Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
It's funny.  Laugh.

Tapping the Alpha Geek Noosphere with EtherPeg 118

tadghin writes "Rob Flickenger has an amazing take on what's happening in the wireless noosphere at the O'Reilly Emerging Technologies Conference. Rob used EtherPeg, a great Mac OS X hack that lets you see the GIFs and JPEGs flying around on the local network, to key off on an amazing visual commentary on what people were doing during Steven Johnson's keynote."
This discussion has been archived. No new comments can be posted.

Tapping the Alpha Geek Noosphere with EtherPeg

Comments Filter:
  • Excuse me? (Score:1, Insightful)

    by Anonymous Coward
    You'd think that Slashdot, with its pro-privacy stance, would realize that something like this IS an invasion of privacy.

    I don't like the idea of people spying on me: I don't care if it's essentially harmless.
    • Uhm, doesn't this display the lack of privacy in the modern network, hence proving that more of our network traffic should be encrypted?

      Unless you call wrapping image data in a TCP/IP bundle and splitting it up into packets encryption. Hmm... Maybe this software is actually a violation of the DMCA.

    • You'd think that Slashdot, with its pro-privacy stance, would realize that something like this IS an invasion of privacy.
      Perhaps the point of the article was to make the very concept of unencrypted network traffic more tangible to less intelligent people.

      Erik
    • Pardon my cynicism (Score:5, Insightful)

      by Innominate Recreant ( 557409 ) on Thursday May 16, 2002 @08:00AM (#3529117)
      You'd think that Slashdot, with its pro-privacy stance, would realize that something like this IS an invasion of privacy.
      An invasion of privacy on unencrypted data on a public network? And you're surprised? If you think that packets everywhere aren't being logged, sniffed, freeze-dried and reconstituted then you have a fundamental misunderstanding of how the internet actually works.

      If someone hacks my *private* network or illegally obtains my private encryption keys, then *that's* an invasion of my privacy.

      Sending or receiving unencrypted packets is like sending a postcard: it's not sealed, and it's not illegal for the letter carrier to read it. Sending an encrypted packet is like sending a letter. It's illegal for the letter carrier to open it.

      • by stere0 ( 526823 )

        Sending or receiving unencrypted packets is like sending a postcard: it's not sealed, and it's not illegal for the letter carrier to read it.

        Where did you get that from? In most parts of the world, anything you send through the mail is private and it's illegal to read someone else's postcard. The same rule applies to the internet.

      • by alacqua ( 535697 )
        If someone hacks my *private* network or illegally obtains my private encryption keys, then *that's* an invasion of my privacy.

        I must be missing something, because it seems to me that its an invasion of privacy either way. Just because it happens all the time and many people haven't protected themselves against, and many don't even know that they need to protect themselves against it, doesn't make it OK. Somebody straighten me out about how this is different.

        • You have to expect privacy to have it invaded. If you send packets across an unencrypted link, you should have no expectations of privacy, therefor there is no privacy to invade!
          • by duffbeer703 ( 177751 ) on Thursday May 16, 2002 @09:15AM (#3529557)
            So when the FBI uses carnivore to monitor email, that is not an invasion of privacy?

            If someone rifles through your garbage looking for information, that's not an invasion of privacy either, right?

            • Legally speaking, it's not. If it's trash, it is deemed to be of no import to you and therefore is fair game. A police officer may dig through your trash at any time and not need a warrant.
              • There have been many court cases about trash, but I think that generally the police are allowed to look through your trash when you leave it at the curb based on one of:
                • When you put it at the curb to be disposed of following city rules, you've given it to the city. It is legally trivial for a city police officer to be allowed to look at city property.
                • When you leave it outside your house, particularly on the city-owned boulevard, it no longer is protected by the search restrictions around your home.
                The situation can be different for non-city police, regulated investigators, or private citizens looking at the trash. For that matter, citizens do get prosecuted for stealing trash or recyclables based on their value to the city (even the worst trash can be of value when the city has a compost heap or requirement to incinerate a certain percentage of waste).
            • FBI: Different rules apply when its a police agency. Since they have the power to arrest and imprison me, they have restrictions placed on how they can search.

