las Vegas Defcon conference in August, it was described as the event page like so:
From the US to China and beyond, anonymity on the internet is under fire - particularly for whistleblowers. National interests are pushing for greater control and monitoring of internet content, often invoking harsh punishments for informers and journalists, if caught. While a range of technologies (such as ToR) can provide some level of anonymity, a fundamental flaw still exists: a direct relationship between IP address and physical location. If your true IP is ever uncovered, it's game over - a significant threat when your adversary owns the infrastructure.To resolve this issue, I present ProxyHam, a hardware device which utilizes both WiFi and the 900Mhz band to act as a hardware proxy, routing local traffic through a far-off wireless network - and significantly increasing the difficulty in identifying the true source of the traffic. In addition to a demonstration of the device itself, full hardware schematics and code will be made freely available.Defcon attendees hoping to see ProxyHam are going to be disappointed, however: Caudill's talk has been called off, and the device's development has been abruptly shelved, with no explanation given.On Friday and Saturday, Rhino Security Labs sent out the following tweets:
So what happened? One initial theory was that ProxyHam fell afoul of FCC regulation - but Caudill subsequently told CSO Online that it wasn't FCC intervention that prompted the cancellation. "ProxyHam devices did not break the FCC standards as the 900MHz antennas were capped at the 1-watt limit."
With Rhino Security Labs' Twitter account also ruling out that the project has been sold, speculation is focusing on another possible reason - government intervention. It would explain why Caudill is being so tight-lipped, and why it has stopped so suddenly, despite prior tweets from Rhino Security Labs saying it was "excited to debut next month!"