Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

GSOC bugging - what technical details have been confirmed?

  • 11-02-2014 6:57pm
    #1
    Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭


    Obviously there is a political sh1tstorm at the moment, AGSI calling for GSOC commissioner to resign, the Taoiseach making inaccurate statements about the law, and other bits and pieces. There's a thread in politics for all that.

    Do we have any technical details yet about the anomalies observed in the sweep? How reliable are the reports of a compromised phone in a conference room? What has been claimed about the WiFi? What was the third anomaly, was it something to do with a mitm attack via fake GSM tower? Has any of that been confirmed, or are all three things wild speculation?

    Given the claims, which are technically plausible? There's hardly any information other than what was in the Sunday Times, but maybe more technical details will come to light soon.

    EDIT to add in a quote from Shatter's speech in the Dail - http://www.irishtimes.com/news/politics/oireachtas/no-definitive-evidence-of-surveillance-shatter-1.1687850
    He told the Dáil that three issues of concern to the Ombudsman’s office were identified, the first from a wi-fi device which was found to have connected to an external wi-fi network.

    “I am also advised that the wi-fi device was unable to communicate with any of GSOC’s databases or electronic systems and that the boardroom is not generally used for meetings.,” he said.

    The second related to a conference call telephone in the chairman’s office, where the conference phone rang but tests were unable to establish the source of the call.

    The third issue related to the detection of an unexpected UK 3G network near the GSOC offices.
    The consultants, among them former counter-surveillance specialists with Britain’s GCHQ spying agency, found a speaker phone on the upper floor of the GSOC building was bugged. The room was regularly used to hold case conferences on sensitive investigations. A test of the line confirmed the phone was being used to eavesdrop on meetings, according to sources.


Comments

  • Registered Users, Registered Users 2 Posts: 2,626 ✭✭✭timmywex


    No specific technical details:

    From reading it though sounds like a bug put on a phone in a meeting room, a physical little device capturing the voice transmissions, and the wifi, maybe just a rogue access point rather than man in the middle even?

    Impossible to know given the little thats been released, and the general media interpretation/lack of understanding surrounding "hacking".


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Very little specifics have been released. Although from whats quoted above, I have less confidence about the "government-level espionage equipment". I can build a wifi-snooping device using a raspberry pi and a wireless dongle. I could build a bug with 20 quids worth of stuff from Maplin and anyone can buy a UK 3g dongle. But, that doesn't sell headlines as well.


  • Banned (with Prison Access) Posts: 1,288 ✭✭✭sawdoubters




  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    The GSOC guy on prime time now just gave (marginally) more detail on one of the items - he said there was a WiFi device discovered with no password, not connected to their network.

    Simplest explanation - it might have been some sloppy IT, perhaps an ISP's router/AP just left with default settings? Though if things were that sloppy it would beg a lot more questions.

    He didn't mention the conference phone at all - sounds like the Sunday Times article made some wild claims unsupported by GSOC.


  • Registered Users, Registered Users 2 Posts: 4,188 ✭✭✭wil


    edanto wrote: »
    The GSOC guy on prime time now just gave (marginally) more detail on one of the items - he said there was a WiFi device discovered with no password, not connected to their network.

    Simplest explanation - it might have been some sloppy IT, perhaps an ISP's router/AP just left with default settings?

    He didn't mention the conference phone at all - sounds like the Sunday Times article made some wild claims unsupported by GSOC.
    Might be a bug in your TV :pac:, but he kinda did. Funny how people hear different things.:)

    Sounds like there doesn't seem to be any physical device just anomalies - (I guess they could be considered bugs if you wish)

    Paraphrased from Primetime (errors and errata excepted)

    ---
    Threefold issue
    Piece of equipment connecting to a external wifi without pw
    Conference call telephone - tested showed anomaly - strange behaviour rated unlikely to be innocent
    Sophisticated external sweeping device (unspecified and vague)
    Were they bugged - very difficult to say...
    Cant definitively say they were bugged.
    ---


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    Thanks for that - I missed the conference phone bit [I got it badly wrong, embarrassing!], had Prime Time on in the background as I'm putting up some shelves so didn't give it full attention. Appreciate your paraphrasing. Shelves are up now, so I can watch back over the recording and will transcript the bit where he got into the most technical detail.

