

Hidden device distorts news at hotspots - nav
http://newstweek.com/2011-01-07-device-distorts-news-on-wireless-neworks

======
pyre
Try clicking around on that site. Most of the links all just go to
'newstweek.com' and none of what are apparently meant to look like links on
the frontpage actually go anywhere. The only page that actually functions is
the 'article' page. The only links on the page go to:

* <http://hotglue.org/>

* <http://julianoliver.com/>

* <http://k0a1a.net/>

Both of the photos of the supposed perpetrators link to the home pages of the
same guys that are in the Copyright notice at the bottom of the page. So far
as I can tell this is a total hoax.

~~~
jsdalton
Yeah, it's also called "Newstweek" and it's clearly a replica of the Newsweek
website (<http://www.newsweek.com/>).

So, it's definitely a hoax/satire. It's just kind of not really very funny..

------
vietor
Is there any outside information on this? At first glance it looks like a
complete hoax.

The supposed story about it is hosted on the homepage of the device in
question, and I see no other hits for it on Google.

Edit: It looks like ibejoeb has the right of it. It is a hoax in the in the
stunt/prank/hype/performance art manner, rather than the malicious deception
sort.

~~~
westbywest
Agreed, this looks like hype.

Still, the hardware (a Sheeva Plug?) and consequent hack described is very
possible, tho I understand that setting up a man-in-the-middle DHCP server to
override that on the public hotspot is more straightforward.

~~~
vietor
I completely agree that it could be an actual thing.

From a hardware and security perspective it is, as you say, all of the shelf
hardware and techniques, ARP poisoning vs. MitM DHCP server have tradeoffs
which have slipped from memory, but you can basically go either way.

The doubt is entirely about the hype and false appearance of a third party
news story.

Maybe the intent is to highlight the problems with using unencrypted HTTP? I
can dream that it's a well intentioned stunt can't I?

------
jroes
Definitely looks like a joke given the BusyBox banner.

However, the technology described is something that is completely technically
possible -- ARP spoofing on an open wireless network and performing MITM
content modification.

------
pingswept
How the devil did this get injected into Hacker News! <checks plug>

------
joshwa
c.f. <http://www.ex-parrot.com/pete/upside-down-ternet.html>

~~~
pyre
I don't know if that's the original, but there have been many such 'pranks.'
IIRC there was a video circulating a while ago showing the reactions of people
at DEFCON who had their connection hijacked to redirect to goatse (or was it
all of the images were replaced with the goatse guy, I can't remember full).

~~~
joshwa
Appears to date to 2006. Goatse prank in 2004. You win :)

------
JoshCole
If this wasn't a joke, this would be way wrong. This article is so focused on
the computer aspect of getting away with this that they forget the physical
world. There is such a thing as a camera and if your going to be going about
installing this at enough locations to be meaningful, enough information will
eventually come out to get you caught. Moreover, once a device like this began
to scare people enough to enter the news, people would find it near the
hotspot and its threat would be neutralized.

------
micheljansen
This is obviously some kind of awareness campaign, but it makes me wonder
where the joke ends. Did anyone actually make the device (it certainly is
possible) or is it just a hoax news article?

This made me laugh though:

"a Nokia N900 phone turned in at a police station in the area had a number of
images of the device on board, along with these two photos, taken just minutes
after one installation in a large Starbucks in the central suburb of Mitte,
east Berlin. Note the black hat worn by what may be a colleague in the first
photograph."

~~~
uxp
If I'm not mistaken, the second photograph of the Asian man is the one taken
by authorities of a man who boarded a plane as an old man, then removed his
mask and by the time the plane landed, he was young:

[http://www.news.com.au/travel/news/old-man-boards-plane-
leav...](http://www.news.com.au/travel/news/old-man-boards-plane-leaves-a-
young-man/story-e6frfq80-1225948618084)

I have no idea what the first picture is originally from. I don't recall any
recent stories of anyone replacing their head with a Rubik's Cube.

------
amoore
What a device! I think the network here may be affected because I've noticed
~NOTHING UNUSUAL WHATSOEVER~ when reading the news here.

------
iamgoat
"In a rush to leave I reached under the chair to pull out my laptop plug and
accidentally knocked this little box to the floor. I plugged it back in and
apologised to the cafe owners. They said they'd never seen it before.."

Reads just like a bad movie script.

------
daten
The hardware to do this exists. <http://www.tonidoplug.com/>

Edit: This example may lack wireless, but it's close. Anyone know of better
examples?

~~~
brk
The Guruplug has wifi:
[http://www.globalscaletechnologies.com/t-guruplugdetails.asp...](http://www.globalscaletechnologies.com/t-guruplugdetails.aspx)

I have a few, they're pretty cool.

------
pr0zac
I really love their reference to running arpspoof as "a sophisticated
modification of the Address Resolution Protocol Table" as opposed to "brute
force flooding of the Address Resolution Protocol Table".

------
ggordan
Looking at the 'most popular' section, it's clear that it's a joke.

------
adolph
If it replaced/injected advertising--that would be believable.

------
alanpca
This looks like some hype for the forthcoming "Black Hat News Network"
advertised on the same page. The article looks like it was written by the site
directly.

------
dedward
I'm a bit skeptical of the facts - but there's nothing really hard about this
- this could easily be built and do exactly what it claims to do.

------
blinkingled
Assuming it's not an hoax - this wouldn't work if WiFi hotspots used WPA2 with
same password as the SSID or something known to everyone.

~~~
trotsky
It's obviously a joke, but ARP spoofing to mitm your gateway will easily work
on a WPA2 network, WPA2-enterprise or even a wired network. This isn't passive
eavesdropping.

~~~
blinkingled
Got it, thanks. SSL enabled sites would not be vulnerable to this so the
impact of this attack is limited, no?

~~~
trotsky
It's a decent approach, though in most cases like that an sslstrip type of
attack would still fool a majority. A certificate based VPN may be the most
practical client only defense.

Engineering wise this is really a problem to solve at the local LAN, employing
individual vlans or other techniques to strictly segment traffic on top of
encryption, or simply implementing port based network access control via
802.1x.

------
naner
What is this some kind of satire site?

------
teilo
Newstweek.com is obviously a parody site. Reddit material. Just ignore this,
or better yet, flag it.

------
wizard_2
I love how this is all possible albeit not practical.

------
meeech
maybe its a how-to disguised as a news/fake article? others have commented
that it seems technically possible whats being described.

