Slashdot Mirror
Airports As Secure As 802.11b
INO_Fiend writes: "SF Gate is running a story about how at both Denver and San Jose Int'l American Airlines has been using unencrypted wireless to connect the curb check-in with the rest of their networks. They tested this by grabbing a laptop and hanging around the airport. I guess I might finally have something to do with a laptop and a WiFi card the next time I fly..."
Changi International airport in Singapore has free access to the Internet over 802.11b in large parts of the airport. They also have modules with a bunch of power sockets and RJ45 jacks in the center of numerous desks in case you're low on power or limited to wired Ethernet.
Changi International rules in general, actually.
Everything's just as secure as the weakest point.
They have tons of those 5.60$ and hour minimum wage "securtity specialists"
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
I guess I might finally have something to do with a laptop and a WiFi card the next time I fly...
I'm sure you are breaking a large number of laws. If not, I'm sure some bills will be sponsored in your name!
Please kids, don't try this. Messing with aircraft [anything] is a big no-no. Someone was on local TV once complaining about the airport noise level. This hillbilly said that he would shoot at a plane if the didn't stop going over his house. Stupid, stupid man. He was arrested and even served 3 days.
Reminds me of this Gallagher joke: Why don't they just give the homes by the airport to deaf people?
Get your Unix fortune now!
Hah... now I feel safe... my name address and phone number are flying through the air for anyone to pluck out. What ever happened to airport security?
I find it amusing that anyone can even joke about screwing around with an airport right about now.
It's not wireless, but the Las Vegas airport has these open Ethernet ports in the floor. You can walk up to them, plug in an Ethernet cable, and start prowling around the network (sniffing, going out to the Internet, etc.).
I accidently connected to an AA wireless network in Dallas. This was way before 9/11. At first I thought it was a freebie for exec flyers, once i realized it was their business network i disconnected.
they had a dhcp server that assigned ip/dns to anyone that connected.
didn't even think about it again until i read this article.
Apple's implementation of 802.11b is called "Airport". So I wasn't too surprised to read that Airport is as secure as 802.11b
Wonder if you can surf the net from their internal network? Beats paying for any of those overpriced kiosks
just much much easier to accomplish.
scary
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
Airports are as secure as... I thought they were talking about Apple Airports (those funny round things). Still kinda cool, unless the airports get hacked.
"And we have seen and do testify that the Father sent the Son to be the Savior of the World"
1 John 4:14
"American Airlines spokesman Gus Whitcomb said that Luster and Comerford exaggerated the security risk because their companies provide security services. " Yeah right.
I didn't mean offense, it's just one of those silly things that Gallagher points out.
I know from working next [literally] to an airport that it's like a train going by.
While I've got you in the conversation, I know it's off topic, but can I get a brief impression of Cochlear Implants? Like what do you think of them.
I watched the coolest thing on PBS about a family which was debating on getting one for their daughter. The family was all deaf, and they ended up not getting it for her. The brother of the father had a deaf daughter [or son?] that got one, and they were going back and forth about what to get. Really a great show.
I think I wouldn't want to get one, but that is because I could see the deaf families point of view a little better. They wanted their child to stick with the culture, and the language that they are actually blessed to be a part of.
Can I get your 2 cents? Feel free to e-mail me, I'm very interested in this subject. Seems like a great device, but not for everyone.
Get your Unix fortune now!
Sorry, I am posting anonymous.
The airline that I worked at (until just after 9/11) had a similar setup. An average sized hub airport probably has roughly 1700 things with an IP address. To help out, I used a machine with arpwatch to help keep track of what was running and to monitor changes. About 5-15 times a week, I saw non airport workstation names and mac addresses of nic's that we did not have. Luckily we did not have anything with a DHCP server running or everyone of these computers would have fit right in. We had coverage at every ticketing area and every gate, not hard to get a good signal.
My purpose is not network security, only an installer and maintainer of the network and systems, so I made note of our insecure wireless network to our networking group and got nothing back. When I had left about a year after bringing this up, nothing had changed. With so many levels of IT support and groups of people protecting their specialized interests at the company, it was nearly impossible to find someone that could step back and look at more then what they were currently responsible for. I guess we needed a "wireless network security" position before anyone would care to address this.
I don't know what you would do once on the network. Sure you could sniff around but I doubt you would get anything useful from the scheduling and ticketing part of the traffic.
Just because it is insecure at the wireless level, doesn't mean its insecure at the check-in level.
After all, if they have a firewall, and the wireless is on the public side of the firewall, then it should be pretty secure- the check in desks would have to use tunnelling to connect, but that can be arbitrarily well encrypted.
