Mimicking NSA Technology to Jam and Expose Mobile WiFi Signals

The SPOOK-I project takes on the National Security Agency's surveillance techniques with a “hypothetical and operative” machine inspired by the Orwellian techno-spies.

Jan 10 2015, 11:00am

​Image: Francesco Tacchini

London-based designer Francesco Tacchini has coded a mesmerizing browser-based algae that grows and created a data visualization of Europe's quality of life statistics, but his newest project investigates something more personal. With SPOOK-I, Tacchini takes on the National Security Agency's surveillance techniques with a "hypothetical and operative" machine inspired by the Orwellian techno-spies.

As Tacchini explains on the Royal College of Art's Information Experience Design program website, SPOOK-I "mimics two surveillance techniques available to the NSA Tailored Access Operations unit, in order to expose the technology employed by state surveillance for the 'weaponization of everyday.'"

SPOOK-I from RCA IED on Vimeo

According to Tacchini's project description, SPOOK-I was inspired by the NSA's 50-page classified Tailored Access Operations (TAO) unit catalog published in December 2013 by German news magazine Der Spiegel, which detailed the agency's backdoors into numerous devices. Similarly to tools revealed in the exposé, namely Candygram and Spook, Tacchini's machine is essentially a wireless jammer and sniffer (wifi monitor) that targets nearby devices.

After sniffing for and jamming wifi signals, SPOOK-I pushes an @nsa.gov email to nearby laptops and smartphones. (Tacchini writes that the system scrapes the emails entered by users to access the Royal College of Art's local network.) After blasting out an email, the system then projects the exposed names with an interface that features a live spectrogram of the wireless network being jammed. Below is the projected SPOOK-I push email:

From: SPOOK-I@nsa.gov

To: ******@network.rca.ac.uk

Subject: ******, you are now under NSA surveillance

Body: Hi ******,

this device is now under surveillance: you have been added onto a radio frequency controlled by the US National Security Agency.

This is a top-secret operation called CANDYGRAM and it was exposed, together with other NSA bulk-surveillance program, in 2013. During June 2013, Edward Snowden, a former United States National Security Agency contractor, disclosed secret documents detailing a number of surveillance programs. Snowden leaked a series of files to news agencies in response to what he described as the 'systematic surveillance of innocent citizens' worldwide.

In December 2013, German weekly news-magazine Der Spiegel published an article exposing the NSA toolbox: a 50-page classified catalog listing technology available to the NSA Tailored Access Operations unit to aid in cyber surveillance.

Among the agency's surveillance efforts are CANDYGRAM, a device that mimics a cell-phone tower to intercept signals from mobile devices, and SPOOK, a family of softwares that infect a target's phone using high frequency audio signals. SPOOK-I specifically removes a target's device from its network to then implement CANDYGRAM. The leaked documentation for CANDYGRAM and SPOOK-I is attached to this email and accessible as part of the 'POSSESSED OBJECTS' exhibition.

For more information on the work or to discuss the global surveillance disclosures, please reply to this email.

As Tacchni notes on the IED website, civilian jamming is illegal in the UK, and he's not proposing its use outside of the gallery setting. Unless, of course, you're a spook at GCHQ and NSA; in which case, you've already got Candygram, Spook and dozens of other invasive toys for your surveillance playtime.