    GSOC: What we got were credible threats to our own security, we hired credible international experts to consider those for us, to examine, to test them. At the conclusion of their testing, and their security sweeps, they were able to tell us that certain things did not look likely and other things they could not be definitively sure.

    Miriam: What were the credible threats?

    GOSC: The credible threats were threefold, one was a piece of equipment which was connecting to an external network, a WiFi device. It should have been activated by a password, in actual fact it was activating without seeming to have the need for a password, and transmitting. It did not compromise our data. It did not connect with our internal security but having found it, we certainly needed to take it very seriously. That was one.

    The second was more worrying, it was a conference call telephone, a conference call facility that we use not infrequently. That was tested and the tests showed up what we called in our first report, an anomaly, but it showed up something that gave them cause for concern and their judgement was that the strange behaviour of this device in response to their test, was such that it could have been co-incidental, it could have been explained away, but they rated in their report the possibility of it being co-incidental of being close to zero.

    The third one was a sophisticated piece of equipment that does sweeps of building from external if you like, if doesn't have to be in the vicinity, and it can attack mobile phones and other ....

    Miriam: So, it sounds like still, like your statement last night from GSOC, which more or less confirmed what you're saying now, that you still believed there could have been bugging of your building? And that is not what the minister is saying.

    GSOC: Well, we have no disagreement at all with the Minister

    and back to politics.

    He didn't really answer the question about what the credible threats were that led to the consultants being called in. Returned to it later in the interview and didn't give much details.


  • Registered Users, Registered Users 2 Posts: 4,188 ✭✭✭wil


    syklops wrote: »
    Very little specifics have been released. Although from whats quoted above, I have less confidence about the "government-level espionage equipment". I can build a wifi-snooping device using a raspberry pi and a wireless dongle. I could build a bug with 20 quids worth of stuff from Maplin and anyone can buy a UK 3g dongle. But, that doesn't sell headlines as well.
    Are you preparing to make a confession:D
    In bold was one of the first things I thought as the expert stated this.

    Apparently (I've no need or desire to confirm) one of the most sophisticated government "generated" malware worms designed to attack another countries infrastructure (intentionally vague) is now available in kit form.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    GOSC: The credible threats were threefold, one was a piece of equipment which was connecting to an external network, a WiFi device. It should have been activated by a password, in actual fact it was activating without seeming to have the need for a password, and transmitting. It did not compromise our data. It did not connect with our internal security but having found it, we certainly needed to take it very seriously. That was one.

    Still vague, but it could be a wifi pineapple.


  • Registered Users, Registered Users 2 Posts: 7,971 ✭✭✭_Whimsical_


    edanto wrote: »

    He didn't really answer the question about what the credible threats were that led to the consultants being called in. Returned to it later in the interview and didn't give much details.

    He said that the fact that private information regarding the Kevin Boylan case got into "the public discourse" had prompted them to call in consultants. He seemed very reluctant to make that clear though and Miriam didn't pick up on it.


  • Registered Users, Registered Users 2 Posts: 3,131 ✭✭✭Dermot Illogical


    He said that the fact that private information regarding the Kevin Boylan case got into "the public discourse" had prompted them to call in consultants. He seemed very reluctant to make that clear though and Miriam didn't pick up on it.

    And then the fact that they ran a check made it into the public domain as well.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    Could the consultant's report be FOI'd?

    I'd be interested in the UK 3G network, and whether the Irish network made a mistake in the broadcasted network name. Otherwise GCHQ are suspect #1 for me.

    Was the "unsecured WiFi network" belonging to GSOC or was it an attempt by a local resident to see if any gullible GSOC staff would use it?

    This anomaly with the conference phone is incredibly vague and varied. Was there unusual latency? Sinister breathing on the line? Phantom prank callers?

