Hi all,

We have a project on the go, competing against other teams. The idea is to make a WiFi controlled device using this module https://www.sparkfun.com/products/13678

The assessor has been deliberately vague with the rules so to encourage a range of approaches. It is rumoured that one of our competitors has developed some means of blocking the WiFi connections of the other modules, leaving their device the "last man standing".

I am trying to think how they may have done this so that we can defend against it. As I understand it, RF jammers are illegal under UK law so I doubt if they've done that. I also don't see how they could overwhelm us in a DOS attack since our module is set up as an access point and only we know the SSID. Could they just inundate the device with attempts to connect with the wrong password and hope to make it crash? I had ruled this out as the other teams must all be using the same module so surely our module could reject phoney connection requests as fast as the other team could generate them.

I would appreciate any ideas from those more in in the know than me!

 

It is rumoured ...

That could be a tactic to divert you. It may be worth some time to get better recon, instead of spending time chasing your tail based on a rumor.

I would appreciate any ideas from those more in in the know than me!

Well I'm certainly not more in the know, but I did read the blurb at Sparkfun (who might be worth a call, also) and this line raised an eyebrow: "... it contains a self-calibrated RF allowing it to work under all operating conditions..."
It made me wonder if you could interfere with its self-calibration.

 

That could be a tactic to divert you. It may be worth some time to get better recon, instead of spending time chasing your tail based on a rumor.
Well I'm certainly not more in the know, but I did read the blurb at Sparkfun (who might be worth a call, also) and this line raised an eyebrow: "... it contains a self-calibrated RF allowing it to work under all operating conditions..."
It made me wonder if you could interfere with its self-calibration.

We are at the stage that we have a working design and we have two weeks to try and figure out how to make it as robust as possible. Naturally everyone will be given marks based on the quality of their design but there are bonus marks available for whoever's device works best on the day. I suspect that some other groups will try to use the coming days to come up with ways to sabotage the opposition, I know we certainly have but we couldn't come up with anything! Certainly the lecturer in charge has said that he has a few tricks up his sleeve to see how robust our designs are so there must be a few common failure modes that he's aware of!

I did notice the bit about RF calibration and I took that to mean that it had some sort of system for tuning itself to the optimum band for best reception. I recon the only way to interfere with that would be to try and jam the RF frequencies that it's working on. I have a copy of the Wireless Telegraphy Act 2006 printed off in case anyone hits us with an RF jammer on the day

I'm just wondering how anyone could possibly interfere with this module other than RF jamming. If they don't know the password to connect, the only option I can see is that they would inundate it with wrong password attempts until the module gave up.

 

<snip>
I'm just wondering how anyone could possibly interfere with this module other than RF jamming. If they don't know the password to connect, the only option I can see is that they would inundate it with wrong password attempts until the module gave up.

You can look up a good deal of information about deauthentication packets as an attack, which is possibly what the rumor is all about.

Is there nothing about such matters in the rules???

 

You can look up a good deal of information about deauthentication packets as an attack, which is possibly what the rumor is all about.

Is there nothing about such matters in the rules???

I will look into "deauthentication packets" and see if we can defend against this. I would have thought that there would be some sort of defence built into the WiFi module against this as part of the 802.11 standard, or is this not the case?

The rules state that unless something is explicitly forbidden, you can do it. In the event that someone knocks out everyone else's comms, they will probably be declared the winner then it will be a competition for second place. Having said that, if they sacrifice their own system's performance in a desperate attempt to screw over everyone else they may be penalised.