Slashdot Mirror
Wardriving From 1500ft Up
luciensims writes "Wireless networking blog e3.com.au is running a story about a few of their members flying a private aircraft 1500ft above Perth, Western Australia. They found over 90 access points. Details are here."
How do you write with chalk at 1500ft? Must have looong arms...
Fly-by Hackings?
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
So ... call it what it is ... warflying!
How'd you get the chalk to stick up there, anyway??
Slashdot? Oh, I just read it for the articles.
Oh my god! Hackers (read as: terrorists) flying planes at low altitude over cities?
Then it should be warflying
You don't use chalk. You sky-write!
Just so you know
Internjet Exploder v3.02 and Njetscape Communisticator.
WLAN eletromagnetic waves & cheap plane electronics => loose control at 1500 ft
The earth is not flat but warflyers are.
Owner of a Mensa membership card.
> Speaking of security... I wonder how ethical it would be to code up a script that maps to printers /boss/. The boss will understand the problem at once! Where the usual "Let's invest in security" is less palpable. /do/ anything about it already. /best/ way of letting a site know about a security hole?
> available on open/insecure WLAN netbios networks and print out "Your Wireless Network is insecure,
> Please fix it!"?
This might be helpful to the local sysop. This printout can be shown to his (her)
On the other hand, it could rase the question why the sysop didn't
What is the
-- (:> jms cs.vu.nl (_) --"---
They were able to get the necessary tools (including a private-freaking-jet) to do some wardriving/warflying..
And they didn't have decent servers to handle a Slashdotting?
Oh, this is Australia. Never mind.
Seems to be dead already. Google hasn't got a cache, anyone get a copy?
are they going to mark the locations by skywriting? :)
It was most likely a Cessna, not a jet.
Fbi warns of wireless (again)
From the well-duh dept
Fbi agents warn: If you see plane circeling you office, check your pavement for chalkmarks! If they are there, then you should check your wireless accespoint`s manual under the topic importand, must read, security!! on the first page
Also, think of the potential of hooking radio controled helicopters/planes up with wireless, give them some ai and a phone home by wireless+internet feature and you can send it everywhere in the western world, just let it ask for its next waypoint (any big city) by e-mail
Rumore has it the winning team for the wardriving contest at Defcon 10 used a Las Vegas chopper tour to scan for Access points.
check here:
http://www.securitytribe.com/wardrive.html
and results from the contest here:
http://www.dis.org/wl/score.txt
What an aggressive society we have become!
What kind of bastard /.'s a little old home (ex desktop) machine like that?!?
;-)
heheh.. I guess your gonna get that upgrade you were talking about now aye?
"Consider how lucky you are that life has been good to you so far. Alternatively, if life hasn't been good to you so far
Who puts access points at 1500 feet anyway? :)
Trollem mirabilem hanc subnotationis exigiutas non caperet
So every time I fly on a commercial airliner, I'm reminded to turn off my cell phone for the duration of the flight. Yet these people are using wireless technology in the air. And there are lots of stories of people using cell phones on flights (e.g. on Sep 11). What exactly is the danger here in using wireless in the air?
Gates' Law: Every 18 months, the speed of software halves.
I wanna know how!!
~the keyboard is mightier than the pen.
Perth has a large wireless LAN community access network. See innaloo.net for more details. They use high powered 802.11b gear to set up long range links, which would likely be visible from low flying aircraft. Also see links on that page to other Perth freenet/WLAN's.
I'm lucky to get 30 metres (100ft) range from my Apple Airport gear..
posted by Jason Jordan on Sunday August 18 2002 @ 05:14AM WST
Projects
[link to pictures]
We did it! It's gotta be a first! We don't need no car to car WLAN's - we go WarDriving at 250km/h in an aircraft... 8-)
Cap'n Richard, Will (Yagi), Peterh & me took "IGI" - a Grumman Tiger 4 seat aircraft up to 1500ft and flew around Perth picking up AP's with Netstumbler running on an Handheld Ipaq/Cantenna and Kismet on a Toshiba Tecra 9000 with built-in Antenna.
