Jamming Wi-Fi With a $15 Dongle

An anonymous reader writes with this report about just how easy it is to disrupt if not entirely kill modern consumer-grade networks -- not just Wi-Fi, but Bluetooth and Zigbee networks, too. Crucial to determining the likelihood of any given kind of attack, though, is how much it would cost the attacker to attempt. The bad news for network owners and users is that it doesn't cost much at all: "According to Mathy Vanhoef, a PhD student at KU Leuven (Belgium), it can easily be done by using a Wi-Fi $15 dongle bought off Amazon, a Raspberry Pi board, and an amplifier that will broaden the range of the attack to some 120 meters."

With a $15 dongle?

[aardvarkjoe]

...it can easily be done by using a Wi-Fi $15 dongle bought off Amazon, a Raspberry Pi board, and an amplifier that will broaden the range of the attack to some 120 meters.

In other news, I can build myself a car with a $3 roll of duct tape bought off Amazon, as long as I happen to have all the other pieces sitting in my garage. Astounding!

Not brute force

[Zeorge]

None of the fun lab equipment is used. Well, maybe there is some brute force. But he's basically flashed the dongle to inject packets into the WLAN and take over via priority. This suppressed the other devices from transmitting so it's a little more elegant than jamming. If the attacker was in WLAN proximity, did not use an amplifier, then it would be hard to detect without packet inspection.

Re:

[BuckaBooBob]

it would be best used to attack lte-u deployments just replace the costly amplifier with a cantenna and keep the channe(s) busy..

Re:

[DarkTempes]

Most people already have a computer or phone and so you could, in theory, use the $15 wi-fi dongle and your computer/phone to do the attack as well. Though I guess you could nitpick about the need for a USB otg cable if all you own is a phone.

I think the $15 claim is fine.

Re:

[GuB-42]

It is not really the point here but I hate it when I see "build X with $5" when you actually need at least $100 worth of junk that, somehow, every people must have. And that's not counting the tools.

Re:

[sobachatina]

I know!

And they never even account for the costs of the person's education or years of experience.
They don't list the cost of the the facility where a project like this can be built without being rained on.
Or the health care over the years to ensure that one's hands and mind function adequately for the task.
They don't even account for the cost of the calories of food required for thought and motor control.

This project would actually cost >$1,000,000

Seriously though, if you are committed to a hobby, there

Re:

[nospam007]

"All to end up with something you can't legally use."

Same as with girls, guns, cars, ... all the fun stuff ain't legal.

Re:

[Hylandr]

> Kidding aside, the statement isn't as stupid as you make it out to be. You just need to be a little more open minded for the evil possibilities.

No kidding here at all, I want this for my car or motorcycle. I want 100 foot bubble of no people talking or texting when I am on the highway ! ( +/- 10 Ft )

Re:With a $15 dongle?

[sexconker]

You'd have a bubble where people were fiddling with their phones because it just crapped out on them.

Re:

[omnichad]

Great job. Force-drop all 911 calls as you drive by any accident.

Re:

[Hylandr]

This argument is akin to the law of every post eventually including Hitler in some fo... Oh crap I just did it...

Re:

[bws111]

You may be interested in reading this before you try that: http://fox2now.com/2014/04/30/... [fox2now.com]

Re:With a $15 dongle?

[bws111]

Sorry. A guy in Florida was fined $48000 by the FCC for operating a cell phone jammer in his car to prevent others near him from using their phones.

Re:

[anyGould]

Sorry. A guy in Florida was fined $48000 by the FCC for operating a cell phone jammer in his car to prevent others near him from using their phones.

Which makes that guy terribly dumb - he was running it non-stop for almost two years, driving the same routine every day. (Yes, they used "sophisticated techniques" to find him - or, you sit with a cell phone and a video camera on the overpass for a week, and see which cars always show up when your signal drops. Not to mention that he wasn't bright enough to turn it *off* when the cops pulled him over.

