Replicating the NSA's Gadgets Using Open Source 47
An anonymous reader writes "Wireless security researcher Michael Ossmann asked himself: 'Could I make the gadgets that the agency uses to monitor and locate mobile phones, tap USB and Ethernet connections, maintain persistent malware on PCs, communicate with malware across air gaps, and more, by just using open source software and hardware?' In this podcast he shares his insights on what to use — and how — to duplicate hardware devices found in the ANT catalog."
laws of physics Yes, laws of your state, No (Score:3, Insightful)
Yes, but anything messing with a cell phone is illegal unless you are above the law (law enforcement, Government etc.) It is even illegal to have a police scanner or radar detector in some (police) states.
National Security (Score:5, Insightful)
If the NSA does it, hey that's national security and they are allowed to do anything.
If you do it, you're going to be spending the rest of your life in a 10' cube for national security.
Ok wait, hang on (Score:4, Insightful)
Is there any evidence of this "air gap malware" crap? Yes I remember there was a preliminary story on Slashdot... I don't remember any followup, any proof, just some wild ass speculation.
Is there any evidence that such a thing actually exists?
Podcast Spam (Score:4, Insightful)
No, This is the First Step in Fixing the Problem (Score:3, Insightful)
OK yes the NSA did a lot of illegal things and used/misused tools to gather information that they shouldn't have, and they have a problem being a secret organization of having the correct checks and balances to keep them in place.
So instead of putting brain power into figuring out how to make such organizations more trustworthy and deserving to be trustworthy. Lets just take all their tools and tricks and give them to the general public. Where any kid with some free time and the trendy hatred of "The Man" can get their hands on it, and use it to cause all sorts of problems.
First, it can be argued that, to solve a problem, you must first understand it. Knowing how the NSA is violating our privacy at a technical level is the first step in preventing it.
Second, if having our Dear, Beloved Leaders violate our privacy and constitutional rights is not enough incentive to find solutions to these issues, then maybe having every script kiddie able to do the same might result in some resources being put into place to solve this problem, particularly with respect to corporations who have been actively facilitating this nonsense in the past (*cough* Microsoft, *cough* Cisco, etc.).
So while the short term pain might be a bit unpleasant, it seems to me the long term, much needed changes are probably well worth it.