Forgot your password?
typodupeerror
Security Hardware Idle

Stealthy Pen Test Unit Plugs Directly Into 110 VAC Socket (Video) 74

Posted by Roblimo
from the monitor-your-people-without-them-ever-finding-out dept.
Pwnie Express is a cute name for this tiny (and easily hidden) group of Pen Test devices. Their website says, 'Our initial hardware offering, the Pwn Plug, is the first-to-market commercial penetration testing drop box platform. This low-cost plug-and-play device is designed for remote security testing of corporate facilities, including branch offices and retail locations. A security professional or service provider can ship this device to a corporate facility and conduct a security test over the Internet without travel expenses.' Hardware buffs will recognize this unit as a SheevaPlug, but the value-add is that it's preloaded with Ubuntu Linux and and a rich suite of intrusion/testing tools. The company's 'Founder and CEO and everything else' is Dave Porcello. The video is an interview with Dave, in which he shows off and demonstrates some Pwnie Express products.

This discussion has been archived. No new comments can be posted.

Stealthy Pen Test Unit Plugs Directly Into 110 VAC Socket (Video)

Comments Filter:
  • Re:Pwnie Express (Score:2, Insightful)

    by gtch (1977476) on Thursday March 01, 2012 @10:40AM (#39208185)
    But is that funnier than the fact there are people in offices all over the world talking about "Penetration Testing" with a straight face?
  • Where's the Line? (Score:5, Insightful)

    by sycodon (149926) on Thursday March 01, 2012 @10:59AM (#39208441)

    In some states, possession of tools for picking locks or breaking into cars is illegal. Sure, they can have legitimate uses, but at some point government decided that the potential illegal uses far outweighed the legal uses and subsequently outlawed them

    Now look at this device. Seemingly innocent with a legitimate purpose, but apparently a perfect platform for more nefarious use.

    So I pose the question: At what point should possession a device like this or derivatives be considered to be a defacto indication of intention to illegally break into a network? Should it ever be considered that?

    If not, what additional software or form factor enhancements would change your mind?

    Discuss amongst yourselves.

  • by g0bshiTe (596213) on Thursday March 01, 2012 @11:07AM (#39208531)
    The problem is that this needs to be plugged in physically. So you would need a patsy to plug it in or physical access. On the other hand by your thinking since I can carry a usb stick with the same toolset it should be illegal as well, but since usb sticks have legitimate uses they are allowed, how would one know it was a nefarious hacking tool, without violating my privacy by asking me to expose the data it contained?

    Slimjims and lockpick sets are not as easily dismissed as innocuous. I do see your parallel.
  • by Mister Whirly (964219) on Thursday March 01, 2012 @12:16PM (#39209701) Homepage

    At what point should possession a device like this or derivatives be considered to be a defacto indication of intention to illegally break into a network?

    The moment it is actually used to illegally break into a network, and never before it happens. Devices themselves have no intent and therefore cannot be "evil" until put to an "evil" use. If you have permission to do testing, using a device like this can be a great tool.

It's later than you think, the joint Russian-American space mission has already begun.

Working...