[DefCon32] DEF CON 32: MobileMesh RF Network Exploitation – Getting the Tea from goTenna
Erwin Karincic and Woody, security researchers with a passion for wireless technologies, delivered a revealing presentation at DEF CON 32 on vulnerabilities in goTenna Pro, a device promising secure, off-grid mobile mesh networking. Their rigorous examination exposed flaws in the implementation of AES-256 encryption, enabling message tracking, interception, and injection. Erwin and Woody’s work, conducted in collaboration with goTenna, culminated in open-source tools and actionable recommendations to enhance device security, challenging the community to verify claims of security.
Unmasking goTenna’s Security Claims
Erwin introduced the goTenna Pro, a radio used by personnel requiring secure communication without cellular or satellite infrastructure. Despite its AES-256 encryption claims, their analysis revealed vulnerabilities allowing fingerprinting and tracking of every message, regardless of encryption. By dissecting the device’s hardware and software, Erwin and Woody uncovered implementation flaws that undermined its security guarantees, highlighting the dangers of trusting datasheets without verification.
Exploiting Mesh Network Vulnerabilities
Woody delved into the technical details, demonstrating how they exploited goTenna’s mesh network to intercept and decrypt messages. Their live demo showcased the ability to inject malicious messages into the network, exposing operational risks for users in sensitive environments. The researchers developed open-source tools to replicate these exploits, encouraging the DEF CON community to test similar devices. Their methodology emphasized systematic testing of RF protocols, revealing weaknesses in goTenna’s encryption implementation.
Collaborative Remediation Efforts
Erwin highlighted their constructive engagement with goTenna, which responded positively to their findings. The company acknowledged the vulnerabilities and worked to address them, a rare success in vendor collaboration. The researchers also thanked organizations like the Electronic Frontier Foundation (EFF) and CISA for supporting their work, emphasizing the importance of community-driven efforts to hold manufacturers accountable and improve device security.
Empowering Secure Communication
Concluding, Woody urged the DEF CON community to challenge security claims and test equipment rigorously. They released their tools open-source, inspiring further research into mesh technologies like LoRa and Meshtastic. By sharing their findings and mitigation strategies, Erwin and Woody aim to reduce the risk of compromise for goTenna users, advocating for secure-by-design principles in RF communication devices.