Please comment below with more stuff to think about / add.
Be able to identify/fingerprint devices within a limited wireless range.
- MirrorMe - Guardian Development (Github Project) - A project to turn a Raspberry Pi into a malicious WAP repeater
- Practical Cellphone Spying - Chris Paget (Defcon18) - A talk on setting up a malicious phone tower.
- Surveillance camera code of practice - UK Gov
- Data Protection Act 2018
- Protection of Freedoms Act 2012
- Broadcast signal that purports to be a public access point ( like sky's
_The_Cloud
, orMcDonaldsWifi
) - When a user device attempts to auto-authenicate, tell them it's not true (because we don't want to wiretap)
- But maybe they've given us some useful identifying information?
It used to be that phones announced the wireless routers and networks that they were looking for ("Hey, I usually connect into BT_HOME_XXXX
and COMPANY_WIFI
, are any of those here?")
Requires target device has bluetooth turned on