00:00:00
when we heard the Canadian government
00:00:01
was moving to B hacking tools like this
00:00:04
one we sprung into action buying as many
00:00:06
of them as we could while we still
00:00:08
couldn't guys some of this stuff is
00:00:10
flipping wild like this electromagnetic
00:00:13
fault injector which
00:00:16
basically EMP bombs anything that you
00:00:19
pointed at how she doing oh whoopsy
00:00:22
Doodles but there was one device that
00:00:25
stood out from the rest all the Jammers
00:00:27
sniffers looters and tutors that hack
00:00:30
rf1 with the portter PAC H2 Mayhem
00:00:33
Edition now being a decade old radio
00:00:36
transceiver you'd think it's got to be
00:00:37
pretty outdated by now but thanks to its
00:00:40
robust developer ecosystem open- Source
00:00:42
design and ample tutorials for users of
00:00:45
any level the hack rf1 has turned into a
00:00:47
virtually unmatched Wireless hacking
00:00:50
Swiss army knife it's capable of
00:00:52
stealing a car breaking into a house
00:00:54
stampeding cattle through the Vatican
00:00:56
and even creating a small pirate FM
00:00:59
radio station that plays skibbidy toilet
00:01:01
on Loop but how exactly is this being
00:01:04
used by nefarious and law-abiding people
00:01:07
alike should it be banned and what would
00:01:10
that even look like well we have some
00:01:12
ideas just like we have some ideas on
00:01:15
how to Segway to our sponsor next too
00:01:18
say hello to the hello cam Pro and give
00:01:20
your setup an upgrade thanks to its
00:01:22
1080p 60 frames per second resolution
00:01:25
and windows hello facial recognition
00:01:27
learn more using our Link in the
00:01:29
description and Next To
00:01:36
[Music]
00:01:40
Go part of this device's superpower is
00:01:43
its ability to read and transmit radio
00:01:45
signals and I already know what you're
00:01:47
thinking so could my grandpa's TransAm
00:01:50
but Pea's whip was limited in both the
00:01:52
frequencies that it could tune into and
00:01:55
in how it could use them not so for us
00:01:59
with the right setup we can detect and
00:02:01
even glean useful information from radio
00:02:04
signals that you probably didn't even
00:02:06
know existed like the ones coming from
00:02:08
this display cable it's stuck in
00:02:11
grayscale but look at this you can
00:02:14
totally make out what this person is
00:02:16
doing on their screen this style of
00:02:18
eavesdropping is called then e freaking
00:02:21
and was first outlined in a 1985 paper
00:02:23
by its namesake whim van e of course
00:02:26
that was 40 years ago surely Modern
00:02:30
Display protocols protect against this
00:02:32
kind of snooping
00:02:34
right right well as long as you're
00:02:37
talking about display port VGA DVI and
00:02:41
yes even HDMI can all be monitored pun
00:02:45
intended with the hack RF provided that
00:02:48
you are within range how far is that
00:02:50
range well for our relatively small
00:02:54
omnidirectional antenna we're looking at
00:02:55
inches rather than meters but in his
00:02:58
original paper on the topic Vanek was
00:03:01
able to spy on a CRT display several
00:03:03
hundred meters away using a directional
00:03:06
FN antenna similar to the kind that was
00:03:08
found on home rooftops in the 20th
00:03:10
century I mean sure that was an analog
00:03:12
signal coming from a type of display
00:03:14
that oozed radiation but modern
00:03:17
techniques aren't that far off just a
00:03:20
few weeks ago researchers in Uruguay
00:03:23
managed to train an AI to descramble
00:03:26
images at much greater ranges now the
00:03:29
quality of these images not to mention
00:03:31
the model's likelihood to hallucinate
00:03:33
have yet to be seen let's not forget the
00:03:35
Samsung pictures of the Moon debacle but
00:03:38
this still has major implications for
00:03:40
people who are working with highly
00:03:42
sensitive information luckily most
00:03:44
people aren't in possession of
00:03:46
information that's worth stealing at
00:03:47
least not while it's this much effort to
00:03:49
do so but what most people do have is
00:03:52
material things like this and this and
00:03:57
