xrad Posted November 15, 2013 Share Posted November 15, 2013 (edited) If you guys haven't heard, Seattle has its own version of pineapples throught the city. Because of outcry by the citizens this week, they claim the have turned them off, but people are still seeing the ssid's. http://www.komonews.com/news/local/Police-deactivating-controversial-WiFi-network-in-Seattle-231692161.html http://rt.com/usa/seattle-mesh-network-disabled-676/ There are lots of links I just threw in a few, can you imagine what those puppies can do. Edited November 15, 2013 by xrad Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 I think that was city wide WiFi access, not a "Pineapple" type setup. But that would create one hell of a target rich environment. Also: The SPD told The Stranger previously that the system was not being used, but anyone with a smart phone who wandered through the jurisdiction covered by the digital nodes could still notice that their devices were being discovered by the internet-broadcasting boxes, just as a person’s iPhone or Android might attempt to connect to any network within reach. You can tell that your cell phone is being discovered by this device? That doesn't make much sense at all now does it. Devices will only connect to saved or known networks. So unless they are naming their SSID "linksys" I doubt people were connecting to them. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 I think that was city wide WiFi access, not a "Pineapple" type setup. But that would create one hell of a target rich environment. Read the articles, people noticed earlier this year the system was "Karma-ising" people's devices. In fact dhs funded the project, and the company that makes it claims it can do way more than just open wifi. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 (edited) Read them. I didn't see those comments of people noticing their devices connecting unless I overlooked it. And even if they did connect, it's because their device has the network saved and of course if it's a city wide mesh, it will have the strongest signal. Not to mention, the fancy device in your pocket that makes phone calls and text messages knows your location all the time, especially if you own an Apple device (consolidated.db). Edited November 15, 2013 by Mr-Protocol Removed comment about link that was removed by OP Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 (edited) Leaked documents http://www.examiner.com/article/dhs-funded-wi-fi-devices-used-to-collect-personal-data-of-seattle-residents Edited November 15, 2013 by xrad Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 According to reports from Kiro 7 News, the mesh network devices can capture a mobile user’s IP address, mobile device type, apps used, current location and even historical location down to the last 1,000 places visited. Umm impossible unless they connect. Later on in that same webpage.. Page 65 of the public document details the information-collecting capabilities of the Mesh Network Mesh System (NMS), revealing its ability to collect identifying data of anyone “accessing the network.” Although the document details an alert system for reporting unauthorized access, a public user guide from a similar Aruba software program lists the ability to collect “a wealth of information about unassociated devices,” validating fears of local residents who walk through the mesh network’s perimeter. Unassociated devices meaning your phone looking for WiFi, using the MAC to identify what is is, and yes able to track roughly where it's going. The same can be down with cell towers with a subpoena... “The NMS also collects information about every Wi‐Fi client accessing the network, including its MAC address, IP address, signal intensity, data rate and traffic status,” the document reads. “Additional NMS features include a fault management system for issuing alarms and logging events according to a set of customizable filtering rules, along with centralized and version‐controlled remote updating of the Aruba Mesh Operating System software.” Source: http://www.infowars.com/exclusive-snowden-level-documents-reveal-stealth-dhs-spy-grid/ Side note: I wouldn't call it a "Leak" when it's probably just a public records request away from getting the document anyways. http://www.foia.gov/about.html http://www.atg.wa.gov/OpenGovernment/default.aspx Sunshine Laws, etc. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 (edited) You right, I'm sure the alphabet guys just want to give us "Free Wifi" for non nefarious reasons. Wanna buy some swampland in Arizona?.........I have plenty........ Edited November 15, 2013 by xrad Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 From my understanding of the 7-ish articles I've read. It was meant for law enforcement only. Meaning people should not be connecting to it anyways. As well as alert systems to admins for those who do connect. It was not meant for city wide WiFi. Although I thought Seattle had a city wide WiFi at one point. Even then I'm sure there is a warning banner which you click "Accept" and forfeit all your rights to your privacy, which again, is legal since they own the network and are warning you that the information is subject to monitoring. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 (edited) Have you read this one,http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845 I'm definitely not the expert here, so maybe I'm reading it wrong. But it says Aruba's own guide......... "The user's guide for one of Aruba's recent software products states: "The wireless network has a wealth of information about unassociated and associated devices." That software includes "a location engine that calculates associated and unassociated device location every 30 seconds by default... The last 1,000 historical locations are stored for each MAC address." Edited November 15, 2013 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 Have you read this one, http://www.thestranger.com/seattle/you-are-a-rogue-device/Content?oid=18143845 I'm definitely not the expert here, so maybe I'm reading it wrong. But it says Aruba's own guide......... "The user's guide for one of Aruba's recent software products