Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Warns Companies About Wireless Warchalking

Posted by timothy on from the in-their-off-hours-i-hope dept.

nobilid writes: "Well-meaning wireless activists have caught the attention of the U.S. Federal Bureau of Investigation. One of its agents has issued a warning about the popular practice of using chalk marks to show the location of wireless networks."

13 of 188 comments (clear)

  1. misleading by Bilestoad · · Score: 5, Funny

    Hey, great way to distort the truth and make "wireless activists" sound important! From the headline you would think "wireless activists" had themselves drawn the scrutiny of the FBI.

    But all they said was that if you notice a chalk mark advertising your wireless network you should think about securing it. Well duh!

    And "wireless activists"? More like geeks with toys. I wonder how long the novelty lasts for the average "activist". It's a network. But without wires! WOW!

  2. Warchalk sightings by raju1kabir · · Score: 5, Interesting

    Has anyone actually come across any examples of warchalking in real life? (it doesn't count if you did it yourself, or if you found out about it from a news article and went to go see it).

    I walk and bike around DC more or less constantly and I've never seen one despite keeping my eyes peeled. And I know there's no shortage of WLAN networks here (netstumbled the 20-minute walk home from work and got about 40).

    --
    "Patriotism is your conviction that this country is superior to all other countries because you were born in it." -- GBS
  3. actual letter by martissimo · · Score: 5, Informative

    link to the actual Pittshburgh FBI email

    better read than the linked article which is kinda light on detail. interesting to note that the FBI states in it that using a 802.11 access point without "explicit authorization" may be a federal crime

  4. Signs by Tablizer · · Score: 5, Funny

    Someone disguised as a kid made a hop-scotch pattern next my driveway with chalk. They are out to get me. My foil hat is not working anymore! Help!

    --
    Table-ized A.I.
  5. From the article... by Heem · · Score: 5, Insightful

    "The FBI is now telling companies that, if they see the chalk marks outside their offices, they should check the security of wireless networks and ensure they remain closed to outsiders. "

    Hey, how about you do this even if you DONT see chalk marks?

    --
    Don't Tread on Me
  6. Warn? by jmd! · · Score: 5, Funny

    > One of its agents has issued a warning about the popular practice of using chalk marks

    Warn? WARN?! Why warn when you can just outlaw chalk! It's this kind of thinking that's getting government computers hacked and innocent civilians killed.

  7. Re:well meaning?? by BenHmm · · Score: 5, Insightful

    Because this isn't the point of warchalking. Most warchalkers - and I made the first ever warchalking mark - use them to mark out their own open nodes, for the sake of others using them. I've seen many many warchalking marks around London, and none of them is for an unintentionally available network.

    The FBI's whole premise is bollocks, and you shouldn't assume that because it's possible to mark up a wlan that isn't yours that people actually do.

  8. It's not easy to report holes by mgkimsal2 · · Score: 5, Insightful

    Have you ever TRIED telling someone that you're not employed by that they have security issues? (If you're an employee, it's still a hard enough issue sometimes, depending on politics).

    I had a friend who had a friend who ran a webshop, with everything running NT. We benignly poked around for all of about 90 seconds probing for 2 known NT holes (had been known about for over a year at that point) and found the entire database for a local HR company completely exposed via the web (SQL Server 7 I believe it was). Repeated phone calls and emails to that shop went unnoticed. Notifying the HR company that their data was exposed and that they should notify their webshop resulted in threats of lawsuits and other less legal retaliatory measures for 'hacking', 'breaking in', etc.

    Walking in to someone's house through their open front door is seen as bad, even if you're simply trying to tell them that their door is open and they should close/lock it because of burglars. Hell, you might even be a master locksmith, but they'll probably still call the police.

    It's just not that easy to tell the network owners they are vulnerable. You may very well face 'hacking' charges.

    --
    creation science book
    1. Re:It's not easy to report holes by bokmann · · Score: 5, Funny

      A guy I know had a wireless network appear in his building one day... and it wasn't his... it belonged to another company in the same building.

