Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Warns Companies About Wireless Warchalking

Posted by timothy on from the in-their-off-hours-i-hope dept.

nobilid writes: "Well-meaning wireless activists have caught the attention of the U.S. Federal Bureau of Investigation. One of its agents has issued a warning about the popular practice of using chalk marks to show the location of wireless networks."

25 of 188 comments (clear)

  1. misleading by Bilestoad · · Score: 5, Funny

    Hey, great way to distort the truth and make "wireless activists" sound important! From the headline you would think "wireless activists" had themselves drawn the scrutiny of the FBI.

    But all they said was that if you notice a chalk mark advertising your wireless network you should think about securing it. Well duh!

    And "wireless activists"? More like geeks with toys. I wonder how long the novelty lasts for the average "activist". It's a network. But without wires! WOW!

  2. So? by leviramsey · · Score: 4, Insightful

    The FBI is not saying that setting up free wireless networks is a bad thing. They're warning companies that run WLANs to check for warchalking around their buildings and check their LANs for security. This is what they should be doing, but considering how many idiot admins there are out there, they need the FBI to give them security advice.

    Typical.

  3. If companies don't bother... by Lawmeister · · Score: 4, Insightful

    to install M$ patches for well known exploits, what are the chances that they'll take the additional effort to lockdown their wireless networks, then modify all their client PC's?

    They will only do this after they've been 0wN3d. As per usual.

  4. Kinda Misleading by mo · · Score: 4, Interesting

    Wow, reading the header I though that the FBI is going after people who create the warchalk marks. But, if you RTA it's a lot less interesting. Basically, the FBI is saying that companies should be clued in if they get a warchalk marking an open WLAN next to their office. Duh. Dunno why I need the FBI to tell me that.

    1. Re:Kinda Misleading by garcia · · Score: 4, Insightful

      you don't, but the companies do.

      Most would probably think that those marks were either a) gang related or b) random garbage.

  5. Warchalk sightings by raju1kabir · · Score: 5, Interesting

    Has anyone actually come across any examples of warchalking in real life? (it doesn't count if you did it yourself, or if you found out about it from a news article and went to go see it).

    I walk and bike around DC more or less constantly and I've never seen one despite keeping my eyes peeled. And I know there's no shortage of WLAN networks here (netstumbled the 20-minute walk home from work and got about 40).

    --
    "Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
  6. actual letter by martissimo · · Score: 5, Informative

    link to the actual Pittshburgh FBI email

    better read than the linked article which is kinda light on detail. interesting to note that the FBI states in it that using a 802.11 access point without "explicit authorization" may be a federal crime

  7. Signs by Tablizer · · Score: 5, Funny

    Someone disguised as a kid made a hop-scotch pattern next my driveway with chalk. They are out to get me. My foil hat is not working anymore! Help!

    --
    Table-ized A.I.
  8. From the article... by Heem · · Score: 5, Insightful

    "The FBI is now telling companies that, if they see the chalk marks outside their offices, they should check the security of wireless networks and ensure they remain closed to outsiders. "

    Hey, how about you do this even if you DONT see chalk marks?

    --
    Don't Tread on Me
  9. description of the marks and thier uses by 10+Speed · · Score: 4, Informative

    Warchalking PDF

    A handy businesscard sized description of the marks and thier uses...

  10. Warn? by jmd! · · Score: 5, Funny

    > One of its agents has issued a warning about the popular practice of using chalk marks

    Warn? WARN?! Why warn when you can just outlaw chalk! It's this kind of thinking that's getting government computers hacked and innocent civilians killed.

  11. we should extend this principle by jukal · · Score: 4, Funny

    ...why is it that only nerds come up with good things. Why don't everyone start chalking, when there's some good resource to steal...erm... use. Like, we could chalk the neighbour's wifes excellent pizza, another neighbour's apples, that lady who is always ready, local tobacco shop which sells marijuana as well. The list could go on and on! We could also invent a fancy name for it, though "war" is cool already :)

  12. well meaning?? by blaine · · Score: 4, Interesting

    OK, these "wireless activists" go around searching for insecure wireless networks, and when they find them, instead of telling the owners of said networks about the problem, they covertly mark the information down so that others can use that network illegally.

    How the hell is this in any way "well meaning"?!

    I swear, only on slashdot ...

    --

    -[Blaine]- "'Oh dear,' says God, 'I hadn't thought of that,' and promptly vanishes in a puff of logic."
    1. Re:well meaning?? by BenHmm · · Score: 5, Insightful

      Because this isn't the point of warchalking. Most warchalkers - and I made the first ever warchalking mark - use them to mark out their own open nodes, for the sake of others using them. I've seen many many warchalking marks around London, and none of them is for an unintentionally available network.