-WolfWithoutAClause
"Gravity is only a theory, not a fact!"It is a big firm in Europa. AFAIK we do not use the above mentionend standard but we use another standard for baggage check in and baggage follow up. The system is so complex that even *us* the programmer have sometimes difficulty with it. The hic is the following : would it be worth for a terrorist to learn the system when they can get it easier to fake the control band of the baggage with the so called "bag tag" (simple paper a serial number and a code bar) or have an insider in the baggage loading worker team. On the other hand 6 monthes ago I would have said "terrorist learning to fly a plane to pill it into a building ? Unprobable. They could do things in a far easier way than such a long term plan.". So maybe we have to starts worry...
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
I thought that was one of the things that the new regulations after 9/11 got rid of.
Either way, I'm sure those systems have additional encryption a few layers up. No sane persion trusts WEP. Even if the net isn't encrypted at the wireless level, it only matters (and is better) if it's encrypted a few layers up. (IPSec, SSL, or the like.)
retrorocket.o not found, launch anyway?
If I know American Gov. they will fix it the best way: banning wireless networking! :)
my name address and phone number are flying through the air for anyone to pluck out
You mean like this ?
Oh, and don't forget, you've attached that information to the outside of your luggage, so that any disgruntled baggage handler with a score to settle because he dropped your 80 pound suitcase on his toe can come find you and settle the score.
Face it, your name, address, and phone number are in the public domain now. Nothing you can do will stop it.
Well, I don't know much about cryptology, but I figured that if you use symmetric cipher, and the keys are distributed based physical contact between the devices. Then, you only allow devices to connect based on signatures made with the keys that have been in physical contact, would that be feasible?
Employee of Inrupt, Project Release Manager and Community Manager for Solid
Drexel University does a great job of securing their otherwise unencrypted wireless traffic with a VPN.
Intelligent Life on Earth
Actually, that's not a really accurate statement. The people in Ohio were complaining because the runways run north-south and the air traffic was routed directly over their houses at low altitude in the late hours of the night. And, large portions of that area aren't "rich" as you put it - I believe the area is mostly lower-middle-class, and they had a real noise complaint. Now, air traffic after 10PM flys in and out of the one east-west runway, and does in fact fly over some "lesser" neighborhoods. However, they mostly fly over empty space, with the (louder) takeoffs going west and the (quieter) landings coming in from the east. However, a flight coming from the north will often pass over eastern Cincinnati at relatively low altitude as they enter the flight pattern.
In my experience, the folks responsible for implementing wireless have no clue of the risks. When confronted, they go back to their wireless vendor and pose the question, the vendor responds with a load of BS they can't comprehend and because they have no idea what has been said, it must be secure.
Groups charged with security often don't get their hands dirty with this - they are too busy changing passwords. Mention 'airsnort' and it usually is followed with a blank stare.
Auditors can check physical network security which now includes wireless. For the airlines under 'wartime', this should be mandatory - but it probably won't be...
Denial isn't just a big river in Egypt
denver has a wireless network setup throughout the airport. there's no password to get on the network, however if you try to browse the web, etc. you'll run into their proxy which will prompt for a username and password.
it's quite easy to guess their user and pass combo, just think about what they used when they had to "test" the network.
In the US, at least,NOW is not the time to be screwing around at airports with ANYTHIN, never mind ANYTHING you do Illegally at an airport CAN be considered a FEDERAL offense.
Im as much of a guy that would throw an 802.1b card on my laptop and scan with it as the next slashdot geek, BUT there is a time and a place for all thing. The Airports and airlines should be notified, if they dont rectify it then take the next step, we got maniac bastards with shoe bombs trying to drop this stuff out of the air, YOU might not see anything of use, but not many Slashdotters are terrorists. They may, It needs to be secured, I fly and more importantly my FAMILY flies.
There is a time and a place for fun and screwing around with stuff. An Airport isnt the place and this isnt the time, Would you wack a beehive in a closed room for the fun of it ?.
Hell If I was in charge of Airport security, after seeing this I would set up a honeypot and get ahold of a 200 dollar rdf and start nabbing anyone that tried this, thow em up on federal charges and let shit lands where it may.
I KNOW its insecure an it need to be fixed, be fucking responsible for once in you life and do something responsible with that info, like find the person in charge and let them know, give them resources they obviously dont have to get it fixed. Your a Geek heres you chance to do something that actually might matter.
Next time you mom, or dad, or brother flies think, he I hope theres a bunch or dipshits sitting around the airprt sniffing stuff they have no business, GOD know the potential hazzard that exists here for bridging networks to something OTHER than Curb Check in.