this and what's very little effort is
00:04:00
using the hack rf1 to sneak past a
00:04:03
wireless security
00:04:05
camera whether they're for Wi-Fi car
00:04:08
keys or cell phones Jammers all work
00:04:10
roughly the same
00:04:12
way by sending out as much junk traffic
00:04:15
as possible at the same frequency to
00:04:18
mask or disrupt legitimate traffic kind
00:04:20
of like shouting between two people
00:04:23
trying to have a conversation and the
00:04:25
portter pack interface when it's updated
00:04:27
with the jamming software plugin makes
00:04:29
makes jamming terrifyingly easy Once you
00:04:32
know the channel a device is using which
00:04:34
you can often find with the hack rf1 all
00:04:37
you need to do is Click transmit Jammer
00:04:40
select the channel from a list and hit
00:04:42
go now obviously a GoPro would be a
00:04:46
pretty odd choice for a security camera
00:04:48
but our point is that this kind of
00:04:51
technique is useful
00:04:54
aha on pretty much any Wi-Fi camera and
00:04:58
unless it has local storage for backup
00:05:01
that's exactly what's going to happen
00:05:04
you're going to get if anything little
00:05:08
bits and pieces of what's going on
00:05:10
that's one of the main reasons that we
00:05:12
avoid wireless security cameras here at
00:05:14
the office now this type of jamming is
00:05:18
illegal in most countries including
00:05:20
Canada so you can safely assume that
00:05:22
everything you just saw was movie Magic
00:05:24
and was shot in a Brazilian jail
00:05:27
Romanian one got to go
00:05:30
the question that must be in your mind
00:05:32
now then is why don't they just ban
00:05:35
these things well as I mentioned before
00:05:38
the Canadian government is certainly
00:05:39
trying but it's not really a simple task
00:05:43
for one thing like a hammer these
00:05:45
devices have nefarious uses but they
00:05:49
also have many legitimate uses for
00:05:51
example you can use the hack rf1 to
00:05:54
monitor for interference that might be
00:05:56
affecting your Wi-Fi or your Bluetooth
00:05:57
devices you can get data on flights that
00:06:00
are passing overhead you can listen to
00:06:02
FM radio and do so much more it's like a
00:06:05
full toolkit for learning about RF
00:06:08
another issue preventing a Crackdown on
00:06:10
these is that not every type of jamming
00:06:13
requires easily detectable brute for
00:06:16
spam a Wi-Fi deauthentication attack for
00:06:19
example finds the MAC address of a Wi-Fi
00:06:22
access point it copies it then
00:06:24
continuously sends deauthentication
00:06:26
packets to every connected device
00:06:28
preventing them from staying connected
00:06:30
the pagi or this deor watch are perfect
00:06:35
examples of devices that can perform
00:06:36
these types of attacks literally from
00:06:39
your wrist and all they're doing is
00:06:42
exploiting a perfectly legitimate
00:06:43
feature of the Wi-Fi protocol I mean you
00:06:46
can Outlaw this behavior and they do but
00:06:49
how do you prove it didn't happen by
00:06:51
accident how do you prove who did it the
00:06:55
last big obstacle to Banning these
00:06:56
devices is that pretty much all of them
00:06:58
are based on cheap readily available
00:07:01
single board Computers Plus parts that
00:07:03
can be easily found in a children's
00:07:04
robotics Club I mean it's already
00:07:07
illegal in just about every country
00:07:09
Canada included to be carrying around a
00:07:11
break-in instrument and the burden of
00:07:14
proving you have a legitimate use for it
00:07:15
falls on the
00:07:17
accused but even this relies on officers
00:07:20
to recognize that that video game or
00:07:24
Smartwatch looking thing is what it
00:07:27
actually is so there's nothing we can do
00:07:31
to keep these tools out of the hands of
00:07:32
Nells so what do we do now well we
00:07:36
contacted Great Scott gadgets creators
00:07:38
of the hack rf1 to discuss this topic
00:07:40
and politely they told us to pound sand
00:07:44
fair enough I mean we did call their
00:07:46
device aoral in our coverage of the
00:07:48
flipper zero but they also weren't alone
00:07:51