      The FBI's whole premise is bollocks, and you shouldn't assume that because it's possible to mark up a wlan that isn't yours that people actually do.

    2. Re:well meaning?? by BenHmm · · Score: 4, Informative

      You may have been reading articles written by the clue-lacking. The NYT piece is good. BusinessWeek isn't bad either.

      Meanwhile, I totally agree about the name. It is misleading: but it, and the use of chalk for that matter, were just chosen because, well, they sound cool.

      As for why an icon and not a flyer - well, because iconography is inherently more understandable. Why have roadsigns that are symbols and not words? Because they're easy to understand, and to see.

      Have a look at Warchalking.org - Matt Jone's site, for better examples.

    3. Re:well meaning?? by dgp · · Score: 5, Insightful

      No no no. you've got it all wrong. The reason people should be warchalking is to mark OPEN nodes. Nodes that belong to groups like Personal Telco Project in Portland, OR, or Seattle Wireless, or Austin Wireless. These nodes are MEANT to be used for FREE by the PUBLIC. Thats why people should warchalk. Thats why there are two separate symbols, a closed circle for closed networks (meaning stay away) and an 'open circle' for open networks, saying go ahead and use it.

  13. They can't... by kyletinsley · · Score: 4, Insightful

    At least the FBI are warning the companies and not arresting the warchalkers.

    Well maybe that's because warchalking isn't ILLEGAL... All they're doing is walking around with a laptop and noting when someone else is broadcasting networking signals in an area. It's against federal law to attack the computers on that network, or misuse their bandwidth to mess with other people's computers, but putting a chalk mark on a wall to signify that the schmucks inside need to tighten their security is probably the least destructive thing they could do to them. It's like publicly announcing a security hole in a Microsoft product, except they do so by taping a notice to the door of Microsoft's front lobby. Sure, it's public so anyone can read it, but the number of people who pass by it is very small (compared to putting this info on a web page like another poster mentioned), and most of those people are are very likely to be the Microsoft employees themselves...

  14. It's not easy to report holes by mgkimsal2 · · Score: 5, Insightful

    Have you ever TRIED telling someone that you're not employed by that they have security issues? (If you're an employee, it's still a hard enough issue sometimes, depending on politics).

    I had a friend who had a friend who ran a webshop, with everything running NT. We benignly poked around for all of about 90 seconds probing for 2 known NT holes (had been known about for over a year at that point) and found the entire database for a local HR company completely exposed via the web (SQL Server 7 I believe it was). Repeated phone calls and emails to that shop went unnoticed. Notifying the HR company that their data was exposed and that they should notify their webshop resulted in threats of lawsuits and other less legal retaliatory measures for 'hacking', 'breaking in', etc.

    Walking in to someone's house through their open front door is seen as bad, even if you're simply trying to tell them that their door is open and they should close/lock it because of burglars. Hell, you might even be a master locksmith, but they'll probably still call the police.

    It's just not that easy to tell the network owners they are vulnerable. You may very well face 'hacking' charges.

    --
    creation science book
    1. Re:It's not easy to report holes by blaine · · Score: 4, Insightful

      So you're saying that, because it's too hard to tell someone about the problem, it's better to share that information covertly to others who will abuse it?

      This isn't like revealing security problems in software publicly for all to see. Warchalking is in no way going to help the problem, because the covert nature of it pretty much precludes any possibility of the owner of the network finding out about the problem. It'd be one thing to send a letter to them, or, alternately, try to publicize the problem somewhere. However, warchalking does not take a public approach. All it does is make the problem worse, by inviting unscrupulous people to come in and abuse the network.

      --

      -[Blaine]- "'Oh dear,' says God, 'I hadn't thought of that,' and promptly vanishes in a puff of logic."
    2. Re:It's not easy to report holes by bokmann · · Score: 5, Funny

      A guy I know had a wireless network appear in his building one day... and it wasn't his... it belonged to another company in the same building.

      He periodically sent pages to their printer that said in big letters, "The wireless network is insecure! Please secure your wireless network!"

      After a couple of weeks, it went away.

    3. Re:It's not easy to report holes by Tablizer · · Score: 5, Funny

      (* He periodically sent pages to their printer that said in big letters, "The wireless network is insecure! Please secure your wireless network!" After a couple of weeks, it went away. *)

      The printer went away?

      You're right, they *do* have security problems :-P

      --
      Table-ized A.I.
  15. Protect yourself by wazzzup · · Score: 5, Informative

    There's a great article at Extreme Tech that discusses 802.11b insecurity and what you can do to make it secure enough to make it uninteresting to the casual bandwidth thief - particularly if there are enough wide open networks in the vicinity.

