Sniffing the Wireless Traffic of MIT Students

An anonymous reader writes "Someone got permission to sniff the wireless traffic during an MIT class. The professor: none other than Robert Morris, creator of the first Internet worm! The lecture: computer security! I love it."

Thank you, Apple

Highest number of packets: MDNS (Multicast-DNS, Zeroconf) with a whopping 30% of all packets. Because computer Barbie says: Configuration is hard.

Re:Thank you, Apple

[arth1]

It's not THAT Apple uses zeroconf, but HOW they use it.
There's nothing in the zeroconf specs that say you have to constantly flood the network with queries.

Re:Thank you, Apple

[metamatic]

On the other hand, Zeroconf was basically invented by Stuart Cheshire, who works for Apple (and invented the tank game Bolo, another good way to waste network bandwidth).

Re:Thank you, Apple

[ThrowAwaySociety]

Highest number of packets: MDNS (Multicast-DNS, Zeroconf) with a whopping 30% of all packets. Because computer Barbie says: Configuration is hard.

*rolls eyes* Yeah, what's with kids these days and their automagical service discovery.

Back in my day, we manually entered protocol names and IP addresses. Forget zeroconf, we didn't have DNS. We kept a list of IP addresses in a text file on our systems. And if we didn't know the IP address, we went out and walked over to the datacenter, uphill, both ways, in the snow, and we wrote it down using our own blood for ink so we wouldn't forget it.

And we liked it that way!

Re:Thank you, Apple

[paiute]

Tsk, tsk. Mod MIT -1 overrated. I sure wouldn't pay out my ass to send my kids there.

http://en.wikipedia.org/wiki/The_Fox_and_the_Grapes

Re:Thank you, Apple

[hoggoth]

I don't there there are many 13 year old girls at MIT. Draw your own conclusions.

Re:Thank you, Apple

[dgatwood]

At an average of 50-60 bytes apiece, that's a total of a whopping 47 kbps, or 0.0047% of capacity. Yes, that's an acceptable price.

Re:Thank you, Apple

[natehoy]

Now get the hell off my LAN! :)

Re:Thank you, Apple

[Rockoon]

Look at it this way:

259932 MDNS packets

...over 45 minutes...

...and 21 sources...

Thats 5776 packets per minute, 275 packets per minute per machine.. or an average of 4.6 packets per second per machine, of just MDNS traffic.

Now, this shit does what, exactly? Why exactly does it need to spam the network every 220ms?

Re:Thank you, Apple

[jimbolauski]

Bolo, another good way to waste network bandwidth).

Bolo is not a waste of network bandwidth, with it's ring communication it is very light on on the bandwidth latency was always the problem.

Re:Thank you, Apple

[butlerm]

At an average of 50-60 bytes apiece, that's a total of a whopping 47 kbps, or 0.0047% of capacity

The effective capacity consumed could be quite a bit higher than that due to CSMA/CD overhead and the like. If someone else is transmitting a station has to wait a random amount of time before transmitting, for example. That is a non trivial factor that can easily take a busy 10 Mbps network down to 3 Mbps of usable capacity, for example.

Re:Thank you, Apple

[tsm_sf]

Well in all fairness if the token happens to fall out you can spend hours looking for it.

Billable hours.

Re:Thank you, Apple

[BZ]

21 sources, right? Sending broadcast packets on a WiFi network? But WiFi has no concept of broadcast packets; these are simulated by the access point transmitting the packet to each wireless client individually.

The question is what tcpdump (which was used to create the logs) would show here. Would it show one broadcast packet? Or 22 separate packets (1 from source to AP, and 21 from AP to destinations)? I think last time I tried (when mDNS traffic from a few hundred laptops all in one room was totally swamping the one access point) it was the latter... but I could be misremembering.

If the latter, then looks like the actual send rate for any given machine is about 1 packet every 6 seconds. But the quadratic growth in number of actual packets in the air due to lack of real broadcast packets makes things suck.

Get Your Facts CORRECT ! : +2, Prior Art

You state:
"Robert Morris, creator of the first internet worm!"

You are obviously unaware of The “worm” programs—early experience with a distributed computation

I hope this helps your reference callouts.

Yours In Akademgorodok,
Kilgore Trout, C.I.O.

Re:Laptop Useage in Class?

[Ephemeriis]

I haven't been to university for 9 years, but are students really using laptops during class???

Laptops, netbooks, smart phones, tablets... Yup.

In theory they're typing notes or recording the lecture or something.

In practice, I suspect it is more of a distraction than anything else.

Re:Laptop Useage in Class?

[Monkeedude1212]

In my class 2 years ago, it was pretty much mandatory. Prof would be walking you through a PHP script for logging onto the server. If you weren't following along, you were considered not learning the skill.