              Garbage: Why do you think I have a shredder? I have no expectations that my garbage is private.
        • by blaat ( 177280 )
          See it as 2 people talking on the street about 100 feet apart on a busy day: everybody can here them.
          that's not really invading privacy.
          now, when they are close together and someone puts his head in, *that's* invading privacy ;)
        • I must be missing something, because it seems to me that its an invasion of privacy either way. Just because it happens all the time and many people haven't protected themselves against, and many don't even know that they need to protect themselves against it, doesn't make it OK.

          I agree... based on that guy's logic, it's ok for someone to hop my fence, sneak into my backyard, throw my dog some meat, and peer through the crack between the curtains in my rear window, because I left the crack there. The process to put together the wireless data not meant for you is even more convoluted. Obviously noone intended to make their data public, they just wanted to have wireless access.

        • Ignorance of the laws is not a valid defense, not for criminals OR those who think their privacy is being invaded.

          There are several standards for determining privacy in both real-life interaction and on-line interaction. People seem to be mixing these several definitions together in these arguments.

          The law in most any case I recall requires the person expecting privacy to take some clear action to request/achieve that privacy from private entities. Remember, the US Consitution's 4th amendment is written as to, and usually interprited as to restrict invasion of person and privacy by Government entities, not private entities. It takes extral Federal, State and local laws to provide the same protections from individuals. So remember: in the US you have no inherent right to privacy: you have the right to privacy in your private home/posessions from Governement entities (unless they shoe probable cause under oath to a court of law). Step outside and all bets are off.

          For example:
          The peeking in the window thing. If the bakcyard has no fence, and no signage, then yes... the person MAY enter your yard, feed your dog and perhaps peer in your window without violating any laws. The peering MAY be limited/restricted by some laws, but most peeping tom laws I've seen require a tresspass, which this Hypothetical Situation(tm) does not have. IF the yard where fenced, or signed then the whole thing would be a tresspass/invasion of privacy. In most places standing in the street and looking in windows is NOT illegal. There is no tresspass, and there should be no assumption of privacy if one can easily see the interior of the house from a public area. Laws also state that there is not reasonable expectation of privacy in a public place.

          On-line should be held to the same restritcitons/rules. In this case it seems easy to understand that the network was not encrypted/restricted and that MANY people could access it freely. This seems to meet the definition of a public place. Packet sniffing on this network would be no more illegal than looking in to the cars passing you on the roadway, listening to a conversation between people your sitting near in the mall, etc.

          For clarification, a Public Space is generally any place that can be accessed without restriciton, membership or fee by the general public. So a Shopping mall's storefront areas are a public space (though still private property), the hallways that have closed doors and are marked "employees only" are not, even if the doors are not locked. An Interstate highway is usually a public space, the sections that are limited access toll-road would not be a public space even though they may be public property.

      • by jackDuhRipper ( 67743 ) on Thursday May 16, 2002 @09:01AM (#3529478) Homepage
        it's not private.

        The EtherPeg stuff is all in good fun, especially where the people knew they were being sniffed, BUT ...

        Would you also say that it's OK for me to walk around with my 900MHz radio receiver and listen to peoples cordless phonecalls? They're not encrypted; are they private in your estimation?

        Can I intercept cell calls?

        How about screen RF from folks' ATM transactions (the bank kind)?

        None of these are encrypted, but all of them are private by most reasonable standards.

        • Actually, by a reasonable standard those are not private. If you send unencrypted information out to all and sundry, you can't complain if some of us happen to read and understand it. It is not "reasonable" by any stretch of the imagination to imagine that you can bombard the world with signal and expect the world to keep the secret, any more than if you were to write your private diary in 6-inch type on your front lawn.

          Unfortunately, the legislature and the courts, not understanding the technology involved, have not based the law upon a reasonable standard. Instead, we have laws that pretend to preserve privacy but instead just give the illusion of that protection. Really, those laws are worse than nothing, since people think their unencrypted transmissions are "secure". If the law described the truth of the matter more clearly, everybody would use encryption, and they would have real security.

