Is it possible the person sitting across from me at Starbucks was trying to hack my laptop?

Question

I was using my laptop at a Starbucks on a table, and a person was using a laptop on the same table across from me, a couple seats to my side. He flicked some plastic thing across the table towards my laptop. What really freaked me out was he then actually flicked it again further to get it right in front of my laptop, behind my screen. The plastic thing was ring-shaped with a metal part on one end, which looked like the 30-pin iPhone charger. I've attached the basic shape.

enter image description here

Does anyone think they might know what the plastic dongle could be and/or have any information that would suggest the person was trying to do something malicious?

An attacker trying to compromise your computer at Starbucks doesn't need to be closer than the other side of the store. — tylerl, Dec 15 '14 at 07:02
Were you sitting near a window ? Maybe that person just wanted the antenna/whatever closer to the window to access a network outside the café (maybe it's a cellular router that receives cellular and provides a Wi-Fi network, in which case having it closer to the outside is advantageous). — , Dec 17 '14 at 20:10
Could you add within your question if this equipment (most probably a wireless charger see @VolleyJosh > 75 % right answer) was connected with a cable to a phone or computer? — dan, Dec 20 '14 at 10:17
To know if someone at your table or at another one in New York is working on your laptop, I'd suggest you to start studying your logfiles. First thing you will most probably learn is that everyone is attacked. The only one who aren't are the one who **don't know**. — dan, Dec 20 '14 at 10:23
Upon noticing the second 'flick', You should've just picked it up and said, "Cool. What's this?" — user2338816, Dec 22 '14 at 00:59
The title of this question is really way to general given the actual question you're asking. — DanielSank, Dec 22 '14 at 03:58
Is it possible they were trying to hack your computer? Yes. It's also possible they were trying to decapitate you by throwing that thing at you. Both options are however very unlikely and even less likely to succeed. — Theik, Dec 22 '14 at 14:52

score 147 · Answer 1 · edited Mar 17 '17 at 10:46

147

No, you are just being paranoid.

You were probably already connected to him over WiFi. There are many attacks he could have run this way without additional devices. Also if he would have wanted to hack you, he would not have thrown his strange hacking device in your face. He would have hidden it below the table.

Side note: I feel like most of the people saying they have been hacked are only paranoid. While most of the people who actually have been hacked do not notice it at all.

Also see VolleyJosh answer about the device.

edited Mar 17 '17 at 10:46

Community

1

answered Dec 15 '14 at 10:26

PiTheNumber

5,394
4
19
36

63

Sentence in your last paragraph is holy and saint. It should be engraved somewhere. It is the base of modern world. – trejder Dec 17 '14 at 10:01
3

I'd give you to upvotes for that side note. – sir_k Dec 18 '14 at 11:45
Your side note is spot on. Most people who think they've been hacked should probably learn to tell the difference from malware ads and actual system messages...Or stop going to porn sites – David Wilkins Dec 19 '14 at 13:52
1

Another +1 for that last paragraph. – cwallenpoole Dec 21 '14 at 18:01
@DavidWilkins, wait..what? – nicholaswmin Dec 22 '14 at 14:53

VolleyJosh · Answer 2 · 2018-08-06T22:19:07.533

119

Most probably he was using one of these wireless chargers that are built into the tables. It certainly fits your description.

edited Aug 06 '18 at 22:19

answered Dec 15 '14 at 19:17

VolleyJosh

1,181
1
6
5

12

Well clearly this is what the device was. – Dec 17 '14 at 01:18
Yep, this is definitely what it was. – Max Williams Dec 17 '14 at 10:20
6

Yup, and he probably pushed it the second time to get it atop one of those "mats" which just happen to be behind your computer. – Seth Dec 17 '14 at 17:26
But why wasn't there a phone attached? – Dec 18 '14 at 15:30
1

@jwg: Maybe he passing it down to someone else at the table and had to flick it a second time so it would be in their reach. – poke Dec 18 '14 at 17:58
1

Maybe he was trying to share his Charger thingamabob. – Malachi Dec 19 '14 at 18:56
2

I'd advise you to replace "Perhaps" with "Most probably" :). – dan Dec 20 '14 at 10:19

score 35 · Answer 3 · answered Dec 15 '14 at 10:03

35

I don't know what that gizmo is, but unless you've got a really bizarre laptop, it wouldn't be useful for attacking your computer.

