WiFi Identification(lium)

bluetooth_street_wifi_bt_3g_gprs_big

Libelium’s ‘Meshlium Xtreme’ is a system for detecting mobile devices using their WiFi and Bluetooth capabilities, it can function even when the user is moving at speed:

“Due to the reduction of the time between scanning intervals, now vehicle traffic detection rate has increased from 50% to 80% even at a speed of 100 Km/h (62 miles/h).”

It can also, apparently, tell the difference between ‘residents’ and ‘visitants’ despite the “anonymous nature of this technique” with the MAC address unnasociated with “any specific user account or mobile phone number not even to any specific vehicle”, although it is, of course, associated with a specific device.

GCHQ: Cracking The Code

Screen Shot 2014-11-30 at 15.21.05

A lovely piece of propaganda by the BBC from 2010, GCHQ: Cracking the Code. The show, in general, is a puff piece for the agency consisting of wide eyed, positive staff dicussing how important or fullfilling their work is, with occasional asides to mention their ethical reponsibilities and love of oversight, there are also sections of interviews with Ian Lobban, GCHQ’s (former) head.

Towards the end we hear him deny the possibility of the existence of what, thanks to Snowden, we now know exists – a database of everyone’s communications and a wide ranging collection system.

Continue reading

War Games

Screen Shot 2014-11-26 at 14.01.45

“General, what you see on these screens up here is a fantasy, a computer enhanced hallucination. Those blips are not real missiles, they’re phantoms.”

Screen Shot 2014-11-26 at 14.17.30

Monitoring Frequencies

snfrslts

This is a look at how to use RFMON mode with the Airport card in a Mac. RFMON stands for Radio Frequency Monitoring and is a way of monitoring wireless network traffic without having to associate with a particular network. My understanding of it is that it will allow general knowledge of activity on a network channel, without being able to look at the specific data sent. It should provide an understanding of the levels of wireless activity occurring in a space.

Listing Network Adapters
RFMON mode only works with wireless cards, and the aim here is to look at wireless networks, so it’s necessary to know how to identify and address the wireless card.

In terminal, run ifconfig with no arguments, this will give you a list.

Apparently, on OS X, en0 is the wired (ethernet) connection, and en1 is the wireless. This can be verified by having no ethernet conection active, WiFi on, and observing that en1 has ‘status: active’.

Monitoring the air
Included with OS X is a utility called tcpdump, the man page describes it like so:

“Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression.”

Thanks to this post, it’s clear that tcpdump can be used with RFMON mode, although the example given there didn’t work for me. It uses adapter en0, presumably because the Macbook Air used doesn’t have an ethernet adapter so depending on setup it may be necessary to make changes.

This command worked for me, albeit without (yet) a full understanding of the results I’m seeing:

sudo tcpdump -I -i en1

The -i flag and ‘en1’ following specifies the network adapter to use.

The -I flag flips the interface into RFMON mode (and will cause an error if the adapter specified does not support this, i.e. if it’s ethernet).

This prints the results to the terminal window, but the -w flag can be used to write it to a file.

The -x, -xx, -X, -XX options can be used to print the data associated with each packet, as opposed to just the header, in varying formats and levels of verbosity.

Further Tools
These tools came up during research, and may be useful in the process:
Scapy
Kismet
And the ever useful Wireshark

[Note: This has been tested on a 2010 Macbook Pro, runnning 10.9.4]

Searching within Man Pages

Terminal man pages are long. What if you just want to know what one flag from some line you found on the internet does?

You can search in the man page with grep like so:

man man | grep -A 3 -e “-C”

This will search the manual page for man for the “-C” flag, and print the following 3 lines, thanks to -A 3.

Non-Place and Identity Creation

Living in a Non-Place, without the burden of his, or any other, history allowed Karimi Nasseri to re-invent his identity:

“Over the years, he has claimed many things about his origins. At one time his mother was Swedish, another time English. Nasseri’s effectively reinvented himself in the Charles de Gaulle airport and denies these days that he’s Iranian, deflecting any conversation about his childhood in Tehran.”

He is now known as ‘Sir, Alfred Mehran’, a name taken, comma and all, from a British Immigration letter. Having no papers, and no official state-based identity is what forced Nasseri to inhabit the airport in the first place. He proved his identity in order to enter, as AugĂ© shows is a necessary part of the Non-Place, but, with his papers stolen, was unable to prove it to leave or enter the next bureaucratic Non-Place in his immigration journey.

Although, for most, Charles de Gaulle airport is a Non-Place it could be argued that for Nasseri as Sir, Alfred Mehran it was the opposite, a Place. Although Nasseri had no history there, it being erased by the loss of his papers and his status as an aylum seeker, disowned by his home country, Mehran was known throughout the airport, it was his home and he built stories and relationships there.

More about Nasseri/Mehran here and here.