Hackaday Prize Entry : Subterranean Positioning System

There are numerous instances where we need to know our location, but cannot do so due to GPS / GSM signals being unavailable and/or unreachable on our Smart Phones. [Blecky] is working on SubPos to solve this problem. It’s a WiFi-based positioning system that can be used where GPS can’t.

SubPos does not need expensive licensing, specialized hardware, laborious area profiling or reliance on data connectivity (connection to database/cellphone coverage). It works independently of, or alongside, GPS/Wi-Fi Positioning Systems (WPS)/Indoor Positioning Systems (IPS) as an additional positioning data source by exploiting hardware commonly available.

As long as SubPos nodes are populated, all a user wishing to determine their location underground or indoors needs to do is use a Wi-Fi receiver.  This can be useful in places such as metro lines, shopping malls, car parks, art galleries or conference centers – essentially anyplace GPS doesn’t penetrate. SubPos defines an accurate method for subterranean positioning in different environments by exploiting all the capabilities of Wi-Fi. SubPos Nodes or existing Wi-Fi access points are used to transmit encoded information in a standard Wi-Fi beacon frame which is then used for position triangulation.

The SubPos Nodes operate much like GPS satellites, except that instead of using precise timing to calculate distance between a transmitter and receiver, SubPos uses coded transmitter information as well as the client’s received signal strength. Watch a demo video after the break.


The 2015 Hackaday Prize is sponsored by:

Continue reading “Hackaday Prize Entry : Subterranean Positioning System”

A chink in the armor of WPA/WPA2 WiFi security

Looks like your WiFi might not be quite as secure as you thought it was. A paper recently published by [Stefan Viehböck] details a security flaw in the supposedly robust WPA/WPA2 WiFi security protocol. It’s not actually that protocol which is the culprit, but an in-built feature called Wi-Fi Protected Setup. This is an additional security protocol that allows you to easily setup network devices like printers without the need to give them the WPA passphrase. [Stephan’s] proof-of-concept allows him to get the WPS pin in 4-10 hours using brute force. Once an attacker has that pin, they can immediately get the WPA passphrase with it. This works even if the passphrase is frequently changed.

Apparently, most WiFi access points not only offer WPS, but have it enabled by default. To further muck up the situation, some hardware settings dashboards offer a disable switch that doesn’t actually do anything!

It looks like [Stephan] wasn’t the only one working on this exploit. [Craig] wrote in to let us know he’s already released software to exploit the hole.