RE: Wireless device vulnerability?

["Toni Heinonen" <Toni.Heinonen () teleware fi>]

Good morning!

> > > How susceptible are various wireless networking implementations to
> > > jamming (as a means to a DoS)?
>
> While several pages of well written technical fantasy may work for
> marketing, it's generally not a good idea to try feed fluff 
> to engineering
> types.
>
> There will always be a greater financial incentive to create marketing
> hyperbole than to rebut it.

Oh, but I can assure you, I have no financial motives here. Actually, I was trying to be as clear about the technical 
transmission technologies as possible, sorry if I underestimated my audience. The original poster however asked on a 
very general basis, so I answered accordingly. And by no means did I mean to undermine the threats found in today's 
wireless networks.

But, to the point.

> A jamming device need not be smart or sophisticated.
>
> Choose an inverter IC with the appropriate timings, loop 3 
> inverters in
> series to generate a nice noisy signal on your base 
> frequency. Since it's
> a square wave, you'll have lots of useful sidebands and harmonics.
>
> Tuning impedances can selectively create a lot of noise 
> across multiple
> wide bands.
>
> Since spreading the noise across more bandwidth decreases the 
> effective
> power, an output transistor may need to be added. Swamp the 
> emitter until
> it's clipping the signal and producing more power on more frequencies.
>
> Add transistor stages as needed, since each costs about $1.
 
In the US and Europe, Bluetooth uses frequencies 2.400 MHz to 2.483,5 MHz, with 79 different bands to hop on, each 80 
MHz wide or sometimes more. Seeing as you would not try to synchronize your jammer with the hop sequence, do you think 
it would really be capable of jamming that whole band? After all, even a square wave won't produce that much of a 
disturbance to the neighbouring bands. I mean, of course you could build a jammer like that, but wouldn't it cost too 
much? I mean, I see your point:

> It will always be cheaper to DoS a wireless network than it 
> is to build
> it.

Of course, the whole idea is that the protective safeguards for a system do not cost more than the protected assets. 
Seeing as how a Bluetooth chip is supposed to cost 5$ (of course not yet, but probably so after mass production), would 
it really be possible to build a jamming device of this magnitude for 10$ (the cost of a two-machine Bluetooth network)?

Additionally, you did not comment on my analysis of WLAN/UMTS transmission a la DSSS. Do you have any ideas there?


TONI HEINONEN, CISSP
   TELEWARE OY
   Telephone  +358 (9) 3434 9123  *  Fax  +358 (9) 3431 321
   Wireless  +358 40 836 1815
   Kauppakartanonkatu 7, 00930 Helsinki, Finland
   toni.heinonen () teleware fi  *  www.teleware.fi