Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Privacy Security Hardware

Raspberry Pi-Powered Anti-Tracking Tool Checks If You're Being Followed (wired.com) 79

Posted by BeauHD from the always-watching dept.
Matt Edmondson, a hacker and digital forensics expert, built a Raspberry Pi-powered anti-tracking tool that "scans for nearby devices and alerts you if the same phone is detected multiple times within the past 20 minutes," reports Wired. The device, which can be carried around or placed in a car, consists of parts that cost around $200 in total. From the report: The homemade system works by scanning for wireless devices around it and then checking its logs to see whether they also were present within the past 20 minutes. It was designed to be used while people are on the move rather than sitting in, say, a coffee shop, where it would pick up too many false readings. The anti-tracking tool, which can sit inside a shoebox-sized case, is made up of a few components. A Raspberry Pi 3 runs its software, a Wi-Fi card looks for nearby devices, a small waterproof case protects it, and a portable charger powers the system. A touchscreen shows the alerts the device produces. Each alert may be a sign that you are being tailed. The device runs Kismet, which is a wireless network detector, and is able to detect smartphones and tablets around it that are looking for Wi-Fi or Bluetooth connections. The phones we use are constantly looking for wireless networks around them, including networks they've connected to before as well as new networks.

Edmondson says Kismet makes a record of the first time it sees a device and then the most recent time it was detected. But to make the anti-tracking system work, he had to write code in Python to create lists of what Kismet detects over time. There are lists for devices spotted in the past five to 10 minutes, 10 to 15 minutes, and 15 to 20 minutes. If a device appears twice, an alert flashes up on the screen. The system can show a phone's MAC address, although this is not much use if it's been randomized. It can also record the names of Wi-Fi networks that devices around it are looking for -- a phone that's trying to connect to a Wi-Fi network called Langley may give some clues about its owner. "If you have a device on you, I should see it," he says. In an example, he showed WIRED that a device was looking for a network called SAMSUNGSMART.

To stop the system from detecting your own phone or those of other people traveling with you, it has an "ignore" list. By tapping one of the device's onscreen buttons, it's possible to "ignore everything that it has already seen." Edmondson says that in the future, the device could be modified to send a text alert instead of showing them on the screen. He is also interested in adding the capability to detect tire-pressure monitoring systems that could show recurring nearby vehicles. A GPS unit could also be added so you can see where you were when you were being tracked, he says. [...] Edmondson has no plans to make the device into a commercial product, but he says the design could easily be copied and reused by anyone with some technical knowledge. Many of the parts involved are easy to obtain or may be lying around the homes of people in tech communities. For those interested, Edmondson open-sourced its underlying code and plans to present the research project at the Black Hat security conference in Las Vegas this week.
This discussion has been archived. No new comments can be posted.

Raspberry Pi-Powered Anti-Tracking Tool Checks If You're Being Followed More

Raspberry Pi-Powered Anti-Tracking Tool Checks If You're Being Followed

Comments Filter:

  • Because.... (Score:3, Interesting)

    by Kelxin ( 3417093 ) on Thursday August 11, 2022 @09:37PM (#62782336)
    WiFi and Bluetooth are needed to track someone... /S

    • Re:Because.... (Score:4, Insightful)

      by geekmux ( 1040042 ) on Thursday August 11, 2022 @09:56PM (#62782370)

      WiFi and Bluetooth are needed to track someone... /S

      Yup, those are a couple of trees, but let's recognize the forest. Someone felt the need to invent a cheap anti-tracking device for citizens, which we already know there's demand for such a product.

      And ironically, Black Hat/DEFCON proved that WiFi can work a hell of a lot farther than damn near any traditional tracking.

    • WiFi and Bluetooth are needed to track someone... /S

      Needed? No. But people who track others are just that. People. People who by-n-large don't think about the consequences of what they do, such as not disable wifi and bluetooth on their mobile phone while following someone, because why would they? It's not like the trackers are being tracked.

      Yeah this is easily defeated, but you need to think about doing so first.

      • Why would this work? Surely the same people who decided to implement MAC randomization will do the same thing for Bluetooth. My only question is does his application track you by the network names you're broadcasting, or by the characteristics of your transmitted signal?

        • Re: (Score:2)

          by tlhIngan ( 30335 )

          Why would this work? Surely the same people who decided to implement MAC randomization will do the same thing for Bluetooth. My only question is does his application track you by the network names you're broadcasting, or by the characteristics of your transmitted signal?

          Why do you assume you're being tracked by a phone? You do realize things like AirTags exist, right? They're stupidly cheap devices that you can surreptitiously hide on someone or something. They don't require anyone to actually physically fo

          • Why would this work? Surely the same people who decided to implement MAC randomization will do the same thing for Bluetooth. My only question is does his application track you by the network names you're broadcasting, or by the characteristics of your transmitted signal?

