A security researcher who's also in law school recently wondered how easily a private citizen could spy on other people. He really only needed $570 and the Internet.
Brendan O'Connor, 27, created a "terrifyingly easy" system for monitoring people, he told The New York Times. By putting Raspberry Pi models (cheap, programmable mini-computers) in small plastic boxes connected to a command center, he gave himself access to data from anyone using a wireless device nearby.
A tip of the hat to the NSA's PRISM operation, O' Connor's Creepy Distributed Object Locator, or CreepyDOL, harvests similar information. The system kicks in when someone connects to the same Wi-Fi network — like the free ones in coffee shops, Forbes reported.
He made 10 boxes, each costing $57, the Times reported. Using them, O'Connor can uncover which websites people browsed, the unique connection identifier to their iPhones and iPads, and even their email addresses and pictures sometimes.
O'Connor's DIY surveillance doesn't even need public or unsecured Wi-Fi. CreepyDOL traces information when iPhones "ping" the server every few seconds to check for new messages, too.
O'Connor can save and use all this information to give a more complete picture of people he would purportedly spy on. “I take all this data, throw it together, and visualize it to show people with real faces and identities and histories moving around a map in 3D," he told Forbes.
As a law student at the University of Wisconsin, however, he knew he could only spy on himself.
One of his hacker friends, Andrew Auernheimer, got 41 months in prison for violating the Computer Fraud and Abuse Act after he found the email addresses of more than 100,000 customers of AT&T in an effort to expose the company's lax security.
“It could be used for anything depending on how creepy you want to be,” O'Connor told the Times.
Join the conversation about this story »