    Also, the routing of some things through an untraceable UK IP address. A bitcoin financed VPS? GCHQ rerouting traffic with BGP?

    I want a damn PDF from someone with /some/ technical expertise. This vindicates the Garda Commissioner's view of GSOC as being unsuitable to handle sensitive data.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Could the consultant's report be FOI'd?

    I'd be interested in the UK 3G network, and whether the Irish network made a mistake in the broadcasted network name. Otherwise GCHQ are suspect #1 for me.

    Was the "unsecured WiFi network" belonging to GSOC or was it an attempt by a local resident to see if any gullible GSOC staff would use it?

    This anomaly with the conference phone is incredibly vague and varied. Was there unusual latency? Sinister breathing on the line? Phantom prank callers?

    Also, the routing of some things through an untraceable UK IP address. A bitcoin financed VPS? GCHQ rerouting traffic with BGP?

    I want a damn PDF from someone with /some/ technical expertise. This vindicates the Garda Commissioner's view of GSOC as being unsuitable to handle sensitive data.

    With respect for this forum, so few details have been released, speculation is just folly. Mi5/GCHQ have practically untraceable ways of monitoring/tapping. Stuff like TEMPEST which can read peoples screens like they were sat next to them and cuffs that go on physical phone lines and retransmit the signal to the listening van parked on the corner.

    A bug, as in physical bug, put in/on a conference phone seems a bit too low tech for them.

    Wireless is often the weak link in an organisation. An unencrypted AP which guys use for checking their gmail on, could give up some traffic. Install jassager on the AP and it could trick phones and laptops to connect to it first allowing you to sniff emails, passwords, usernames, documents etc, plenty of information to aide in attacking the network itself.

    I still think this is a lot more low tech than has been reported.


  • Registered Users, Registered Users 2 Posts: 7,971 ✭✭✭_Whimsical_


    Could the consultant's report be FOI'd?

    I'd be interested in the UK 3G network, and whether the Irish network made a mistake in the broadcasted network name. Otherwise GCHQ are suspect #1 for me.

    Was the "unsecured WiFi network" belonging to GSOC or was it an attempt by a local resident to see if any gullible GSOC staff would use it?

    He gave the impression the wifi network belonged to them as he said it should have password protected and they thought it was but it turned out it had been accessed without a password.


  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    syklops wrote: »
    With respect for this forum, so few details have been released, speculation is just folly. Mi5/GCHQ have practically untraceable ways of monitoring/tapping. Stuff like TEMPEST which can read peoples screens like they were sat next to them and cuffs that go on physical phone lines and retransmit the signal to the listening van parked on the corner.

    A bug, as in physical bug, put in/on a conference phone seems a bit too low tech for them.

    Wireless is often the weak link in an organisation. An unencrypted AP which guys use for checking their gmail on, could give up some traffic. Install jassager on the AP and it could trick phones and laptops to connect to it first allowing you to sniff emails, passwords, usernames, documents etc, plenty of information to aide in attacking the network itself.

    I still think this is a lot more low tech than has been reported.

    What I'm saying is the "UK 3G" network sounds like either

    a) an error on the part of an Irish network
    b) Someone running a GSM base station in the vicinity, forgetting to change network name.

    Lookup OpenBTS talk at DefCon. Loads of phones connected automatically. Extremely effective for a small area.

    You're right, perhaps inappropriate speculation on it being GCHQ.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    What I'm saying is the "UK 3G" network sounds like either

    a) an error on the part of an Irish network
    b) Someone running a GSM base station in the vicinity, forgetting to change network name.

    Lookup OpenBTS talk at DefCon. Loads of phones connected automatically. Extremely effective for a small area.

    You're right, perhaps inappropriate speculation on it being GCHQ.

    Funnily today I am in the NOC of a Irish service provider and they have british 3g modems plugged in for testing. Again, the technical details are so thin on the ground it really isnt worth the time speculating. It really could be anything. We'll assume the security firm knew what they were doing, but they no doubt wrote a report and there is no guarantee that whoever read it, understood what it said.


