Slashdot Mirror
Tapping the Alpha Geek Noosphere with EtherPeg
tadghin writes "Rob Flickenger has an amazing take on what's happening in the wireless noosphere at the O'Reilly Emerging Technologies Conference. Rob used EtherPeg, a great Mac OS X hack that lets you see the GIFs and JPEGs flying around on the local network, to key off on an amazing visual commentary on what people were doing during Steven Johnson's keynote."
I'm not going to believe that that half-covered image in the first screenshot was the only piece of Pr0n to come up!
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
science is a religion
Have a look at the GPLed GNU/Linux equal -- Driftnet
Run it on your LAN @ work for some scary results! (i shut it off after 10 minutes, after the pics of cross-dressing-victorian-era-constume-fan pics popped up *shudder*)
I wonder what you would see with this in the average office, as the day starts I'm sure you'd get alot of /. , MSN , Yahoo , New York Times, then at lunch MapQuest maps , the occasional general interest website, then as the day closes down movie sites, more news, and of course later in the evening you can see what the cleaning crews are doing, looking at porn of course!
Not for your manager, but already implemented on Linux:
http://www.ex-parrot.com/~chris/driftnet/
Pity there's no Windows version - it also suffers if you're behind a switch - can't see any traffic on network segments the other side of the switch. Bummer.
Does anyone know if there's a windows port/equivalent of this software? Definitely sounds interesting to have a play with.
:-)
I live in a Uni hall so this could effectively be what I've always been looking for - a free, dynamic, porn screensaver. Bonus
...more or less the content is the same, except that in the gnutella traffic there's no ads forced to appear. so basically reading the gnutella traffic flow is like watching a "live" statistic of what human beings are doing online.
on the other hand, if you remove any porn- related keyword, probably you could reduce the traffic by a great 80%. but that's another issue (I thought of that because the 'sex' pic in the first jpeg of the article)...
interesting though
-- There are two kind of sysadmins: Paranoids and Losers. (adapted from D. Bach)
EtherPeg has classic and Mac OS X releases.
Did *anyone* listen to the speech?
to Goth, darkness and MSDN... I told you those blogging guys were really evil. The downward spiral obviously shows that the thin fascade of a "blogging" conference was really just a cover for the subliminal brainwashing techniques of Oreilly and his Kindom Hall lackeys.
Down with Oreilley and their subversive book spam campaign!
(Now go ahead and mod me into oblivion as a troll even though that was intended to be funny.)
My $0.02 will always be worth more than your â0.02, so
If someone hacks my *private* network or illegally obtains my private encryption keys, then *that's* an invasion of my privacy.
Sending or receiving unencrypted packets is like sending a postcard: it's not sealed, and it's not illegal for the letter carrier to read it. Sending an encrypted packet is like sending a letter. It's illegal for the letter carrier to open it.
Note: the server is apparently still able to serve the images. Click on the links!
Tapping the alpha geek noosphere with EtherPEG
by Rob Flickenger
May. 15, 2002
So there I was at ETech, sitting in the back of the Emergence discussion, listening to Rael Dornfest, Cory Doctorow, Clay Shirky, and other extraordinary blogging minds thought about the blogging world.
I was thoroughly enjoying the discussion, but I had to wonder, how were the other 200 people in the room reacting to the proceedings? Response seemed very favorable, but I did see quite a few faces staring down, with accompanying tell-tale key clicks buzzing about the room.
If only there were some way of getting into the collective stream-of-consciousness of the crowd, to gauge their actual reactions to what was really going on up on stage...
If you've never heard of EtherPEG, its a Mac hack that's been around for a while that combines all of the modern conveniences of a packet sniffer with the good old-fashioned friendliness of a graphics rendering library, to show you whatever GIFs and JPEGs are flying around on your network. It's sort of a real-time meta browser that dynamically builds a view of other people's browsers, built up as other people look around online.
The effect was staggering. As I expected, traffic was very light at the beginning (a couple of big news and blog sites were obvious, and strangely enough, the Microsoft Developer's Network.) But as the talk continued, some people were obviously letting their minds (and their fingers) wander...
Early traffic showed a very wandering bent.
I was impressed that when Tim O'Reilly stood up to ask about whether bloggers were building a city or living in their own ghetto, virtually all traffic stopped. Evidently, this was something that almost everybody in the room was interested in listening to. And once Tim sat down again, the pixels began to flow once more.
After a little while, the atmosphere took on a bit of a dark turn. Lots of images of law enforcement agency websites, some american flags with an angry eagle bursting through, and possibly darkest of all, a Britney Spears fan site. The theme continued as Clay Shirky was discussing "maps and non-player characters" and the downward gothic spiral expanded...
Further down the spiral
It became obvious that the crowd could be viewed as a living organism, with its own cycles of activity and rest. The chaotic effect of random images plastering themselves on my screen gave me a unique point of view-- it was a sort of mental feedback (much like audio feedback, even with the accompanying headache, only this headache was in some bizarre fourth dimension.)
The End
By the end, the dark forces had definitely descended. I was treading on some very dark back waters of the collective geek subconscious... Think Evil Dead and PDAs in Washington DC. I had definitely descended into a sort of techno hell, the sixth circle of hades, where the damned are only given t-shirts after they listen to a short marketing presentation.
EtherPEG isn't for the faint of heart, especially at a technical conference. The gentleman sitting next to me leaned over and inquired about how he could prevent me from watching his traffic... The technical answer is easy: run application layer encryption (ssh tunneling, vtun, ipsec, pptp) to a point outside of the wireless, and then your traffic will at least be protected from neighboring wireless eavesdroppers. But the philosophical answer is much simpler: I have stared at the sun, and for the sake of my sanity, will never again look directly at the consciousness of the online ueber-geek collective.
