Of all the recent stories about hacking and the invasion of people’s privacy by the good ol’ government, I’m a bit turned off by news of stolen passwords these days. But this is the best hacking story I’ve ever read, so I’m making an exception. Who doesn’t want to know how to hack Wi-Fi with a cat?
When we were little, my brother tied a transistor radio to our cat’s tail. The idea was that the cat would walk around from room to room, filling the house with music. A lovely idea, in theory. In reality, the cat freaked out and took off running down the stairs, smashing the radio to bits. But a cat collar containing a chip with firmware, Wi-Fi card, GPS, and battery could function much the same way. A cat wears this stuff and moseys around the neighborhood, mapping residents’ Wi-Fi networks and gathering information about any routers that either lack encryption entirely, or would be easy to infiltrate.
Hacker and security researcher Gene Bransfield recently gave a talk at the DefCon hacking conference called “How to Weaponize Your Pets” (don’t take the title too seriously) in which he introduced the “WarKitteh “ collar. It borrows its name from a popular hacking technique in the ’80s called “wardialing,” in which hackers would call random numbers with their modems to try and find vulnerable computers. The same tactic is used in “wardriving,” which involves driving around with an antenna look for the same weaknesses to exploit.
It’s not too tough to make the collar, which relies on a Spark Core chip that is becoming easier and easier to program (in this case, with firmware Bransfield coded himself). After a colleague showed him a GPS collar that allows owners to locate pets via text, he decided to give this project a whirl. The first experiment cost him a smartphone, though — it fell out of the pocket of a jacket he tried to put on a coworker’s cat. After he worked out the kinks, he put the collar on his wife’s grandparents’ cat Coco, who found 23 Wi-Fi hotspots during a three-hour jaunt outside. Bransfield used Google Earth’s API to map those networks and identify the vulnerable connections.
Bransfield’s device is more for fun than anything, but what he’s learned has surprised even him. Many of the networks uncovered by the WarKitteh-wearing cat use WEP (Wired Equivalent Privacy), which has been long known to be particularly vulnerable to hacking. “[T]here were a lot more open and WEP-encrypted hot spots out there than there should be in 2014,” he said. “If people realize that a cat can pick up on their open Wi-Fi hotspot, maybe that’s a good thing.”