  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    Some technical details emerged today at the committee. Just to look at one aspect, the conference phone.

    The privacy consultants that were investigating the phone sent some type of audio signal down the phone line at 1am.... and the phone was rung back immediately. Repeating the test did not produce the same results.
    The commission did not rule out that there could be reasonable explanations for any or all of these devices

    The anomaly in the telephone unit could not be repeated. We could not rule out an innocent call, even at 1am.

    Telecoms data could not identify the number from which the call had been made or even that a call had been made.

    If the signal the consultants sent down the line would normally cause the phone to be rung back, why did subsequent identical tests not produce the same result?

    If it was a random wrong number call, why did telecoms data not give a caller ID or even identify that a call had been made?

    Why would a privacy consultant send a signal of this type down a phone line unless it was known to give results that indicate surveillance?

    That might be a question people here have some experience of - is sending a signal of some type down a phone line, which generates a return ring any indication of a bugged line? Surely it could equally be faulty hardware at the exchange?


  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    http://www.irishtimes.com/news/crime-and-law/gsoc-s-account-of-bugging-evidence-does-not-tally-with-that-of-minister-1.1689432

    From the Irish Times today


    The most serious of three examples of suspected surveillance found relates to O’Brien’s landline in his office in GSOC headquarters in Dublin.

    In layman’s terms, it was tested to determine it if was bugged. This was done by sending a message down the line informing any potential bug that the line was being put out of service.

    Automatic response
    One source familiar with such testing said a bugging mechanism’s automatic response is to ring the telephone to establish if it had indeed just been discontinued.
    When O’Brien’s phone was put through that process it rang immediately. It was 1am.
    The possibilities are two-fold.

    Either the phone was bugged and its ringing was confirmation of that fact.

    Or somebody somewhere accidentally rang the phone in the early hours of the morning and at the exact moment those doing the testing expected it to ring if bugged.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    edanto wrote: »
    http://www.irishtimes.com/news/crime-and-law/gsoc-s-account-of-bugging-evidence-does-not-tally-with-that-of-minister-1.1689432

    From the Irish Times today


    The most serious of three examples of suspected surveillance found relates to O’Brien’s landline in his office in GSOC headquarters in Dublin.

    In layman’s terms, it was tested to determine it if was bugged. This was done by sending a message down the line informing any potential bug that the line was being put out of service.

    Automatic response
    One source familiar with such testing said a bugging mechanism’s automatic response is to ring the telephone to establish if it had indeed just been discontinued.
    When O’Brien’s phone was put through that process it rang immediately. It was 1am.
    The possibilities are two-fold.

    Either the phone was bugged and its ringing was confirmation of that fact.

    Or somebody somewhere accidentally rang the phone in the early hours of the morning and at the exact moment those doing the testing expected it to ring if bugged.

    We don't want laymans terms. We want what happened.

    That explanation sounds like BS to me. Covert surveillance, tries to be, you know, covert. A bug ringing the phone its listening to to test if its still working?


  • Registered Users, Registered Users 2 Posts: 9,371 ✭✭✭Phoebas


    syklops wrote: »
    We don't want laymans terms. We want what happened.

    That explanation sounds like BS to me. Covert surveillance, tries to be, you know, covert. A bug ringing the phone its listening to to test if its still working?
    I'm far from an expert in this area, but is it possible that the phone ringing immediately after the test was done on the line may have been an unexpected artifact of the test itself?


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Phoebas wrote: »
    I'm far from an expert in this area, but is it possible that the phone ringing immediately after the test was done on the line may have been an unexpected artifact of the test itself?

    Again, without specifics, its impossible to know.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 3,131 ✭✭✭Dermot Illogical


    One of the most infuriating things about this is the complete lack of technical specifics. It's all waffle like "anomalies on a wifi device", but when the GSOC commissioner was asked straight out (twice) what the device was he couldn't, or wouldn't, say. A media wireless type device thingy apparently.
    My suspicion is that the lack of detail is possibly deliberate. Putting the technical details of the devices and the tests run on them out there would quickly answer all questions. Perhaps they strongly suspect they were chasing shadows and are afraid they'll become a total laughing stock? Perhaps there are genuine threats? Who knows? All we have so far is damaging waffle.
    The whole thing could become instantly clear if the device/test data was released.


