This $200 DIY WiFi router will make it far easier for whistleblowers (and criminals) to hide online
Devices connecting to the internet have a unique IP address. It's what identifies them to others - but can also be used to track down the device. It's in part why elaborate obfuscation tools like proxies, the Tor network, and VPNs exist, to obscure the user's true IP and location. But down to both technical failure and human error, these tools aren't always perfect.
ProxyHam attempts to add an entirely new layer to attempts to anonymise - by removing the user from the IP address' location. Instead, the router broadcasts on a 900MHz connection, letting the owner - with the right antenna - connect from up to 2.5 miles away. It can then be stashed in any public place with an internet connection, like a library, coffee shop, or co-working space.
If the ProxyHam was then tracked down, its owner could be hidden thousands of meters away in any direction.
ProxyHam - like almost any anonymising security tool - has the potential for abuse by criminals attempting to evade law enforcement. But Caudill, who is the founder of security consultancy Rhino Security Labs, frames the tech as a boon to whistleblowers. It is due to be announced formally at the Def Con conference in Las Vegas next month, and is described on the event page like so:
From the US to China and beyond, anonymity on the internet is under fire - particularly for whistleblowers. National interests are pushing for greater control and monitoring of internet content, often invoking harsh punishments for informers and journalists, if caught. While a range of technologies (such as ToR) can provide some level of anonymity, a fundamental flaw still exists: a direct relationship between IP address and physical location. If your true IP is ever uncovered, it's game over - a significant threat when your adversary owns the infrastructure.
To resolve this issue, I present ProxyHam, a hardware device which utilizes both WiFi and the 900Mhz band to act as a hardware proxy, routing local traffic through a far-off wireless network - and significantly increasing the difficulty in identifying the true source of the traffic. In addition to a demonstration of the device itself, full hardware schematics and code will be made freely available.
Security technologist Micah Lee told Wired that the tech shouldn't be relied upon to keep users safe, but can provide a useful extra step. "It seems like a thing to augment your Tor usage rather than replace it. In that sense, it seems like a good idea," he said. "No matter how many hops over the Internet you use, if there's someone spying on everything, they can connect all the dots. But if one of the hops isn't over the Internet and is instead over a radio link, it'll be a lot harder to connect those dots."
According to Motherboard, Caudill will be selling the device for $200 - cost price - as well as release the source code and blue prints so anyone can build one themselves.