We stopped at Rotto first for a quick run to the Bakery, but then it was on. We got 92 AP's with Kismet... and 95 with NetStumbler.
You can check out the photos by clicking the link below. There is also an image generated by Cap'n Richard to demonstrate the track we took around Perth available on the Rogues site.
You can check out the Kismet & NetStumbler logs for yourself:Note: The Kismet dump file is not included for security reasons. After reviewing it, I found IRC conversations, emails and clear netbios traffic for known local Perth users. I will follow up with them to "improve" their security.
Speaking of security... I wonder how ethical it would be to code up a script that maps to printers available on open/insecure WLAN netbios networks and print out "Your Wireless Network is insecure, Please fix it!"?
I know what the law says so I'd never do it... but it would give the sysadmins pause wouldn't it ... 8-)
Reposted on Sunday August 18 2002 @ 05:14AM WST
Trollem mirabilem hanc subnotationis exigiutas non caperet
Isn't this sort of thing a little irresponsible?
Every time some thing cool comes up, it seems lke it suddenly becomes cool to find ways to misuse it under the guise of hacking.
Wireless networks are a great innovation which will be destroyed by a bunch of geeks with pringles cans on the roof of their cars.
I started with nothing and I still have most of it.
Irresponsible? The guys who "did it" are part of a movement to have free wireless networking. Surely, knowing the extent of coverage and the extent of usage of 2.4Ghz networking in the area is a good thing?
Hacking? At 250Km/hr that access point goes by pretty quick you know. It's not like they can pull to the side of the road.
i think this should be renamed 'warflying' considering you dont drive a plane =)
Educate > Enlighten > Evolve http://www.neuroatomik.com
I'll be writing to Mr. Pringle today to arrange sponsorship.
The next time you're buyig prongles, don't be surprised to see: Original, Sour Cream & Onion, BBQ, and High Gain.
The e3 webserver is a Gateway (moo) PC! It's a little Celeron 400 with 192mb of RAM and a single IDE Hard Drive.
Anyone want to send a server?
wut?
I recently spent 3.5 weeks in Perth visiting a friend and having a good time. Seeing the pictures just reminded me how much I wanted to stay.
I know this is off-topic and all, I just wanted to vent. Allow me that.
C
There's no problem that cannot be solved with a suitable amount of high explosives
They had the clever idea of using plane trails as gigantic 100ft wide symbols in the sky, but forgot that trails only last for a few minutes at best.
mogorific carpentry experiments
Who is destroying anything? These Geeks just enjoy finding these Networks and use them maybe for a bit websurfing. The real dangers are to come.
And WLAN isnt destroyed, as much as i know, you can secure a WLAN properly.
But there are open WLANs wich can be easily hacked by crackers. You wont change anything by keeping silent about this.
this plane
/Styx
I am a pilot who flies a small, single engine aircraft and does so very, very frequently, and often for very long distances (coast to coast, etc.).
Cell Phones can and occasionally do interfere with the NAV-COM radios, but most of the time they do not. However, I recall one time when a friend hadn't turned off his phone and I couldn't hear the tower as a result, despite the fact that I was sitting on the ramp only three hundred yards/meters away. As soon as he turned his cell off, reception was fine, so it can and does interefere rather catopstrophically at times, when conditions are right.
I haven't measured VOR-DME deviations due to cell phones, but it wouldn't surprise me at all if they didn't interfere with navigational signals as well, when conditions are right. That could potentially be catastrophic during flight in IMC (instrument) conditions, particularly if there were terrain nearby.
In any event, alll that is rare. Most of the time cell phones will at most add a little static to the transmission or reception, and often they won't interfere noticably at all.
That is only half the picture, however.
The FCC has made it illegal to use cell phones in the air because one phone call can occupy a slot in several cells at the same time, vastly decreasing the call capacity of the system.
Two hundred people on a jumbo jet using cell phones could well equal 20,000 people on the ground. It clobbers the cellular system, and is sufficiently bad that the FCC has made a regulation against using such phones in flight. The FAAs regulation is basically "obey the FCC regulation."
