Slashdot Mirror

← Back to Stories (view on slashdot.org)

Disney World Goes 802.11b

Posted by Hemos on from the gonna-get-me-airsnort dept.

LighthouseJ writes "Over at CNN they report that Disney World in Florida has a 47-square mile 802.11b wireless LAN through the park with 200 access points. The move comes after visitors complaints that they couldn't use credit cards at every place in the park. Plus, it allows "cast members" to offer guests goods and services anywhere, not restricted to where the credit card machine is at. The man responsible, Murshid S. Khan, Director of Telecommunications and Technology Support sees this as a valuable technology, citing mobility and flexibility as the main reasons for the switch. Khan goes on to say that the system is protected by a 128-bit encryption scheme and software installed to detect intrusions. When he was asked if visitors will have access to the wireless network, CNN quotes him to say: 'We need you to come to the park and enjoy the park,' he said. 'If we start opening Internet cafes, you won't do that.' He's a smart man." So, running AirSnort wouldn't probably be the best idea? *grin*

6 of 250 comments (clear)

  1. If they're smart, it won't be IP... by rekoil · · Score: 3, Insightful

    or at least, if it /is/ an IP network, each device will be a VPN client. I would presume Disney has enough money to hire people smart enough to not depend on WEP for security.

    Then again, larger companies have done dumber things...

    -C

  2. Re:Things the visitor can do besides surf the web by jmauro · · Score: 4, Insightful

    I don't think that you can surf the web. Just because they use Ethernet and IP does not mean that they are connected to the Internet at large. Taking into account that this system handles lots of credit card orders (even encrypted) it would make more sense if the entire system was on its own isolated network.

  3. Scale is *the* problem by john@iastate.edu · · Score: 3, Insightful
    It's a lot harder to do something for 150,000 people at a time than 150.

    It's not just a matter of buying 1000 whatevers that worked for the guy doing it for 150.

    --
    Shut up, be happy. The conveniences you demanded are now mandatory. -- Jello Biafra
  4. CNN lies, it's not a 47 square mile cloud by SkywalkerOS8 · · Score: 5, Insightful

    Only about 35% of the 47 square miles owned by The Walt Disney Company in Central Florida is developed. I highly doubt they went through the expense of creating a WLAN cloud that covers marshland. I doubt that even the hotel resort properties are covered either. It probably only the 4 theme parks, the 3 water parks, Downtown Disney and maybe Fort Wilderness near Pioneer Hall. That drops the square mileage significantly. Even with the hotel areas its only a fraction of 47 square miles. I really hate bad reporting.

  5. Eventually a cash-less park? by acroyear · · Score: 4, Insightful
    Disney could eventually use this to lead to a 100% cashless park (increasing patron safety in the long run -- less need for cash might lead to less to gain for purse-snatching).

    Yes, we all agree that this network may be risky for transfering credit card info around, but they could over time move to a "disney dollar" card, where you pre-load the disney card with your credit card as you enter or on the phone or whatever, then use that disney card within the park grounds to buy whatever. Disney can then provide insurance against fraud against that card instead of worrying about being libel against Visa and AmEx in the case of number theft over the airwaves...

    The other advantage is that Disneys own systems could authorize the sale over the Disney card instead of having to send out to a Visa/MC/AmEx authorizer off site-- it would be considerably faster that way (since the system could be built up front to support the average # of visitors on site), especially during holiday seasons...

    Just a thought...

    --
    "But remember, most lynch mobs aren't this nice." (H.Simpson)
    -- Joe
  6. Cracking the Protocol... by Orne · · Score: 4, Insightful

    Since you posted that AirSnort link, I was curious, so I popped over to sourceforge and downloaded it. Part of their documentation says: "For a key length of 128 bits, this translates to about 1500 packets." then it goes on to describe how you can search for certain constants (starts with 0xAA, etc) within the packet to see which random keys were successful. Interesting stuff, and definitely a clever way to decode: thanks to flaws in the logic, every bit rate can be reduced to 8-bit encryption.

    However, once you've collected your packets and broken the key, you now have a decoded packet. Well, what does that mean? You have the framing information (packet length, header) and the message body (which is just raw data).

    I'd bet a 7-day park-hopper pass that the data in the packet's body is encrypted a second time with a more reliable scheme. If there's one thing Disney knows how to do well, its make money, and they can't risk the bad PR for this to foul up.