Smart meters can show you how much energy your devices are actually using, even when on standby. Tools like nmap and Wireshark can help you map-out your home network and monitor how chatty your devices are, even when you think they are turned off.
Nothing is truly turned off unless it is unplugged. I have an integrated microwave that looks asleep but it is constantly waiting for you to touch its fascia so that it can wake up or open its door for you. My set-top boxes have powered down their storage media but they are still polling servers on the internet for updates and waiting for an IR signal from the remote. The smart TVs are also waiting for IR signals or your voice. Some even record your voice and analyse it in a buffer just on the off-chance that you are talking to it. Always listening.
Your home might be full of devices just waiting for you to address them, with a button press or voice command. Constantly waiting and consuming power. All in the name of efficiency.
Author: Dave VR
An app for Ronin
An app for Ronin
The last company I worked for offered all employees a health benefits package that came with an app. By completing physical and mental exercises each day recorded by the app, you could earn coins and those coins could be turned into vouchers at retailers such as Amazon and John Lewis, essentially gamifying physical and mental fitness.
When you left the company the app still worked but the coins were not worth as much. Still, the offer of free money, however little, in return for activity remained alluring despite many of my colleagues that also left uninstalling the app.
Those of us that kept on using it were added to a public leaderboard, consisting of hundreds of individuals that had formerly worked at other companies. All of us are now Ronin, masterless, completing the activities partly out of habit, and partly for the free money.
When working for my last employer I was always in the top 5 on the company leaderboard but against many many more people I struggled to stay in the top 20, yet the challenge that represented only made me more determined. The more activities I completed the more coin I raked in.
Until it all came to an abrupt end. After ten months of no longer being attached to a company the app announced that my coins could no longer be traded for vouchers unless I joined another participating employer. I could still play without reward, and out of nothing but sheer habit I continued for a few more weeks until an app update resulted in my login details being requested, and as the email address belonged to my former employer I was true Ronin: on my own.
Digital thefts of physical assets
It seems hard to imagine that someone can steal your home but it can happen. With everything becoming digital these days proof of ownership is key. In the UK proof of ownership of a property resides with the Land Registry. It maintains a database of all registered properties within the UK along with the names and contact details of their owners.
A criminal using identity theft can assume the identity of a legitimate owner of a property and then either instruct a solicitor to sell it or a lettings agent to rent it out with the proceeds of the sale or rental agreement going to an account set up in the name of the stolen identity. These types of thefts are often targeted at unmortgaged, rented, or unoccupied properties.
To combat this type of fraud property owners can set up an alert for any properties they own with the Land Registry’s free Property Alert service here: https://www.gov.uk/guidance/property-alert
After your home your next biggest asset is probably your car. In the UK proof of ownership is a combination of the V5C document combined with receipts from wherever you purchased the vehicle. Scammers target the V5C by attempting to get you to share a copy of it (for example in order to advertise it for sale online) or by applying for a copy reporting it lost or stolen after cloning your identity or intercepting your communications. You can reduce the chance of this from happening by keeping your V5C safe and secure and not sharing it with anyone. Also keep a copy of all receipts relating to the vehicle to support your proof of ownership.
Data brokers
Data about us is so valuable that companies now offer cheap or free services in return for collecting data about us. If you’ve ever wondered why there are so many free email providers, or free streaming services, it’s because you are the commodity, or at least the data you generate is.
Data brokers make a living by collecting all this data about you and building a profile linking data from various sources. This profile data is organised and analysed and then sold to whoever can make use of it.
Examples of some of the data collected includes:
Your name, contact numbers, email, and address
Age, gender, and other physical attributes
Employment status, income band, credit status
Geographical region for home, work, and travel
Political beliefs, religion, marriage history, dependants
Patent and copyright data, businesses owned
Property and vehicle ownership
Social media membership
Club and organisation membership
Digital entertainment subscriptions and viewing habits
Web surfing usage
Fitness and health tracking
Data brokers, also known as Information brokers collate all this data and sell it to anyone that can make use of it. There are some restrictions to what they can collect, store, and sell, depending on the country they operate in and where the individuals the data is about resides, such as GDPR in the UK.
The data can be scraped from public sources and then combined using bespoke software or AI. This may introduce errors. Individuals can submit freedom of information requests to brokers requesting details of what information is held about them in their database. In some regions you can then request to have this data removed known as the right to be forgotten.
Some data brokers have been hacked due to lax security practices. They are an attractive target as they contain consumer data that is useful to malicious actors that do not wish to pay for it nor wish to be identified as having access to it.