Of course, if it is an emergency, FAA regulations clearly state that any (FAA) rule may be violated if the saftey of the flight requires doing so. The FCC might not be as flexible, but in a true emergency I for one wouldn't worry about it, and use the damn thing anyway if I needed to.
The Future of Human Evolution: Autonomy
A model plane, processor, wireless card, directional antenna and GPS. Send the drone off to scout for access ponts -- either email the data back using the access points found or download the data after the drone returns.
This'd be great on vacations. If it's fast enough, send it ahead of you on your intended route, and leapfrog from one access point to the next. If it's too slow, send it out on reccy mission when you stop for the night. By the time you're checked in & done with dinner you'll know where to go to get on the net.
"Glory is fleeting, but obscurity is forever." --Napoleon Bonaparte
Go Perth!
It's clear that Perth is really making great progress in the wireless community - we're ahead of the rest of Australia in terms of size of the network and interest per capita and we're really starting to link the state up.
While the wireless communities in other states are arguing over how they're going to incorporate or how they're going to manipulate everyone politically - here in WA we're focusing on actually making it work with no one person running the show. Decisions are made by the consensus, not an individual voted in to speak on our behalf. People contribute because they're interested and keen to help out.
It's seeing initiatives like this warflying expedition which really makes me glad to be a part of the Perth wireless community!
Go Perth!
-- Wireless WaFreenet user since March 2002
Suggested title for the FBI warning notice! (apologies to Mick)
Microsoft Visual Studio .NJET (that's a russian word for NO) commercials on slashdot?
this is an extremely bad idea. Those Wi-Fi signals can interfere with an aircraft's electronics - you think playing a CD player is bad? Wait till you start bouncing round these signals. They're worse than using mobile phones!
I recall Apple, when Airport first came out, plugging Airport for gaming - two users could sit on a plane and play a network game using a direct 802.11b connection. One of the big aeronautical manufacturers found out (apparently one of the relevant employees was perusing their site) and got on to them quick smart about it. The plug (in an interview with Apple's old head of gaming, Kathy Tafel, IIRC) was quickly pulled of the site.
In short: using 802.11b on an aeroplane is dangerous. don't do it!
cheers
-- james
It seems that it has become hip to download scriptkiddie tools *cough*netstumbler*cough* to hack networks.
What part of "scriptkiddie" is a low-level, lifeform similar to scum that these hipsters don't get?
The 'l33+ $ki77z d0odz behind the above unmentioned tool have been in the irc scene for a number of years. A scene not known for legal use of other folk's servers.
Leaving the MPAA and the RIAA and their arguments out of this. This type of activity is often cited as justification for enacting the draconian laws that we all hate.
It is primarily this activity that is being used by the Media and others (not friends of wireless) to spread FUD about how wireless is not to be trusted and is a giant security hole. Wireless is our only hope of getting out from under the thumb of the telecos. (Telecos == that ever increasing bill you have been paying every month, all of your life.)
Want to have to submit DNA sample to your "trusted computing platform" so that you can log on? Then support this type of scriptkiddie activity.
--
I think, therefore, ken_i_m
working on my private certificate.
I'm not sure how my instructor would respond the next time I go up if I brought my laptop and told him 'I want to fly over the city at 1,500 feet.'
The Internet is generally stupid
This kind of reminds me of the scene in Gleaming the Cube where the skaters are flying around in an airplane looking for empty pools to skate!
Reminds me when the US was easedropping on Russia's first cell phones back during the cold war... How hard would it be to put somebody (or two sombodies preferably) in an ultralight or glider and just float around looking for access points? Sounds like covert ops stuff; Floating around in your black "Escape from New York" glider and crashing enemy networks from the sky.
You need a FREE iPod Nano
The article talks about how they used Netstumbler on the Ipaq... so of course that sparked my interest. I googled around and couldn't find a PalmOS 802.11b sniffer... and I'd love to play with my Visor/Xircom Wireless combo in the same way.
Anyone know of / developing a PalmOS 802.11b sniffer?
---
"how can the same street intersect with itself? i must be at the nexus of the universe!" - cosmo kramer
Free wireless networking?
