It’s best to purchase an old router which doesn’t support new protocols to learn with. It should only be used for your testing - not meant for normal use. WEP will be several orders of magnitude easier to crack than WPA2 or WPA3. Tools can help you break certain implementations of encryption regardless of how many bits of entropy that are being used - often by addressing weaknesses in the algorithms or cryptologic pathways vice brute forcing. That’s often the kind of thing demonstrated in conferences and featured in research papers.
As far as everything else is concerned, you’ll get there if you stick with it. I’ll echo what others have said in this thread; there are some serious diminishing returns for attaining absolute security, all of which can be bypassed by attacking you.
Best place to start is by vacuuming up some open courseware from MIT on the topics you’re interested in. RF fundamentals, basic wireless communications, maybe some basics of network security and fundamentals of computer security or cryptology.
You need a knowledge base in order to know what to look for when you run into problems, else you just kind of waste a lot of time.
Then, familiarize yourself with wireshark. Start the program and visit a few http websites to see what information your computer is transmitting and how it’s formatted. Your goal is to ultimately snoop on this information and modify it. You need to know how to change a character in the middle of a packet to deliver an effect. If none of that makes sense…
Learning an SDR is honestly a bit of a pain. You can get a $30 antenna on Amazon that covers the ~1-6 GHz range and that will enable a lot of what you want to do. Try to pick up on old router that supports the WEP protocol. It’s old and deprecated with lots of information on how to break it.
Combine the SDR with your computer and wireshark to visit a webpage with HTTP. You’re almost certainly going to run into problems manually isolating and cleaning up the WiFi signal on your SDR into something that’s useful, but you probably have enough to start you off on your journey. If you can capture the WiFi traffic and convert it from an analog waveform into a digital bitstream, then you can finally begin doing useful things. Of course… you need to decrypt the bitstream and account for errors.
Good luck
I came off as pretty aggressive, so I apologize. I’ve been interested in this field for a while and I am still an amateur in most aspects. This isn’t really an area that’s intuitive or easy to pick up for most people.
You’ve come out of the gate swinging. It’s technically possible for people to do the things you’re exploring… but the same people who are publishing these techniques and concepts are professionals. They may not have formal education in computer science, but they have the experience.
Spend time going over things like DEFCON presentations. Sharpen your coding skills. Vacuum up free courseware from sources like MIT.
You can probably pick up “normal” RF with a cheap SDR antenna setup, but then what? You are stuck with some waves and no idea what to do with them. Are you picking up intentional Bluetooth? How would you recognize Bluetooth that’s frequency hopping? Looking at RF waveforms for modern communications is absolutely ugly and tedious.
There’s so much to learn. You need to pick one topic and dig in. All of these things have much more depth than we can explain over lemmy.
You should try this. I guarantee that it’s nowhere near as easy as you’re thinking.
There’s a huge difference between proof of concept activities and useful, fruitful information gathering and analysis.
If you’re going to be downloading programs and running scripts without doing the work to understand how these tools were built and how to modify them to suit your use cases, then you aren’t actually going to get anything useful out of them.
I don’t think an RTL-SDR is going to help you with any sort of privacy outside of maybe validating that your devices aren’t emitting typical RF while they off. You aren’t realistically going to become an electronic warfare master with some shitty home equipment and no formal training.
Best route is to start combing through security conference presentations for anything relevant to your lifestyle.
A lot of the cutting edge information gathering stuff isn’t exactly practical for widespread use. I guess somebody living a floor above you could capture your wireless traffic, but you’re not interesting enough for them to dedicate high sensitivity antennas and bespoke equipment to phreak your keyboard strokes and break out fucking differential power analysis techniques on your home.
Practice good data and security hygiene, stay off social media when possible, and don’t use IOT devices. If anybody wants to get at you, and I mean really wants to get at you, there’s nothing you’re going to be able to do about it besides giving up all electronics.
Don’t let perfect be the enemy of good.
Windows might not be the ideal privacy solution, but it’s often not something that people can reasonably change.
It takes work to relearn an operating system. People’s work applications may not function outside of windows. Virtualization and emulation are not perfect.
Personally not worried, but as a society I am.
I live in the US, and we’ve seen a rise in some particularly hostile legislation against certain groups of people like in the LGBTQ community. I can foresee precise tracking being used against these groups of people to determine if they’ve been in the vicinity of a medical provider’s office, have traveled across state lines, congregate in certain social establishments, and even perhaps where they vote for representatives.
This information could be used as targeting information for harassment or further punitive legislation. Voting districts could be redrawn to split these populations into minority regions such that they don’t have proportional share of representatives. Liquor licenses for “gay bars” could be revoked. Maybe we extend the liquor license revocations to bars which simply tolerate LQBTQ people getting a beer after work.
Maybe tomorrow we change the targeted groups to Muslims. Or maybe NRA members. With the foundations for this kind of surveillance in place, the opportunity for abuse will never go away.
These are kind-of sort-of not really new ways of defeating rogue base stations. Just let the end-users decide if they want to allow any connectivity under 4G or not - that will solve most of these problems.
Basically, phones will connect using the highest-level standard (5G) and encryption standards that it can get a good connection with. Only under very degraded conditions will a phone even think of switching from 5G to 4G or 3G. I’m not sure any new phones. sold in the US at least, support 3G any longer, and 2G should definitely be out.
Kind of outdated at this point, but the lower the standard, the older and generally weaker the communications and encryption protocols are. Thus, if an attacker can degrade the 5G and 4G spectrum enough to make it almost unusable or otherwise advertise massively better quality of service metrics for their imposter station, a mobile device may switch to 3G, and thus use the attacker’s base station to pass traffic through. The attacker may be able to break into the 3G packets and get into the internals of your communications easier than something like 4G or 5G.
Honeypots have gotten really weird lately. Anti-honeypot (along with anti-VM and anti-debugging) techniques and methods are more common than ever. I think something like 80% of all APT-level malware from the past 5 years use these techniques