Stupid crooks, ruining it for the rest of us...

Re:

[Kenshin]

You can have that if I can have a device that disables all motorcycles within 500m of my house.

Such noisy machines.

Re:

[Anonymous Coward]

You can have that if I can have a device that disables all motorcycles within 500m of my house.

Such noisy machines.

In America I found that motorcycles were obnoxious machines designed primarily to make noise and stink.

In Europe we have decent engineering, and our bikes are beautiful.

Re:

[drinkypoo]

No kidding here at all, I want this for my car or motorcycle. I want 100 foot bubble of no people talking or texting when I am on the highway ! ( +/- 10 Ft )

A 100 foot bubble of personal precious snowflake status? You are the second most specialest person ever, after the pope.

Re:

[Hylandr]

Wow that's either bait or ignorance I can't tell which.

Seriously though, people on their phones for any reason while they should be *driving* should carry the same if not worse convictions and consequences as driving drunk. The only reason Drunks should have it easier is at least they are *trying* to drive. While people on their phones don't seem to give a rats knackers.

Re:

[drinkypoo]

A 100 foot bubble of personal precious snowflake status? You are the second most specialest person ever, after the pope.

Wow that's either bait or ignorance I can't tell which.

Don't worry, you're about to find out which, and that you deserve to be baited.

Seriously though, people on their phones for any reason while they should be *driving* should carry the same if not worse convictions and consequences as driving drunk.

I don't disagree. The problem is, you want to wipe out broad swaths of legitimate use, and just around you. Because you're special, and you deserve to have control over radio emissions in your personal vicinity. You're going to block emergency calls, data use like google maps navigation with traffic alerts, voice control-enabled use of the internet like Siri and Google voice search, and of course completely legitimate use by pass

Re:

[Hylandr]

> just around you

Ideally there would be laws preventing cell phone use by drivers that is strictly enforced and people would just use good common sense *everywhere* and focus on their driving when driving instead of their phone, makeup, meal and in some cases having sex.

Nobody is special DrinkyPoo, but everyone wants to *feel* safe, even if they really aren't. Having the desire to be safe shouldn't be considered 'special'. It's human nature. I pull over to talk on the phone if it's an important call etc

Re:

[Hylandr]

Uhg,

Fair enough. I drop my bid for a Cell-free bubble in favor of an EMP burst from 200 miles up. Lets just go back to castles and fiefdoms.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[stoatwblr]

A trembler coil and a spark plug do a pretty good job too. Put it in a headlight and the interference is directional.

PhD Student?

[Anonymous Coward]

Probably any reasonably advanced ham operator could pull this off for nothing more than his/her labor and the parts in the junk drawer.

Re: PhD Student?

[alcmena]

Heck, I had a Bright House modem that decided to jam all WiFi in my house, and it did it for free. That was a fun conversation with support. Trying to help a "just reboot" monkey to understand that when the modern was on, every WiFi networks within 100 meters on it became useless.

PhD

[darkain]

Wait, it took a PhD student to figure out that broadcasting malicious signals disrupts signals on the similar wavelengths? And OMGs it effects BlueTooth, too!? Totally didn't know that two personal usage wireless communication specs would both be using unlicensed spectrum, WHO WOULDA THOUGHT!?

I can do it for quite a bit less. Just put a small piece of plastic into the door switch of a microwave so it thinks it is closed, but leave it open. Now turn it on. You can cook yourself while killing Wifi all throughout the house! [DISCLAIMER, DON'T ACTUALLY DO THIS]

Re:PhD

[Gliscameria]

That's how you know it's working.

Re:

[cwsumner]

Actually it's well known that microwave ovens are allowed to leak more energy than Wifi devices are allowed to transmit. That's one of the reasons why "electrosensitivity" is such a load of bullshit.