Unless I really want to...
Rob Flickenger is the O'Reilly Network's Systems Administrator
Trollem mirabilem hanc subnotationis exigiutas non caperet
it's not private.
...
The EtherPeg stuff is all in good fun, especially where the people knew they were being sniffed, BUT
Would you also say that it's OK for me to walk around with my 900MHz radio receiver and listen to peoples cordless phonecalls? They're not encrypted; are they private in your estimation?
Can I intercept cell calls?
How about screen RF from folks' ATM transactions (the bank kind)?
None of these are encrypted, but all of them are private by most reasonable standards.
I'm not entirely convinced by this article.
Okay, I guess we kind of have to take the guy's word for it, but he may also be trying to get a rise. When I look at the three collages that we've been presented with here, it seems to me that he tried to put the most shocking pictures up front of what we would be most thrown off by (except for the pr0n of course), and then hide all of the pictures of people who may have been searching on things relevant to the talk in the back of the pictures.
As a systems/security administrator, I am not convinced that a large majority of the images snarfed here didn't have at least something to do with subject at hand and could have come from people that were legitamately trying to look up more information on what was being said. After all, what I could make out of the half to three-quarter covered pictures was that they were either typical web-adds or pictures from the O'Reilly web site.
I would want to see all of the pictures to be totally convinced that everyone was doing time-killing browsing.
"Everybody knows the moon's made of cheese," Wallace.
If you're on your garage listening in to me in my backyard, the problem is not my unreasonable / ignorant expectation of privacy, it's THAT YOU'RE LISTENING TO ME AND INVADING MY PRIVACY.
The slipperiness of the slope comes in where you say "I can listen in, easily, to you, so you therefore cannot expect what you're doing to be private."
So, if you had a machine available to you that decrypted all SSH traffic on a subnet you specified, without you or it breaking a sweat, does this mean it's unreasonable of me to think my SSH session is private?
Extreme, yes - but it's precisely the same point.
read it(the article) people accept what they get given at a conf and this guy set it up
..... detailed in MI5 docs
I would be amused if I could see what other people where doodling
regards
john jones
p.s. laptops are easy to clone all they do is put it through a Xray machine take a good look at it then ask them to unpack it then put it back through Xray machine, hold image on screen Xray off hidden compartment opens remove hddrive replaces it or clones depending on risk and then sends person on way
Managers already do this. Many companies put all their employees on web proxies for exactly this reason. I have friends that work in large companies where it is a known fact that managers review
1) Page views
2) Attempts to view blocked pages
3) Email with questionable content
4) Usage statistics on mail servers
As a result, I've helped those friends use web proxies and and SSL to add privacy to their workstations. putty port forwarding and a remotely running squid are their best worktime friends.
"The explanatory command for unix is man." Chauvinism or bitter irony? Discuss.....
"So, if you had a machine available to you that decrypted all SSH traffic on a subnet you specified, without you or it breaking a sweat, does this mean it's unreasonable of me to think my SSH session..."
Actually, it would be reasonable of you to view it as private- because you took some sort of measures to ensure it was not directly visible, you encrypted it with something. Doesn't matter if you use IDEA or a Captain Crunch decoder ring- you have some reasonable understanding that it's supposed to be private between you and those you're communicating with. Just because you can unpack it without effort means little in regards to privacy- you took some measures to obscure your communications so that they'd be private.
If you take no precautions, it becomes much more of a grey area. A telephone conversation (not mobile) could be deemed as private because under normal circumstances, only the people involved in the conversation could really be listening (normal, being not wiretapped, etc.). A typical mobile phone conversation, however, is much more analogous to a CB channel or you shouting your head off in your house with the windows open than a standard telephone conversation (No matter how much the mobile companies want you to think of it like a magic phone, it's still more of a radio than a phone in almost every sense of it's operation.). In that case, no real measures have been taken by anyone to obscure the content of the conversation going on over the airwaves.
There is no assurances of privacy involved in either of those cases, and unless you're using a digital spread spectrum phone (something making the session more resemble a wireline conversation- tougher but still not really obscuring it in a way that can't be snooped...) or encrypting it (preferably both in light of the previous aside...) you're operating under conditions not unlike the CB situation- whether you realize it or not. Ignorance of the conditions you're operating under doesn't make it any more a privacy protected situation.
I am not merely a "consumer" or a "taxpayer". I am a Citizen of the State of Texas
If you're in a conference room on a laptop, you can't really view much in the way of porn without people noticing. Most people wait until they're in private for stuff like that.
The ads thing is a big curious though. I thought I saw some at least.
I'm using driftnet though, not EtherPeg, since I don't have OSX. The machine sits out on the floor where everyone can see all the images that are being downloaded. Few people go to non-work related sites now, even though it doesn't say which computer the image came from.
Xscreensaver has a package called webcolage, it grabs images at random off the internet, I supose hacking how it gets the images would be easy enough.
Plato seems wrong to me today
Snooping on your employees is a terrible policy, even putting aside the obvious point that employees have less trust for employers who don't trust them.
How much time do these managers spend on making sure the minions aren't doing anything non-work-related? Wouldn't the managers' time be better spent MANAGING?
What more frequently happens is that traffic is monitored until a complaint arises or the boss needs an excuse to get rid of the employee. Having set up such systems for companies, I know. They don't want to know what their employees are doing online unless it is affecting their work or their coworkers.