            Why do you assume you're being tracked by a phone? You do realize things like AirTags exist, right? They're stupidly cheap devices that you can surreptitiously hide on someone or something. They don't require anyone to actually physically follow you around and they're easily hidden and potentially hard to detect.

            Now, Apple does take steps to try to make their tag more obvious, but there are countermeasures to those, and there are tags by other companies who don't do those things.

            Given the relative uselessness of the AirTag app on Android, something like this could be useful to detect such things and be useful in the future.

            How? If the next version of AirTag randomizes its ID, how you you ever determine that you're being tracked, without parking your car in a sealed steel box and then probing for AirTags?

            Besides, in my case, I only move my eyes and fingers for hours on end (unless your tracker can tell that I'm breathing, its going to think I'm sleeping or dead).

      • Most dedicated tracking devices (besides the stupidity of airtags, or other key chain toys) only have GPS and cell signal. If the device would track current cell connections near you, then it would be a game changer.
    • The article mentioned he's also working on the ability to look for other cars from their Bluetooth tire pressure sensors. While a nefarious tail might be smart enough to turn off WiFi and Bluetooth on their personal mobile devices, it's unlikely they'd be able to do this on their vehicle's systems.

      • Re: (Score:2)

        by mspohr ( 589790 )

        Airtags use Bluetooth so need to monitor Bluetooth also.

      • The tire Bluetooth sensor range is about 2 feet if you're lucky. On a range Rover, discount tire was having problems reading it with a dedicated device all the way against the tire.

    • WiFi and Bluetooth are needed to track someone... /S

      I don't think they're trying what you think they're trying. It says it's designed to be on the move and it notifies you if the same wireless device is around with the standard settings, announcing itself.

      It's the same thing as looking around the room for the same person . . . except it's simplified and more precise.

      Yes, savvy stalkers will have this stuff off, but most people that follow other people won't necessarily be smart enough to have all of that shut down.

      A little more privacy in one's daily li

  • Man, I work with a bunch of stalkers. This thing finds them around me all the time!

    • Yes, and my car is following me too!

    • What might be useful is a gadget that watched for incoming calls to your phone. It could tell you who was trying to call and let you leave your phone off almost all the time. I know it would be hard technically because the towers have to ping your phone to connect.

  • Yup, it will work for this too! ;-)

  • And probably can detect similar devices nearby or are all the radios only receiving?

  • So we can learn the ID's of our neighbors and can tell when they've just left.
    Or houses that may be interesting to visit.

  • The device runs Kismet, which is a wireless network detector, and is able to detect smartphones and tablets around it that are looking for Wi-Fi or Bluetooth connections. The phones we use are constantly looking for wireless networks around them, including networks they've connected to before as well as new networks.

    I thought both Android [android.com] and iOS [apple.com] randomize the MAC addresses used for both their wifi and Bluetooth scans, specifically to prevent being tracked by them. (Which is what the "anti-tracker" is doing, after all, tracking devices that are near you.)

    Pretty sure if they see a known network they both switch to their "real" MAC address, so I suppose that would work. But while "on the move" they should be using randomized MAC addresses.

    • Android uses the same randomized MAC for the same WiFi network each time. So the approach to detect it would still work. You would just likely see a lot of different MACs each looking for a specific WiFi network. Unless the randomization only goes into effect during and after connecting, in which case it's not an issue at all then.

      • Re:Don't Android and iOS randomize MAC addresses? (Score:5, Interesting)

        by ichthus ( 72442 ) on Thursday August 11, 2022 @11:19PM (#62782488) Homepage

        Android uses the same randomized MAC for the same WiFi network each time.

        No it doesn't. My family's phones (at least, those running Android 10 and up) randomize their MACs every time they connect to our home WiFi. I wrote a little program to grab the DHCPACK log entries from my router, and then announce the arrival of people on an RPi with Festival TTS. I have to use the network/device name, instead of the MAC for the phones for this reason.

        Incidentally, my daughter's boyfriend is an iOS guy, and I actually have to use his MACs (iPhone and iWatch) to detect him, because he uses a SPACE character for his device names. I don't know what version of iOS he's running, but his MACs are NOT randomized.

        The kids don't know how I'm detecting them -- they actually think I have face recognition running with security cams.

        • Welcome home ichthus! Lord of the manor... King of the castle...

          • Re: (Score:2)

            by ichthus ( 72442 )
            Haha, you're not too far off. I grabbed this audio:
            https://www.youtube.com/watch?... [youtube.com]

            Then, here's the command I push to the RPi when my phone connects:
            omxplayer --no-keys -o hdmi --no-osd /home/pi/Sounds/LondonFanfareTrumpets.mp3 & sleep 23 && echo "Its that one guy" |festival --tts

        • my daughter's boyfriend is an iOS guy, and I actually have to use his MACs (iPhone and iWatch) to detect him, because he uses a SPACE character for his device names

          There has to be more to this story. You can't just quote the device names?

