I hoped to finish up “Mobbing, knob-and-tube, and the tactical use of wireless services at home” today. Alas, it’s taken some time to decide how to contextualize and write on the topic of knob-and-tube, and just in the last few days I came across the best sources I’ve got on the history of the topic. So it’ll be a bit longer. In the meantime, since the knob-and-tube post has grown longer than expected, the following sections have been extracted and posted as a different topic.
Ω
On April 25, 2024, the Federal Communications Commission (FCC) voted to restore net neutrality, a principle abandoned in the Trump years. Net neutrality mandates that broadband access be treated as an “essential” service, in other words, that it be subject to governmental oversight and regulated like a utility. In the April 3 press release from the Office of Chairwoman Jessica Rosenworcel, the FCC laid out the benefits of restoring the standard, including increased consumer protections, oversight of broadband outages, and increased security of broadband networks.
Classing broadband as a utility means treating it as an essential service. By and large, broadband has been provisioned through utility companies. Without net neutrality, however, access to the service may not be protected. What I haven’t seen talked about is the importance of security to fairness. Security is listed as a benefit of net neutrality, but you can’t separate reliability from security. Especially not when internet services run over power in power line applications, and power runs over internet in Power over Ethernet (PoE) applications. Internet security can’t be separated from the security of the electrical grid. And when electric services find ground on water pipes, carrier current transmission and the security of the grid cannot be separated from other city utilities. Magnetic and underground utility locators make this all too plain when we consider how these tools find the pipes that channel utility flows by transmitting radio frequency. With IoT and DC running over household wiring, security becomes even more of an issue.
Ω
Network intrusions are not necessarily done through what we lay people have come to know as “malware” or “computer viruses.” Intrusions can be effected by interference into electrical current or signal. Disrupting a device can cause a malfunction that prevents normal operation (Pictures from a mobbing (part 1)). Interference and disruption create the opportunity for jamming with signal, with data, and with sound.
Malicious interference with power supply to a device can be used to create a “glitching attack”. In IoT, the integrity of a carrier power supply can be as important as the integrity of the radio frequency signal. When power or the system clock is compromised, so is the integrity of the entire device. Volkswagen Group Senior Security Researcher Antonio Silva (on LinkedIn) provides a proof of concept (PoC) example of a glitching attack using the open source Arduino Uno microcontroller. Scenarios like this make it important to consider the malicious use and impact of wireless charging and solar technologies increasingly seen in the neighborhood. I hope that with increased study of crimes with digital aspects, security researchers might show how attacks can be effected on residential electric systems.
Jamming attacks are a type of denial of service (DoS) attack (https://cyberinsight.co/what-is-jamming-attacks/).Recent instances of what some media include in the rubric “burglary tourism” provide an example. Moreover, these cases show how the use of wireless devices has created vulnerabilities that might not otherwise exist.
Since January 2024, there have been repeated cases of organized crime rings entering the United States in small groups for the purpose of thievery. Hence the term “international burglary ring.” This description of “burglary tourism,” however, omits information that shows our Panglossian approach to wireless services. This is the fact these crimes pivot on the reliance on wireless cameras to create security.
In this case, a group of Columbian nationals hid camouflaged wireless cameras on victim properties to detect victim departures. They then used WiFi jammers to “disrupt” the wireless signal of their victim Ring’s cameras. The jammers disabled communication inbound and outbound from a wireless device, making it impossible for the device to capture footage of the intrusion or alert authorities.
I have not so far read what enabled communication with the cameras they planted—whether they used, for example, a Comcast public hotspot or a mobile router from their vehicle. As mentioned in “Leave the Ring on,” and other tales of the nasty neighborhood watch lady, Ring cameras do provide repeaters that support Amazon Sidewalk. Repeaters are increasingly powerful so it might be possible to use one neighbor’s Ring camera for connectivity while disabling that of the victim. However, so long as bandwidth utilization of community networks is possible without leaving behind telltale “indicators of compromise” or artifacts like MAC addresses, criminals who are not sophisticated users of the technologies they exploit are likely to escape detection.
