如何用你家喵獲取鄰居們的WIFI?

How to Use Your Cat to Hack Your Neighbor's WiFi

如何用你家喵獲取鄰居們的WIFI？

Coco, modeling the WarKitteh collar. (Gene Bransfield)

展示智能寵物項圈的喵模可可

Late last month, a Siamese cat named Coco went wandering in hissuburban Washington, D.C. neighborhood. He spent three hours exploringnearby backyards. He killed a mouse, whose carcass he thoughtfully broughthome to his octogenarian owner, Nancy. And while he was out, Coco mapped dozensof his neighbors’ WiFi networks, identifying four routers that used an old,easily broken form of encryption and another four that were left entirelyunprotected.

上月末，一隻叫可可的暹羅貓在他所屬的華盛頓哥倫比亞特郊區附近閒逛。他花了三個小時逛完近鄰們的後院。然後很貼心的抓了只老鼠帶回家孝敬他耄耋之年的老主人南希。可可在外轉悠時，順便對鄰居的WiFi做了些調查。他很確定，其中4家路由器太陳舊，相當容易破解，還有4戶路由器根本就沒有密碼。

Unbeknownst to Coco, he’d been fitted with a collar created byNancy's granddaughter's husband, security researcher Gene Bransfield. AndBransfield had built into that collar a Spark Core chip loaded with hiscustom-coded firmware, a WiFi card, a tiny GPS module and a battery —everything necessary to map all the networks in the neighborhood that would bevulnerable to any intruder or WiFi mooch with, at most, some simplecrypto-cracking tools.

可可不知道他脖子上帶的項圈，是南希孫女婿安全研究員吉恩·布朗菲爾德設計的。吉恩在項圈中裝了星火核心芯片，芯片中有定製編碼硬件、WiFi卡、微型GPS模塊和電池。對於探測鄰居們的網絡，瞭解誰家完全不設防，誰家用簡單密碼工具就能破解侵入，這些準備很有用。

In the 1980s, hackers used a technique called "wardialing,"cycling through numbers with their modems to find unprotected computers faracross the Internet. The advent of WiFi brought "wardriving," putting anantenna in a car and cruising a city to suss out weak and unprotected WiFinetworks. This weekend at the DEF CON hacker conference in Las Vegas,Bransfield will debut the next logical step: The "WarKitteh" collar, adevice he built for less than $100 that turns any outdoor cat into aWiFi-sniffing hacker accomplice.

20世紀80年，黑客們有種叫 “戰爭撥號”的技術，它通過調制解調器，循環搜索數據，不受區域限制的找到互聯網中無保護的電腦。WiFi的發明帶來了“接入點映射”技術，車內裝根天線，然後在城裏轉悠，立刻就能探測到易破解或不設密無線網。本週末，在拉斯維加斯DEF CON黑客大會上，Bransfield將推介一款邏輯運算新產品：“智能寵物項圈”。他設計的這個裝置價格不到100美金，卻能夠讓任何一隻室外活動的貓變身WiFi探測器成爲黑客幫兇。貓咪Skitzy

Despite the title of his DEF CON talk —"How To Weaponize YourPets"— Bransfield admits WarKitteh doesn't represent a substantial securitythreat. Rather, it's the sort of goofy hack designed to entertain the con'shacker audience. Still, he was surprised by just how many networks tracked by hisdata-collecting cat used WEP, a form of wireless encryption known for more than10 years to be easily broken. "My intent was not to show people where to getfree WiFi. I put some technology on a cat and let it roam around because theidea amused me," says Bransfield, who works for the security consultancyTenacity. "But the result of this cat research was that there were a lotmore open and WEP-encrypted hotspots out there than there should be in 2014."tupian

儘管這回DEF CON黑客大會的主題是——“如何讓寵物變成武器”，但布蘭斯菲爾德堅信，智能寵物項圈不構成巨大安全威脅。相反，這種趣味設計是爲娛樂衆黑客。不過，他用喵星人探測使用有限等效保密（WEP）加密技術的網絡數據，讓他大吃了一驚，因爲大家十多年前就知道這種無線加密技術易破解。“我的目的不是讓人們知道哪有免費WiFi，只是覺得把探測技術裝在貓咪身上，讓它帶着四處轉悠這種想法很好玩。”從事網絡安全工作的布蘭斯菲爾德說，“但貓咪探測數據顯示，很多人不設密或加密技術滯後，已經2014年了不應該還有這麼多人忽視網絡安全。”