By the way, don't stand too close to your microwave when it is running. (!!) 8-)

Re:

[Lumpy]

It's just proof that a "phd" doesnt mean shit nowdays.

Most garage tinkerers knew this, many of them with high school only education.

Re:

[Anonymous Coward]

Idiot.
"During his recent presentation at BruCON, Vanhoef explained that by modifying the dongle's firmware he was able to force the target networks to always give priority to the device's transmissions. If the device is made to transmit continuously, it means that all other devices won't be able to, making the channel effectively unusable.
His attempts at selective jamming (blocking specific packets) have been less successful, and he concluded that 100% reliable selective jamming is not possible.
He also says

Re:

[darkain]

So basically, this is EXACTLY what was already done back in 2009 then? Back when TKIP was broken using QoS packets to break encryption and establish MitM attacks on Wifi? So, what's new here?

Re:

[Lou57]

It's just proof that a "phd" doesnt mean shit nowdays.

Actually, it does. I was always told that:

BS = bullshit
MS = more shit
PHD = Piled Higher and Deeper

Re:

[rtb61]

Consider you theory of doctorates next time you need to visit a medical doctor or dentist, I'm sure it makes you feel all warm and cost inside. The only reason there is pride in ignorance is because of that ignorance.

It's not just brute force jamming

[Zeorge]

Brute force is easy. From the article, he flashed the $15 dongle to take priority over the WLAN and prevents others from TX'ing. He's not just raising the noise floor. This makes it a little harder to detect. I guess if you had a spectrum analyzer or were looking at the RSSI you would see an abnormally strong signal. If you were paying attention to your WLAN, you'd see a device that -potentially- wasn't part of the WLAN broadcasting and supressing everyone else. I'm at work so I can't read more of it, but,

Re:

[SuiteSisterMary]

So, to paraphrase, '802.11whatever is a 'listen then talk' protocol, so, logic-ally speaking, if we comment out the 'listen' part of the code, it will just talk, and nothing else will talk! GENIUS!'

Guess what! Ethernet expects only the device who has a given IP to respond to arp requests! If we respond anyway, there will be CHAOS! BWAHAHAHA!

Re:

[nospam007]

"So, to paraphrase, '802.11whatever is a 'listen then talk' protocol, so, logic-ally speaking, if we comment out the 'listen' part of the code, it will just talk, and nothing else will talk! GENIUS!'"

Every girl could have told you that.

Isn't that illegal?

[Anonymous Coward]

and an amplifier that will broaden the range of the attack to some 120 meters

Re:

[Impy the Impiuos Imp]

Yes and easily tracked down once you stir things up.

Re:

[buck-yar]

Yes, if you do what is in the OP, you are breaking the law. You need a FCC license (HAM probably) to transmit as the article states. Anything over 10mw, unless it has a FCC Part 15 exemption.

Re:

[silas_moeckel]

You're still intentionally interfering so you're never going to be legal.

Re:

[rthille]

You just need to do it from far enough offshore, and with enough power to still interfere :-)

Re:

[silas_moeckel]

On a ship registered to a country that has no laws regarding this

As Kravindish would say:

[tepples]

"This is illegal, you know." [youtube.com]

Marriott got fined over half a million dollars [slashdot.org] for jamming guests' Wi-Fi.

Re:

[Kyogreex]

I don't think that would matter to most of those who would have a reason to use something like this. Whether or not it's illegal, it's worth studying.

Re:

[driblio]

If you rtfa (i haven't, but based on comments above!), that's what this guy did, selective jamming through the protocol, not noise.

Re: As Kravindish would say:

[rworne]

I used a tool that did this back in 2004 writing a thesis on WiFi security.

Back then there was a nifty software tool called "Omerta". You can whitelist a bunch of access points and it will forge disassociate packets for all the other AP's in range, rendering them useless.

Clients connected to the whitelisted AP have no issues whatsoever.

Re:

[gnasher719]

Marriott got fined over half a million dollars for jamming guests' Wi-Fi.