          You can call it "private" and "reasonable", but as long as I can sit out in my garage and listen in without anyone ever being able to tell that I did so, then it ain't private and you have no real expectation of privacy.

          Note: not that I'd do that, but there's no reason I couldn't. Or that your neighbor couldn't, to be more exact.

          • You can call it "private" and "reasonable",
            but as long as I can sit out in my garage and listen in
            without anyone ever being able to tell that I did so,
            then it ain't private and you have
            no real expectation of privacy.
            You make decent points, but you still seem to confuse your ability to see or hear my doings with the private nature of my doings themselves. This i agrue, is a slippery slope ...

            If you're on your garage listening in to me in my backyard, the problem is not my unreasonable / ignorant expectation of privacy, it's THAT YOU'RE LISTENING TO ME AND INVADING MY PRIVACY.

            The slipperiness of the slope comes in where you say "I can listen in, easily, to you, so you therefore cannot expect what you're doing to be private."

            So, if you had a machine available to you that decrypted all SSH traffic on a subnet you specified, without you or it breaking a sweat, does this mean it's unreasonable of me to think my SSH session is private?

            Extreme, yes - but it's precisely the same point.

            • I think my point is that if you're broadcasting something, then you have to take extra steps to make sure that someone doesn't intercept it, including encryption, frequency hopping, etc. It's not me "invading" anything if you're sending me the radio waves in the first place, any more than I would be trespassing if you started heaving bricks over your fence :)

              Now, if you're having a quiet conversation inside your house, and I have to hook up a parabolic mic or a laser listening device in order to figure out what's going on in there, then I think there's a little better argument for me actually doing some "invading".

              The bottom line is: you should have more of an expectation of privacy if you're doing things that would reasonably ensure that privacy. For example, holding the conversation indoors, speaking in a low voice, etc. If you are using a broadcast medium for communications that is known to be easily interceptible, then in order to receive the same expectation of privacy I think you should need to take further steps to ensure that privacy, like using encryption, etc.

              It's a good question - if I could easily crack any crypto, would you still have an expectation of privacy? I think that if the crypto hole is well-known, then you probably have no expectation of privacy if you persist in using it (for example, the original Wi-Fi crypto that was shown to not be fairly secure). But it's reasonable to say that if nobody knew that it was breakable (for example - if I figure out a gaping hole in AES this morning that nobody else has seen), then people that still use it had some expectation of privacy (at least as much expectation as one can have when using a public broadcast medium).

              It's still a judgement call, I agree, but the judgement should take into account the true security (or lack thereof) of current communications systems. Right now the assumption seems to be that any RF communication is private, which is a poor assumption.

            • "So, if you had a machine available to you that decrypted all SSH traffic on a subnet you specified, without you or it breaking a sweat, does this mean it's unreasonable of me to think my SSH session..."

              Actually, it would be reasonable of you to view it as private- because you took some sort of measures to ensure it was not directly visible, you encrypted it with something. Doesn't matter if you use IDEA or a Captain Crunch decoder ring- you have some reasonable understanding that it's supposed to be private between you and those you're communicating with. Just because you can unpack it without effort means little in regards to privacy- you took some measures to obscure your communications so that they'd be private.

              If you take no precautions, it becomes much more of a grey area. A telephone conversation (not mobile) could be deemed as private because under normal circumstances, only the people involved in the conversation could really be listening (normal, being not wiretapped, etc.). A typical mobile phone conversation, however, is much more analogous to a CB channel or you shouting your head off in your house with the windows open than a standard telephone conversation (No matter how much the mobile companies want you to think of it like a magic phone, it's still more of a radio than a phone in almost every sense of it's operation.). In that case, no real measures have been taken by anyone to obscure the content of the conversation going on over the airwaves.

