Explainer: Mike Lindell's WiFi drone that's gonna save us from the Chinese
Mike Lindell is an American businessman who promotes election conspiracy-theories. He’s most famous for spending 2021 promising to reveal “pcaps” of Chinese hackers, proof of election hacking so convincing the Supreme Court would vote 9-0 to overturn the 2020 election. He failed to do this, and has since moved onto other nonsense.
Among his latest shenanigans is promoting his “WMD” or “Wifi Monitoring Device” that can monitor WiFi signals at polling places to see if election computers are connected to the Internet. These devices are not supposed to be connected to the Internet, but part of Lindell’s conspiracy theories is that they actually are, and are being routinely hacked by the Chinese. Presumably, during the election, volunteers will either hand-carry these devices to polling places or fly them around nearby on drones.
These devices will report to a central servicer, electioncrimebureau.net, so that during the next election, we can see real-time any detected election equipment connected to WiFi.
He promises that this is some “sophisticated” device, but it’s not. WiFi monitoring is one of the basic activities that hackers do. Lindell’s rhetoric is the same he’s been peddling for 3 years, the breathless wonder of somebody clueless to how technology works, in the thralls of charlatans who’ve convinced him they’ve created magic.
There’s a good chance parts of this plan are illegal; you’d have to contact a lawyer. Unfortunately, your lawyer probably hasn’t a clue. I know of only one lawyer that has any experience answering both drone flying and WiFi monitoring questions.
The hardware
There’s nothing special about the hardware for WiFi monitoring. You can use an Android phone, a mobile hotspot, Raspberry Pi (with standard components), or just an average laptop. All of these things can easily run popular “WiFi monitoring” software that uploads this information to a website.
It appears this WMD was instead developed the hard way, all from custom parts. Here is a webpage that appears to break down the raw components, including showing how the case was 3D printed (the outer case is a Pelican 1010). It looks like the innovation is getting things as light as possible to mount on a drone, rather than any advance in WiFi monitoring.
The thing in the lower right is either a 4g or WiFi board. The center is a GPS module. Not shown is some sort of computer device, which would like be something like a Raspberry Pi 0.
This is rather stupid. While they may have developed a prototype, they can’t easily mass manufacture these things. It would’ve been far easier just to order some standard product from Aliexpress and run your own software on it. Any computing device can run this software — even a laptop.
People have linked this “Hughes Tech Group” to “3netlabs”[*] and Dennis Montgomery. If you’ll recall, Dennis Montgomery is the crazy techie that sold Lindell the fake pcaps for millions of dollars back in 2021. He’s conned millions of dollars out of Lindell, but it appears Lindell keeps giving him more money, refusing to recognize the con.
The software
The hard part is something called monitor-mode, configuring the computer to receive all WiFi transmissions, not just the ones a device is normally interested in. Solving the monitor-mode problems is what makes using Android phones difficult (though not impossible), which is why we search for these other hardware solutions.
Once that problem is solve, then there are a ton of software packages to do the monitoring. They just receive and process packets. This WMD is probably just using Kismet and extensions for WIGLE. These are how most people do such WiFi monitoring these days. It would be silly not to.
I’ve written my own software (https://github.com/robertdavidgraham/wifi-mon). I point this out for two reasons. One of which is to point out that it’s not black magic, there’s nothing terribly sophisticated going on here. The second is the burnish my credentials — I’m an expert in WiFi monitoring.
There are three things you want from the software. The first is to get a list of all the access-points aka. base-stations aka. routers. This is the sort of list you get from your own computer when connecting to Wifi, but would contain more raw details. My software shows things like the following:
The second is monitor all the devices that are attached to WiFi access-points. These devices transmit broadcasts that will advertise more things, such as their names. My software shows it like the following:
These broadcasts are one of the legal wrinkles your lawyer probably can’t answer for you. Their purpose is to notify everyone on a network, so if you are authorized to be on the network, you are authorized to receive them. They are also all metadata, not data, so fall under a different category. Nobody’s gotten in trouble for monitoring broadcasts yet.
But tell that to a court. If you are a trouble maker doing something otherwise bad, there is a good chance the prosecutors will convince the judge or jury that it’s illegal. Nobody has gotten in trouble for monitoring broadcasts yet, but in other areas, hackers have been convicted of crimes that techies all believed were legal.
