如何用你家喵获取邻居们的WIFI?

How to Use Your Cat to Hack Your Neighbor's WiFi

如何用你家喵获取邻居们的WIFI？

Coco, modeling the WarKitteh collar. (Gene Bransfield)

展示智能宠物项圈的喵模可可

Late last month, a Siamese cat named Coco went wandering in hissuburban Washington, D.C. neighborhood. He spent three hours exploringnearby backyards. He killed a mouse, whose carcass he thoughtfully broughthome to his octogenarian owner, Nancy. And while he was out, Coco mapped dozensof his neighbors’ WiFi networks, identifying four routers that used an old,easily broken form of encryption and another four that were left entirelyunprotected.

上月末，一只叫可可的暹罗猫在他所属的华盛顿哥伦比亚特郊区附近闲逛。他花了三个小时逛完近邻们的后院。然后很贴心的抓了只老鼠带回家孝敬他耄耋之年的老主人南希。可可在外转悠时，顺便对邻居的WiFi做了些调查。他很确定，其中4家路由器太陈旧，相当容易破解，还有4户路由器根本就没有密码。

Unbeknownst to Coco, he’d been fitted with a collar created byNancy's granddaughter's husband, security researcher Gene Bransfield. AndBransfield had built into that collar a Spark Core chip loaded with hiscustom-coded firmware, a WiFi card, a tiny GPS module and a battery —everything necessary to map all the networks in the neighborhood that would bevulnerable to any intruder or WiFi mooch with, at most, some simplecrypto-cracking tools.

可可不知道他脖子上带的项圈，是南希孙女婿安全研究员吉恩·布朗菲尔德设计的。吉恩在项圈中装了星火核心芯片，芯片中有定制编码硬件、WiFi卡、微型GPS模块和电池。对于探测邻居们的网络，了解谁家完全不设防，谁家用简单密码工具就能破解侵入，这些准备很有用。

In the 1980s, hackers used a technique called "wardialing,"cycling through numbers with their modems to find unprotected computers faracross the Internet. The advent of WiFi brought "wardriving," putting ananTenna in a car and cruising a city to suss out weak and unprotected WiFinetworks. This weekend at the DEF CON hacker conference in Las Vegas,Bransfield will debut the next logical step: The "WarKitteh" collar, adevice he built for less than $100 that turns any outdoor cat into aWiFi-sniffing hacker accomplice.

20世纪80年，黑客们有种叫 “战争拨号”的技术，它通过调制解调器，循环搜索数据，不受区域限制的找到互联网中无保护的电脑。WiFi的发明带来了“接入点映射”技术，车内装根天线，然后在城里转悠，立刻就能探测到易破解或不设密无线网。本周末，在拉斯维加斯DEF CON黑客大会上，Bransfield将推介一款逻辑运算新产品：“智能宠物项圈”。他设计的这个装置价格不到100美金，却能够让任何一只室外活动的猫变身WiFi探测器成为黑客帮凶。猫咪Skitzy

Despite the title of his DEF CON talk —"How To Weaponize YourPets"— Bransfield admits WarKitteh doesn't represent a substantial securitythreat. Rather, it's the sort of goofy hack designed to entertain the con'shacker audience. Still, he was surprised by just how many networks tracked by hisdata-collecting cat used WEP, a form of wireless encryption known for more than10 years to be easily broken. "My intent was not to show people where to getfree WiFi. I put some technology on a cat and let it roam around because theidea amused me," says Bransfield, who works for the security consultancyTenacity. "But the result of this cat research was that there were a lotmore open and WEP-encrypted hotspots out there than there should be in 2014."tupian

尽管这回DEF CON黑客大会的主题是——“如何让宠物变成武器”，但布兰斯菲尔德坚信，智能宠物项圈不构成巨大安全威胁。相反，这种趣味设计是为娱乐众黑客。不过，他用喵星人探测使用有限等效保密（WEP）加密技术的网络数据，让他大吃了一惊，因为大家十多年前就知道这种无线加密技术易破解。“我的目的不是让人们知道哪有免费WiFi，只是觉得把探测技术装在猫咪身上，让它带着四处转悠这种想法很好玩。”从事网络安全工作的布兰斯菲尔德说，“但猫咪探测数据显示，很多人不设密或加密技术滞后，已经2014年了不应该还有这么多人忽视网络安全。”