Sig went tro...aahemmm.....fishing........
I am continually amazed by how backward the USA is sometimes. Here in the UK we have had this system for as long as anyone can remember. That is why then you check-in at Heathrow they ask all those tedious questions about if you have been given anything to carry and if anyone could have messed with your luggage. If you don't turn up at the gate, they literaly search through the hold and take your bags off. This of course can take ages!
Some years ago a terrorist made friends with a presumably not terribly bright girl and persuaded her to carry a bag on an El Al flight for him. Fortunately, a security guard thought the bag looked suspiciously heavy and found the bomb in it.
...a cracker with the know-how could theoretically check their own luggage.
That's nice.
While the network may have been viewable is there really a practical application to this?
All baggage checked at curbside is simply registered witht eh flight recorder saying that this bag is here, this is how much it wieghs. The only possible thing I could think of doing with access to the wireless net is removing a bag from the list, but what does that do?
Since all bags are also scanned (espesialy since 9/11) after they've been checked, it seems to me that hacking the curbside checkin is completely useless. In order to be effective, a terrorist would have to physicaly have and item on the plane. And that would be possible regardless of whether it was done curbside or at the counter. Personaly I don't see a big issue here, but they should be using at least the basic encryption (I know the airport software as basic encryption, I would assume the oher stuff does)
-Tevis
T Money
World Domination with a plastic spoon since 1984
There is extensive coverage in Computerworld, here.
So usually when i do not know the exact word for something, I try to guess how it could be in english :).
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
Boingo has rolled out APs in many locations in airports around the country. Yet another use for a laptop w/WLAN (I hate the term Wi-Fi) in an airport.
Is redundancy retroactive now? The only other comment mentioning Apple Airport was posted 4 minutes after this one
Fucking stupid moderators.
While waiting for a flight at Hartsfield I've busted out my laptop and sniffed Delta Airlines unencrypted access points. If I was an asshole I could have gotten Skymiles and credit card information on people. Scary stuff.
It is your kind of attitude that is responsible for the security holes that allow terrorist attacks in the first place. Airlines and airports must fix these problems preemptively. Apparently, they are unwilling to pay what that costs in this competitive market. It takes a big bang or public relations disaster to have them act decisively. If the people who found this problem just spoken to someone "in charge", nothing would have happened.
The temptation to haul anybody in on federal charges who does something that might be suspicious is unacceptable. We live in a free society, and lots of people will do things that are harmless but that my strike someone as suspicious. As in other areas of security, it's foolish to assume that the bad guys will have less knowledge than the general public, and it's foolish to assume that the bad guys won't have the resources to find the security problems easily and with low risk of detection. If you arrest everybody who appears to be trying to discover holes in your security systems, you'll mostly end up arresting harmless and you give police the tools to arrest anybody at their discretion; just about any activity can be construed to be suspicious. That's called a police state. Maybe that's where you want to live, but I don't. As far as security is concerned, the "get-tough" approach is a cop-out for companies that don't want to pay the money necessary for doing security right. It gives the appearance of security without delivering actual security.
Companies that have such security holes should get stiff fines, retroactively and for as long as the security holes persist. That's the only way to force them to invest the money up-front necessary to make their systems secure. And if that isn't sufficient, there needs to be federal regulations specifying rules and requirements for things like networking, screener training and salary, etc. People who discover security holes should be left alone (unless they try to take advdantage of them to do something illegal, of course).
While staying at the Sheraton for the Open Source Convention/Perl Conference last year, I tried getting on to the local wireless network provided. Great during the sessions. The only problem was our room was at the far end of the hotel by the airport. Couldn't get a peep from the conference network out there, but I got an IP and DNS from the airport, and a great connection at that.
Since various airlines have been notified about
/. and I would not want to trust MY family's safety to
this and have done nothing so far, I would propose the following:
Have a computer savy individual hook up with a reporter.
Have them go to the airport together and sniff the net.
Capture a bunch of data, go back to the office, and write an article about it.
I bet something would be done about it then.
I would involve a reporter so they have a tougher time portraying you as a terrorist or criminal.
Someone sitting at the coffee shop working on their laptop would not look out of place.
Perhaps people would argue that you are alerting terrorists to this possibility.
But, it is already posted here on
"security by obscurity".
"We can't solve problems by using the same kind of thinking we used when we created them." -- Albert Einstein
Higher pay == more applicants.
If you have 10 jobs to fill and 100 applicants, you get to be real picky about what kind of people you accept. 10 jobs and 11 applicants doesn't let you be so choosy.
