Hi list,
I've put together a reference Android application, following up from the earlier
thread 25/02 "The 'Kill Packet' - feedback wanted".
//------------------------------------------------------------------------------>
KillPacket v0.1
Android tool and server side code. Proposal and reference implementation
This project was started to address a hypothetical case one has volatile data on
a remote machine that needs to be removed as fast and as discretely as possible.
In such situations opening up a laptop and logging in via SSH, an SFTP/FTP
browser etc may simply be too slow.
Rather, it would be more convenient to long-press a single button on your phone
that sends a network packet to the server, triggering a script that proceeds to
delete your data and/or back it up to another trusted server. It is considered
this functionality may be of use to journalists, activists and others believing
that their data may be under threat of physical seizure and have only the phone
in their pocket to do something about it.
Someone sniffing on the wire will indeed see a string, the ‘kill signature’,
going out in the clear to the remote server at the given port. They will see no
other information. If the packet is blocked, captured and sent by an opponent,
they do the work for you. If it is simply blocked, your data sees another day.
Only a person with ssh access to the server can modify the kill signature,
define target directories for deletion and set the port.
This preliminary (read ‘alpha’) implementation utilizes ‘socat’ for network
packet capture on the server side and a hand-rolled Android application for the
client.
While functional, it is only intended for testing and study toward the ends of
releasing a finished application.
DISCLAIMER: Nothing beats good disk encryption on the server side.
//<------------------------------------------------------------------------------
Project page:
http://julianoliver.com/output/kill-packet
GitHub repo:
https://github.com/JulianOliver/KillPacket
Feedback, commits, merciless criticism gladly accepted.
Cheers,
--
Julian Oliver
PGP B6E9FD9A
http://julianoliver.com
http://criticalengineering.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing
moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
