Henry Dalziel | General Hacking Posts, Hacker Hotshots, Latest InfoSec News, Pentesting Tools, Product Reviews | September 2, 2013
One of the highlights of DEFCON 21 was the unveiling of CreepyDOL and we are delighted to say that we have the creator and founder on Hacker Hotshots: (Tuesday October 8th at 12pm EST/ 9am PST) Brendan O’Connor.
Brendan will be presenting: “CreepyDOL: Cheap, Distributed Stalking”.
What is CreepyDOL?
According to our research CreepyDOL works by distributing senors, or nodes, throughout an area that are programmed to connect to any and every local Wireless network. Any Wireless (WiFi) network that the nodes find, they will connect to. Following connection, the nodes will listen to beacon packets that wireless nodes send out constantly, and report back to the device that Brendan designed and created. Our understanding is that CreepyDOL works within a Raspberry Pi and yet again demonstrates just how versatile the Pi really is.
Data that can be stored (without any form of ‘activation or authorization’ from within CreepyDOL) includes human behavioral patterns such as a person’s movement, their name and location, uploaded photos, email addresses and visited websites. Websites and Apps that are used on cell phones for example typically all leave a plethora of personal data that can be parsed out of the device and streamed back to CreepyDOL.
Whilst the software is open source, the hardware is expected to retail for $500.
Efforts are being made to further protect cell phones and mobile devices from emitting such data, but as usual, these organizations are playing catch-up. As Brendan highlighted in an August 7th interview with Bloomberg, Apple devices are incapable of using protection in the first few seconds of a connection to a wireless network router which means that you can leak a lot of information online even if you are using a VPN. At the lowest level the wireless protocols are designed to emit packet beacons which signal your (or the devices’) location and a list of every connection it has connected to, and a hardware tool like CreepyDOL can therefore track the individual around a city for example.
About Brendan O’Connor
Brendan is a geek of many trades! Mr O’Connor is a full-time law student at the University of Wisconsin in Madison (scheduled to graduate May 2014) and he also manages his consultancy called Malice Afterthought. Brendan has trained the DoD and is clearly a highly talented information security professional.
In the Hacker Hotshots web show Brendan will, amongst other items, outline three points, they are:
We are really looking forward to having Brendan on the show. Interestingly, we had a similar show last year with DJ Palombo when he discussed: “Raspberry Pi Hacking”. That episode demonstrated the ease at which a Raspberry Pi can be used for hacking and monitoring purposes whilst the CreepyDOL takes this to yet another level with its’ combination of hardware and software. If you are reading this post October 8th then hit the link at the top of the page to watch the video. If you have any questions please submit them in the chat box below or of course – during the show!