  • Registered Users, Registered Users 2 Posts: 9,371 ✭✭✭Phoebas


    One of the most infuriating things about this is the complete lack of technical specifics. It's all waffle like "anomalies on a wifi device", but when the GSOC commissioner was asked straight out (twice) what the device was he couldn't, or wouldn't, say. A media wireless type device thingy apparently.
    I thought they told the committee that it was a WiFi repeater (which surprised me because it wouldn't make sense for them to have one - switched on - when they have no WiFi network).

    I've also heard somewhere that it was some kind of media player - but it's difficult to separate the fact from the fiction.


  • Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    At the committee they said it was some kind of media player, can't find the transcript to that committee session. Not sure if transcripts are generally available to public sessions, but I hope so.

    I cautiously hope that the Sunday Times reveals a few more technical details without compromising GSOC security.


  • Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    The committee transcript is here, broken across 25 pages and not immediately searchable. Unfortunately, KildareStreet doesn't seem to index committee meetings, or hasn't indexed this one yet.


  • Closed Accounts Posts: 17,208 ✭✭✭✭aidan_walsh


    Actually, **** that. Have a text file. http://pastebin.ca/2640158


  • Registered Users, Registered Users 2 Posts: 9,371 ✭✭✭Phoebas


    edanto wrote: »
    At the committee they said it was some kind of media player, can't find the transcript to that committee session. Not sure if transcripts are generally available to public sessions, but I hope so.

    Here it is:
    The Wi-Fi device was in a media console and it allowed us to do certain things with that media console


  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    syklops wrote: »
    Very little specifics have been released. Although from whats quoted above, I have less confidence about the "government-level espionage equipment". I can build a wifi-snooping device using a raspberry pi and a wireless dongle. I could build a bug with 20 quids worth of stuff from Maplin and anyone can buy a UK 3g dongle. But, that doesn't sell headlines as well.
    Indeed, in fact you could probably find the odd one in an Irish mobile phone repair shop like, I dunno, this one, which just so happens to be right accross the road from the GSOC offices.....

    [edit] heh, well I guess people from that shop have spammed boards before now, hence the censoring. Check on Google Maps, it's right accross the road. I'm curious if the consultants actually bothered to walk over to see if, just on the off chance it was something they were playing with in the shop causing any of the issues.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Phoebas wrote: »
    Here it is:
    The Wi-Fi device was in a media console and it allowed us to do certain things with that media console

    Again, clear as mud. How many "media consoles" do the GSOC have?

    Was it simply a wifi dongle connected to an external hard drive?


  • Registered Users, Registered Users 2 Posts: 3,131 ✭✭✭Dermot Illogical


    There's a little more detail in the GSOC briefing document obtained by the IT.

    http://www.irishtimes.com/news/politics/gsoc-briefing-paper-contains-more-than-shatter-d%C3%A1il-statement-1.1691878


  • Advertisement
  • Closed Accounts Posts: 8,156 ✭✭✭Iwannahurl


    What I'm saying is the "UK 3G" network sounds like either

    a) an error on the part of an Irish network
    b) Someone running a GSM base station in the vicinity, forgetting to change network name.

    Lookup OpenBTS talk at DefCon. Loads of phones connected automatically. Extremely effective for a small area.

    You're right, perhaps inappropriate speculation on it being GCHQ.



    I know nothing about the technology, but a thought has occurred to me: could one simple explanation (though obviously a slightly paranoid one) for the UK 'identity' of the alleged IMSI-catcher be that it was a device designed, manufactured and sold by a UK company?

    It has been alleged that the Metropolitan Police (Simon O'Brien's old firm) use technology of that nature, as manufactured and sold by Datong PLC, a Leeds-based company specialising in "high quality intelligence equipment".


