Project Eavesdrop: An Experiment At Monitoring My Home Office --- If someone tapped your Internet connection, what would they find out about you? --- It's been just over a year since Edward Snowden became a household name, and his disclosures about the reach and extent of the National Security Agency's online monitoring programs led to headlines around the world. -- But one big, basic question remains more or less unanswered: What exactly does the NSA's surveillance reveal? -- To try to answer that question, I had my home office bugged. -- Working with Sean Gallagher, a reporter at the technology site Ars Technica, and Dave Porcello, a computer security expert at Pwnie Express, I had the Internet traffic into and out of my home office in Menlo Park, Calif., tapped. We installed something called a Pwn Plug to monitor the data flowing to and from my computer and mobile phone. -- The box is a little wireless router that basically captures and copies all the traffic into and out of any device that connects to it. That data were sifted and analyzed by software automatically. -- So for a little more than a week, Porcello and Gallagher stepped into the role of NSA analysts and spied on my work. --- What Happened? -- Back in early April I ushered Gallagher into my office, and together we connected my own personal Pwn Plug to my home network. -- When my iPhone connected to the network, suddenly a torrent of data began flowing over the line. Porcello was monitoring my traffic in his office across the country in Vermont. -- "Oh, jeez," he said. "You are not opening apps or anything?" -- The iPhone was just sitting on my desk — I wasn't touching it. We watched as my iPhone pinged servers all over the world. -- "It's just thousands and thousands of pages of stuff," Porcello said. -- My iPhone sent Yahoo my location data as unencrypted text. The phone connected to NPR for email. It pinged Apple, then Google. There was a cascade of bits. -- Over the next couple of weeks, Porcello and his colleague Oliver Weis — who goes by the name Awk — dug through those thousands of packets. -- "A lot of times it's pretty easy to identify not only the type of device but the person," Weis says. "How many people's iPhones are named Steve's iPhone?" -- And it wasn't hard to narrow which Steve at NPR (deduced thanks to the ping to NPR's mail) because the weather app pinpointed my location to Menlo Park. -- In seconds, anyone watching would know I am not Steve Inskeep. I am Steve Henn. -- "That's really the mind-blowing thing about this," Weis said. "People are walking around every day with these mobile computers in their pockets, and they have no idea what they are sending to the world." ---- Could The NSA Do This Legally? -- If the NSA were monitoring me this way, would it be legal? The short answer is, it depends. - More, NPR, http://www.npr.org/blogs/alltechconsidered/2014/06/10/320347267/project-eavesdrop-an-experiment-at-monitoring-my-home-office