      He periodically sent pages to their printer that said in big letters, "The wireless network is insecure! Please secure your wireless network!"

      After a couple of weeks, it went away.

    2. Re:It's not easy to report holes by Tablizer · · Score: 5, Funny

      (* He periodically sent pages to their printer that said in big letters, "The wireless network is insecure! Please secure your wireless network!" After a couple of weeks, it went away. *)

      The printer went away?

      You're right, they *do* have security problems :-P

      --
      Table-ized A.I.
  9. Protect yourself by wazzzup · · Score: 5, Informative

    There's a great article at Extreme Tech that discusses 802.11b insecurity and what you can do to make it secure enough to make it uninteresting to the casual bandwidth thief - particularly if there are enough wide open networks in the vicinity.

    In a nutshell:

    1. Enable WEP. Yes it can be hacked but it does add a barrier to entry that the casual wardriver won't bother with if there are other wide open networks around.

    2. Change the default SSID. Don't change it to your company's name or your street address as it makes it easier to zero in on your location.

    3. Disable "broadcast SSID" if your access point allows it. That way the SSID of the client must match the SSID of the access point. Having it enabled allows any SSID to be accepted.

    4. Change the default password of your access point. Programs like NetStumbler display your access point MAC address which can then be used to determine what make and model your access point is. Once it's known what you've got, the default password may be easily known.

    5. Control access via MAC addresses. Yes, MAC addresses can be spoofed but it requires an extra level of sophistication for the would-be bandwidth thief to get in.

    6. Disable DHCP in your wireless router. Allow access via static IP's from your NIC's MAC addresses. Yes, IP addresses can be sniffed out but it's another barrier put up for the casual "drive by".

    7. Change your IP subnet. If you're using a wireless router and you've disabled DHCP, change the default subnet addresses as well, otherwise it's easy to guess a valid IP address.

    8. Move your access point away from windows. Move it to the center of your building to make the signal to the street that much weaker.

    9. Buy access points with flashable firmware. Helps you keep up with changing security protocols rather than being stuck with the ones that came with the access point.

    10. Some access point manufacturer's have non-standard security features. Orinoco access points are able to "close" thier networks by not broadcasting thier SSID. They also have additional (not 802.11b standard) authentication features such as RADIUS servers.

    11. Use VPN. Virtual Private Networks add a level of encrytion and authentication to your network

    Yes, these methods can all be easily circumvented to somebody that really wants to get in. As long as you try to make it a pain in the arse to get in, then the crushing masses of 802.11b networks out there that have zero barriers to entry make your little bubble a waste of time.

  10. Just Curious.... by cyberon22 · · Score: 5, Interesting

    Realistically, why bother?

    If the FBI is concerned with the unauthorized use of wireless networks, they'd be better off cracking down on Starbucks, airport coffee bars, or even Bryant Park, NY.

    Frankly, I'm surprised people still bother to hack from home. If I was looking to break into a guarded system, the FIRST thing I'd do would be to on a casual jaunt for a warhacking hotspot. The explosion of public 802.11 spaces opens up completely unprecedented possibilities for physical and network anonymity. The REAL question becomes what happens when someone actually uses this type of vulnerability to cause real and substantive damage to someone. Is Starbucks criminally negligant when one of their network users DOSes the DOD?

    If the FBI wants to get companies to lock-down 802.11 services, all they need to do is remind firms of their legal liability for "unauthorized" uses of unguarded 802.11 networks.

  11. Re:well meaning?? by dgp · · Score: 5, Insightful

    No no no. you've got it all wrong. The reason people should be warchalking is to mark OPEN nodes. Nodes that belong to groups like Personal Telco Project in Portland, OR, or Seattle Wireless, or Austin Wireless. These nodes are MEANT to be used for FREE by the PUBLIC. Thats why people should warchalk. Thats why there are two separate symbols, a closed circle for closed networks (meaning stay away) and an 'open circle' for open networks, saying go ahead and use it.