This type of “burglary tourism” shows how easy it is for criminals to leverage Wi-Fi and wireless cameras like Ring—dubbed a “pre-crime” device by its founder—to commit exactly the kind of crime they’re supposed to prevent. This is increasingly the case: Criminals prey on us using the technologies and platforms we believe make us safe. In my experience, some of these criminals might include the neighborhood watch and the real estate “investor” next door. WiFi jammers may be illegal; WiFi is not. The malicious configuration of a WiFi network, signal boosting, heavy traffic, or the deliberate creation of cross-channel or electrical interference can also jam nearby wireless networks (Mobbing, infrasound and leaky feeders (part 2)).
These kinds of crimes use signal boosting and disruption, and both of these, as well as those with a background in the military, can be found in the tactical use of wireless services in mobbing. On holiday weekends like this one when the “owners” of the mobbing houses decamp and a stream of overnight “guests” in unfamiliar vehicles bring an intensification of harassment by Ring above ground and by sewer lateral or abandoned pipe below, perhaps you could call it “harassment tourism” or “eviction tourism.”
Ω
WiFi is an increasing dependency of IoT. And both WiFi and IoT (what I call the mobbers’ Internet of Malicious Things”) make us less secure. As companies invest trillions of dollars in IoT and consumers add more connected devices to their homes, WiFi will further transform the smart home market in 2022. Wi-Fi has long been the technology of choice for IoT” (“WiFi Alliance 2022 WiFi trends,” https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-2022-wi-fi-trends). IoT architectures call for the extension of low voltage, direct current (DC) and power line technologies from the street, over residential power lines, and into our homes. In their current specification, wireless services eliminate the possibility of a residential air gap. Air-gapped systems are the customary means of ensuring network security when connectivity is a risk.
Wireless services also interfere (literally) with any reasonable isolation of the household electrical system. For example, the proprietary Wi-Fi CERTIFIED HaLow system “delivers long range, low power Wi-Fi” (https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-2022-wi-fi-trends). Wi-Fi CERTIFIED HaLow for IoT penetrates obstacles including walls and the long end of its range is estimated at 1 kilometer.
Wireless services create reliability by concentrating signal—often into a “hot spot” or a “beam”—and with the proliferation of antennas and signal extenders or “repeaters” stretching down the block. This means more radios you can’t turn off. And based on my experience with upgrading a galvanized water line to copper at the Albany house, wireless charging processes, for example, of the Tesla Powerwall, can be made to maliciously interact with systems across the walls they’re mounted on and over the property line, affecting those who may not understand that the underlying problem is the neighbor.
Manufacturers are increasingly abandoning analog systems and producing appliances with digital systems that are “smart.” This is not because digital design and “smart” design are better, but because these devices that require increased management and oversight despite the perception of offering convenience, these appliances are the “latest-and-greatest.” These appliances are part of a burgeoning market, and manufacturers want a piece of it. “The global Wi-Fi Market size is expected to grow from USD 14.5 billion in 2023 to USD 39.4 billion by 2028.. smart city initiatives, including connected infrastructure, drive the Wi-Fi Market” (“Wi-Fi Market worth $39.4 billion by 2028, growing at a CAFR of 22.2%: Report by MarketsandMarkets,” Yahoo/Finance, https://finance.yahoo.com/news/wi-fi-market-worth-39-140000853.html).
This has nothing to do with creating a secure or healthy environment. This is not what the purveyors of Wi-Fi and IoT are selling. They’re selling you what they need to sell to make a profit. According to Yahoo Finance, the drivers of the WiFi market include “[a]doption of smartphones and smart appliances to stay connected via remote technology” and the “[w]idespread adoption of IoT devices.” Yahoo Finance lists two “restraints,” the second of these is endemic to the WiFi standard as we know it: “Contention loss and co-channel interference.” And this market growth continues despite the first restraint: “Difficulty in securing Wi-Fi networks in SMEs [small and medium enterprises] targeted by cybercriminals.” With wireless services creating seamless connectivity around the globe, the vulnerabilities may be insurmountable.