              There is no assurances of privacy involved in either of those cases, and unless you're using a digital spread spectrum phone (something making the session more resemble a wireline conversation- tougher but still not really obscuring it in a way that can't be snooped...) or encrypting it (preferably both in light of the previous aside...) you're operating under conditions not unlike the CB situation- whether you realize it or not. Ignorance of the conditions you're operating under doesn't make it any more a privacy protected situation.
          • This coming from someone with a user name of "ethereal". Is there a direct or just ideological link from your name to the network sniffer package "ethereal"?
      • by Omnifarious ( 11933 ) <`eric-slash' `at' `omnifarious.org'> on Thursday May 16, 2002 @09:09AM (#3529520) Homepage Journal

        An invasion of privacy on unencrypted data on a public network? And you're surprised? If you think that packets everywhere aren't being logged, sniffed, freeze-dried and reconstituted then you have a fundamental misunderstanding of how the internet actually works.

        If someone hacks my *private* network or illegally obtains my private encryption keys, then *that's* an invasion of my privacy.

        Ahh, so a rule that isn't enforced by an architectural constraint isn't a rule at all. That means that when my fist connects with your face, it must be perfectly OK because there was nothing preventing me from doing so. That's really how your argument reads.

        Now, on the Internet, it's very hard to enforce certain kinds of laws unless you build in architectural constraints. We can have a debate as to whether or not the law should exist, given the costs of enforcing it within a certain set of architectural constraints. But, you can't argue that a law doesn't exist, or shouldn't be followed because there is no architectural constraint (actual code preventing you from doing it).

        That kind of thinking will lead to laws declaring certain architectures legal, or illegal, so it will be impossible not to follow the law because the architecture makes it impossible. The CBDTPA act and the DMCA are perfect examples. You're kind of thinking implicitly endorses the method by which they attempt to enforce the law.

        • Ahh, so a rule that isn't enforced by an architectural constraint isn't a rule at all.

          No. It's all about the definition of "reasonable expectation". The courts ruled that a postcard has no reasonable expectation of privacy, but that an envelope does.

          The simple fact is that many people have the capability and perfectly good reasons for seeing the data on their network. Just like you can't blame the postal worker when your postcard crosses their vision.

          The fact is the data can reasonably be seen by others. Therefore no reasonable expectation of privacy can or should exist. Encryption can create a reasonable expectation.

          Someone else pointed up this sounds line a pro-DMCA argument. It isn't. When a company sells me something, I can't believe they could have any reasonable expectation of privacy in the contents of my purchase.

          -
      • Etherpeg or Driftnet are not hacking your privacy, in the strict sense: they're hacking your expected privacy, which is a different thing.

        You'd expect people to see what you are browsing by looking over your shoulder, not by sniffing your packets. Is it rude? Yes. Unethical? Maybe. I wouldn't do it.

        That is NOT different from, say, a sysadmin checking the proxy cache dir for pics/sites the users might be visiting. As a sysadmin, I believe I had the right to look at that data only when needed, say, if I need to find a file which is fscking my cache. Otherwise, it's hands off for me. My users EXPECT me not to follow what they are doing.

        Also, what these tools do is nothing new. I saw a demo of a Computer Associates product (sorry, can't remember the name) which goes even further, reconstructing the entire web page a given user is viewing.
      • If someone hacks my *private* network or illegally obtains my private encryption keys, then *that's* an invasion of my privacy.

        Sending or receiving unencrypted packets is like sending a postcard: it's not sealed, and it's not illegal for the letter carrier to read it. Sending an encrypted packet is like sending a letter. It's illegal for the letter carrier to open it.


        Pardon my cynicism, but how far do you think you'd get in a case brought against the US government if you just happened to catch them sniffing packets on your so called "private" network?


        I've long believed that on the 'net, there is no law. You want privacy/security, you use the highest encryption available. It then is no longer a question of whether it is illegal or not, it becomes a question of whether or not it's possible to crack it. A "technical solution to a social problem" if you will. The law can go fuck itself at that point.

      • Sending an encrypted packet is like sending a letter. It's illegal for the letter carrier to open it.

        Maybe that's one of the arguments they used to pass the DMCA. I mean, hey, if encrypted information is like a letter, then why should it be legal for anyone to open the letter (break the encryption) other than whom it was intended for?
        ... Or maybe I'm just on crack.

        Hargun
  • Censorship! (Score:2, Funny)

    by -brazil- ( 111867 )
    I'm not going to believe that that half-covered image in the first screenshot was the only piece of Pr0n to come up!
  • ...or something similar for the PC. Work is already hard enough; if we don't have a little freedom of the mind and the freedom to let it wander, it stagnates. Unfortunately, a number of managers probably wouldn't see it that way if they could glimpse into the collective consciousness of their work environment.