  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    Iwannahurl wrote: »
    I know nothing about the technology, but a thought has occurred to me: could one simple explanation (though obviously a slightly paranoid one) for the UK 'identity' of the alleged IMSI-catcher be that it was a device designed, manufactured and sold by a UK company?

    It has been alleged that the Metropolitan Police (Simon O'Brien's old firm) use technology of that nature, as manufactured and sold by Datong PLC, a Leeds-based company specialising in "high quality intelligence equipment".

    That's what I was speculating above.

    As I understand from the OpenBTS project, you can't simply use a consumer 3G modem to create a fake 3G/GSM base station.

    So what we are speculating here, is that a UK intelligence service forgot to rename the broadcast name of the network.

    Of course this is just as easily explained by the genuine 3G operator forgetting to reprogram some gear from the UK.


  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    http://www.irishtimes.com/news/politics/gsoc-briefing-paper-contains-more-than-shatter-d%C3%A1il-statement-1.1691878

    Get. a. load. of that briefing.

    Verrimus believe the UK network was an IMSI-catcher.

    GSOC dismissed this as being possibly lawful surveillance.




    What.



    This is mass surveillance of all mobile users around Abbey Street. This is definitely illegal.

    Let's see if we can get the DPC on this.


  • Registered Users, Registered Users 2 Posts: 3,131 ✭✭✭Dermot Illogical


    Verrimus believe the UK network was an IMSI-catcher.

    They would know, wouldn't they?
    http://www.independent.ie/irish-news/bugsweep-firm-tried-to-sell-force-device-at-centre-of-inquiry-30015421.html


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops



    The plot thickens.

    Verrimus to GSOC: We think there is an IMSI catcher operating in the area

    Verimus to Gardai: For sale: IMSI catcher, one careful owner, good price only 80k!


    Were Verrimus trying to pull a fast one?

    Were Verrimus trying to frame the Gardai?


  • Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    What's interesting (to me) about the story is how quickly people jump to conclusions based almost entirely on information that (with the greatest of respect) has been dumbed-down to the point where it's impossible to evaluate it.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 3,131 ✭✭✭Dermot Illogical


    https://twitter.com/verrimus

    Verrimus seem to be confirming that they at least had this kit with them.
    I wonder if they've discounted the possibility that they picked up their own equipment during the bug sweep?


  • Registered Users, Registered Users 2 Posts: 4,331 ✭✭✭Keyzer


    https://twitter.com/verrimus

    Verrimus seem to be confirming that they at least had this kit with them.
    I wonder if they've discounted the possibility that they picked up their own equipment during the bug sweep?

    Looks that way, seemingly they detected a UK 3G mobile which was put down to one of the Verrimus "security experts".

    Call me cynical but I'd expect an "expert" to have the intelligence to realise this.

    Statement on their site: "Verrrimus has a team of crack Ethical Hackers who can safely and accurately pinpoint vulnerabilities in your sysytems that will allow attackers to expoit those weaknesses." Spelling isn't their strong point though !!!

    I'd love to see their report, findings and remediation suggestions.

    Also appears that a device in GSOC was connected to a public wi-fi network. Would be interesting to know what that device was.
    For an organisation like GSOC, I would expect external Wi-Fi networks to be completely off limits. I'd also go as far as to say that if GSOC have their own internal Wi-Fi be either heavily locked down or not implemented at all.

    "It was found that an unused wi-fi device in the GSOC boardroom had been randomly connecting to a BitBuz wi-fi network but the security company did not trace where it was coming from."

    Some more information coming into the public forum:

    http://www.independent.ie/irish-news/gsoc-knew-cafe-wifi-was-cause-of-anomaly-30018274.html


  • Registered Users, Registered Users 2 Posts: 760 ✭✭✭mach1982


    Keyzer wrote: »
    Looks that way, seemingly they detected a UK 3G mobile which was put down to one of the Verrimus "security experts".

    Call me cynical but I'd expect an "expert" to have the intelligence to realise this.

    Statement on their site: "Verrrimus has a team of crack Ethical Hackers who can safely and accurately pinpoint vulnerabilities in your sysytems that will allow attackers to expoit those weaknesses." Spelling isn't their strong point though !!!

