When Der Spiegel and Jacob Appelbaum published leaked pages of the National Security Agency's ANT Catalog—the collection of tools and software created for NSA's Tailored Access Operations (TAO) division—it triggered shock, awe, and a range of other emotions around the world. Among some hardware hackers and security researchers, it triggered something else, too—a desire to replicate the capabilities of TAO's toolbox to conduct research on how the same approaches might be used by other adversaries.
In less than 18 months since the catalog's leak, the NSA Playset project has done just that. The collection boasts over a dozen devices that put the power of the NSA's TAO into the hands of researchers. Project creator Michael Ossmann—a security researcher, radio frequency hardware engineer, and founder of Great Scott Gadgets—detailed the tools at a presentation during the Black Hat conference in Las Vegas last week, and he talked with Ars more about it this past weekend at DEF CON 23.
Many of the software components of the 50-page ANT catalog were things that had already been developed by security researchers. Some of the discovered capabilities appeared to stem from off-the-shelf hardware (or its equivalent) and software similar to existing tools; they were simply combined in a package suitable for spy work. But other pieces of hardware in the NSA's catalog appeared to have no openly available equivalent—such as wireless bugs planted in computer cables or connectors. Some of those bugs were radio "retro-reflectors," wiretaps that only broadcast data when hit by a directed radio signal. (It's similar in concept to "The Thing"—the infamous bug Soviet spies planted inside the US Embassy in Moscow.)