    • Not for your manager, but already implemented on Linux:

      http://www.ex-parrot.com/~chris/driftnet/
    • Managers already do this. Many companies put all their employees on web proxies for exactly this reason. I have friends that work in large companies where it is a known fact that managers review

      1) Page views
      2) Attempts to view blocked pages
      3) Email with questionable content
      4) Usage statistics on mail servers

      As a result, I've helped those friends use web proxies and and SSL to add privacy to their workstations. putty [greenend.org.uk] port forwarding and a remotely running squid [squid-cache.org] are their best worktime friends.


      • Snooping on your employees is a terrible policy, even putting aside the obvious point that employees have less trust for employers who don't trust them.

        How much time do these managers spend on making sure the minions aren't doing anything non-work-related? Wouldn't the managers' time be better spent MANAGING?
        • What more frequently happens is that traffic is monitored until a complaint arises or the boss needs an excuse to get rid of the employee. Having set up such systems for companies, I know. They don't want to know what their employees are doing online unless it is affecting their work or their coworkers.
  • DriftNet (Score:4, Informative)

    by SubtleNuance ( 184325 ) on Thursday May 16, 2002 @07:03AM (#3528901) Journal
    Have a look at the GPLed GNU/Linux equal -- Driftnet [freshmeat.net]

    Run it on your LAN @ work for some scary results! (i shut it off after 10 minutes, after the pics of cross-dressing-victorian-era-constume-fan pics popped up *shudder*)
  • I wonder what you would see with this in the average office, as the day starts I'm sure you'd get alot of /. , MSN , Yahoo , New York Times, then at lunch MapQuest maps , the occasional general interest website, then as the day closes down movie sites, more news, and of course later in the evening you can see what the cleaning crews are doing, looking at porn of course!
  • This is not what I call an amazing visual commentary, unless you're talking about the /. effect...

    Internal Server Error
    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, webmaster@oreillynet.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.
  • EtherPEG is rather cool, downloaded onto my office Mac and saw various gifs floating past. :)

    Pity there's no Windows version - it also suffers if you're behind a switch - can't see any traffic on network segments the other side of the switch. Bummer.

    • Sure it can! All you need is a little program that MAC address bombs the switch. Send it a few millioin MAC addresses, and (depending on the switch of course) it will most likely go into "hub" mode and start broadcasting everything across all the ports.

      Of course this will hurt network performance a bit, but c'mon - it's worth it!

      Another option would be to just not send anything out to the switch at all - since it doesn't know what's connected, the switch should try to send everything to you. I think.
      • Re:EtherPEG (Score:2, Informative)

        by aderusha ( 32235 )
        most switches will only send broadcasts and unknown MACs down ports that haven't learned a MAC yet. however, most decent switches will let you turn one or more ports into monitoring ports that will recieve all packets for sniffing purposes.
    • arpspoof from the dsniff package should allow you to sniff on a switched network (provided that your machine is on the same subnet). arpspoof fakes the target machine into thinking that you are the default gateway. the target machine's packets are then forwarded to you where you pass them on (via kernel level ip forwarding or fragroute) to the real default gateway. http://www.monkey.org/~dugsong/dsniff/ [monkey.org]
  • Does anyone know if there's a windows port/equivalent of this software? Definitely sounds interesting to have a play with.

    I live in a Uni hall so this could effectively be what I've always been looking for - a free, dynamic, porn screensaver. Bonus :-)

    • Sounds real interesting especially if you live in a coed dorm. You just KNOW girls are having pillowfights in their rooms and have their webcams on, right?

      At least 90% of porn would have you think so :P
    • Does anyone know if there's a windows port/equivalent of this software?

      I, a Mac OS X user, have been waiting for this day since the original Marathon [gamedb.com] came out. BWA HA HA HA HA THE POWER!!!!

