Wi-Fi Pineapple Hacking Device Sells Out At DEF CON 132
darthcamaro writes "At the recent DEF CON conference over the weekend, vendor were selling all kinds of gear. But one device stood out from all the others: the Wi-Fi Pineapple — an all in one Wi-Fi hacking device that costs only $80 (a lot cheaper than a PwnPlug) and powered by a very vibrant open source community of users. Pineapple creator Darren Kitchen said that 1.2 Pineapple's per minute were sold on the first day of DEF CON (and then sold out). The Pineapple run Linux, based on OpenWRT, is packed with open source tools including Karma, DNS Spoof, SSL Strip, URL Snarf, Ngrep, and more and is powered by g a 400MHz Atheros AR9331 MIPS processor, 32MB of main memory and a complete 802.11 b/g/n stack. Is this a tool that will be used for good — or for evil?"
"Yes" (Score:3, Interesting)
Is this a tool that will be used for good -- or for evil?
There is only one answer to this: Yes. Yes it will.
Too bad packing its functions up in an easy appliance means it now no longer has anything to do with "hacking" at all. You aren't a "hacker" if all you do is run some appliance.
Might as well call yourself a master baker for using a bread baking machine... or even a toaster. Well, no, no you aren't.
That the security industry claims otherwise means that they are deluding themselves... and us. We're not getting our money's worth in security out of their efforts. But we do get nice toaster equivalents, complete with instant "hacker" label. Nice, innit?
Re:"Yes" (Score:5, Interesting)
It kinda hurts to admit it, but yes, you're right. Most of the security industry is a bunch of charlatans who are unable to produce more than cheap tricks to impress those that know even less than they do.
Every time we're about to hire some security consultants (which we have to, regulations require us to have my security system tested by outsiders) I kinda think I know how Penn&Teller feel when they host "Fool us". Only that the amount of half-talented stage magicians who show off ancient tricks is way higher for me.
Re:Some security experts are idiots (Score:4, Interesting)
Some? SOME? Most of them are!
Old joke: You can tell by how the techs three-piece suit fits whether he's a hack: If he wears one, he is.
But seriously, it's by no means short of frightening how many quacks and hacks (and I don't mean that as a compliment...) litter the field. Which is quite logical if there is little if any reputable and generally accepted (especially amongst management) certification system. And don't come with things like CISA and the like, I am not looking for a security manager, I'm looking for someone who can actually test a security implementation, not design it.
Now add that the average manager knows little beyond how to plug some device relatively accident free into some hole on his computer and you can easily see how knowledge free idiots who can navigate the surfaces of some "hack tool" (I'll use the term loosely here) can convince said managers that they are "security experts". In the kingdom of the blind and so on...
Convenient, but still overpriced (Score:4, Interesting)
I can see buying one for the convenience of having all the software pre-installed for you, but the specs for the hardware aren't any different than a dozen home WiFi routers, which can run OpenWRT and sell for $40 [amazon.com].
I'd think giving those aging home routers a second life as security tools would be better than everyone buying another new product for twice the price, and eventually throwing both away. I recently added a USB sound card on mine, for use as a streaming audio player.
You might want to check the security first... (Score:5, Interesting)
Sure, get your wifi pineapple, but I've already got a wifi pineapple buster [wordpress.com].