Wifi sniffing digital picture frame

[AUTUIN] sent in a tip for his wifi sniffing digital picture frame.

A soon-to-be-trashed Pentium II laptop was rescued from Free Geek Vancouver. A lot of coffee shops around Vancouver feature local art and free wifi, so [AUTUIN] decided to combine the two. The project is designed to hang on the wall of a cafe and sniff images transmitted on the wireless network – an invasion of privacy, but as [AUTUIN] says, “that’s kind of the point.”

After gutting the laptop and putting it in a custom picture frame, Driftnet, a program that listens network traffic and picks out images from TCP streams, was installed. [AUTUIN] tested his build with an open wireless connection in his building. The results provided a wonderful narrative that started with pictures from news sites than slowly devolved to pictures from a hot-or-not style website, an online dating site and finally pictures from the inevitable conclusion of that browsing session.

[AUTUIN] is now looking for either a brave or foolish local coffee shop in Vancouver to feature his wifi sniffing picture frame. We think this would be very amusing if we weren’t using that network, not that we have something to hide or anything.

20 thoughts on “Wifi sniffing digital picture frame

  1. I would be careful hanging this thing up. It is perfectly legal to browse those sites but to show the images in public might be a serious offence. And the maker of the frame is much easier identified than the fella watching the naughty stuff.

  2. Wow I did this on a 42″ plasma over 7 years ago at work when people would not stop websurfing to “inappropriate” websites.

    I took over the Lobby TV and had a pc running linux and driftnet that hooked into the hub that was inserted between the router and the first switch.

    Except I modified driftnet to also use the GD library and a little code to take the destination IP address resolve it back to the username that was logged in and write on the bottom of the image the username.

    web-surfing at work dropped to ZERO within 1 hour of putting this thing online. The fun part is I did not get hate for it, I simply re-pointed the hate at corporate. “yeah they are installing these all over the company, we are a test site”

  3. It’s a shame this will not work on WPA networks.

    So if you have a WPA network you want to sniff, keep this in mind.

    WPA is end-end security while WEP is network security.

  4. @fartface While that seems fitting for a corporate network, I think using ‘samples’ would have given people a chance to sneak through filters.

    Seriously though, I live in Burnaby, and am glad to see Vancouver mentioned specifically. Any other big hacks posted come from the Metro Area that anyone knows of? The community here is very hidden from view. But an upcoming MakerFaire this month should hopefully help change that!

  5. I was under the impression that driftnet could only grab this data through ARP spoofing or being on a hub rather than a switch. Please correct me if I’m wrong.

  6. Rather like the “Making Visible the Invisible” display at the Seattle Public Library.
    (Which shows what patrons have recently checked out in various formats.)

    http://www.mat.ucsb.edu/~g.legrady/glWeb/Projects/spl/spl.html

    Seems like a good reminder of the lack of privacy at an open WiFi site.

    Keeping the display reasonably small is also good, since the viewer has to come relatively close to see the content (so viewer can easily avoid offensive pictures by not looking at it.)

  7. This would make a rather funny display in a public library, which are already ‘supposedly’ censored. not that it really helps. I frequently check my fetlife account there (on my laptop, in the privacy booths).

    It would be a good way to discourage creeps looking at porn in the childrens section.

  8. Expy, that thought has crossed my mind, believe it or not. I’m currently leaning towards putting the frame up on a router configured for an OpenDNS-based content filter (to save my skin) and naming the wireless network “ISTEALYOURPICTURES”. That makes it Caveat Emptor IMO.

  9. Is this just reading wireless traffic straight out of the air without any formal connection to the network, or ARP spoofing to man-in-the-middle traffic between clients and the router? The former would be much more impressive, although I don’t know how it would work and couldn’t tell from the write up.

  10. Damn, I was just talking about doing this exact same thing… pretty much to the letter….

    Ah we’ll room for more I suppose, still sucks someone beat me to the punch on the creation side of things..

    Good work

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s