          • Re: (Score:2)

            by ichthus ( 72442 )
            Oh yeah. Way more. The program starts by reading a file with entries for each of the devices, building a linked list of structs like:

            - Person's name
            - device name
            - list of random commands to push when the person arrives (it chooses one each time)
            - list of commands and ALL get executed when the person arrives
            (eg. kodi-send --host=treader -a "Notification(ichthus,has arrived,10000)) will display a message on one of kodi's in my home.
            - And finally, a minimum time, in seconds, that each person has t

          • Re: (Score:2)

            by ichthus ( 72442 )
            Oh, on second reading of your post, now I see what you meant. I initially thought he had simply erased the device name -- leaving it blank. I actually don't know if you can do that on an iDevice. But, after I had changed the code to also examine MAC addrs, I more closely examined the log entries for him and noticed the space. Maybe I could trigger on the space at the END of the line just before the '\0', but that's still too ambiguous of a string to depend on.

        • This is called being a Great Dad.

  • instead of carrying an extra device with you?

  • It needs to run on a zero w, for which you can get a credible e-ink display for around $15.

    • Well, I'd also say that "shoebox sized" is a bit ridiculous for such a device in this day and age.

      • I'm sure if he had a design fab rather than just cobbling together off the shelf parts and putting them in a box it wouldn't be shoebox sized.

        When the $5 versions start showing up on Alibaba it'll be the size of a thumb drive, don't worry.

    • That would be great, but the problem is first you would have to actually obtain a Zero W.

      • That would be great, but the problem is first you would have to actually obtain a Zero W.

        They're all hard to come by, right?

      • The last thing the pi family needs is one more gotta have use. I have been on a wait list with adafruit for over a year for a 3. Zero's are even harder to come by and for years (maybe since first offered) you could only buy one from adafruit. The only way I am aware of being able to get a pi from adafruit is sometimes you can buy the raspberry pi 400 desktop for 70, but that is not currently available either. Digi-key hasn't had them since forever.

  • As I understand it, Airtags use Bluetooth Low Energy (BLE). Can this device detect Airtags? An Airtag placed in clothing or on a vehicle seems like one of the easiest ways to track a person or a thing... it would be great if we could use a Raspberry Pi + some peripherals to reliably detect the ongoing presence of an Airtag. The Wired article mentions them but doesn't actually say if Edmondson's gadget can can detect them.

    And I thought the Pi had Wifi and Bluetooth built-in, why does it need the external Wif

    • Re:What about Airtags? (Score:4, Informative)

      by thegarbz ( 1787294 ) on Friday August 12, 2022 @04:13AM (#62782798)

      Having a wifi dongle with dedicated antennas provides a significant improvement in range over the craptacular wifi reception of the Raspberry Pi's onboard antenna.
      And the Pi as well as the bluetooth dongle support BLE, not sure why the bluetooth dongle exists, but maybe the drivers for it are easier to work with than whatever Broadcom ships. I'm speculating here, but you typically need some kind of driver level support to do the things being done here, and open source support is usually very good for cheap Taiwanese dongles.

  • Apple and Google have created tools two years ago that will detect whether other phones are nearby you for some length of time, while protecting everyone's privacy. Now stalker and victim are in exactly symmetric positions, so the software can only know that you are one of them. Not both.

    The fact "some device was near you repeatedly" can be reported I think without any privacy violation. It would be possible to record info of friends, family and work colleagues so they don't get reported. Bus, train and

  • Because you have a RasPi and are about to get mugged for the unobtanium in your pocket.

  • Great idea. I would simplify it down to an ESP32-S3, and a battery. Wifi is used to detect signals; BLE used to send alerts to your phone. That would run for a week on a small LiPol battery, and fit in your pocket.

  • Will come with tons of false alerts as well. Because quite often people just follow the same path without following a person.

  • ...Marx Brothers quote. Some men are following me! [youtube.com]

  • According to this tool, I was being followed by like 100 people on the train to work! They didn't stop following me until we reached our destination. I was, understandably, totally creeped out by this. Worst part is some of them were following me on the train home too, although there were some new followers in that group as well (they seem to be monitoring me in shifts!).

    Seems I've got hundreds of restraining orders to pursue.

  • Has anyone used Kismet?
    Isn't this /. FFS

    Head slap - of course no one read anything other than the title..

  • ... Or even be part of the operating system for the phone, because it's such a native thing that could be very useful.

  • That's appropriate considering raspberry pis are nowhere to be found [rpilocator.com]

  • Ideally, you would detect all common wireless signals identifiers... including with Bluetooth, WiFi, IMSI (using stingray-style device), TPMS from car tires, etc...

Slashdot Top Deals

A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson

Close