HamSammich – long distance proxying over radio Robert Graham Erratasec.com David Maynor Erratasec.com The ProxyHam talk was mysteriously canceled. However, it’s easy to replicate the talk from the press coverage. In this talk, we propose “HamSammich”, creating a point-to-point link in order to access WiFi from many miles away, as a means to avoid detection. We show how off-the-shelf devices can be configured to do this for less than $200. After demonstrating the working system, we’ll talk about radio signals. This includes both the FCC regulatory issues which may have caused the cancelation of the original talk, as well as signals-intelligence, and the practicalities of being detected and caught. Finally, we’ll talk about hiding signals with SDR, a more complicated and expensive technique, but one that hides better in the electromagnetic spectrum. We’ll demonstrate not only a working system, but what the 900MHz spectrum looks like, and how to track down a working system. Robert Graham is the CEO of Errata Security, a pentest/consulting firm. He's known for creating the first IPS, the BlackICE series of products, sidejacking, and masscan. In his spare time, he scans the Internet. He has been speaking at several conferences a year for the past decade. Twitter: @ErrataRob David Maynor is the CTO of Errata Security, and chief pentester. He’s a frequent speaker at conferences, most infamously in the Apple WiFi scandal. In his spare time, he builds weapons for Skynet’s domination of the planet. Twitter: @Dave_Maynor