The third is a list of un-attached devices, things that have WiFi enabled, but which aren’t actually connected to the network. My software displays something like the following. These days, such broadcasts randomize their hardware identifiers, so you can’t really identify them, or even count precisely how many there are in the area.
As I said, this section is largely to show my credentials. This is my software that I wrote from scratch. I know what’s going on underneath here.
False-positives
The main problem here is that the monitors will collect too many false-positives. While election devices may not be connected to WiFi, there is a WiFi network at every poling place with a ton of devices connected. For example, the poling place may be in a local library, which already has a WiFi network with a ton of machines attached.
Therefore, Lindell’s WMDs will appear to detect things. The crazies will assume these are Chinese hacked voting machines until proven otherwise.
This is just a repeat of the last 3 years of unsubstantiated claims of election fraud. There’s no evidence, so instead Trumpists search for unexplained anomalies and insist anything unexplained is evidence of fraud.
They will do the same thing here. They will find many inexplicable WiFi devices. Instead of proving they are election machines, they will demand the rest of us prove they aren’t. They will discover other oddities as well, such as unexplained behavior of some devices. That, too, is evidence of the conspiracy unless we can find some other explanation.
Private networks
Monitoring works best on unencrypted networks, like the kind you find at Starbucks. But most networks these days are encrypted. Starbucks is one of the rare places that offers unencrypted WiFi, most businesses offer only encrypted WiFi. It’s a way of restricting it only to customers who come inside for the password.
When the broadcasts are encrypted, you can’t read them. You can’t tell the difference between a printer or ballot marking device. You can’t know its name.
Another problem is randomized MAC addresses. Historically, you could identify the manufacturer of any WiFi device (encrypted or not) through their hardware addresses. Since this is an invasion of privacy, most devices now randomize them.
Election computers tend to be old, so this may not apply to them. It may be possible to identify the maker. But probably not.
The upshot is that while election devices may be connected to WiFi, it’s almost certain that we couldn’t identify them. We’d see there’s a device and that it’s connected, but not that it’s election computer as opposed to some other device nearby that’s not being used for elections.
Manufacturer MAC address
As mentioned above, older devices will have identifiable MAC addresses. Dominion voting systems have a MAC address of “C4:19:8B”. Other manufacturers have other MAC addresses. If a WiFi monitor sees that, then we have a definite issue.
But it still doesn’t point to Internet connectivity. Voting machines are often connected to an air-gapped network. It means a local network exists, just one that isn’t connected to the Internet.
If the network is encrypted, there’s no way to tell the difference. There’s not way to prove whether the network is properly air-gapped or not.
Conclusion
I’m an expert in WiFi monitoring.
The idea can work. If voting devices are connected to the Internet on an unencrypted network, then it’s likely we can prove this with WiFi monitoring. Likewise, if any WiFi devices have manufacture IDs tied to an election company (like C4:19:8B for Dominion Voting Systems), then we can conclusively1 identify them.
What what’s really going to happen is that Lindell volunteers will detect WiFi devices near polling places and go crazy. All poling places will have WiFi nearby. They’ll demand that everything not otherwise explainable is evidence of their theory, that it’s election machines that are connected to the Internet.
We must instead demand that they provide evidence. They must provide evidence these really are election machines, because it’s impossible to prove they aren’t. They must provide evidence they really are connected to the Internet. It’s not our job to prove that these aren’t the case, because we already know they’ll find thousands of devices that false-positives.
Note that WiFi monitors collect WiFi packets or “pcaps”. When it comes time to demand proof, we’ll want to see those raw “pcaps” rather than screenshots of WiFi monitors. Lindell has a poor track record of providing the pcaps he claims to have.
Credit: Some of the more interesting bits of this post come from @uslss_etr.
Update:
As @larrywright points out, the videos on the “Hughes Tech” website show Blxware credits. This is famously Dennis Montgomery’s company. This pretty much confirms that Lindell is getting all this WiFi monitoring from Dennis Montgomery.
Since this WiFi monitoring is largely can’t identify election machines connected to the Internet (to show lots of suspicious things), it sounds like Lindell has once again been conned by the same conman.
Unless somebody is playing shenanigans. Computers allow you to change the MAC address, so you can make it look like a Dominion Voting Machine. Go into local library and change the MAC address of some of their machines and watch Lindell crazies completely lose their s***.
O'Donnell's website clearly shows in an image of an advanced menu for the WMD control app that it's not just passive, and capable of deauth and flood attacks.