A security company has launched a pocket-sized table that can hack into Wi-Fi networks using powerful penetration tools - a boon for security professionals and hackers alike.
Silica, from penetration test company Immunity, runs Canvas, an attack tool that includes hundreds of exploits, to attack any Wi-Fi networks it detects. It is designed to help IT managers secure their networks, but the $3600 tool would obviously be very dangerous in the wrong hands.
Operating on a Nokia 770 Internet tablet the tool, which was shown at this week's RSA security conference, runs through an attack routine automatically, controlled by a simple three-button interface on the tablet's touch-screen. It searches for open connections and launches exploits, and carries out pre-programmed routines to exploit weaknesses it finds. The Canvas tool is regularly updated with new security exploits.
It can be left running inside a suit pocket or handback, which sounds covert - but that is part of the idea. Security managers are up against people working secretively, and this allows them to scan an office without alerting any hackers by pulling out a large laptop. Many of the early customers are police officers, says Immunity.
But there's clearly a danger of others using the device maliciously. It could download any unsecured interesting files, so the hacker can carry them away in his pocket, or compromise a computer, leaving it ready for remote control.
Immunity's only defence is to "vet" buyers: "We don't sell to anonymous users," Justine Aitel of Immunity told ZDNet. "We know where the money is coming from and who we are shipping to." But she admits they may find their way onto the black market: "It could be some guy working at Cisco, ordering Silica to give to his criminal friend. You'll never be able to stop that."
Like any security tool, it is a double-edged sword. In its defence, it could be said that knowledgeable hackers could be using something like this already - they can download all the exploits it uses from the Internet for free, and load them onto their own Internet tablets.
The price, (and the vetting), are hurdles to getting hold of a ready-made device, which will limit it to "professional" hackers, prepared to invest time and money to get a tool they can use without any technical knowledge.