In this way, the prof could look around at everyones laptop. He'd be able to see how people coded differently, and give suggestions on how to either improve their style, or what languages they'd be most comfortable in, what editor they might like, etc etc. It went beyond simple reading of the code, it was an inspection of how you wrote the code you did, and I found it very helpful.

Re:Laptop Useage in Class?

[gront]

Yes. Absolutely.

http://www.washingtonpost.com/wp-dyn/content/article/2010/03/08/AR2010030804915.html?hpid=topnews&sid=ST2010030805078

Re:Laptop Useage in Class?

[AnEducatedNegro]

son, I was in university 10 years ago using my laptop in class. it's great for taking notes, though i am more jealous of kids nowadays because they have tablets and ipads. how i would have killed for that instead of using a wacom tablet and a laptop....

it was also to disguise the fact that i was writing video games in my intro to computer architecture classes

Re:Laptop Useage in Class?

Yes, and despite your skepticism, it's actually useful:
-Take notes
-look up a reference that the prof didn't bother to explain
-If you're bored, you can pay half attention instead of just falling asleep.

Mind you, like the rest of college, you get out of class what you put into it. There are certainly kids who go to class for attendance points and spend all period playing farmville.

Re:Laptop Useage in Class?

[Hunter0000]

Speaking for myself, I find them a good distraction during mandatory classes with professors I have already discovered can't teach whatsoever and I am better off reading the book (and sometimes I do that instead of use a laptop). For those who can though, I never do.

At least at my uni you can usually tell how respected the professor is by how many laptops/iPhones/random gadgets are being used in-class.

It's not uncommon...

[zero_out]

It's not uncommon. In fact, at my alma mater, the students do the same thing in their IT security class. It's an exercise to show how easy it is to sniff packets, and find passwords for things like email accounts. This is meant to encourage better security. If the students don't know why something is important, they won't care. When I was in grade school, many kids didn't see why algebra was important, so they didn't care, and didn't bother learning the material.

Re:It's not uncommon...

[rgviza]

At my school (ASU), after sniffing one lecture, I threw up a little in my mouth. Damned sweaty bohemians that think a magic crystal works as deodorant. Not in Arizona heat...

totally offtopic, but fun

[oddTodd123]

Wikipedia will do this to you. I clicked the link for Robert Morris, followed links to read about his first startup, and found their original business plan, which contained this gem in their list of needs, dated 8/24/95:

2. Secure server software ($5000). This does not seem to be an absolute necessity; there are a lot of sites on the web where you can send your credit card number unencrypted, and to date there have been no reports of the numbers being stolen. But catalog companies may *believe* that a secure link is necessary, and spending this $5000 would give Webgen a much more professional look.

Money well spent

[Reason58]

FTFA:

I got permission from Robert Morris and Sam Madden to monitor the wireless traffic during their Computer Systems Engineering class and made an announcement at the beginning of a class period explaining what I’d be doing.

He told everyone up front he was going to do this and people were still chatting, watching TV, reading about Warcraft, and updating their blogs. Just imagine how bad it would have been if he hadn't said anything. I bet some hard working people who were rejected by MIT are really happy to read this.

Re:Money well spent

[Chapter80]

Awesomely, AIM, Jabber, MSN Messenger, and Yahoo! Messenger were all represented in the traffic...

AIM is the clear favorite.

I've lost respect for MIT's admissions process.

Re:Money well spent

[HeckRuler]

Well those hard working people apparently weren't smart enough to sail through highschool physics/calculus, since they apparently had to work at it.

It's a real kick in the pants, but some people are quick, clever, and sharp enough to achieve in a few minutes what it takes you hours to do. Life isn't fair, deal with it.

Re:Money well spent

[Reason58]

There is a lot to be said for work ethic. Trust me, I know. I'm posting this from work.

Re:Famous WoW Guild Facebook

[longacre]

No it didn't. profile.ak.fbcdn.net = facebook.

Do nothing. Act casual.

[Itninja]

from TFA: "...monitor the wireless traffic during their Computer Systems Engineering class and made an announcement at the beginning of a class period explaining what I'd be doing."

So does this represent what would really be so if he hadn't told them ahead of time?

Some more RAW wireless data

[punit_r]

CRAWDAD is a community based effort of sharing data captured on a wireless network, only after anonymizing. This has proved to be very useful to the research community in general.

Very real statistics about the protocols used and the kind of traffic patters observed over a period of time can be observed from the data sets. All of this with users not being very conscious of their activities. I say this because some of the data sets are for durations as long as 5 years. It is a lot easier to avoid surfing pron for a 45 minute lecture than to avoid it altogether for the entire duration of stay on campus. Having said that, I am sure some of the detailed statistics like popular IM clients, top 20 websites etc can not be found out from the CRAWDAD traces.