    I'd love to see their report, findings and remediation suggestions.

    Also appears that a device in GSOC was connected to a public wi-fi network. Would be interesting to know what that device was.
    For an organisation like GSOC, I would expect external Wi-Fi networks to be completely off limits. I'd also go as far as to say that if GSOC have their own internal Wi-Fi be either heavily locked down or not implemented at all.

    "It was found that an unused wi-fi device in the GSOC boardroom had been randomly connecting to a BitBuz wi-fi network but the security company did not trace where it was coming from."

    Some more information coming into the public forum:

    http://www.independent.ie/irish-news/gsoc-knew-cafe-wifi-was-cause-of-anomaly-30018274.html

    Heard on the radio it was a Insomnia cafe's free wi-fi on ground floor of the GSCO building .


  • Registered Users, Registered Users 2 Posts: 4,331 ✭✭✭Keyzer


    mach1982 wrote: »
    Heard on the radio it was a Insomnia cafe's free wi-fi on ground floor of the GSCO building .

    Yep but my question is what type of "unused" device was connected to this public wi-fi hotspot? And what else was that "unused" device connected to?

    If it were a laptop, which was on and connected to the GSOC network also (wired or wireless) wouldn't that present a clear threat in regards someone network sniffing on the public wi-fi, finding the "unused" device, accessing it and then traversing the GSOC network?

    Another question: was the "unused" device knowingly connected to this public wi-fi spot with a view to using it as a possible access point to the GSOC network? Would be interesting to see GSOC's internal security policies, specifically their network usage policy.


  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    Keyzer wrote: »
    Yep but my question is what type of "unused" device was connected to this public wi-fi hotspot? And what else was that "unused" device connected to?

    If it were a laptop, which was on and connected to the GSOC network also (wired or wireless) wouldn't that present a clear threat in regards someone network sniffing on the public wi-fi, finding the "unused" device, accessing it and then traversing the GSOC network?
    It wasn't an unused device, just the Wifi part was unused. They already mentioned that it was a 'media console' in a meeting room which wasn't itself connected to the GSOC network at all.

    Honestly it just sounds like they had a large LCD TV in the meeting room for showing presentations etc, but whomever set it up enabled the Wifi, so it was automatically trying to connect to whatever network it could.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 1,034 ✭✭✭dalta5billion


    Keyzer wrote: »
    Looks that way, seemingly they detected a UK 3G mobile which was put down to one of the Verrimus "security experts".

    Call me cynical but I'd expect an "expert" to have the intelligence to realise this.

    Statement on their site: "Verrrimus has a team of crack Ethical Hackers who can safely and accurately pinpoint vulnerabilities in your sysytems that will allow attackers to expoit those weaknesses." Spelling isn't their strong point though !!!

    I'd love to see their report, findings and remediation suggestions.

    Also appears that a device in GSOC was connected to a public wi-fi network. Would be interesting to know what that device was.
    For an organisation like GSOC, I would expect external Wi-Fi networks to be completely off limits. I'd also go as far as to say that if GSOC have their own internal Wi-Fi be either heavily locked down or not implemented at all.

    "It was found that an unused wi-fi device in the GSOC boardroom had been randomly connecting to a BitBuz wi-fi network but the security company did not trace where it was coming from."

    Some more information coming into the public forum:

    http://www.independent.ie/irish-news/gsoc-knew-cafe-wifi-was-cause-of-anomaly-30018274.html

    Seems incorrect.

    Verrimus statement on that article states that they detected an 3G network broadcasting with the name of a UK network. https://twitter.com/verrimus/status/435721370631413760

    Again, I'd suggest people look up DefCon talks on GSM and how easy it is to do mass surveillance.


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Keyzer wrote: »
    Yep but my question is what type of "unused" device was connected to this public wi-fi hotspot? And what else was that "unused" device connected to?

