We watched as my iPhone pinged servers all over the world. “It’s just thousands and thousands of pages of stuff,” Porcello said.”
So why is “pwn” pronounced “pone”?
Conventional wisdom (and the Urban Dictionary) credit the term “to pwn” something with it being a perversion (or typo) of the term “to own” something. Hence “pwn” is pronounced like “own”, only with the P. Many consider it to be part of leet (l33t) speak.
Dave Porcello’s Pwnie Express (pronounced ‘pony express’) defines ‘pwn’ as “to own as in the sense of defeat” or, alternatively, “to beat someone or something by a wide margin, usually in relation to a game.”
So what then, is a Pwn Plug, and where does it fit into Henn’s Project Eavesdrop?
Let’s explain Project Eavesdrop first, then the Pwn Plug will make more sense.
Henn has set out to determine what information the NSA can derive from eavesdropping on your Internet traffic.
We have already written about what just your cell phone records and publicly available data can reveal about you.
Now imagine what having access to all of your Internet and cellular data and traffic can reveal about you.
That is what Henn is setting out to determine, and that is where the Pwn Plug comes in.
The Pwn Plug is a device which monitors all of the Internet and cell data sent and received by any device that connects to it.
Basically, Henn had Pwnie Express’ Dave Porcello, along with fellow journalist Sean Gallagher, of arstechnica, use the Pwn Plug to bug his office, and sift through all of the data, to simulate what the NSA might see and find.
While what the NSA may be tapping into is of grave concern, perhaps equally concerning is how much of it there is to tap. The sheer volume of data produced by a single person, sitting in their home office, is stunning.
Henn describes the moment when his iPhone connected to the Pwn Plug:
“When my iPhone connected to the network, suddenly a torrent of data began flowing over the line. Porcello was monitoring my traffic in his office across the country in Vermont. “Oh, jeez,” he said. “You are not opening apps or anything?”
The iPhone was just sitting on my desk — I wasn’t touching it. We watched as my iPhone pinged servers all over the world. “It’s just thousands and thousands of pages of stuff,” Porcello said.”
And that was just his iPhone.
And by triangulating just a few bits of the data sniffed from his phone, it was very easy to determine his identity. His phone was named “Steve’s iPhone”. His phone checked mail on the NPR mail server, meaning he probably works at NPR. And his weather app announced that it was in Menlo Park. Meaning, he was Steve Henn of Menlo Park, not the other Steve who works at NPR, Steve Innskeep of Washington, D.C..
Observed Porcello’s partner, Oliver “Awk” Weis, “That’s really the mind-blowing thing about this. People are walking around every day with these mobile computers in their pockets, and they have no idea what they are sending to the world.”
Indeed, based on just a single email transmission from the NPR server to Henn, and Henn’s search traffic, Porcello was able to determine what an as yet unaired NPR story would be about. Which means that had he been a journalist for a rival news outlet, he could have scooped NPR.
|Get notified of new Internet Patrol articles!
You might also like some of our other articles: