DARPA Funding a $50 Drone-Droppable Spy Computer 86
Sparrowvsrevolution writes "At the Shmoocon security conference, researcher Brendan O'Connor plans to present the F-BOMB, or Falling or Ballistically-launched Object that Makes Backdoors. Built from just the disassembled hardware in a commercially-available PogoPlug mini-computer, a few tiny antennae, eight gigabytes of flash memory and some 3D-printed plastic casing, the F-BOMB serves as 3.5"-by-4"-by-1" spy computer. With a contract from DARPA, O'Connor has designed the cheap gadgets to be spy nodes, ready to be dropped from a drone, plugged inconspicuously into a wall socket, (one model impersonates a carbon monoxide detector) thrown over a barrier, or otherwise put into irretrievable positions to quietly collect data and send it back to the owner over any available Wi-Fi network. O'Connor built his prototypes with gear that added up to just $46 each, so sacrificing one for a single use is affordable."
Not welcome (Score:1, Insightful)
I hope we never meet. People who build stuff for the military are not welcome here. No, it's not cool that "one of us" gets DARPA funding. Security researcher? Arms dealer!
Re:Report over WiFi??? (Score:4, Insightful)
An interesting use for Raspberry Pi (Score:2, Insightful)
The article doesn't say, but I suspect the computer is Raspberry Pi. Throw in a cellphone-based modem, camera, and microphone and you've got yourself a spy.
Re:Report over WiFi??? (Score:5, Insightful)
Sure, just like it's normal to take things that drop out of the sky and plug them into the wall.
Yup, that's normal.
According to a test run by Homeland Security:
Computer disks and USB sticks were dropped in parking lots of government buildings and private contractors, and 60% of the people who picked them up plugged the devices into office computers. And if the drive or CD had an official logo on it, 90% were installed.
Borrowed from Bruce Schneier ( http://www.schneier.com/blog/archives/2011/06/yet_another_peo.html [schneier.com] )
WTF (Score:3, Insightful)
If we can make tracking devices that we use on whales, sharks, bears, etc, that are self powered, unobtrusive to the animal, and auto-upload to satellite or base station, we have to rely on some twerp plugging in the device -and- for free WiFi to be available for a military device? Pshaw.
And people complain about dropping DARPA funding. With idiotic projects like this we damn sure should.
Re:Report over WiFi??? (Score:5, Insightful)
Also Borrowed from the same source:
The problem is that the OS trusts random USB sticks. The problem is that the OS will automatically run a program that can install malware from a USB stick. The problem is that it isn't safe to plug a USB stick into a computer.
To which the proper response is:
The problem is the operating system you've chosen Mr. Schneier.
Re:Report over WiFi??? (Score:2, Insightful)
You know Mr. Schneier doesn't actually get to choose the OS for every machine in the world (much as he might like to), right? As long as some people (most of whom are neither the famous security analyst Bruce Schneier, nor any other Mr. Schneier) do in fact choose Windows for real installations, that makes Windows's trust of random USB sticks a real problem. What sort of security analyst do you suppose sticks their head in the sand?
Moreover, whatever OS you'd favor (I'd guess Linux, though with a 5-digit UID you've probably actually heard of other free *N*Xen) is likely vulnerable as well. No, not to the simple autorun approach, since it doesn't trust filesystems -- but it probably does trust USB sticks plugged in. Say the USB stick contains a hub, a mass storage device, and an HID* -- can you tell me your favored OS, in a typical desktop config, will not accept keystrokes and pointer commands from the HID?
* I'm sure it's obvious, but the HID could either inject a stored keystroke sequence (e.g. to download an exploit from the internet), or receive remote commands via RF -- combine with a TEMPEST rig to maximize shits and giggles.
Re:Not welcome (Score:2, Insightful)