      Sorry, now back to your regularly scheduled thread. LOL

      For those interested in trying it out, be sure to read the read me about chmod-ing the /dev/bpf* files. And don't forget to change them back.
  • by kipple ( 244681 ) on Thursday May 16, 2002 @07:31AM (#3528987) Journal
    ...more or less the content is the same, except that in the gnutella traffic there's no ads forced to appear. so basically reading the gnutella traffic flow is like watching a "live" statistic of what human beings are doing online.

    on the other hand, if you remove any porn- related keyword, probably you could reduce the traffic by a great 80%. but that's another issue (I thought of that because the 'sex' pic in the first jpeg of the article)...

    interesting though
    • I'd love to see a screensaver use this to pluck random images from the network and display them. Of course, any pr0n showing on your screensaver would only be the result of someone elses dubious work habits. I'm not sure if I could get that excuse to stick, but it might be fun trying :)
      • quite interesting idea. submit it to the creator of the tool mentioned on that site, or to the creator of driftnet (the same thing but on i386):
        you can find it here [freshmeat.net].

        maybe a pipe could be set up so that this software will write the jpeg that finds on that pipe, and the screensaver will grab them :)

        let me know if you want me to explain it to that guy [the idea is yours :) ]

        cheers
      • Xscreensaver has a package called webcolage, it grabs images at random off the internet, I supose hacking how it gets the images would be easy enough.
  • EtherPeg has classic and Mac OS X releases.
  • Are there any windows programs that do this? if i weren't such a n00b i'd attempt to mess with the source but alas i wouldn't get very far. this looks cool, i need to try it on my linux box when i get home... unless someone finds a win ver :)
  • That none of those screengrabs had:

    1) Porn
    2) Ads, ads, ads, and more ads

    I thought I saw an obscured nipple on the first grab, but that was about it...

  • Irony (Score:2, Interesting)

    Ironically, Rob Flickenger let every know what *he* was doing during Rob Johnson's keynote address as well

    Did *anyone* listen to the speech?

  • to Goth, darkness and MSDN... I told you those blogging guys were really evil. The downward spiral obviously shows that the thin fascade of a "blogging" conference was really just a cover for the subliminal brainwashing techniques of Oreilly and his Kindom Hall lackeys.

    Down with Oreilley and their subversive book spam campaign!

    (Now go ahead and mod me into oblivion as a troll even though that was intended to be funny.)
  • by stere0 ( 526823 ) <slashdotmail@@@stereo...lu> on Thursday May 16, 2002 @08:03AM (#3529137) Homepage

    Note: the server is apparently still able to serve the images. Click on the links!

    Tapping the alpha geek noosphere with EtherPEG

    by Rob Flickenger
    May. 15, 2002

    So there I was at ETech, sitting in the back of the Emergence discussion, listening to Rael Dornfest, Cory Doctorow, Clay Shirky, and other extraordinary blogging minds thought about the blogging world.

    I was thoroughly enjoying the discussion, but I had to wonder, how were the other 200 people in the room reacting to the proceedings? Response seemed very favorable, but I did see quite a few faces staring down, with accompanying tell-tale key clicks buzzing about the room.

    If only there were some way of getting into the collective stream-of-consciousness of the crowd, to gauge their actual reactions to what was really going on up on stage...

    If you've never heard of EtherPEG, its a Mac hack that's been around for a while that combines all of the modern conveniences of a packet sniffer with the good old-fashioned friendliness of a graphics rendering library, to show you whatever GIFs and JPEGs are flying around on your network. It's sort of a real-time meta browser that dynamically builds a view of other people's browsers, built up as other people look around online.

    The effect was staggering. As I expected, traffic was very light at the beginning (a couple of big news and blog sites were obvious, and strangely enough, the Microsoft Developer's Network.) But as the talk continued, some people were obviously letting their minds (and their fingers) wander...

    Early traffic showed a very wandering bent. [oreillynet.com]

    I was impressed that when Tim O'Reilly stood up to ask about whether bloggers were building a city or living in their own ghetto, virtually all traffic stopped. Evidently, this was something that almost everybody in the room was interested in listening to. And once Tim sat down again, the pixels began to flow once more.

