Browsing throughout the Reddit not so long before, my eyes immovable sight of an interesting project called SpyPi: An (un)ethical hacking station exclusively intended to educate people about the importance of data security by putting them in the shoes of the invader.
What impressed me more even though was that, in spite of the difficulty and scope of the project, the device was completely built by a high school student. In fact, the SpyPi was their graduation assignment – a necessity of every student needs to fulfil prior to receiving their diploma certification.
“Nowadays technologies meet our requirements in loads of ways, that we frequently ignore the dangers,” said Sarah, a 19-year-old student from Bern, Switzerland and the inventor of the hacking station. “I have created a SpyPi as a part of my graduation assignment. The enthusiasm behind it was to create an innovative way of resembling data security.”
Sarah had marked a disturbing tendency in how the broad public treats matters of data confidentiality. “People look like to feel a requirement for data security, but act imprecisely at the same time. Of course there are various reasons for such behaviours, but it is very concerning even so.”
Whatever twisted her attention to the topic of data security was a recently introduced law that threatened to compromise the confidentiality of Swiss Netizens in an exceptional magnitude.
“In 2015, Switzerland nominated on the new Nachrichtendienstgesetz law, which allows safety and intelligence agencies to collect even more data primarily on the pretext of violence,” she told.
“During the voting, the nothing-to-hide-argument was ubiquitous. I was surprised, how easily people gave up parts of their solitude without inquiring the whole thing. The law was adopted. I’ve had the impression lot of people voted on it without having enough information to actually deal with the topic.”
This is when the cunning high-school student sees the chance to transform things for the better.
Instead of pursuing vain attempts to instruct people by “spreading the word” or flooding them with jargon-heavy fliers nobody reads, Sarah opted for an approach that put prospective victims in the place of the hacker – so they could sole-handily see how vulnerable to data breaches everyone on the network .
“Since discussion with the people didn’t work out in the past, my move towards was to create a platform, which allows people to interactively stay in touch with the topic,” she told.
“To making people passionate about information technology (IT) is a difficult task. But there is one thing a lot of people have in ordinary: The infancy daydream of becoming a hacker.”
“That’s why I created a hacking station. SpyPi ought to allow people to find out why keeping data privacy is important for them,” she continued. “To get in touch with people at emotional level, I’ve created diverse programs/attacks, which affect sphere of everybody’s daily life, such as payment, social networking, and wireless networks.”
By keeping in mind, Sarah built five core features into the SpyPi in order to exhibit the various ways in which data makes users at risk: A network scanner, a brute-force dictionary, an RFID Spoofer, a mitproxy data-catcher, and a Twitter data-miner.
The network scanner, for occurrence, was programmed to show readily available information about your network and turn your attention towards certain easily-detectable weak points in your area network setup, so you can scrap them up before an invader exploits them.
The brute-force dictionary was integrated to exhibit, how easy it is to crack insecure passwords; the Twitter data-miner, on the other hand, showed how malicious agents can collect your publicly available data and turn it into data that reveals your (online) behaviour.
One bonus component the student implemented in the hacking station was a self-destruction USB killer that would stir fry the machine, when plugged into its ports.
If you are wondering in case, the SpyPi cost about $400 to put simultaneously. Among other things, Sarah used a Raspberry Pi 3 B single-board PC, a 7-inch mini-display, a mini mouse/keyboard solution, and an RC-522 RFID reader.
While Sarah designed the SpyPi for white-hat uses, she doesn’t hesitate to admit the tool could just as easily to be used for spiteful purposes. Really, she seems to take the same standpoint as Snowden on this matter: It is ultimately up to the customer to decide how to use it.
Read More: Crypto-Ransomware Targets 20 Million Inboxes
All she out to realize with the SpyPi was to bring onward the importance of maintaining accurate data security and privacy protocols in an extra engaging and pro-active way – and on that count, the hacking station seems to do a appealing straight job.
People who are searching for know more about how Sarah built the SpyPi can get more details on the official page she set up for the project here. There is also 70-page documentation (in German) for anyone interested in digging deeper into the technicalities. Drop an email to Sarah at firstname.lastname@example.org for a copy.