April 20, 2004

Network Surveillance HOW-TO: A Tutorial on Snooping Around Modern Networks

The CFP 2004 conference begain with four concurrent tutorials (decisions...decisions...) but I attended Network Surveillance HOW-TO: A Tutorial on Snooping Around Modern Networks. The tutorial was ably led by EFF Staff Technologists, Seth Schoen and Chris Palmer, who were joined at the end by Dan Silverstein.

The details of this tutorial were blogged here by John Han, but I wanted to let readers in on a few interesting personal experiences I had related to this tutorial today.

First, Seth and Chris set up a small private network in order to demonstrate their snooping techniques. Apparently those pesky attorneys at EFF had advised them that demonstrating the techniques on the wireless network we were all using might violate Federal wiretap laws. However, while attendees listened to the presentation, one able attendee sent several conference participants an e-mail that read in part "Wireless is insecure: you've broadcast your password information in the clear." and then provided the user's email address and password for that account. Illegal? Probably. A wake-up call? You bet. Users are advised to use SSL encryption on their POP/IMAP e-mail connections. (Admittedly, this does nothing to solve all the other problems caused by the combination of open wireless use with an even moderately savvy snooper.)

Second, during the presentation I received a call from my wife. She was concerned because she had received an e-mail with a virus attached. She uses an iBook and Apple's Mail.app and it seemed to her that the mail program was automatically opening the attachment. I reassured her that Mac's are far less susceptible to virii than Windows computers and that she was probably fine, but that I would look at it tonight. When I got back in the conference room and went online, I saw that Netsky.X and Netsky.Y have been active today, and Symantec reports for each variant: "Systems Not Affected: Linux, Macintosh, OS/2, UNIX."

Finally, at the end of the day I got a call from my sister. We talk perhaps once or twice a month, so it was a pleasant surprise. As soon as the hellos were done she asks, "Does one of the things you want to do involve stopping people from putting spying programs on my computer, because I just found out about this a few months ago and I don't think it's nice." I agreed that it wasn't very nice and told her how I had just spent most of the day thinking about just that topic.

The issues surrounding what a malicious individual can do to your computer or on your network seem to be impinging on the average person's life more and more. I was glad to attend this session to learn about the nature of networks and the tools the ill-intentioned use to cause trouble. Learning about the technology is, in my mind, a necessary first step to developing workable improvements (be they legal, educational, or technological) to everyone's security.

Posted by brianwc at April 20, 2004 05:53 PM
Post a comment

Remember personal info?