    After a little while, the atmosphere took on a bit of a dark turn. Lots of images of law enforcement agency websites, some american flags with an angry eagle bursting through, and possibly darkest of all, a Britney Spears fan site. The theme continued as Clay Shirky was discussing "maps and non-player characters" and the downward gothic spiral expanded...

    Further down the spiral [oreillynet.com]

    It became obvious that the crowd could be viewed as a living organism, with its own cycles of activity and rest. The chaotic effect of random images plastering themselves on my screen gave me a unique point of view-- it was a sort of mental feedback (much like audio feedback, even with the accompanying headache, only this headache was in some bizarre fourth dimension.)

    The End [oreillynet.com]

    By the end, the dark forces had definitely descended. I was treading on some very dark back waters of the collective geek subconscious... Think Evil Dead and PDAs in Washington DC. I had definitely descended into a sort of techno hell, the sixth circle of hades, where the damned are only given t-shirts after they listen to a short marketing presentation.

    EtherPEG isn't for the faint of heart, especially at a technical conference. The gentleman sitting next to me leaned over and inquired about how he could prevent me from watching his traffic... The technical answer is easy: run application layer encryption (ssh tunneling, vtun, ipsec, pptp) to a point outside of the wireless, and then your traffic will at least be protected from neighboring wireless eavesdroppers. But the philosophical answer is much simpler: I have stared at the sun, and for the sake of my sanity, will never again look directly at the consciousness of the online ueber-geek collective.

    Unless I really want to...

    Rob Flickenger is the O'Reilly Network's Systems Administrator

  • I know this is completely off-topic, but thought this would probably interest some people.

    Rob uses Grab for screenshots. On Mac OS, you can use apple-shift-3 to take a screenshot, apple-shift-4 if you just need a part. There are more shortcuts here [davespicks.com], put that page in your bookmarks!

  • Um, switched networks anyone? Great, now I can see all the images that my system is pulling in off the web.

    Whee!
    • read it(the article) people accept what they get given at a conf and this guy set it up

      I would be amused if I could see what other people where doodling

      regards
      john jones

      p.s. laptops are easy to clone all they do is put it through a Xray machine take a good look at it then ask them to unpack it then put it back through Xray machine, hold image on screen Xray off hidden compartment opens remove hddrive replaces it or clones depending on risk and then sends person on way ..... detailed in MI5 docs

    • Run the linux equivalent (Driftnet) in a remote x-session on your linux gateway (w/ dislplay on your local desktop of course). You'll catch all the traffic. ;)
  • It's easy : when at a conference, be polite, listen, don't surf.
  • by sbuckhopper ( 12316 ) on Thursday May 16, 2002 @09:09AM (#3529519) Homepage Journal
    I'm not entirely convinced by this article.

    Okay, I guess we kind of have to take the guy's word for it, but he may also be trying to get a rise. When I look at the three collages that we've been presented with here, it seems to me that he tried to put the most shocking pictures up front of what we would be most thrown off by (except for the pr0n of course), and then hide all of the pictures of people who may have been searching on things relevant to the talk in the back of the pictures.

    As a systems/security administrator, I am not convinced that a large majority of the images snarfed here didn't have at least something to do with subject at hand and could have come from people that were legitamately trying to look up more information on what was being said. After all, what I could make out of the half to three-quarter covered pictures was that they were either typical web-adds or pictures from the O'Reilly web site.

    I would want to see all of the pictures to be totally convinced that everyone was doing time-killing browsing.
    • And is it me or do these supposed 'image sniffs' (for want of a better description!) seem to have been faked?

      Now I'm not one for conspiracy theorys but the images include such things as menu bars and drop down dialog boxes. Now I'm not entirely sure but this program basically sniffs network traffic like any other sniffer until it recognises an image format, correct? Well if that is true, how can he/anyone explain the drop down menus etc. Surely they're rendered by whatever OS!

      Maybe it's just me...

  • ..as the "transdimensional tear" takes place in Watchmen [tripod.com]. If memory serves, he samples dozens of TV stations to update his investment portfolio in real-time.

    Interesting thing would be see how the patterns change as more and more people became aware of the sampling.

Veni, Vidi, VISA: I came, I saw, I did a little shopping.

Working...