states: "The wireless network has a wealth of information about unassociated and associated devices." That software includes "a location engine that calculates associated and unassociated device location every 30 seconds by default... The last 1,000 historical locations are stored for each MAC address." Just did. And please re-read all of my previous responses. A simple solution, disable your WiFi on your devices, they can't track you using the WiFi beacons from your device searching for a signal. There was/is a system like this on my college campus where the network admin could locate any device on campus, has rogue detection and everything this network has. It's not new technology. It is just being geared towards law enforcement which could use that tracking to see patrol patterns. While yes they could track you, but you have agreed to terms when using your mobile device that the broadcast beacons and tower connections it makes is not private information. To sum up this entire topic with one word: paranoid. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 (edited) Just did. And please re-read all of my previous responses. A simple solution, disable your WiFi on your devices, they can't track you using the WiFi beacons from your device searching for a signal. There was/is a system like this on my college campus where the network admin could locate any device on campus, has rogue detection and everything this network has. It's not new technology. It is just being geared towards law enforcement which could use that tracking to see patrol patterns. While yes they could track you, but you have agreed to terms when using your mobile device that the broadcast beacons and tower connections it makes is not private information. To sum up this entire topic with one word: paranoid.We can for sure agree on the paranoid part Mr-Proocol, for sure, enough paranoia from the people that live there to ask/demand it be turned off.I did re-read, I was also pointing this out you stated: Quote According to reports from Kiro 7 News, the mesh network devices can capture a mobile users IP address, mobile device type, apps used, current location and even historical location down to the last 1,000 places visited. Umm impossible unless they connect. Later on in that same webpage.. But the last article does state associated and unassociated device: "The user's guide for one of Aruba's recent software products states: "The wireless network has a wealth of information about unassociated and associated devices." That software includes "a location engine that calculates associated and unassociated device location every 30 seconds by default... The last 1,000 historical locations are stored for each MAC address." I thought it was a very interesting subject. I thought was pertinent to this community, and privacy, and thought I would share. Clearly, I guess I was mistaken, won't happen again. Edited November 15, 2013 by xrad Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 It is fine to share it. But I was merely pointing out the flaws in the news articles and how it really works. The original postings made it seem like the local law enforcement was using this mesh to have people's devices maliciously connect to their network and pull down all sorts of information from their device, which is not true. If you turn off WiFi on your cell phone and don't connect to their street name SSID, the only way they can "track" you is by pulling cell tower locations which would need at the very least a subpoena. Or from pulling all your information from public facebook/twitter/instagram/foursquare/socialmedia updates with geo location or location tagging lol. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 (edited) It is fine to share it. But I was merely pointing out the flaws in the news articles and how it really works. The original postings made it seem like the local law enforcement was using this mesh to have people's devices maliciously connect to their network and pull down all sorts of information from their device, which is not true. If you turn off WiFi on your cell phone and don't connect to their street name SSID, the only way they can "track" you is by pulling cell tower locations which would need at the very least a subpoena. Or from pulling all your information from public facebook/twitter/instagram/foursquare/socialmedia updates with geo location or location tagging lol. Cool.... Now that we have that out of the way.......the original post has always been.... Wouldn't you love to just play with one of those to see what they can do?........lol Edited November 15, 2013 by xrad Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 Access point plus this product is what is mentioned in the article: http://www.arubanetworks.com/products/airwave-network-management I actually used to have a bunch of the AirMagnet sensors which is the hardware and all the fancy cool features were software on a centralized server which I didn't have. http://www.flukenetworks.com/enterprise-network/wlan-design-analysis-and-security Info I found out about my sensors https://forums.hak5.org/index.php?/topic/17419-airmagnet-5010-hackable/ It's basically a more powerful version of your typical access point with 2 radios which passes information to a centralized server which makes the pretty graphs. Quote Link to comment Share on other sites More sharing options...
xrad Posted November 15, 2013 Author Share Posted November 15, 2013 Thanks for the informative debate and links, Mr-Protocol. I intend to read that. That's why I'm here, to try to learn from you guys. I might make it tough on you, and be a bit annoying asking questions to your answers, but I am learning a lot. Thanks again Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted November 15, 2013 Share Posted November 15, 2013 No problem. I have a vast array of knowledge and experience as a lot of the users on the forums and IRC. Jump in on IRC sometime, info in signature. Quote Link to comment Share on other sites More sharing options...
Skorpinok Rover Posted November 15, 2013 Share Posted November 15, 2013 https://github.com/xtr4nge/FruityWifi/ Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.