August 5, 2013 § Leave a comment
Brendan O’Connor is a security researcher. How easy would it be, he recently wondered, to monitor the movement of everyone on the street – not by a government intelligence agency, but by a private citizen with a few hundred dollars to spare?
Mr. O’Connor, 27, bought some plastic boxes and stuffed them with a $25, credit-card size Raspberry Pi Model A computer and a few over-the-counter sensors, including Wi-Fi adapters. He connected each of those boxes to a command and control system, and he built a data visualization system to monitor what the sensors picked up: all the wireless traffic emitted by every nearby wireless device, including smartphones.
Each box cost $57. He produced 10 of them, and then he turned them on – to spy on himself. He could pick up the Web sites he browsed when he connected to a public Wi-Fi – say at a cafe – and he scooped up the unique identifier connected to his phone and iPad. Gobs of information traveled over the Internet in the clear, meaning they were entirely unencrypted and simple to scoop up.
Even when he didn’t connect to a Wi-Fi network, his sensors could track his location through Wi-Fi “pings.” His iPhone pinged the iMessage server to check for new messages. When he logged on to an unsecured Wi-Fi, it revealed what operating system he was using on what kind of device, and whether he was using Dropbox or went on a dating site or browsed for shoes on an e-commerce site. One site might leak his e-mail address, another his photo.
“Actually it’s not hard,” he concluded. “It’s terrifyingly easy.”
Also creepy – which is why he called his contraption “creepyDOL.”
“It could be used for anything depending on how creepy you want to be,” he said. read more
ART: Ernst Wille
January 16, 2013 § Leave a comment
You should know that the hacker, programmer, writer and activist Aaron Swartz has died of suicide at age 26. His body was found in his apartment on Friday. Aaron was one of those preternaturally brilliant, precocious hackers who, at the age of 14, co-developed the Really Simple Syndication or RSS web protocol that is the key component of much of the web’s entire publishing infrastructure…
You should also know that at the time of his death Aaron was being prosecuted by the federal government and threatened with up to 35 years in prison and $1 million in fines for the crime of — and I’m not exaggerating here — downloading too many free articles from the online database of scholarly work JSTOR. Aaron had allegedly used a simple computer script to use MIT’s network to massively download academic articles from the database that he himself had legitimate access to, almost 5 million in all, with the intent, prosecutors alleged, of making them freely available. You should know that despite JSTOR declining to press charges or pursue prosecution, federal prosecutors dropped a staggering 13 count felony indictment on Aaron for his alleged actions.
In a statement about his death Aaron’s family and partner wrote:
“Aaron’s death is not simply a personal tragedy. It is the product of a criminal justice system rife with intimidation and prosecutorial overreach. Decisions made by officials in the Massachusetts U.S. Attorney’s office and at MIT contributed to his death.” read more
STILL: Oshima Nagisa