Advertisement

Young Pirate hacker gets top security secrets

Share this article

The president of the Pirate Party's youth wing, Gustav Nipe. Photo: TT
16:06 CET+01:00
UPDATED: The president of the Swedish Pirate Party's youth wing has told The Local that Sweden's leading security and military experts searched for 'holidays' and 'forest hikes' during working hours, after he tricked them into logging onto an unsecure server at a conference.
Gustav Nipe, 26, set up a Wi-Fi network called 'Open Guest' at the conference earlier this week and claims that several high profile officials used the network to log into their email accounts and surf the internet.
 
As the Wi-Fi network was not encrypted, Nipe says he was able to track which sites people visited as well as the emails and text messages of around 100 delegates, including politicians and journalists as well as security experts.
 
“The security establishment was in Sälen pushing for more surveillance, but then leading figures go and log on to an unsecure W-Fi network,” he told The Local.
 
"It is very embarrassing because the data we collected showed that some people were looking at Skype, eBay and Blocket and stuff like that, or looking for holidays and where you could go and hike the forest. This was during the day when I suppose they were being paid to be at the conference working."
 
Nipe insists he didn't carry out the stunt to target a particular person, rather to draw attention to the issue of network monitoring in Sweden, and says he won't be revealing which sites were visited by specific experts.
 
"The scary part is that with unsecure networks like these you can end up getting access even to secure servers because people so often use the same passwords for different sites. So we could have got into the government's server or used other information to track people in their everyday lives."
 
The stunt has sparked criticism in Swedish newspapers and on social media, with some arguing that he breached Sweden's Personal Data Act.
 
Martin Brinnen, a lawyer at the Swedish Data Inspection Board told Dagens Nyheter that Nipe had acted without the "explicit consent" of the Wi-Fi network's users, despite the fact that they had agreed to join an open network.
 
He said that while each case should be considered separately, how information is gathered from open networks and for what purpose plays a major role in determining whether or not tracking email traffic is legal.
 
"To collect data in order to create some sort of mapping of [how people are] using the network, or to collect sensitive data, may be contrary to the Personal Data Act," he told the newspaper.
 
Dagens Nyheter said there were exceptions in the law that permit logging this kind of personal information, such as for journalistic purposes.
 
Nipe told The Local that all the data he had collected would be stored in an encrypted way so that no-one else could access it and added that it would be erased after it had been analysed.

Story continues below…

 
"I am confident that we are on the right side of the law and if anything was illegal then it was people using our network without permission and high ranking people working in security using unprotected, unencrypted networks to log into their emails."
 
The Pirate Party (Piratpartiet) was founded in Sweden in 2006, and says its goal is to "fight for a better world, free of oppression and censorship".
 
But support for the group has been waning and it scored less than one percent of the vote in Sweden's last general election in September 2014.
 
 

Share this article

Advertisement
Advertisement
Advertisement
Advertisement

Popular articles

Advertisement
Advertisement