The main types of data broker are:
Marketing and advertising
People searching
Financial information
Personal health
How much info do data brokers have about you?
Thoughts on CCTV hacking
CCTV stands for Closed-Circuit TeleVision. Or at least stood for, as today it’s rarely a closed circuit nor TV. It’s usually online and over IP and available to access via an app on your phone, making it all the more hackable.
So how easy is it to hack modern CCTV?
I did some research and the answer is it depends. It depends on the manufacturer, the availability of software and firmware updates, and how it is configured.
Let me explain by switching sides to that of a potential attacker. First you have to find the target CCTV system. This can be achieved using a database like Shodan and tools like Angry IP Scanner. With an IP address and a port scanner such as nmap or the aforementioned Angry IP you can locate the login page. Then it’s just a matter of trying the manufacturer’s default passwords, employing a brute force attack, or making use of an exploit where available.
So how do you secure your online CCTV system? First, make sure it’s a closed system unless you really need to be able to access it remotely; in which case secure the connection by changing any default passwords, make sure all software and firmware is up to date, employ a firewall and VPN (or whitelist IPs for access) and monitor access logs for anything suspicious.
Simple?
Vehicle tracking
I grew up in an area where car crime was rife. I even had my own car stolen once. Friends with nice cars would purchase GPS trackers so that if their car was stolen they would hopefully be able to find it. Assuming the thief hadn’t removed the tracker that is.
I wasn’t sure how today’s car trackers worked. The technology has probably moved on a bit so I started doing some light reading.
Essentially they make use of GPS to track their current location, utilising storage to record their location against time. Some devices can store additional information such as engine start and stop times, speed, electronics operation such as lights, windows, radio, etc. This data can then be accessed when a car returns to base or by being transmitted via a communication method such as via a wireless network when near a specific base station or other cellular communications. The devices may be self-powered via a battery or hook into the vehicle’s electrics in order to receive power from the car battery. Some may use their own battery when the car is turned off and charge from the car battery when the car is operational.
The vehicle owner can access the data from the tracker in near real time via a web site or app. Depending on the device and features offered it can report nothing more than current location to location, speed, and car telematics.
Vehicle tracking is popular among vehicle rental companies, fleet management, and security vehicle companies such as those offering to transport money, valuables or people.
Trackers that feature GPS and recording only are referred to as passive devices. They need to be accessed physically in order to access the recorded data. Active devices can transmit data using cellular or satellite communications and do not require physical access.
Commercial trackers come in various shapes and sizes and range from cheap passive models that connect to the car battery, to those that try to disguise themselves as part of the car and utilise active technology to broadcast their position and other data in near real time or whenever they have a strong enough signal. They tend to be waterproof and dust proof, may be made of a heat-proof material, especially if residing in the engine compartment, and may have no discernable markings to identify themselves as a tracking device.
Other types of tracker may also be used such as an asset tracker. These can be in the form of adhesive stickers that can be stuck to a car’s windshield, or tiles that can be left in the glove box or other storage area of the vehicle. These are relatively cheap and are harder for a potential thief to locate.
Pet chipping
I decided to look into pet microchipping after reading an article about a modern detective who tracked down a married couple who committed fraud then left their home country to avoid the authorities. The detective succeeded where others failed in tracking them down after learning that their expensive dog was chipped. The dog had a unique medical condition requiring specific drugs. He tracked the pet initially via its medical requirements to a veterinary clinic in another county and then upon learning of the pets next visit – with a carer not the owners – they then accessed the animals microchip and were able to ascertain the owners new address leading to arrest.
How does the technology work?
Essentially a microchip the size of a grain of rice coated in a protective layer is injected under the skin of the animal at the back of the neck. Utilising passive radio-frequency identification (RFID) technology that conforms to international standards, the chip can be read by a hand-held scanner generating the power required by the chip to send back a unique 15-digit number. This number can then be fed into various pet databases to access the owner’s details. The start of the number usually indicates the country of origin followed by the microchip manufacturer.
Since the 6th of April 2016, all dogs in the UK must be microchipped, and from the 10th of June 2024 all cats in the UK must also be microchipped. Dogs and cats in the UK found without a chip can lead to a fine for the registered owner.
Those with access to the databases such as vets are not permitted to divulge information about the owner to anyone but the registered owner.
Scanners can be purchased freely as the microchips only store the unique ID number. The real data is stored in the pet databases and generally consist of the pet’s name, the owner’s name, address, and contact details.