    If it were a laptop, which was on and connected to the GSOC network also (wired or wireless) wouldn't that present a clear threat in regards someone network sniffing on the public wi-fi, finding the "unused" device, accessing it and then traversing the GSOC network?

    Another question: was the "unused" device knowingly connected to this public wi-fi spot with a view to using it as a possible access point to the GSOC network? Would be interesting to see GSOC's internal security policies, specifically their network usage policy.

    I think you found your project for college.


  • Registered Users, Registered Users 2 Posts: 5,472 ✭✭✭brooke 2


    mach1982 wrote: »
    Heard on the radio it was a Insomnia cafe's free wi-fi on ground floor of the GSCO building .

    That was all debunked by security expert, Tom Clonan, on PK today.

    Was very clear that this was 'disinformation' by Paul Williams.

    Williams is a pathetic farce at this stage.


  • Registered Users, Registered Users 2 Posts: 9,371 ✭✭✭Phoebas


    brooke 2 wrote: »
    That was all debunked by security expert, Tom Clonan, on PK today.

    Was very clear that this was 'disinformation' by Paul Williams.

    Williams is a pathetic farce at this stage.
    I didn't hear that - what exactly did he debunk and how did he debunk it?


  • Registered Users, Registered Users 2 Posts: 4,331 ✭✭✭Keyzer


    syklops wrote: »
    I think you found your project for college.

    Hah !

    What part though?


  • Closed Accounts Posts: 18,966 ✭✭✭✭syklops


    Keyzer wrote: »
    Hah !

    What part though?

    An investigation of what actually happened, including a review of what hardware was used and exposed. As another poster suggested, look at some Def Con talks on GSM surveillance, and maybe even configure your own IMSI catcher and demonstrate how it works. We were told at the beginning the equipment used was available only to governments ergo it was government level surveillance. Building/configuring your own would put paid to that.


  • Registered Users, Registered Users 2 Posts: 576 ✭✭✭ifah


    syklops wrote: »
    As another poster suggested, look at some Def Con talks on GSM surveillance, and maybe even configure your own IMSI catcher and demonstrate how it works. We were told at the beginning the equipment used was available only to governments ergo it was government level surveillance. Building/configuring your own would put paid to that.

    There has to be an opportunity to include a Raspberry Pi and some cool Lego case here ..... for info : https://www.southampton.ac.uk/mediacentre/features/raspberry_pi_supercomputer.shtml


  • Closed Accounts Posts: 8,156 ✭✭✭Iwannahurl


    Keyzer wrote: »
    Yep but my question is what type of "unused" device was connected to this public wi-fi hotspot? And what else was that "unused" device connected to?

    If it were a laptop, which was on and connected to the GSOC network also (wired or wireless) wouldn't that present a clear threat in regards someone network sniffing on the public wi-fi, finding the "unused" device, accessing it and then traversing the GSOC network?

    Another question: was the "unused" device knowingly connected to this public wi-fi spot with a view to using it as a possible access point to the GSOC network? Would be interesting to see GSOC's internal security policies, specifically their network usage policy.



    A potential threat, yes. I can see why Verrimus use neutral terms such as "anomaly" in this context.

    Much is being made of Insomnia's free wi-fi, as if that was mistaken as being some sort of surveillance. My understanding is that what matters is the fact that GSOC equipment was trying to connect to external networks at all.

    While such an anomaly might be entirely accidental and benign, it was presumably not possible to entirely rule out either malicious intent or an inherent vulnerability.

    I guess that's just being prudent rather than paranoid.


  • Technology & Internet Moderators Posts: 28,830 Mod ✭✭✭✭oscarBravo


    Bump.

    The latest report makes for interesting reading. The first thing to note is that (shock, horror) the original Sunday Times story was completely and utterly full of crap. It also seems that there were benign probable explanations for two of the three anomalies, and the third remains completely unexplained - there's no convincing explanation, either hostile or benign - for the conference phone ringing after the alerting test.


  • Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    So, interesting update on this. It turns out that AMX who make the conference room stuff that the GSOC were using at the time have a habit of sticking in backdoors.


  • Advertisement
Advertisement