Sounds a lot like the old "information wants to be free" warcry that every punk hacker uses as justification to post porn all over the web sites they deface.
I started with nothing and I still have most of it.
It only got about 1.3 million people which puts it a bit bigger than St Louis. Like all small Aussie towns its got no population and is spread over a huge area. Your saying 1.3 isn't small? Its got to be since Melbourne and Sydney are small towns and they only have 4 million people or so. Oh wait... only NYC and LA have more than 4 m people... That puts syd and melb as #4 and #5 as far as the worlds largest english speaking cities... I wonder if these are such small towns afterall.
Unfortunately since they were the only people to actually hand in their results in a usable format they got lost by Pete who had to stay up all night fixing everyone elses data to be parsable and they got left off the list.
It was also the Shmoo Group who social engineered their way into the Fox news helicopter which is how they got more AP's then anyone else. The hack was announced by Priest at one of the talks as well.
Pffft, amateurs.
I've wardriven anywhere from 4500ft to 5000ft up. I plan to go up to about 9000ft, but I doubt I'll find many access points from that elevation.
Huh? Planes? What? I thought we were talking about elevation. See, I live in the Reno/Tahoe area... :)
In other news, the first WarPost was observed on slashdot, here,, today,,, in this post.
A new website is in the works to catalog all WarPosts and will go online next week.
Meanwhile, here's a short description of the signatures:
(*) WarPost with comments
(!) WarPost to gain karma points
(O) WarPost without any comments
(l7) WarPost from one who wants to be cool too.
(!=) WarPost from Perl writer.
(<?) WarPost from PHP writer.
(<) Warpost from Windows "webmaster"
And now for the post:
(*)
Done
my sig
1500 feet is not "low altitude", in fact the recommended altitude for flying a small private plane over congested urban areas in the US is only 1000 feet above ground since there is strictly controlled airspace reserved for jetliners above that, whenever there is a big urban airport nearby.
...an acronym for "Wireless Access Reconnaissance".
Gives a whole new meaning to crop circles now doesn't it?
If you stand on a beach in Northern France with your UK mobile phone, and do a "Network Search", it will probably see your home network back in the UK - but that doesn't mean you can use it because your phones transmitter is simply not capable of reaching the same distance.
So doesn't the same thing happen with 802.11?
Oh oh! I've got a hot connection, stop the plane!
One line blog. I hear that they're called Twitters now.
How does finding access points for private networks bring about "free wireless networking"? You need to make a public network if you want to bring about free wireless networking.
But then, perhaps you wrote "free" when you really meant to write "stolen"...
that's good.
What you advocate is like walking into a farmer's field and eating the food. I can imagine the analogous excuses on a slashdot discussion:
Knowing which channels and frequencies that ARE and where in use enables you to develop a free wireless network that minimises channel overlap.
What gets my goat is all those that are quick to report Netstumbling as Hacking.
FFS, if you wanted to deploy a wireless link in ANY location, how are you to know if there is already any existing wireless deployments in that area -- WITHOUT doing a Site Survey, otherwise known as Netstumbling, or Wardriving.
Misuse of the links *is* hacking, but using a sniffer to locate the networks should not be. Its not like a cabled LAN/WAN, as, unless you cut a cable your not going to interfere, but if you go and stick a transmitter on a frequency already used, both you and the existing site are going to start seeing the effects.
These guys in Perth are building a Community Wireless network. It is in their interests to improve wireless security, and it is also in their interests to identify and plan for AP/Frequency allocation.
Trust me, this is hard enough for a small network of locations, and is absolutely essential. If Netstumbling was ruled illegal, then the result would be freq allocations causing continual interferance.
Joy. Then where would your 802.11 be useful?
(Not defending misuse of the open wireless networks, but lets face it, lack of security isnt a legal problem, its a technical one, and best solved through technical means. Laying law on this wont fix it)
What do you boys want to hire the plane for??
We're going Warflying!!!!
Give me those keys back......
Burma?