Get a grip. A cornerstone of our criminal justice system is that "criminal" acts require an overt act known to be criminal, or at least reasonably expected to be so.
What this means, in practice, is that every door into an airport is clearly marked. It's not a crime to walk through an unmarked door. Walking past a door clearly marked "authorized personnel only" is a different matter.
Now look at this "problem." Computers with wireless LAN cards will automatically try to establish a connection... and these airports are offering these connections complete with DHCP and DNS services. They know that this will happen automatically whenever the owner turns on the computer, yet they've taken no action to restrict access to their system or warn travellers to avoid using their computers.
Yet you want to send the police to arrest these travelers for felonies - attempts to interfere with airport operations - for doing nothing that isn't routine in countless other places.
Worse, as some other posters have pointed out these networks can often be accessed from outside of the main terminal. A business traveler may innocently turn on his laptop in his hotel room and inadvertently connect to the airport network - and it's *his* fault for failing to anticipate this problem?
If somebody is there and clearly trying to compromise the system, throw the book at them. But if an airport just has lax security, direct your anger at the airport/airlines, not the innocent travelers.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
Hell If I was in charge of Airport security, after seeing this I would set up a honeypot and get ahold of a 200 dollar rdf and start nabbing anyone that tried this, thow em up on federal charges .
So, let me get this straight... If you were in charge, then instead of fixing the holes, you would concentrate on throwing people in federal prison, for being bright enough to notice and point out the security flaws you had failed to notice. Good plan. Don't let anyone question your security.
In fact, this story was a good way to highlight the problem in a prominent enough way to actually get something done about it. If we threw these people in jail then nothing would be done and the security hole would remain !
--
What has always annoyed me are these people that build next to an airport that has been there for many years ... then have the gall to complain a couple of years later about the jet noise they hear every day because of the airport that was there when they built their dream homes. If they didn't want the jet noise in the first place, they should have built somewhere else?
There's a legal doctrine about that. It's called "moving to a nuisance". Basically if you move into proximity with an annoyance that predates your move it's your fault for moving there and you have no gripe.
But enforcement of the doctrine in courts tends to be spotty in some places. Colorado and Oregon generally laugh such people out of court. But California seems to be the home of successful nuisance suits.
This kind of thing happens to small private-plane airports all the time. Developer builds devopment next to one, and after the people move in they drive the airport out of business with suits.
One such small-plane airport in Colorado came up with a great idea: After they'd gotten the suit laughed out of court, they bought up the fancy new houses that had been built next to their fence for a song. Then they put gates in the fence and ran driveways from the BACK of the carports to the taxiway. And resold the fancy houses at a significant profit to people with private planes - who NEVER complained about airport noise. B-)
I understand several other small airports in similar situations have done the same thing, or even had developers build such houses deliberately, and there's now a term for such a development - "Air Park" or something to that effect.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
802.11b is *so* over done. Here's some news from the front lines: everyone knows it sucks, they don't care and they're willing to take the risk. How the hell do you think Ethernet got so popular?
The *real* story (which would have been obvious if the "journalists" had taken some time to do actual research), revolves around the wireless systems that are used to transmit cargo inventories, passenger lists and other such epherma to the terminal operations centers prior to "docking and unlocking". It's slow speek, low-tech wireless stuff, but you can buy the equipment required to monitor and interject in the back of Monitoring Times. I'll laugh when the FBI gets called out to intercept the first Saudi Air flight who reports that every passenger's name is some variation on "Osama Bin Laden".
The second no-brainer stories revolve around:
Screwing with ground radar on a busy foggy day
Setting up a large, intermittant Tesla coil
Highjacking "offical" parts and substituting low quaility counterfits or functional replacements containing bombs at the maintenance depots.
Just cruzed through SFO after reading the article. No problem getting 5 connects....I wonder our boy wonder GW Bush would still be smirkin' if he knew...
regarding the palestinian terrorist giving his Irish girlfriend a bomb to carry:
The terrorist was ENGAGED to the poor girl, and she was pregnant at the time.
imagine sending your wife and unborn kid as unknowing human-bombs .
(this is actually covered in a recent 60-minutes show)
About two months ago I was at Denver International Airport and I decided to plug in my Wi-Fi card (SSID: "Denver Int'l Airport", no WEP). I was able to get an IP address from their DHCP server but any attempt to access the web redirected me to a generic username/password entry screen.
I figured they were going to offer a for-pay service to business travelers. It's alarming that they would be using this for actual airport services!
No, I don't want to explore the Recycle Bin.
Now that airports know that anyone can get on to their lans, it's now a free service...