And you can't afford the same lawyers as Marriott.

Re:

[Mr D from 63]

This should be put under the "hey look at how i can be a disruptive asshole" category.

Wifi.

[ledow]

Are you using unlicensed Wifi spectrum for anything mission critical, such that jamming would be anything more than a slight inconvenience?

More fool you.

Re:

[Anonymous Coward]

There are vendors peddling wifi for industrial controls [siemens.com] (including safety and emergency control). What could possibly go wrong?

Re:

[Darinbob]

Yup. Disrupting wi-fi, bluetooth, and zigbee networks should cause inconvenience only, nothing of real value is damaged. Cutting the wires though causes real problems.

Re:

[Holi]

You mean the ISM bands. It's not the "wifi spectrum".

Re:

[bobbied]

Some hams could, most couldn't.

Of those who could there are FEW who would actually do it. Most of us understand that breaking the law is generally a bad idea and personally I value my extra ticket enough to not risk loosing it on some boneheaded violation of FCC regulations...

In other news...

[SecurityGuy]

...did you know that you can render a car inoperable with a device as simple and cheap as a nail? That you can destroy many electronics simply by getting them wet? That you can harm a person simply by swinging a fist into them? Etc, etc, etc.

Yes, we know this. For many things, it's not possible to make them unbreakable, therefore we enact societal consequences for breaking them like jail, fines, etc. It's been that was for, well, all of recorded history.

Re:

[mike449]

WiFi jamming can be concealed, and detecting the source is much more difficult and expensive (at the moment) than operating it.
It is closer to anonymous bullying on the Internet than to physical assault. The consequences are much less immediate, meaning that sociopaths are more likely to use WiFi jammers than going around smashing cars and randomly beating people.

In other news

[Stonent1]

Someone just realized Microwave Ovens can be used to jam wifi.

Re:

[idontgno]

I had one of those.

Had to replace both the microwave and the WiFi router to find a combination that worked together.

I bet the microwave was cheaper than TFA's hardware set up, and one-button simple. And also warmed Hot Pockets better.

FCC will go ballistic over this

[peter303]

They wont even allow cell-jammers in prisons where contraband cellphones are everywhere.

Re:FCC will go ballistic over this

[gstoddart]

First off .. it's Belgium, so not so much with the FCC.

But, really, if you assume a malicious actor, why the hell would they care?

If it's cheap and easy to do it, people probably will. It's not like the FCC (or any other agency) has the ability to prevent the attacks just by saying you're not allowed to do it.

Re:

[bobbied]

It's not like the FCC (or any other agency) has the ability to prevent the attacks just by saying you're not allowed to do it.

Quick, apply that logic to hand guns....

Enforcement by the FCC may be a rare event, but it DOES happen. Generally you don't get caught directly by the FCC, you get turned in to the FCC by somebody who is being interfered with. The FCC might not be able fine you until they actually observe you breaking the rules, but they do often threaten to levy fines for radio frequency interference complaints. So there is *some* risk of getting into trouble for people who break the rules and run jammers.

Re:

[bmo]

>It's not like the FCC (or any other agency) has the ability to prevent the attacks

They don't.

They don't generally have the staff to hunt down pirate stations and things throwing out QRM (Amateur talk for interference).

They have a whole army of Amateurs who will gladly do it for them. It's a game of sorts...

--
BMO

Serious consequence? Please

[cdrudge]

With the above mentioned networks being crucial to the functioning of many IoT devices and systems - home security systems, car locks, baby monitors, and so on - it should be obvious that the fact that these attacks can be performed so easily and cheaply may lead to serious consequences.

If your IoT device, home security system, car locks, baby monitors, and so on have serious consequences if their crucial wireless network is unavailable, you have a serious design flaw in your system. At worst, it should result in the particular thing not communicating and you resort to a back up method, such as say a door lock, a key, or going and checking on your kid in person...

