Two weeks ago, security researcher Benjamin Caudill unveiled a new cheap anonymizing device called Proxyham.The device allowed its operator to connect to a Wi-Fi network up to 2.5 miles away, detaching the user from the IP address and giving him or her an extra layer of anonymization online. Caudill was expected to release the code for Proxyham, as well as show off a prototype, at the hacking conference Def Con in Las Vegas next month.But over the weekend, due to mysterious circumstances, the talk at Def Con got cancelled, and the development of Proxyham was shuttered. To make matters even murkier, Caudill said he is unable to talk about what happened, suggesting he might have been pressured to kill Proxyham."Effective immediately, we are halting further [development] on Proxyham and will not be releasing any further details or source for the device," Caudill's firm Rhino Security Labs tweeted on late Friday.The firm also added that Proxyham prototypes that have already been built "will be disposed of and no longer be made available at Def Con.""Something's off, as this doesn't seem like a typical cancellation," wrote security reporter Steve Ragan, commenting on the case.Referring to the fact that at this point, Proxyham won't see the light of day, neither its code, nor the prototype, and that even Rhino Security Labs deleted a banner dedicated to it on its site, Ragan added that "it's almost as if someone were trying to pretend the tool never existed."However, even if Proxyham disappears, the concept might not be gone forever: as former LulzSec hacker and FBI informant Xavier Monsegur, better known as Sabu,wroteon Twitter, "the general gist of the device could be replicable by other researchers."
Advertisement
I reached out to Caudill via email, but he declined to provide any comment and apoligized, which could mean he is under a gag order and can't talk about what happened. Perhaps law enforcement authorities forced him to stop working on Proxyham given that it could've been abused by criminals, perhaps another company filed a copyright claim on Caudill's work—it's impossible to tell at this point.Although that's obviously speculation, it seems extremely weird that a researcher would pull a talk from Def Con and abruptly halt development of a device he's been working on for months without much explanation, so it's possible that somebody forced him to.We will also be immediately cancelling the Rhino Security LabsJuly 10, 2015
"Something's off, as this doesn't seem like a typical cancellation."
Advertisement