[ISN] Transparency Grenade: Detonate cyberwar weapon to leak sensitive data

From: InfoSec News <alerts_at_private>
Date: Wed, 22 Feb 2012 04:06:00 -0600 (CST)
http://blogs.computerworld.com/19755/transparency_grenade_detonate_cyberwar_weapon_to_leak_sensitive_data

By Darlene Storm
Security Is Sexy
Computerworld
February 21, 2012

While there's plenty of cyberwar talk and hackers hitting sites before 
leaking information like a weapon, now there's grenade to aid such 
exploitation. A hacker / artist who helped create Newstweek, a hidden 
device that hardware hackers could use to distort or otherwise 
manipulate the news at Wi-Fi hotspots, is at it again. This time with an 
information weapon designed to remind us of cyber warfare.

Julian Oliver, a Critical Engineer and tech savvy Berlin-based artist, 
recently created the Transparency Grenade for a Studio Weise7 
exhibition.  Oliver wrote, "The lack of Corporate and Governmental 
transparency has been a topic of much controversy in recent years, yet 
our only tool for encouraging greater openness is the slow, dreary 
process of policy reform. The Transparency Grenade offers an iconic cure 
to these frustrations."

This grenade is modeled after a Soviet F1 hand grenade, but it doesn't 
explode after the pin is pulled. Instead the Transparency Grenade (TG) 
makes "the process of leaking information from closed meetings as easy 
as pulling a pin." It's actually a tiny computer, microphone and 
wireless antenna that captures network traffic and audio. Then it 
anonymously and securely streams to a dedicated server before being 
mined for juicy details. "Email fragments, HTML pages, images and voice 
extracted from this data are then presented on an online, public map, 
shown at the location of the detonation."

The data collected, streamed, mined and leaked is highlighted with a 
large red "detonation" dot. Below is an example of a browser-based map 
interface using San Francisco as the site of the Transparency Detonation 
and then a partial screenshot of images viewed on the TG Transparency 
Report.

[...]


______________________________________________________________________________
Learn how to be a Pen Tester or a CISSP with Expanding Security online. Get
a free class invitation and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill
Received on Wed Feb 22 2012 - 02:06:00 PST

This archive was generated by hypermail 2.2.0 : Wed Feb 22 2012 - 02:05:24 PST