Wish You Had NSA's Cool Spying Toys? Now You Can -- As Low-Cost Open Hardware

from the do-you-fancy-a-twilightvegetable? dept

Alongside the disturbing revelations of indiscriminate, global surveillance carried out by the NSA and its Five Eyes friends, leaked documents have shown another side of modern spying: the high-tech gadgets created for the NSA's Tailored Access Operations group, discussed by Techdirt at the end of last year. As its name suggests, these are targeted operations, and with many of the serious concerns about the use of blanket surveillance removed, it is hard not to be impressed by the ingenuity of the devices. Of course, a natural question is: could the rest of us have them too? According to a detailed and fascinating article in Vice's Motherboard, the answer turns out to be "yes".

The report discusses the work of Michael Ossmann, a long-time hardware hacker. Unlike most people, he was not surprised by many of the NSA spying devices found in a 48-page catalog from the Advanced Network Technology (ANT) division, revealed by the German news magazine Der Spiegel:

Most of the document was fun for Ossmann, rather than actually revelatory. “We" -- as in the global community of radio hackers -- "already knew how to build most of this stuff,” he told me recently.

But the ANT toolkit also included another more unusual class of devices known as "radio frequency retroreflectors.” With names like NIGHTWATCH, RAGEMASTER, and SURLYSPAWN, these devices were designed to give NSA agents "the means to collect signals that otherwise would not be collectable, or would be extremely difficult to collect and process."
These devices work by reflecting back radio signals beamed at the target systems containing them. Suitable designs allow information to be transmitted to surveillance teams without the need for on-board power supplies. This means that they can be extremely small -- fitting inside a USB plug, for example. Inspired by the ANT catalog, Ossmann and a group of like-minded hackers set about creating a collection of surveillance gadgets they called the NSA Playset:
Every tool in the NSA Playset has been designed on top of open-source hardware and software so that anyone can build their own, often in no more than a few hours. Over a dozen engineers are involved in the project, Ossmann said, but anyone is invited to join and contribute their own device. The first requirement: a silly name riffing on the original NSA codename. "For example, if your project is similar to FOXACID, maybe you could call it COYOTEMETH," says the NSA Playset website. (A separate website, NSA Name Generator, is designed to help.)
As well as being open, the NSA Playset is also very low cost:
One device, dubbed TWILIGHTVEGETABLE, is a knock off of an NSA-built GSM cell phone that's designed to sniff and monitor internet traffic. The ANT catalog lists it for $15,000; the NSA Playset researchers built one using a USB flash drive, a cheap SDR [software-defined radio], and an antenna, for about $50. The most expensive device, a drone that spies on WiFi traffic called PORCUPINEMASQUERADE, costs about $600 to assemble. At Defcon, a complete NSA Playset toolkit was auctioned by the EFF for $2,250.
The article goes on to explore some of the implications of making these advanced surveillance technologies available so cheaply. As well as the obvious use for research purposes -- for example, coming up with countermeasures -- there's another interesting aspect:
the work Ossmann is doing is helping many of the government's engineers resolve a catch-22 that's emerged in the wake of the Snowden revelations: government security researchers who didn't have access to the ANT catalog when it was classified aren't legally permitted to read it or transmit it now, even though everyone else can. Arguably, that leaves the public sector at a disadvantage next to the private sector -- or to spies in, say, Beijing or Moscow.
Amongst other things, the NSA Playset is a great example of how hackers are doing the authorities a big service, by helping government experts get around stupid rules introduced without thinking through the negative consequences they would have for national security and thus public safety.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: ant, michael ossman, open source, radio frequence retroreflectors, surveillance, tao, technology


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 21 Nov 2014 @ 11:32am

    government security researchers who didn't have access to the ANT catalog when it was classified aren't legally permitted to read it or transmit it now, even though everyone else can. Arguably, that leaves the public sector at a disadvantage next to the private sector -- or to spies in, say, Beijing or Moscow.
    I consider their inability to use the official ANT catalogue a feature, not a bug. The classification rules are stupid and need to be fixed. Providing a workaround, even a perfectly legal one, reduces the pressure to fix the stupid rules.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.