码迷,mamicode.com
首页 > 其他好文 > 详细

Stalking a city for fun and frivolity

时间:2015-07-11 12:03:31      阅读:173      评论:0      收藏:0      [点我收藏+]

标签:

https://www.youtube.com/watch?v=ubjuWqUE9wQ 

http://www.gizmag.com/wi-fi-track-smartphone-creepydol/28585/ 

CreepyDOL: a distributed sensor network that combines wireless sniffing, distributed C&C, 3D visualization, and "grenade" encryption to do real-time personnel tracking and true-identity theft on a major urban area. It‘s stalking as a service. 

I. Goals A. How much data can be extracted from passive wireless monitoring? 1. More than just from a network trace---remember that when not connected to a wireless network, WiFi devices send out lists of their known networks, asking if anyone can help them. 2. As soon as a device thinks it‘s connected to WiFi, all its background sync services will kick of again---DropBox, iMessage, all the rest. So we‘ll immediately know that certain services will be in play. 3. Over unencrypted WiFi, all the trafc sent by a device is exposed. Even if we can‘t see both sides of every message, we can learn a lot from what we do see---especially if we know how a given protocol operates. 4. How much better could we do if we had not one sensor, but ten? Spread out over an area? Now we have geolocation, time and place analysis, etc. 5. If we‘re tracking over a large area, we don‘t just want to know trafc and devices: we want to know people. Can we take data and find people? (I don‘t want your SSN, I want your name. And really, I want to know enough about you to blackmail you; information is control.)

B. Can we do large-scale sensing without centralized communications? 1. If we centralize communications, life is simple; everyone phones home---but a compromised node gives every attacker the location of the mothership. 2. Centralized communications decrease resistance to attack, and prevent you from responding agilely to attack.

C. Can we present massive amounts of this data in a way that is intelligible by mortals? User-friendly? Still secure? 1. Group One of high security products: incredible technology, terrible UI. This causes low adoption, or (possibly worse) mistakes in use. Systems fail, people die. Examples: Pidgin-OTR, or PGP/OpenPGP. 2. Group Two: Concerns about technology, great UI. This causes adoption, but can cause massive problems later (if the concerns are borne out). Examples: HushMail, or the Silent Circle ZRTP issues. 3. Group Three: Good technology, great UI. This is wonderful, but incredibly hard to do (because UI masters are usually not security wizards). Example: CryptoCat, RedPhone. 4. We would aspire to have CreepyDOL, and especially the underlying Reticle communications technology, be in Group Three, through a variety of methods to ensure secure communication in relatively-intelligible ways. *This is an ongoing process.* Our code is open source, to allow verification, and will be released in the coming weeks.

 

还没写到核心。。晚上回来继续~~

 

 

 

 

 

[MANET]

https://en.wikipedia.org/wiki/Mobile_ad_hoc_network

mobile ad hoc network (MANET) is a continuously self-configuring, infrastructure-less network of mobile devices connected without wiresAd hoc is Latin and means "for this purpose".[1]

Each device in a MANET is free to move independently in any direction, and will therefore change its links to other devices frequently. Each must forward traffic unrelated to its own use, and therefore be a router. The primary challenge in building a MANET is equipping each device to continuously maintain the information required to properly route traffic. Such networks may operate by themselves or may be connected to the larger Internet. They may contain one or multiple and different transceivers between nodes. This results in a highly dynamic, autonomous topology[1].

Stalking a city for fun and frivolity

标签:

原文地址:http://www.cnblogs.com/CarrieCui/p/4638284.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!