It beats sniffing MIT students

[RandomUsername99]

It beats sniffing MIT students. Trust me.

so i cant seem to figure

[nimbius]

out what this article is actually about, and why i should give a shit...famous professor at expensive college gets approval for lesson plan related to security?

in college to demonstrate secure passwords, i had a professor run john the ripper on our auth hashes in shadow. live-fire security demonstrations are always a good tool in college because it provides a route for hands on learning and a finer appreciation of the subject matter, but its no different than an accounting or finance class being asked to bring their tax returns in.

Re:hmm

[Chapter80]

Not sure where you're from, but just an FYI... In many states, it is legal for one party of the conversation to record a phone line without the permission of the other. However, some states are "Two Party Notification States".

Re:hmm

[Lumpy]

you can call it all you want. The Law states that any photo taken from outside the property is not. That is what matters, not what you think.

It's how I dealt with a Asshat neighbor. pointed a security cam at his house. Caught him throwing trash over the fence to the next door neighbors. I sent the footage to the cops and he got nailed. He threatened to sue me based on "invasion of privacy" and I dared him to do it, i even egged him on with" you ain't got the balls" and 'chicken" because I know the judge would eat him alive.

It's also why you can be arrested for indecent exposure when you are naked in your home. If I can see your dirty naughty bits from outdoors.

if you want privacy, keep the blinds closed.

Re:Laptop Useage in Class?

[yo_tuco]

"In theory they're typing notes or recording the lecture or something.

In practice, I suspect it is more of a distraction than anything else."

Not much different than when we were bored with a lecture and played hangman on our HP41C calculators back in the 80's.

Re:Laptop Useage in Class?

[HeckRuler]

Yeah, I can type a hell of a lot faster then I can write. And I can actually read it afterward!

Re:Laptop Useage in Class?

[HeckRuler]

That sounds awesome. A hell of a lot better then my ComSci department that made us write out code on paper for the tests.

WWW != Internet

[Mostly+Harmless]

From TFA: "Using the Internet means a lot more than HTTP traffic!"

Maybe that's because the Web != the Internet? I know that the Web represents most of the active time many people spend on the Internet, but really? When did the two become synonymous?

Re:hmm

[CraftyJack]

It's called "civility".

You ask before doing things could piss other people off even when you are technically within your rights to do so, and other people are willing to cooperate with you to mutual benefit.

You can choose to forgo "civility", but then other people will refer to you as an "asshole" and you will have fewer opportunities to benefit from non-zero-sum cooperation.

Re:Laptop Useage in Class?

[korean.ian]

Only a distraction if you let it be. Returning to school this year, I use my notebook to take notes in all my classes except econ, because graphing is not much fun in TextEdit.The notebook is pretty valuable, although I suspect it would be of less use in a science/maths lecture. Easy text formatting for highlighting different pieces of information within the structure of the notes, useful for looking up relevant information, and of course I can type faster than I can write, so while putting down the important bits of what the professor is saying, I can also easily inject my own thoughts/comments on the subject as they come to me.

Do lots of kids use facebook and shit during class, of course they do, they're on mommy and daddy's dime, why wouldn't they fuck around? Not all do though. I'm sure there's correlation between grades and facebook use in class, and once could certainly theorise causation....

Re:hmm

[swb]

Don't egg anyone on. It raises you to "willful participant" status.

Had it escalated to a physical confrontation you may have had trouble claiming self defense.

You always want to remain a "reluctant participant".

Re:code in pen and paper

[Nadaka]

My most annoying test was writing a grammar and recursive descent parser for a set of complex regular expressions on paper.

That professor was simultaneously the best and worst teacher I have ever had. He was a total hard ass, but if you managed to pass his classes, you really ended up learning.

Nothing new at MIT

[JelloJoe]

Nothing new here. The same thing was done in 2005 when I was in the class. It was done by the professor himself and the next day he was able to display the IM conversation two kids were having in the class. One end was encrypted so he didn't think he could be caught, but the other end was not, so the prof was able to display the chat. Basically the chat had something to do about how bored the student was. It was quite amusing.

Re:code in pen and paper

[StikyPad]

I hate wrist craps, especially when they're watery.

Anyway, the benefit of taking tests like that is that you don't *have to* debug. Syntax is usually a secondary concern (if it's a concern at all -- we were allowed to use pseudocode), and design is emphasized over implementation.. which is good, because any monkey can debug or look up syntax (and even the most skilled coders will have to), but creating an elegant design takes some amount of skill and insight.

Re:Laptop Useage in Class?

[nicolas.kassis]

I had asteroid on my TI-83 ;p

Re:Laptop Useage in Class?

[ceoyoyo]

Coding on paper makes you a better coder. Be thankful you had a CS department that made you do that. Few do anymore.