In his DEF CON talk, Bransfield plans to explain how anyone canreplicate the WarKitteh collar to create his own WiFi-spying cat, a featthat's only become easier in the past months as the collar's Spark Core chiphas become easier to program. Bransfield came up with the idea offeline-powered WiFi reconnaissance when someone attending one of his securitybriefings showed him a GPS collar designed to let people locate their pets bysending a text message. "All it needed was a WiFi sniffer," he says. "I thoughtthe idea was hilarious, and I decided to make it."

黑客大会演讲中，布兰斯菲尔德准备讲解如何复制智能宠物项圈，打造自家WiFi探测猫。这项壮举花了数个月才完成，因为星火核心程序容易编写。曾经有个人在安全简报会上向他展示了一个发射信号定位宠物GPS的项圈，布兰斯菲尔德就是那时候冒出用猫进行无线探测想法的。“它所需要的不过是一个WiFi嗅探器，”他说，“我认为这个想法很有意思，所以我决定做一个。”

His first experiment involved hiding an HTC Wildfire smartphone inthe pocket of a dog jacket worn by his co-worker's tabby, Skitzy. Skitzyquickly managed to worm out of the jacket, however, losing Bransfield's gear."It was a disaster," he says. "That cat still owes me a phone."

首次实验中，他把一个HTC野火智能手机藏在宠物外套口袋里，然后给他的虎斑猫搭档Skitzy穿上。但是Skitzy很快就甩掉外套，搞丢了布兰斯菲尔德的装置。“那简直是场灾难，”他说，“那只猫欠我一部手机。”智能项圈原件线路同美元尺寸对照

Bransfield spent the next months painstakingly creating theWarKitteh, using Spark's Arduino-compatible open source hardware and enlistingNancy to sew it into a strip of cloth. When he finally tested it on Skitzy,however, he was disappointed to find that the cat spent the device’s entirebattery life sitting on his co-worker's front porch.

接下来的几个月里，布兰斯菲尔德呃精力都放在了打造智能宠物项圈上。南希帮他把原件缝进了布条里，然后戴在Skitzy身上测试。但是，Skitzy令他失望了，猫咪坐前廊上不动弹，一直到电池没电。

Coco turned out to be a better spy. Over three hours, he revealed23 WiFi hotspots, more than a third of which were open to snoops or usedcrackable WEP instead of the more modern WPA encryption. Bransfield mappedthose networks in a program created by an Internet collaborator, usingGoogle Earth's API. The number of vulnerable access points surprisedBransfield; he says that several of the WEP connections were Verizon FiOSrouters left with their default settings unchanged.

结果显示，可可是只出色的间谍猫。三个多小时里，他探测了23个WiFi点情况，发现超过三分之一的点完全对外开放，或只是使用易破解的WEP而非更先进的WPA加密技术。布兰斯菲尔德将这些网络点通过谷歌地球的应用程序接口（API）在由英特网合作创建的程序中绘制出来，安全防护薄弱的网点数量之多令人吃惊。布兰斯菲尔德说，少数WEP连接点是默认威瑞森公司光纤路由器出厂设置的。

Though he admits his cat stunt was mostly intended to entertainhimself, he hopes it might make more users aware of privacy lessons those inthe security community have long taken for granted. "Cats are more interestingto people than information security," Bransfield says. "If people realize thata cat can pick up on their open WiFi hotspot, maybe that's a good thing."

虽然他承认猫咪探长主要是为了娱乐自己，但也希望能让更多人认识到，在高安全度的社区也应该注意隐私保护。“对人们来说猫咪比信息安全有趣。”布兰斯菲尔德说。“如果人们能够意识到连猫咪都能打开他们的WiFi，这未必不是件好事。”