in denying our request for comment every
00:07:53
hacking tool company that we contacted
00:07:55
from electronic cats to deike to our
00:07:57
friends over at hack five where
00:07:59
completely unwilling to engage in
00:08:01
conversation about the legality of their
00:08:03
products which makes a lot of sense I
00:08:05
mean they build them for Security
00:08:07
Professionals but they're clearly being
00:08:09
used by shadier folks with recent car
00:08:12
theft Trends grabbing a lot of headlines
00:08:14
and putting them in an uncomfortable
00:08:16
position so I'm going to say what I
00:08:18
believe they would say if they were
00:08:20
willing to say it the better solution is
00:08:23
to beef up our security though this is
00:08:25
easier said than done in our flipper
00:08:27
zero video we briefly explained how the
00:08:29
hack rf1 can be used to defeat rolling
00:08:32
code security for a vehicle's keyless
00:08:34
entry system and if you're an avid Tik
00:08:36
Tok user you're probably already
00:08:38
familiar with the Kia boys a trend where
00:08:40
teenagers were stealing Kia and Hyundai
00:08:42
Vehicles made after 2012 by breaking
00:08:44
open the steering column usually with a
00:08:46
screwdriver not purchased at LTD
00:08:48
store.com and plugging a bog standard
00:08:51
USB cable into the ignition that doesn't
00:08:54
even require a hack rf1 or anything
00:08:56
fancy so what's clear is that in the
00:08:59
interest of saving a buck modern devices
00:09:01
can often take a painfully LAX approach
00:09:04
to Security even ones that cost tens of
00:09:06
thousands of dollars like the Honda CRV
00:09:09
that vehicle holds the title of most
00:09:11
stolen car in Canada because while it
00:09:14
would normally take a fair bit of effort
00:09:16
to defeat rolling code not to mention
00:09:18
specialized equipment the rolling pone
00:09:21
attack exploits a flaw that causes the
00:09:23
CRV to reset the code counter allowing
00:09:26
previously used codes to both open and
00:09:28
start the vehicle and it took an
00:09:30
embarrassing amount of time for Honda to
00:09:32
identify and address this issue so yeah
00:09:35
are these devices actually making it
00:09:37
easier to steal cars and generally cause
00:09:40
trouble of course they are especially by
00:09:42
making them so easily available to folks
00:09:44
who wouldn't have the wherewithal to
00:09:46
build one themselves but the same could
00:09:49
be said for a hammer this could help you
00:09:51
break into a car more easily are we
00:09:53
going to get rid of them so I think the
00:09:55
focus should be on the big automakers
00:09:57
and how they manage to fail so so hard
00:10:00
and on the organized crime networks that
00:10:02
are engaging in these practices at scale
00:10:04
rather than on the makers of softwar
00:10:07
defined radio
00:10:08
devices and the focus should be on our
00:10:11
sponsor Squarespace having a website is
00:10:14
key to establishing an online presence
00:10:15
for your brand or business you
00:10:17
understand and Squarespace makes it easy
00:10:18
thanks to Squarespace blueprint a tool
00:10:21
designed to give you great layouts and
00:10:23
styling options so your website is
00:10:25
optimized for every device there's so
00:10:27
many devices these days they also have
00:10:29
integrated optimized SEO tool so you can
00:10:31
show up more often to more people in the
00:10:34
right place on the first page and if you
00:10:36
plan on selling products on your website
00:10:38
Squarespace makes checkout seamless with
00:10:40
simple yet powerful payment tools they
00:10:42
accept credit cards PayPal and even
00:10:44
Apple pay to give your customer
00:10:45
flexibility just give me the money
00:10:47
however you want we love Squarespace so
00:10:49
much we even use it here for our own
00:10:51
website so start building your website
00:10:53
today and receive 10% off your first
00:10:55
purchase by visiting squarespace.com LT
00:10:59
if you guys enjoyed this video and you
00:11:01
want to know more on this subject check
00:11:02
out our video on The Flipper zero
00:11:04
another Swiss army knife of Homebrew
00:11:07
hacking
