In the movies, a hero can always tell he’s being followed because the goons tasked with following him never blend in. In real life, figuring out if someone is tailing you is much trickier, and can be a matter of life and death. At the Black Hat security conference, a speaker demonstrated a low-cost device that looks for the tell-tale wireless signature of bad guys on your tail.
Watch Your Back
Matt Edmondson, who works with the US Department of Homeland Security, was approached by a friend from a government agency he declined to name onstage at Black Hat. This friend worked with confidential sources, and one in particular had links to a terrorist organization. Edmondson’s friend was concerned that if they were followed after meeting with the confidential source, his friend’s government connections could be discovered and the source put in danger.
The traditional spycraft method of surveillance detection, Edmondson explained, is to change your route and see who does the same—such as exiting the highway and then getting back on again. “It’s really obvious the [Washington, D.C.] Beltway was designed as a surveillance-detection route,” quipped Edmondson, perhaps joking, perhaps not.
Edmondson said his friend asked if he could revisit an idea he had discussed years ago: Using network-detection technology to scan for devices that were following you.
Even if you’re being tailed by a nation-state-backed surveillance team, “isn’t there still a really good chance they have a phone in their pocket?” asked Edmondson.
Tattletale Devices
This works because so many of our devices are constantly trying to communicate with other devices and various wireless networks. Many mobile devices, for example, are constantly seeking familiar wireless networks to connect to. Other devices, such as AirPods, Bluetooth speakers, laptops, and so on, can be similarly chatty.
All those wireless conversations can be easily detected. If the same devices are in your vicinity repeatedly, Edmondson reasoned, it’s likely you’re being followed.
At PCMag, we’ve looked at similar devices before. The PwnPro was a multi-thousand-dollar device with sophisticated backend software that could monitor devices within 1,000 feet. It, too, could identify specific devices and usage patterns, but was far from affordable or portable.
Simple Components
To build a device that could scan for wireless communications and alert you when such a device stayed in your vicinity, Edmondson set out to use low-cost materials, and settled on the Raspberry Pi single-board computer. “How many of us have multiple Raspberry Pis sitting in your closet doing absolutely nothing?” Edmondson joked.
Add to that a low-cost touch screen purchased off Amazon, a portable power bank, and a USB wireless adapter (Alfa AWUS036ACM(Opens in a new window)), and Edmondson was off and running.
A view of the ‘minimum viable product’ version of Edmondson’s detection device.
(Screenshot: Black Hat)
Scanning duties on the device would be handled by Kismet(Opens in a new window), a free and open-source wireless monitoring tool. Kismet scans the airwaves and records its findings in an SQLite database. “Everything else is shoddy python code,” said Edmondson.
Users interact with Edmondson’s device via the touch screen and a custom interface Edmondson described as “literally the worst user interface you’ve ever seen.” It consisted of several large, gray buttons, which are intended to be easily pressed while driving. For this task, Edmondson explained, “you don’t want a nice interface designed by Apple, you want something designed by Fisher-Price.”
Once activated, Edmondson’s device compiled data on the surrounding devices into lists broken down by time. If the device detects something that already appears in the list from 5-10 minutes ago, or 15-20 minutes ago, that’s a sign someone might be on your tail.
Recommended by Our Editors
A Few Challenges
There were still some challenges with the device, however. First, Edmondson needed to build in a mechanism where detected devices could be added to an ignore list. That way, trusted devices wouldn’t trigger an alert.
Edmondson’s presentation showed a better, more neatly arranged version of his device.
(Screenshot: Black Hat)
During a field test in the Arizona desert, Edmondson discovered another problem: MAC address randomization. This is a security feature of many modern devices, where wireless requests are sent with a random, spoofed MAC address.
Edmondson’s solution was to also look at what Wi-Fi networks devices were asking for. If the same Wi-Fi network request appears again and again, that probably means a single device is nearby. Edmondson said that this could possibly be expanded upon, since tracing the location of the requested Wi-Fi networks could tell you where the device had been previously. Even the requested Wi-Fi network name could contain clues. Edmondson said he also wanted to add a GPS component, so it was possible to see where a potential follower first appeared.
In his talk, Edmondson didn’t reveal whether the device was ever practically put to the test, or what became of his friend’s informant. He did, however, bemoan the lack of similar detection technology. “There’s so much technology out there to stalk on people and invade their privacy and very little to protect yourself,” he said.
Keep reading PCMag for the latest from Black Hat.
Like What You’re Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Are You Being Followed? Use a Raspberry Pi to Find Out & Latest News Update
Are You Being Followed? Use a Raspberry Pi to Find Out & More Live News
All this news that I have made and shared for you people, you will like it very much and in it we keep bringing topics for you people like every time so that you keep getting news information like trending topics and you It is our goal to be able to get
all kinds of news without going through us so that we can reach you the latest and best news for free so that you can move ahead further by getting the information of that news together with you. Later on, we will continue
to give information about more today world news update types of latest news through posts on our website so that you always keep moving forward in that news and whatever kind of information will be there, it will definitely be conveyed to you people.
Are You Being Followed? Use a Raspberry Pi to Find Out & More News Today
All this news that I have brought up to you or will be the most different and best news that you people are not going to get anywhere, along with the information Trending News, Breaking News, Health News, Science News, Sports News, Entertainment News, Technology News, Business News, World News of this made available to all of you so that you are always connected with the news, stay ahead in the matter and keep getting today news all types of news for free till today so that you can get the news by getting it. Always take two steps forward
Credit Goes To News Website – This Original Content Owner News Website . This Is Not My Content So If You Want To Read Original Content You Can Follow Below Links