Activists from the Pirate Party’s youth wing have wiretapped high-level political surveillance hawks at Sweden’s top security conference. They set up an open wi-fi access point at the conference and labeled it “Open Guest”, and then just logged the traffic of about a hundred high-ranking surveillance hawks who argue for more wiretapping, and who connected through the activists’ unencrypted access point. They presented their findings in an op-ed in Swedish this Tuesday.
The yearly security conference of Folk och Försvar (“People and Defense”) in the ski resort of Sälen is considered Sweden’s top security conference, with all relevant ministers of the cabinet present, all surveillance representatives present, and generally everybody present who would argue in public that surveillance of other people than themselves is the best idea since sliced bread.
At this conference, activists Gustav Nipe and Elin Andersson set up a honeypot open wi-fi, and labeled it “Open Guest”. About a hundred of the worst surveillance hawks used the honeypot access point during the conference. The activists were logging all so-called “metadata”: which servers were contacted and how. They present their findings in an op-ed in Swedish.
They start out by noting that it is borderline trivial to use this metadata from just casual browsing to uniquely identify the individual using the open wi-fi network, even manually combing through the collected data:
Analysis of the traffic metadata enables us to draw conclusions about which individuals were using our network. Visiting high-volume websites like the Aftonbladet tabloid won’t say much about the user in question, but when this is followed by connections to “mail.agencyX.se” and surfing on pages about a particular small city, the roster of possible candidates is dramatically reduced.
They also note that the people who are responsible for the very security of the country happily use open and unencrypted wi-fi to fetch governmental correspondence, and draw some conclusions from that:
On several occassions, we logged connections to mail servers of governmental agencies. Using an open, unencrypted network to read governmental correspondence is not good. For example, we saw connections to the mail server for the Swedish Civil Contingencies Agency (“Myndigheten för Samhällsskydd och Beredskap, MSB”). The agency’s mission is to develop society’s ability to prevent and deal with serious accidents and contingencies. We consider it problematic that their personnel is nowhere near sufficiently trained in information security.
But most of all, they wanted to make a statement against those who seed distrust and call for everybody else to be wiretapped, and seem to have succeeded well in doing so. They argue that they’re using the very same methods that the GCHQ, the NSA, and the FRA are using, albeit on a much smaller scale. They end their published findings thus:
In closing, we are happy to report that we have found no traces whatsoever of preparations of terrorism in our surveillance. However, we do note that people need to get much better at using the net in a secure manner.