Your use of the verb "netstumbling" attempts to provide validity to a scriptkiddie tool in the way that intellectual property asserts validity to ownership claims beyond those provided by law. Specifically, by attempting to redefine the terms used in public debate by introducing a term which if accepted grants said validity and moves the debate onto other issues. As practiced, the use of Netstumbler does not contribute to the improved security of wireless networks. In practice, through the use of "warchalking" and on-line database mapping it contributes to the breaching of said systems.
As my reference to "draconian laws" indicates the last thing I am suggesting is a legal bandaid. I am questioning what appears to be a lack of thinking through the implications of what is being done.
As for the fallacious argument of using such a tool for a site survey, it is very weak. Wireless networks are not even the majority of usage in the spectrums in question. Ask anyone who actually does site surveying (for a WISP, for example) and they will tell you that the proper tool is a spectrum analyzer.
There are some wireless equipment vendors that promote the use of propietary protocols as a defense against wardriving. If the use of Netstumbler continues to grow as a "kewl" thing to do these vendors may well succeed. Then there will be a fine mess of incompatible equipment and protocols holding back the adoption of wireless.
Yes, the security of the 802.11x protocols needs to be improved. "Warchalking" and "netstumbling" does not contribute in a positive manner to that improvement.
I would no more welcome making the use of such programs illegal then I do laws against smoking (Disclaimer: I am and always have been a non-smoker). Yet, like smoking I would gently discourage its use. Which is what I am doing by questioning the rising tide of the acceptance of such practice.
(BTW, I define "hacking" in the manner of the old schoolers, which is why I used the term "scriptkiddie". "Cracker" could also be used.)
Once upon a time, aircraft flying under IFR conditions (overland) navigated mainly using VORs and ILS for final approach guidance. While they use VOR much less than days gone by, ILS is still in heavy use.
The funny thing is that VORs and ILS systems operate at a frequency just barely above the FM broadcast band. It was discoved that the IF frequency of a cheap FM radio tuned to the upper end of the broadcast band was strong enough to disturb the ILS receiver onboard the craft and put it off course at a very critical time; namely landing, when 50 ft. of error can be fatal.
Nowadays, the ILS/VOR recievers are better as are the average FM radio. Private pilots flying planes sporting radio equipment much crappier than your average 737 has commonly fly with portable GPS recievers and operating laptop computers with no problem.
So yes, with the exception of devices capable of high powered transmit (old cell phones, CBs, Ham and aircraft band trancievers), the ban on electronic devices during takeoff and landing is still enforced to get the passengers to pay attention to the flight attendent. The FAA just won't admit that.
~Any apparent grammatical or typographic errors are caused by defects in your display device.
I noticed the network 'tsunami' appeared quite frequently - I have too noticed this in Melbourne, Australia.
Anyone know what it is?
Boeing ran some tests on their craft, TRYING to interfere with its electronics. They couldn't.
:)
These things are built to withstand *LIGHTNING* hitting the aircraft.
A small plane might have problems, not a commercial airliner.
The cell phone restrictions are FCC regulations due to interference to towers caused by high-flying phones.
Just don't use it during takeoff/landing, that's when the more "sensitive" navigation electronics are used (which is why NOTHING can be turned on then.)
With the pilot's permission, many people have used amateur band handhelds on airplanes to help them get WAS (Worked All States) and WAC (Worked All Counties, not Countries) on VHF/UHF. You're talking 5 watts here, not even a misconfigured 802.11 card can come close to this, and it's far closer to the airliner's comm frequencies too. Of course, ham HTs are typically pretty high-end RF-wise because hams are picky about performance.
retrorocket.o not found, launch anyway?
Probably a nice, and polite thing to do, but it could end up with you in jail for life -- especially if you warn a government office (using unauthorized access to a government computer to cause a change in (security) policy).
POLICE!. FREEZE!
Keep your hands in the air, and step away from the computer!
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
I love climbing 10,000 ft. mountains in Oregon and pulling out my 2 meter ham rig and hitting repeaters in Oregon, Washington, California, and Nevada. It's fun watching people pull out their cell phones and not get service. I tell them to step down a few feet off the summit and then they always get service. I assume that on top you hit so many cells that the systems just can't handle hitting cells over 100 sq miles.