Products such as automated dog and cat flaps can contain scanners that can read the microchips as the pet approaches so that only authorised pets may enter or leave the property.
Mythos and Wraith
When I first started creating software for the Commodore Amiga demo scene many many moons ago I did so with two friends known as Mythos and Wraith.
Between us we wrote code, created graphical artwork and digital music, which we assembled into productions known as intros and demos. It lasted a few years then we went our separate ways. I continued for a few more years with other groups of individuals before hanging up my scener hat altogether.
I started wondering what they are up to today, how did their lives turn out? Did they end up with a career in technology as I did, or switch to something else? Are they married with kids? Are they even still alive?
I toyed with the idea of utilising OSINT to track them down so I could answer these questions and maybe even say hi. I can’t remember their real names, only their aliases, but I still have all my Amiga files and a copy of WinUAE, so digging out their names and addresses from back then shouldn’t be too difficult. From there I could use public info and social media to hopefully locate them today.
But why? To see if I could? To satisfy a passing nostalgic thought?
I’ve come to realise recently that people come and go. Throughout your life friends and acquaintances will come into your life, stay a while, then move on. And that’s ok. We are not meant to hold on to everyone we meet, forever, despite Facebook’s original business model. You as a person will change and develop and what connected you to someone at one point in time may no longer be a part of you and if you were to meet that person today you may find that you have nothing in common and would not be friends.
I decided to move on and not dwell on the past. To be thankful for the good times and the memories and to look to the future. Leaving the past in the past.
To Mythos and Wraith I wish you the best wherever you are.
Ways drones could be used and abused
I’ve been thinking about drones recently. I have a friend that races them, a neighbour that has one to map out the local area, and I own a tiny in-door one myself. Drones seem to be growing in popularity and so I started looking into the security implications of drones and noted all the ways that drones could be hacked, used and abused.
Here’s my list:
– Crashed on purpose or flown into obstacles, vehicles, or people.
– Used for remote surveillance, monitoring, eavesdropping, shoulder-surfing of keypad entry use, invasion of personal privacy.
– To steal other drones using techniques such as jamming and spoofing. See Samy Kamkar’s Skyjack experiment as an example.
– To steal on-board data from other drones. Drones have digital storage for video, image, and audio recorded data. This could be stolen. Also the interception of the data streams that a drone sends back to its base station could be intercepted.
– To steal wireless data. Drones can be used to intercept Wifi, Bluetooth, RFID, ZigBee, and any other wireless data by carrying the appropriate hacking tools and communications equipment. The drone can be flown within range of the target communications signals and then spoof and hack its way in. It could even be flown onto an office building roof in order to become a WiFi pineapple device then return to base with no human required to access the target location.
– To deliver contraband across borders, fences, and other restricted areas.
– To hack vehicles by flying above the vehicle and employing vehicle hacking technology.
– To create a communications network. Instead of using the cell towers of a communications company a network of drones with specialist on-board software and equipment could act as a mobile cell network to provide communications for an organisation preventing eavesdropping from the authorities.
– To map out locations and buildings in greater detail than Google streetview and Google Earth can offer.
– To disable security cameras in an area by locating the cameras and using various techniques such as IR to disable the cameras for a period of time before criminals access the location.
– To assist with heists from vehicle hijacks to museum robberies.
Can you think of any others?
Who called me
Who called me
When you work with computers and possess at least one certification in cyber security, you tend to have friends or family that call or message you on occasion asking you to trace a phone number for them as if you are some form of digital private eye.
The truth is that only the authorities with the assistance of the telecom providers can legally do that. All these websites that say they can trace any number in the world for you are lying. They are just scams after your money. At best they have scraped open source content for numbers and can tell you the network provider, country of origin, and anything that is available online for free. Maybe they’ve concatenated and absorbed phone directories and public domain phone number repositories. They certainly can’t trace an unlisted number for you.
That said, if the number does have a footprint of some kind in the public domain then there are ways of finding it. Using Google Dorking to scour search engine data may uncover something useful. Governmental company registration databases that are open to the public may also reveal data. Whois records, club memberships, company websites, etc.
The phone number is just a character string. Play with the format when searching. For example if you were called by 07709 123456 and you are in the UK you could search for exact string matches of:
07709 123456
07709123456
7709 123456
7709123456
44 07709 123456
44 7709 123456
4407709123456
447709123456
Google for OSINT tools and techniques related to phone numbers for more suggestions.