
Terrorists build Wi-Fi bombs to dodge cops' cellphone jammers - LinuxBender
https://www.theregister.co.uk/2019/05/17/wifi_bomb_trigger/
======
mikestew
I would suppose it's a matter of time until APRS [0] over amateur radio bands
is figured out. Send whatever message you want, range with hand-held devices
of several miles. Now you get to try and jam everything from 144Mhz to the
multi gigahertz range. I do wonder if a lack of implementation is technical
knowledge or the fact that APRS-capable equipment is a bit more pricey than a
burner phone.

As sibling comment points out, sending a trigger signal without wires over
distance is a problem that has already been solved many ways. It's going to
take a lot of fingers to plug the holes in that dike.

[0]
[https://en.wikipedia.org/wiki/Automatic_Packet_Reporting_Sys...](https://en.wikipedia.org/wiki/Automatic_Packet_Reporting_System)

~~~
dogma1138
Phones are easy because they make the triggering mechanism very easy just
connect the headset output to a relay and boom.

WiFi requires more work as you actually need to do some “coding” and likely
use some tiny SBC with a GPIO that can be triggered over WiFi. Radio is again
the same thing and can be even harder since you also need to build a
transmitter and figure out a way to prevent accidental detonation so you need
a specific trigger code to be sent over the radio and then decoded.

The harder it becomes the fewer people out there that could make a bomb, and
the harder it becomes the more equipment you’ll need which again puts more
restrictions on making these devices in quantity.

~~~
mikestew
I'm beginning to think that the error in my thinking is that the terrorist
population is smaller than I might think. For instance, I don't find my APRS
"solution" terribly complicated or outlandish with a minimum of technical
knowledge and access to the internet. But that's "given a population of X,
there will be Y people already capable, or able to be trained, of doing this".
My X, Y, or maybe both, are obviously too big. That, and of course
"terrorists" is not a single population, so the data sets become small and
scattered.

So in combination with your insight, I'm saying "yeah, but it only takes a few
people to figure it out", and it sounds like you're saying, "finding those few
is harder than you think".

~~~
dogma1138
It doesn't matter how easy it is, but putting even a tiny barrier makes it
that much harder.

Cellphones are dual use technology you can't ban them, and while it's hard to
band esp8266's not to mention every other microcontroller / SBC with WiFi it's
a sure as a hell a lot more easier to do than cellphones.

Also if you are caught with a cellphones in say the tribal regions of
afghanistan heck even if you are caught with a truck of them it's much harder
to prove that this is for IED's than people.

So you are replacing a very easily sourced item with plausible deniability
with an item that needs to be specifically imported.

You also then replace the interface between both the radio trigger and the
bomb and the person who would detonate it and the bomb.

The first part now requires understanding of microcontrollers and a PC to
program them now even if you say that most bomb makers could learn that or
already know how to make it it's still puts some restrictions on it.

You also now need a computer which you didn't need before.

And as the bomb can no longer be activated by a simple phonecall which can be
made anywhere in the world and from any phone you also need to build a
dedicated transmitter.

This reduces the plausible deniability of the person who would in the end
trigger the bomb, introduces another point of failure which can't be replaced
in the field by asking the local shisha shop for a phone call and can
introduce another signature of the bomb maker into the equation which can make
apprehension more likely.

While I'm sure considering just how many bomb makers are engineers, many of
which were educated by western universities they could figure out how to turn
a raspberry pi into a trigger, but it's still going to be harder to do than
with a cellphone so fewer bombs would be made, fewer bombs might detonate and
in the end adding this additional complexity and items that are ironically
easier to track than cellphones in say the tribal regions of pakistan or the
iraqi desert would result in more bomb makers getting caught.

I still remember that when the iPhone was announced we were joking that this
would be the end of IEDs if every phone in the world would become a $1000 (i
don't remember the figure we used) smartphone it would cost too much to make
these and as the battery would last you half a day on standby and the
reception sucks balls you couldn't count on it for shit. At some point we also
joked about Nokia should just market their "can use me as a brick in a case of
emergency" phones directly to terrorists to get out of their financial
troubles.

But jokes aside it wouldn't surprise me if at this point if half of the early
to mid 2000's Nokia phones ever made turned up eventually in Pakistan,
Afghanistan and Iraq.

~~~
tssva
No understanding of microcontrollers, a PC to program them or a specially
constructed transmitter is needed.

A cheap esp8266 powered sonoff switch is set to go. The bomb maker just needs
to solder the incoming and outgoing lines to clearly marked spots on the
board. The switch paired with the eWeLink app on an old throw away Android
phone and then the bomb can be set off from anywhere in the world.

------
duxup
It sounds like you'd often still have to set up some repeaters and such.

If these are indiscriminate attacks I'm surprised they wouldn't eventually
just go with the old fashioned mechanical timers. I remember stories of
washing machine mechanisms being gathered up to use as timers.

~~~
otoburb
>> _It sounds like you 'd often still have to set up some repeaters and such._

Absolutely correct. Looks like the police acknowledged the difficulty but are
still rightfully worried:

>> _Even though Wi-Fi will not travel as far as some cellphone signals, the
police said that a careful construction of_ routers and amplifiers can extend
the range as far as one kilometer _. Which, while it may be news to people
that deal with dead spots in their own house, is alarming to security forces
trying to secure large areas full of people._

------
retSava
Not really the best way going forward, jamming. Working around it is too easy.

Cent-cost radio parts are widely available and are easy to build with. Trying
to jam the entire band from 100 MHz to 2.5 GHz is fruitless. A terrorist
doesn't care about duty cycle limits or throughput, nor out-of-band emissions.
A single packet successfully received is all it takes. Literally a packet of
death.

------
HNLurker2
Comment section:
[https://forums.theregister.co.uk/forum/all/2019/05/17/wifi_b...](https://forums.theregister.co.uk/forum/all/2019/05/17/wifi_bomb_trigger/)

------
throwaway743
Couldn't the cops pull off an easy deauth attack on any wifi signals in the
area?

~~~
h4waii
And if the logic is to fire when it's disconnected from the client? AKA, when
I walk far enough away from danger, trigger.

~~~
throwaway743
Ah, fair enough

------
altmind
Terrorists can use any radio technology to evade cellphone jammers: 6LowPAN,
Zigbee, Lora, even plain FM radio modulation. There is no substance in this
article.

------
NikkiA
Time to ban pringle cans, I guess.