In his DEF CON talk, Bransfield plans to explain how anyone canreplicate the WarKitteh collar to create his own WiFi-spying cat, a featthat's only become easier in the past months as the collar's Spark Core chiphas become easier to program. Bransfield came up with the idea offeline-powered WiFi reconnaissance when someone attending one of his securitybriefings showed him a GPS collar designed to let people locate their pets bysending a text message. "All it needed was a WiFi sniffer," he says. "I thoughtthe idea was hilarious, and I decided to make it."

黑客大會演講中，布蘭斯菲爾德準備講解如何複製智能寵物項圈，打造自家WiFi探測貓。這項壯舉花了數個月才完成，因爲星火核心程序容易編寫。曾經有個人在安全簡報會上向他展示了一個發射信號定位寵物GPS的項圈，布蘭斯菲爾德就是那時候冒出用貓進行無線探測想法的。“它所需要的不過是一個WiFi嗅探器，”他說，“我認爲這個想法很有意思，所以我決定做一個。”

His first experiment involved hiding an HTC Wildfire smartphone inthe pocket of a dog jacket worn by his co-worker's tabby, Skitzy. Skitzyquickly managed to worm out of the jacket, however, losing Bransfield's gear."It was a disaster," he says. "That cat still owes me a phone."

首次實驗中，他把一個HTC野火智能手機藏在寵物外套口袋裏，然後給他的虎斑貓搭檔Skitzy穿上。但是Skitzy很快就甩掉外套，搞丟了布蘭斯菲爾德的裝置。“那簡直是場災難，”他說，“那隻貓欠我一部手機。”智能項圈原件線路同美元尺寸對照

Bransfield spent the next months painstakingly creating theWarKitteh, using Spark's Arduino-compatible open source hardware and enlistingNancy to sew it into a strip of cloth. When he finally tested it on Skitzy,however, he was disappointed to find that the cat spent the device’s entirebattery life sitting on his co-worker's front porch.

接下來的幾個月裏，布蘭斯菲爾德呃精力都放在了打造智能寵物項圈上。南希幫他把原件縫進了布條裏，然後戴在Skitzy身上測試。但是，Skitzy令他失望了，貓咪坐前廊上不動彈，一直到電池沒電。

Coco turned out to be a better spy. Over three hours, he revealed23 WiFi hotspots, more than a third of which were open to snoops or usedcrackable WEP instead of the more modern WPA encryption. Bransfield mappedthose networks in a program created by an Internet collaborator, usingGoogle Earth's API. The number of vulnerable access points surprisedBransfield; he says that several of the WEP connections were Verizon FiOSrouters left with their default settings unchanged.

結果顯示，可可是隻出色的間諜貓。三個多小時裏，他探測了23個WiFi點情況，發現超過三分之一的點完全對外開放，或只是使用易破解的WEP而非更先進的WPA加密技術。布蘭斯菲爾德將這些網絡點通過谷歌地球的應用程序接口（API）在由英特網合作創建的程序中繪製出來，安全防護薄弱的網點數量之多令人吃驚。布蘭斯菲爾德說，少數WEP連接點是默認威瑞森公司光纖路由器出廠設置的。

Though he admits his cat stunt was mostly intended to entertainhimself, he hopes it might make more users aware of privacy lessons those inthe security community have long taken for granted. "Cats are more interestingto people than information security," Bransfield says. "If people realize thata cat can pick up on their open WiFi hotspot, maybe that's a good thing."

雖然他承認貓咪探長主要是爲了娛樂自己，但也希望能讓更多人認識到，在高安全度的社區也應該注意隱私保護。“對人們來說貓咪比信息安全有趣。”布蘭斯菲爾德說。“如果人們能夠意識到連貓咪都能打開他們的WiFi，這未必不是件好事。”