Wednesday, 17 July 2019

WiFi track my every move

So my WiFi enabled printer got me thinking.

Obviously this thing is not just a gaping security hole in any network but also a blatant kick in the pants for privacy...
Oh, you want me to print a document? From your phone? On the same network? Oh... I'm just going to send your document to one of our servers somewhere in the world, but don't worry!
Well, who cares about that right? I mean it's not like we cant be reasonably sure that all our '''''private''''' data isn't being aggregated by at least a few different agencies. (And if you tell me it's too much data for anyone to sift through, I've got a blog post coming for that.)

No, what I mean is, my WiFi enabled printer REALLY got me thinking.

Have you heard about using capacitance signals from WiFi radio antenna to learn about people's locations? Turns out that using a hacked WiFi router, it's entirely possible for someone to track your location as you walk around your house. There was a story about how this was used in a real crime investigation that I have to dig out.

In fact this technique has been refined to not just track location, but also to perform 'pose estimation'. So in theory, and with some learning, your ISP could be monitoring how much time you spend taking a shit.

But that's just your ISP (or the half a million routers controlled by the people behind VPNFilter). I mean meh.

Have you ever heard of primary surveillance radar? In particular how it can be used to create a virtual passive radar system?

Putting the pieces together can't you imagine sitting outside someone's house and just passively monitoring their every move? Or, using a network of WiFi signals, everyone's every move? What? Too paranoid?

Indeed, if precise enough, can't you imagine your WiFi enabled printer quietly relaying your heart rate, your respiration rate and your blink rate back 'home'?

So next time you're in a jihadist fueled ferver about the latest post you read on the Daily Mail, unplug your fucking printer.

OK, so this is sci-fi, but in my next post I want to talk about how all this data can be aggregated to create a nation state simulation within which everything we do is carefully surveilled.

All in the name of a good old fashioned delusional paranoid fervor.

Saturday, 13 July 2019

Was WannaCry a shot across the bow?


Thinking about the history of WannaCry, a crudely implemented ransomware built on top of a 'highly weaponized' zero-day(?) exposed by The Shadow Brokers which was quickly neutralized before causing too much 'geopolitical' influence' sparked a number of ideas.

The Lazarus Group is clearly a state sponsored APT, but what are The Shadow Brokers? We understand them as a an anonymous internal hacker group not aligned to the mission of the NSA or the USA, but what if that conception is simply a consequence of information manipulation?

Obviously I'm making a lot of assumptions here, and speculating on the possibility of strange new battle lines in an emerging cyber warfare landscape. A landscape where perhaps ţhe old geopolitical lines have been redrawn in cyberspace. A truly transnational 'space' for which the term 'geopolitical' is anachronistic.

Specifically, how do geopolitics translate into cyberspace? There is no longer a 'geo', only a set of shared cultural, ideological and political alliances as well corporate and pragmatic alliances (my enemy's enemy).

At this stage, it seems naive to consider that cyberwarfare isn't in full swing, whereby anachronistic nationastates seeks to damage other nationstates by attacking critical banking, industrial, political and medical infrastructure through software, both malicious and benign.

One example that comes to mind is the mortar projectile calculator app that was being used by Ukrainians in the crimea. It turns out the app was authored by the Russian military, and was being used to reveal the location of the Ukrainian mortar positions.

Not to mention the 5th domain battleground.

So WannaCry was a Russian authored ransomware attacking UK based critical medical infrastructure based on zero days 'leaked' by groups close to American intelligence agencies.

Was the release of the shadow brokers Vault 7 tools actually a strategic play to enable other nationstates to attack each other? And was the 'kill switch' that saved the NHS from total IT collapse evidence that this was simply a demonstration of "cyber power" on behalf of the USA using a Russian patsy?

At this stage, it seems naive to consider that cyberwarfare isn't in full swing.

Siraj Raval promotes a new package manager with critical backdoors that let the NSA inject arbitrary code into 'signed' third party libraries running the backbone of the web for country X... What? Too paranoid?

I wonder to what extent mutual assured destruction has been achieved, or wether we are going to see more muscle flexing, akin to shooting down satellites (shutting down or even blowing up nuclear reactors, for example).

I fully expect the UK to be leading the world in cyber decoys, but this is just a hunch.

I heard about the former head of MI5 going around and talking to companies about defensive solutions, however, I wonder to what extent such systems are also ready for offensive capability.

Who's botnet is bigger? The NSAs? The FSBs?

Will the web splinter for national security reasons?

Can we, the transnational citizens of cyberspace resist the retrograde, reactionary, anachronistic political models of the past, and architect a new future of individual freedom, security, privacy and sovereignty?

Ours is not a caravan of despair.

Let us empower ourselves with antifragile systems for robust cyber-interaction free from political influence that isn't of our own conception.

Tuesday, 12 January 2016

Genetic anonymity (AdBlock my genome)

Every contact leaves a trace, and in this day and age (actually for years now), traces mean cheap, precise genetic identification. In other words, once known, any individual can be identified as having been present at almost any location.

This is done by cheaply and selectively reading your DNA at hundreds of thousands of locations and comparing these variables to those in an environmental sample, like a sophisticated molecular fingerprint.

What does this mean for spies?

Don't you think your government would love a genetic database of all known operatives? How can they protect their spies from becoming known? (Assuming double agents haven't already been quietly swabbing the door handles?)

Actually, I'm suddenly wondering what happens to those swabs they check your bags with at the airport... Thinking about it, it's almost cheep enough to monitor a database of all known individuals in near real time! Facial recognition? Pah!

So what should a spy do?

Genetic anonymity is easier than you think! Lets imagine they really are genotyping environmental samples (in airports). The standard protocol for almost any such test involves a genome amplification step (like this one), where the DNA in the sample is amplified.

Any amplification process is prone to feedback. Using so called 'poison primers' (primer dimers), for example, any PCR amplification step can be ruined (subverted).

This is why spies (and smarter criminals) actually wear poison primers on their clothes. A tiny, tiny contamination of such poison primers can ruin the PCR amplification protocol by selectively amplifying themselves over the intended sample. Each round of amplification creates more poison primers, irrevocably 'poisoning' the reaction.

The result? Genetic identification tests based on PCR fail wherever you go. You're a massive blind spot on the surveillance network. Interestingly, anyone specifically testing for such primers would spot you a mile off... like tattooing a third eye on your forehead to evade facial recognition; OK, you're algorithmically invisible, but you stand out like a freak.

But can it be so easy? No it can't, why did you ask?

Isothermal whole genome amplification is a common method that seeks to amplify genomic DNA without some of the pitfalls of PCR (such as poison primers). However, (we're speculating here right?) each increasingly sophisticated genotyping method can be subverted with an increasingly complex molecular 'countermeasure', effectively 'jamming' the protocol.

Thus we can imagine an arms race, with genotyping protocols developing specific anti-jamming measures to get round the latest molecular jamming techniques. Ultimately, this kind of molecular biology is akin to computer programming.

And where there's programmers, there's hackers.

Let's suppose that spy A, visits a crime scene, leaves a trace of her molecular program ... a program so sophisticated that it hacks the very protocol designed to negate its effect, specifically altering the test result to falsely implicate spy B in the crime committed.

Monday, 14 September 2015