Re:

[david_thornley]

My setup has minor consequences. If something's jamming the WiFi, I can't watch streaming video in the TV room, or do anything from downstairs. It's still illegal, it's just that I won't be suing the jammer (if the jammer can be found) for further damages.

Spoiler Alert: No Code

[argee]

About 20 minutes into the presentation, the guy demoes it (works!), and then says that
he is not releasing the code because it could cause trouble.

Duh!

Better For The Gander

[Guy From V]

On the flip side, anyone who does do this with said $15 dongle can consequently be located by a resourceful and pissed-off individual using an even cheaper dongle [amazon.com], who can then decide on the proper payba...er...action to take.

This used to be cheaper (total cost)..

[brokenin2]

Dealextreme used to sell a wifi/cell phone/bluetooth blocker for something like $10.. I have a friend that bought one.. I just went looking though, and it looks like they don't cell them anymore.. Maybe they're trying to seem to be more of a legitimate company or something..

or

[superwiz]

You can just turn your microwave oven. It'll do a pretty good job of interfering with WiFI frequency (which is in the microwave band)

Re: or

[Anonymous Coward]

But my Wi-Fi is 5GHz

Re:

[superwiz]

Does it help? The total amplitude of the ovens is so much higher than anything any wifi antenna should ever put out (without frying anyone standing next to it) that what the oven leaks into its surrounding band should be enough to interfere with most WiFi channels. http://mars.nasa.gov/MPF/rover... [nasa.gov]

Trembler coil

[Anonymous Coward]

For $15, approximately, (certainly for less than the cost of the Dongle, the RaspPi, and the amplifier) you can get something like a Model T spark coil (aka ignition coil, trembler coil, etc) and a battery and generate enough RF noise to swamp anything in the vicinity.

For extra fun, google pocket tesla coil or portable tesla coil.

Re:

[gzuckier]

For $15, approximately, (certainly for less than the cost of the Dongle, the RaspPi, and the amplifier) you can get something like a Model T spark coil (aka ignition coil, trembler coil, etc) and a battery and generate enough RF noise to swamp anything in the vicinity.

For extra fun, google pocket tesla coil or portable tesla coil.

model t spark coils are expensive these days, particularly if they come with any sort of guarantee of functionality.

Apropos quote from Dave the Barbarian

[Chris Mattern]

Narrator: Thinking quickly, Dave constructs a homemade megaphone using only a squirrel, some string and a megaphone.

Well. . . .

[nehumanuscrede]

I suppose walking about with a dongle sized piece of hardware is a bit more subtle than toting around a microwave attached to a backpack. :D

Re:

[gzuckier]

I suppose walking about with a dongle sized piece of hardware is a bit more subtle than toting around a microwave attached to a backpack. :D

if you get caught walking around with your dongle sized piece of hardware, you could end up on the sex offender list.

You can get a ticket to prison with a $0 rock too.

[Daniel Matthews]

There is nothing intelligent about these sort of simple disruptive attacks, they are nothing more than a form of temporary vandalism. I could probably to a hell of a lot more damage with the guts of an appliance found in most kitchens, but would it prove I am smart? No.

ohheck

[gzuckier]

i bet i could do it with a lamp somebody threw away because the cord sparks like crazy where it attaches to the plug.

Chuck Finley - Attorney at Law

[manandmachineguy]

I think I saw this on an episode of Burn Notice...

Re:

[mwehle]

Now we're talking.

I see what you did there.

Re:

[omnichad]

There is an epidemic of prison visitors in the US sneaking in cell phones inside condoms jammed up the visitors' rectums.

Hope that's flip phones and not phablets.

Re:

[gzuckier]

There is an epidemic of prison visitors in the US sneaking in cell phones inside condoms jammed up the visitors' rectums.

Hope that's flip phones and not phablets.

"Uh, excuse me warden, my butt is getting a text"