Building exteriors are often well lit to keep out physical attacks and to enable CCTV footage without requiring infrared emitters on the cameras. Often times, these will use “electric eyes” to detect light, and when present, turn off exterior lights to conserve energy.
Typically these sensors are made with a CdS cell (cadmium sulfide). They act by increasing the resistance of the cell in the absence of light. This is why they are often called photoresistors, light sensors, photocells and similar.
To prevent moisture from entering the cells, they often point either parallel to the ground or somewhat towards the ground, and are often located away from the light sources on the building (since the security lighting will interfere with the light sensed). Street lighting, for example, will often have the sensor located on the top of the unit, allowing it to detect daylight without detecting the street light.
If each fixture has their own photocell, this technique may quickly become ineffective, however there are many buildings that use one central photocell to control all exterior lighting (generally, you’ll see all lights go out at once). Some other building require an employee to manually turn off a breaker or a switch, or better yet — rely on a timer.
A well-lit parking lot or building is typically going to experience less crime since a criminal is more likely to be spotted at the building’s exterior. Photocells are inexpensive and testing many models is a cheap endeavor. In the street light pictured above, the photocell is the small black device on the top of the fixture. The clear cutout is the aperture where light interference will disable the light.
So I decided to buy a cheap light sensor, it was about $5 at the local hardware store. I also bought a cat toy, the mystical disabler of lights.
The first thing I did was bend the triangle wire that holds the laser pointer to a keychain, we won’t need that anymore.
I also loaded up the button cells. Next, I attached a 1/4″ x 20 NyLock nut to the bottom. These are the standard threads used on a tripod, which will help use this tool. I learned a technique from a guy named Marty in Australia who makes over Matchbox cars (Marty’s Matchbox Makeovers) that you can use baking soda + superglue to quickly cure the glue and build up a sizeable “weld” between two objects.
First, you apply superglue to the items you want bonded, then you sprinkle baking soda onto the glue:
Once you add the baking soda, give it few moments before removing the excess and then repeating until you feel the bond is strong. In this case, I attached the NyLock side to the laser pointer to give a malleable thread to stop the tripod from hitting the laser pointer body. You can go without using a NyLock, it just is what I had on hand and made me feel ingenious using it. Also: Instead of tightening the threads of the laser pointer into the base, you just need to tighten it to the NyLock threads.
Yeah, you can sand and paint the glue at this point, but given its purpose, I’m happy with that.
Now, this laser can be mounted onto a tripod and pointed at a light receptacle:
The one I built here had dead batteries, requires you to force the button down with a clip of some sort, and uses button cells. Overall, it may work if you win the laser lottery. But, since I wanted to talk more about this, I’ve ordered some laser diodes and battery packs. I also have a real tripod and plan on doing additional research into the efficacy of this technique. I will also talk methods of remediating the risk of this attack.
Yes, you can do the same thing with a flash light, head lights, even the sun. A laser is less likely to be spotted since the light is concentrated, powerful, and very portable. This can disable exterior lighting or trigger security cameras to turn off night vision infrared emitters (effectively blinding even these).
Keep an eye out for a followup! I will build a better demo unit in the coming weeks and talk options on preventing this attack. I find it unlikely this will ever be used, it is more a think piece about trusting external output (the environment) to control security features. Something a lot of folks in application development aren’t doing that well.