Eye-opening article about a reporter who allowed his home internet connection to be surveilled for a couple of days. It goes into a lot of detail about the tools used and the information that was revealed. In particular, it turns out that a mobile phone leaks information like a sieve - if a sieve could constantly broadcast sensitive, private information across the world.
After our brief one-week surveillance of Henn’s online activities, I joked that I could have written his story about data centers for him. And while that wasn’t quite true, we had uncovered a vast trove of information—the exact types of information the NSA could use as a digital fingerprint to identify and track any of us online:
- Most of the apps on Henn’s iPhone, based on application data while he was connected to the Wi-Fi
- The operating systems he used on personal computers, and the applications they ran—such as Microsoft Office, Outlook, Internet Explorer 7, Skype, and an app for syncing workout data from his wearable device
- Henn’s mobile phone number, unique device identifiers (UDID), model numbers, operating system versions, and cellular provider
- The addresses of e-mail and VPN servers and personal e-mail services
- Every website he visited and how often
- Cookies used to read paid websites
- Places he might be planning to travel
- The general content of Web search queries and which sites he visited as a result
- E-mail addresses and phone numbers he looked up online
- His patterns of activity—when he was working, using his computer for non-work purposes, or was active on a smartphone
Even better, the methods they used are easily understood by anyone moderately technical, and replicable by anyone who can install a linux distro.