SensePost's Snoopy drone highlights pitfalls of constant connectivity

Tammy Parker, FierceWirelessTech

SensePost's do-it-yourself Snoopy drone is an example of how a drone can become a Not-So-Big Brother in the sky, using RF signals to spy on a host of devices and the people who use them.

The information security company has been working on privacy implications related to Wi-Fi since 2012. SensePost's newest Snoopy stalker device can track information delivered over Wi-Fi, radio-frequency identification (RFID) and the Bluetooth and 802.15 specs, according to Ars Technica.

Using the first incarnation of its stalker device, SensePost tracked 42,000 unique devices during one 14-hour experiment at London's King Cross train station, and that was only using Wi-Fi signals.

The latest version of Snoopy is all the more nefarious, because it is mounted on a remote-controlled quadrotor drone that a hobbyist can put together. The updated device was demonstrated during Black Hat 2014 in Singapore.

Snoopy developer Glenn Wilkinson told mybroadband that use of the helicopter-based drone gives Snoopy more geographic coverage, enables Snoopy to get around physical security and elevates the device effectively out of video and audio range, so people are unaware its presence.

Among the activities Snoopy can be used for is identifying a device's user simply by noting which wireless networks the device is trying to locate. Further, upon knowing which networks a device is seeking, a hacker can pretend to be one of those networks and trick the device into connecting with it. At that point in a so-called "karma" attack, a hacker can hijack a data session or execute man-in-the-middle attacks to access any sensitive data being sent out over the network, including mobile banking logins and passwords.

"All of us, as we wander around through life, carry technology with us, be it a smartphone, an NCS smartcard, or a pacemaker or fitness bracelet," Wilkinson told Ars Technica. "All these devices emit some signal, be it Wi-Fi, GSM, Bluetooth. What I'm trying to do is find a way to uniquely identify people based on the signal they're emitting."

In an interview with the BBC, Wilkinson said he is fascinated with human beings' "digital terrestrial footprint," which can be used to betray them. For example, a Snoopy-outfitted drone could fly over an anti-government protest and collect smartphone data from everyone in the area, ultimately enabling the identification of every person in the crowd, which could be exceedingly dangerous under a repressive regime.

Privacy advocates are increasingly concerned about the unapproved tracking of smartphones, which can obviously be enabled by drones, waste receptacles and just about any other object in the Internet of Things. Last summer, recycling bins outfitted with Wi-Fi in London's financial district had their smartphone-tracking capabilities shut down after it became known that some of them were tracking the MAC address on individual smartphones as they passed by. The bins were part of a marketing initiative.

According to the BBC, SensePost's Wilkinson recommends everyone turn off wireless network access on their smartphones until it is absolutely needed.--Tammy

Suggested Articles

WISPs received permission to use 45 MHz of 5.9 GHz spectrum to help meet the surge in demand as a result of the coronavirus pandemic.

The testing will allow T-Mobile to consider real-world data from existing consumer devices capable of using the 2.5 GHz band.

Microsoft has signed a definitive agreement to acquire Affirmed Networks, which sells virtualized, cloud-native mobile network solutions to operators.