As the newest (and best in my opinion) Bond movie Skyfall illustrates, spying today is as much about mastering technology as it is about mastering a Walther PPK. A couple articles today caught my eye for that very reason. Not that I fancy myself a spy—or a hacker, just a geek—I have to imagine that all the work that is done on jailbreaking devices is great training for being the next James (or Janet) Bond.
The LA Times has a great article about a hacking, spying, and general school of cyberstealth in Tulsa that…yeah I think I’d like to attend (do they have summer school programs?):
Shenoi speaks proudly of students who pushed the boundaries or broke the rules.
One, who now works at the NSA, hacked the school’s computer system and created a fake university ID to impersonate his cyber-stalking target, for example. Another spoofed a professor’s email account to fool his target into spilling details. As part of a vulnerability study, one student sneaked into a Tulsa water system facility and stole blueprints that a more malign attacker could use to wreak havoc.
A few years ago, Shenoi says, a group of students rummaged through trash bins outside offices on campus and obtained confidential information about football recruits, professors’ salaries, and major financial donors.
“We are now banned from Dumpster diving on campus,” he said with a smile.
Not only does the school sound freakin’ awesome (and a little scary) to attend, it also points out how easily out digital identities can be compromised. Why the concern? Because experts agree a big part of the new world of war (and spying) is going to be cyber (not that it isn’t already):
The need for stronger cyber-defense — and offense — was highlighted when Defense Secretary Leon E. Panetta warned in an Oct. 11 speech that a “a cyber-terrorist attack could paralyze the nation,” and that America needs experts to tackle the growing threat.
“An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals,” Panetta said. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”
None of this should be surprising to any of you. Heck, I’d be surprised if some of you didn’t work as pentesters or professional hackers. A clearly growing field. Now, The Next Web paints a broader picture including brain and DNA hacking, which is pretty sci-fi—for the time being—but this iPhone app certainly isn’t:
A geek no longer has to go into the extremities that your movie spies would go to in order to get some information. All they have to do is hack into the device that you own that has the lowest barrier of entry and from there start monitoring what you do. Let’s take for example what a research team from Georgia Tech managed to do. We all protect our computers with anti-spyware so installing a keylogger (a piece of software or device that logs every key you press) is a difficult thing to do. This team of geeks thought of another way to get all your precious information. If you look at someone working on a laptop or PC you will usually see them having their smartphone next to their keyboard.
This common practice gave them an idea. How about we create a trojan that poses as an app for the iPhone and monitors what keys you press by measuring the vibrations from your keyboard using the iPhone’s accelerometer? The result was an app they called spiPhone and it can log your key presses with 80 percent accuracy! You might think that you would never install a dodgy app, but you would never be able to tell since your iPhone doesn’t have an antispyware/antivirus system.
This brings me back to the start of this post. While I don’t personally jailbreak my devices, I have great respect for the folks who figure out how to do it in the first place. To my thinking, jailbreaking is just another example of geeks and hackers doing what we do best—figure out how something is done and made, then find a way to make it better or do something no one thought of before.
Perfect skills, IMHO, for spycraft.
Understand the flaws and weaknesses in a system—a system millions of people rely on—and then exploit it for your own ends. Machiavellian? For sure, but that is how these things work, isn’t it?
Regardless, our reliance on technology, the Internet, and connected systems makes for the perfect opportunity to start a new career as a cyberpunk spy. So, keep on jailbreaking and hacking, it might just be the best career move you’ve made yet.