Outside of a laboratory setting, attacking a computer means using its standard input or output capabilities. An ordinary wifi or Bluetooth antenna can reach your laptop from anywhere in the room; a directional antenna can extend that reach to several buildings away. Very few computers have IR transceivers these days, but those are non-directional and reasonably long-range: an attacker just needs line-of-sight, not point-blank range. Spying on you by picking up signal leakage from your screen requires specialized equipment; to pick your screen out from all the screens a typical Starbucks requires a large, highly directional antenna best hidden in a van out in the parking lot.

Yes, there are coil-shaped antennas, but for the range you're talking about, a simple dipole will be far less conspicuous, and even a short length of wire will be sufficient.

answered Dec 15 '14 at 10:03

Mark

34,390
9
85
134

2

In reference to it sharing the shape of an antenna, it could easily be an RFID reader, which cannot be dipoles or a short length of wire. – cremefraiche Dec 15 '14 at 10:55
2

"Spying on you by picking up signal leakage from your screen requires specialized equipment" If you are talking about tempest monitoring (EM radiation, not NSA TEMPEST), that only works on CRT screens. So unless someone has a serial/rca adapter from their laptop to a TV from the 90's, I think it's a non-issue. – cremefraiche Dec 15 '14 at 10:58
1

@cremefraiche [Van Eck phreaking](http://en.wikipedia.org/wiki/Van_Eck_phreaking) (I think that's what you mean by non-NSA TEMPEST...the specific implementation or attack vector rather than the overarching strategy?) has been demonstrated to work on LCD screens – Nick T Dec 15 '14 at 21:46
1

@NickT LCD Tempest monitoring is a complete non-issue this day in age. Try finding a research paper on it newer than 2007. The new trick (2014) is airgapping via FM with AirHopper. – cremefraiche Dec 15 '14 at 23:41
@cremefraiche WP's article mentions a 2009 report from Brazil about possible leakage in their voting machines (could only find it via wayback machine), but granted they're probably older technology. What's new that thwarts it? Some combo of higher resolution, framerates, and better EM design, or a new technology? – Nick T Dec 15 '14 at 23:54
@NickT Did you really come back with a 5 year old study instead of the 7 years I said? Seriously? Voting machines in Brazil? Short answer to 'what's new'.. **Everything**. I'm not going to sit here and explain to you every change monitor and cable manufacturers have made to improve their products and reduce interference. – cremefraiche Dec 16 '14 at 00:24
5

@cremefraiche Apologies, I thought you had something specific in mind that happened on-or-around 2007 (I assumed you didn't just make up that year) versus the general stuff I listed (higher resolution/framerates that would lower the SNR, and better EM design which would lower the signal altogether). – Nick T Dec 16 '14 at 00:42
These days hacking is even possible by communication via Microphones and speakers see eg http://www.newstatesman.com/future-proof/2013/12/researchers-prove-pc-viruses-can-spread-microphones . Although admittedly this is more of a inside a laboratorium setting and probably the labtop should already have been infected to get it to work anyway. – hetepeperfan Dec 17 '14 at 08:20
@hetepeperfan, they didn't demonstrate infection. They demonstrated that two computers running appropriate software can communicate over an acoustic channel -- something anyone familiar with acoustic-coupler modems would know. If your computer is not running that software, the microphone is not a viable infection route. – Mark Dec 17 '14 at 08:27
@Mark I agree. Thats why the labtop should already be infected in the first place to get it to work. – hetepeperfan Dec 17 '14 at 08:28

score 10 · Answer 4 · answered Dec 15 '14 at 09:10

10

As @cremefraiche said, the object fits the profile of an wireless iPod/iPhone charger. As the coil works as an antenna, it could theoretically be used to send data from the device.

To investigate if this device is charger or a surveillance bug, you can try to pry it open. If the 30-pin connector has anything else than the power-lines connected, it is possible that it can be used for wireless access to the device.

You can find the 30-pin connector pinout from here: http://pinouts.ru/CellularPhones-A-N/iPhone_connector_pinout.shtml

answered Dec 15 '14 at 09:10

Zokol

129
3

3

This really is paranoia. – Dec 18 '14 at 15:31
Nevertheless, I feel that's an interesting "possibility". I can agree with others that there's easier ways though. – Jimmy Smith Dec 18 '14 at 21:23

dotancohen · Answer 5 · 2014-12-15T17:27:22.237

7

Although I agree with the other posters that the device in question probably was not a hack attempt, I disagree with their conclusion that he was not trying to hack you.