    In a nutshell:

    1. Enable WEP. Yes it can be hacked but it does add a barrier to entry that the casual wardriver won't bother with if there are other wide open networks around.

    2. Change the default SSID. Don't change it to your company's name or your street address as it makes it easier to zero in on your location.

    3. Disable "broadcast SSID" if your access point allows it. That way the SSID of the client must match the SSID of the access point. Having it enabled allows any SSID to be accepted.

    4. Change the default password of your access point. Programs like NetStumbler display your access point MAC address which can then be used to determine what make and model your access point is. Once it's known what you've got, the default password may be easily known.

    5. Control access via MAC addresses. Yes, MAC addresses can be spoofed but it requires an extra level of sophistication for the would-be bandwidth thief to get in.

    6. Disable DHCP in your wireless router. Allow access via static IP's from your NIC's MAC addresses. Yes, IP addresses can be sniffed out but it's another barrier put up for the casual "drive by".

    7. Change your IP subnet. If you're using a wireless router and you've disabled DHCP, change the default subnet addresses as well, otherwise it's easy to guess a valid IP address.

    8. Move your access point away from windows. Move it to the center of your building to make the signal to the street that much weaker.

    9. Buy access points with flashable firmware. Helps you keep up with changing security protocols rather than being stuck with the ones that came with the access point.

    10. Some access point manufacturer's have non-standard security features. Orinoco access points are able to "close" thier networks by not broadcasting thier SSID. They also have additional (not 802.11b standard) authentication features such as RADIUS servers.

    11. Use VPN. Virtual Private Networks add a level of encrytion and authentication to your network

    Yes, these methods can all be easily circumvented to somebody that really wants to get in. As long as you try to make it a pain in the arse to get in, then the crushing masses of 802.11b networks out there that have zero barriers to entry make your little bubble a waste of time.

  16. Important FBI notice (in tomorrow's paper) by LupusUF · · Score: 4, Funny

    Notice,
    If you are in a business that leaves it's doors unlocked at night, and you notice that someone writes "DUL" (which is engineer speak for doors unlocked) in chalk outside of your office building you might think about locking your doors at night.

    When installing doors many people forget to lock them, and malicious users can check your doors and gain access to your company's building.

  17. Just Curious.... by cyberon22 · · Score: 5, Interesting

    Realistically, why bother?

    If the FBI is concerned with the unauthorized use of wireless networks, they'd be better off cracking down on Starbucks, airport coffee bars, or even Bryant Park, NY.

    Frankly, I'm surprised people still bother to hack from home. If I was looking to break into a guarded system, the FIRST thing I'd do would be to on a casual jaunt for a warhacking hotspot. The explosion of public 802.11 spaces opens up completely unprecedented possibilities for physical and network anonymity. The REAL question becomes what happens when someone actually uses this type of vulnerability to cause real and substantive damage to someone. Is Starbucks criminally negligant when one of their network users DOSes the DOD?

    If the FBI wants to get companies to lock-down 802.11 services, all they need to do is remind firms of their legal liability for "unauthorized" uses of unguarded 802.11 networks.

  18. Know Your Enemy by Anonymous Coward · · Score: 4, Informative
    Yes, these methods can all be easily circumvented to somebody that really wants to get in.

    1. Enable WEP...and enjoy the 20% bandwidth loss. Airsnort.

    2. Change the default SSID. SSIDs are not needed to zero down on the AP. Triangulation and GPS are effective enough.

    3. Disable "broadcast SSID". The beacon frames can easily be captured otherwise. Attack by enabling your cards monitor mode (not to be confused with promiscious mode which only captures packets on the current network), sniffing all air traffic.

    4. Change the default password of your access point. However, I'd like to point out even changing ones password can be insecure. My access point, and I'm sure others as well, send the admin password in a urlencoded form, unencrypted, in plaintext for anyone with a monitor-mode NIC to sniff.

    5. Control access via MAC addresses. Spoofing as trivial as ifconfig eth0 down; ifconfig eth0 hw ether 00:00:00:00:00:01; ifconfig eth0 up. On OpenBSD use sea.c. Use arping to sniff MACs.

    6. Disable DHCP in your wireless router. Static IP addressing, subnet range determined from arping. Private addressing:

    • 10.0.0.0 - 10.255.255.255 (10/8 prefix)
    • 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
    • 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

    7. Change your IP subnet. See above.

    8. Move your access point away from windows. No match for high-gain antennae.

    Hope this helps an aspiring black hat! Remember, no network is completely secure. WaReZ anyone?