"...smart phone..." threat, (IPAD/tablets too)

Discussion in 'Off Topic' started by 7SFCW4, Apr 3, 2014.

  1. 7SFCW4

    Out and About, Oregon
    Active Member

    Likes Received:
    As (sadly) an NSA alumni'st, I knew this was coming but am sad to see it actually arrive....

    Snoopy the Drone Can Hack Your Smartphone

    By Steve Anderson
    Contributing Mobile Security Writer
    The idea of flying robots stealing the information off a user's smartphone is the kind of threat that actually telling people is a concern might well result in involuntary institutionalization. At least, it was until now, with new reports out about a quadricopter drone known as Snoopy, which can indeed, under the right circumstances, hack a user's smartphone and steal the data contained therein.

    Snoopy is currently being tested above the streets of London, England, where a group of hackers will be bringing information about Snoopy and its operations to Singapore's upcoming Black Hat Asia conference. Snoopy operates, according to reports, by hovering over the streets, looking for devices that have Wi-Fi settings turned on. Once it finds such a device, it then exploits a key development in the connection system in which said device looks for a network it's already accessed. This is done in a process that Glenn Wilkinson, a security researcher with Sensepost, likens to “...very noisily shouting out the name of every network it's ever connected to.”

    While the device is frantically shouting out names in a bid to connect with a previously used network, Snoopy then steps in and claims to be that network, allowing the device in question to connect to the drone, believing it's the network in question. Snoopy can then get access to whatever the device has on it, ranging from things like usernames and passwords of certain websites, to even the names of the networks accessed, which can provide potentially useful information about where a user works or even lives.

    Snoopy went out on a Saturday afternoon as part of a CNNMoney report, and within an hour, managed to get not only network names but GPS coordinates for roughly 150 mobile devices, also getting several passwords to Amazon, PayPal and Yahoo accounts specifically created for the report so as to prove that the data could be obtained without risk to actual users.

    There are, thankfully, some protective measures that can be taken against drones like Snoopy, including shutting off automatic Wi-Fi connections, and requiring devices to actually ask before connecting to certain networks. This is a largely inconvenient way to go about things, but should prove fairly well protective against just such a tactic.

    The part that likely has many most concerned is that a drone is a comparatively unobtrusive device. It can operate well above a user's line of sight, and can take advantage of cover as needed, settling in over the top of a building temporarily, ducking behind treelines, or even just moving to where the user isn't looking at the time to stay almost completely hidden from view. That makes it impossible to tell where a drone is at any given time, and considering how quiet its engines can be, and what ranges at which it can operate, this means a quiet and extremely sneaky system that can grab data and be gone before anyone even realizes it was there. Some, like law enforcement, might call this useful, but many others would simply term it another and particularly pronounced invasion of privacy.

    Though there are protective measures that can be taken here, activating said protections can be difficult to regularly put in play, and even one slip with a drone like Snoopy could be disastrous. This is some very powerful technology, and it only remains to be seen just how far it will be put in use, or what kind of other protections will crop up to fight against it.

    Well-Known Member

    Likes Received:
    This technology has been around for quite awhile. But why does this need to be on a "drone". The very same thing could be done much easier just by walking around a crowd and a backpack full of the goodies the drone is packing.
    Navman and BoonDocks36 like this.

    Raleigh Hills, Or.
    Active Member

    Likes Received:
    Read the EULA before downloading any app.

    And learn what "Fifth Column" means.
    Last edited: Apr 5, 2014
  4. Mark W.

    Mark W.
    Silverton, OR
    Bronze Supporter Bronze Supporter

    Likes Received:
    I personally could give a rats *** Theres nothing on my phone I won't show anyone except maybe my association with a few of the people here.

    Only time my phones WiFi is turned on is when I'm at home. My phone asks me if I want to connect to a WiFi source when I am away from home if I turn it on. Not to mention the amount of time during a year when I am even in a part of the world where anyone would think this type of data gathering would be worth while is so tiny the chances of me being a target are less then me choking to death on a buffalo wing being served in a Thai restaurant before 10am.

    If you are worried about this take the photo of you dressed in ladies clothes while reading how to make a bomb in Arabic off your phone. And stop worrying. If the NSA is looking for your info your already in a world of hurt.
  5. clearconscience

    Vancouver, WA
    Gold Supporter Gold Supporter

    Likes Received:
    No matter what technology is out there someone will immediately find a way to hack it.
    Usually before you know it can be done.
    Ie. snatching phones transmissions through the air.
    Someone told me the other day the gubment can hear you cell conversations. I said yeah since the 80s.
    That's how they got escobar in columbia.
    My dad worked for an "agency" he used to alway makes us leave our cell phones in the car when we visisted him. That started when he retired in about 99'
    Navman likes this.

Share This Page