In fact, I recommend adopting the strategy that everybody is trying to hack your equipment. That sounds paranoid, but it leads to the type of security that is more difficult (i.e. non-trivial) to breach. Just because the man passed a funny device across the table, does not mean that he or somebody else, independently, isn't scanning your machine for vulnerabilities over the wifi network.

edited Dec 15 '14 at 17:27

answered Dec 15 '14 at 17:11

dotancohen

3,698
3
24
34

11

While your comment may be right when deciding how to secure your system, I would NOT advise to use this strategy to decide when to leave a place physically, call the police or accuse someone publicly of hacking you. – Alexander Dec 16 '14 at 12:11
1

@Alexander: Note that I never suggested to do any of the things that you suggest. In fact, even if you have _proof_ that someone is trying to hack you, I don't recommend any of the above unless you suspect a targeted attack. Shut down your system to protect it but don't make it obvious that you know that you've been scanned. – dotancohen Dec 16 '14 at 12:41
1

The OP didn't make it clear, but I think his reaction would have been one of the three reactions I mentioned, because they are just natural. – Alexander Dec 16 '14 at 13:07
Your answer must be missing some explanation of what you really mean, because as written, you most certainly *are* suggesting a person take whatever steps seem most appropriate to *them* in response to being attacked by strangers in public. Securing your belongings in the real world involves more than just passive safety precautions. Perhaps you meant, "secure your equipment as if everybody will try to hack it"? – Dan Getz Dec 17 '14 at 10:29
1

@DanGetz: That is exactly what I mean. – dotancohen Dec 17 '14 at 14:24

score 5 · Answer 6 · 2015-05-10T12:19:29.287

If your laptop has an RFID/NFC reader (some Dell laptops have them) then yes an antenna can be used to "talk" to the laptop and exploit a vulnerability in the reader's driver, but readers are usually placed near the touchpad rather than behind the laptop, and while this antenna can most likely send any data to the reader, I doubt it's sensitive enough to receive responses from the low-power reader through the screen (which has metal and interference-generating hardware in it); also I'm not aware of any vulnerabilities in Windows's card reader driver API.

TLDR: possible in theory, in practice you're just being too paranoid and if he really wanted to try and compromise you he could do that from a much longer range (Wi-Fi's indoor range).

score 2 · Answer 7 · answered Dec 17 '14 at 08:39

The device looks like a FM antenna; there were also some 3G/LTE routers that look almost like that (now they're mostly soapbar or cube shaped, it seems). It has happened to me to be connected to a WiFi and a cell network, or run diagnostics on one while connected to the other. And fiddling with a cell antenna's position in the hope of getting better reception/bandwidth is a hallowed tradition.

That said, could have it been a hacking device? Yes. It's remotely possible. Not a WiFi though, for he would not have needed it any closer than several dozen yards, and not Bluetooth either (a couple of meters; much more with such a large antenna. "Cantennas" and "gun assemblies" have been reported allowing Bluetooth phreaking at hundreds of meters). NFC isn't a likely contender with a laptop. All the above, assuming we're not dealing with a moron -- of which there are many more than there are hackers, and whose M.O. is closer to stalking a Starbucks than a hacker's would be).

Was the donut shaped part upright, or parallel to the table? If the former, it could have been a short-range EM receiver possibly suitable for a Van Eck attack (also called TEMPEST attack). At short range it is possible to passively eavesdrop on LCD monitors and keyboards (sort of remote keylogging), and even CPUs. While the device described on Wikipedia had a range comparable to WiFi, it also costed in the neighbourhood of USD 2,000; a cheaper device with a range of less than one meter can be built with a tenth the expense.

Has anyone demonstrated eavesdropping on a wired keyboard or a CPU outside of a laboratory setting? — Mark, Dec 18 '14 at 02:26
It has been demonstrated in electromagnetically noisy environments [Vuagnoux, Barisani]. The "laboratoriness" of the setup has mostly been due to the necessity of complicated sampling equipment and/or calibration. In the last years, though, miniaturized loggers and oscilloscopes have become reasonably cheap and portable. Which is not to say my hypothesis is *probable*, mind - just *conceivable*, as opposed to *no frigging way*. In the OP's case I feel confident there was a mundane, innocuous explanation. — LSerni, Dec 18 '14 at 07:44

Is it possible the person sitting across from me at Starbucks was trying to hack my laptop?

7 Answers7