Slashdot Mirror
Warflying: San Diego
geogeek6_7 writes: "WarFlying over SanDiego reveals hundreds of WAPs, and some very interesting statistics. There is a second write up of the same adventure at the pilot's personal website. All this of course should not be confused with that 1500ft 'WarDriving' effort in Australia."
Not really surprising. With no intervening obstacles (or even a horizon) even a weak signal in the 2 ghz range can have incredible range. It might be amusing to try this kind of thing with a big tethered balloon in an urban area.
Roving Web-Teleoperated Robot
Okay, there are a lot of wireless access points out there. Okay, many of them aren't secured very well (if at all).
So what? Why is it worth so much effort to reillustrate this point over and over again? Sure, Wardriving was a neat concept the first time someone pointed it out, but this is just more of the same thing. What's next? Wartraining? "Look, we got on these wireless LANs while riding the El in Chicago! Why the hell do we have to obsess on this over and over again? This has been overdone to the point where I'm sure we'll see a UserFriendly strip about it!
Okay, rant over. Sorry.
Every year during my review, I just pray the words "slashdot.org" aren't mentioned.
How, exactly, would this law be enforced? How long until someone makes a law against knee-jerk 'the man will keep us down' posts.
Armed with this information, we took a few common brands of garage door opener (Genie, MultiCode, Sears, etc.) and set them to these combinations. We then hopped on our bikes and started riding around the neighborhood clicking the buttons. You wouldn't believe how many garage doors opened.
I sort of drew a parallel between unsecured WAPs and these unsecured garage doors. It was remarkably easy to do. Most people have no clue how to change the dip switches on their garage doors, just like most people have no idea how to change the default SSID, disable SSID broadcasts, and enable encryption.
Because of what I learned about the security (or lack thereof) of the typical garage door opener, I now have a much more secure Linear DX Code receiver controlling my garage, just in case some kids get the same idea I once had.
It's called skywriting. Just gotta watch out for those gusts of wind.
-
ping -f 255.255.255.255 # if only
Who said anything about accessing these networks? He just scanned for them. If I walked around looking at phone boxes on the sides of buildings, I wouldnt' be guilty of making calls on them. I cant imagine at 2500ft. that he would be in range of one station long enough to even load Slashdot.
I mostly find this interesting just because it is. Ham radio fans still have contests to see who can bounce their signal off the moon, and who can contact the furthest stations. There are a lot of dorks out there, and we need something to entertain us.
The FBI field office in San Diego has just issued the following warning:
"If you see strange symbols floating in the sky above your corporate office, this might mean your wireless networks have been targeted by hackers or terrorists. Be sure to secure you wireless networks and contact the FBI immediately."
Beauty is in the eye of the beerholder.
As a pilot I can tell you that one of the things drilled into your head, early and often during training, is the question "if the engine quits here, where are you going to land?"
At 1500' over a heavily populated area the pilot could still be in trouble with the FAA. It is technically legal, but not necessarily safe or prudent. Simply put, there is not a whole lot of options for landing at 1500', and even less over a densely populated area.
I have seen a great many tech folks at the airport who are smoking holes waiting for a place to touch down. If you consistantly treat an aicraft as a car with the z-axis, it will eventually catch up to you.
My $0.02
If brevity is the soul of wit, then how does one explain Twitter?
I was reading /.'s article about warchalking the other day and my wife asked what I was reading! This is rare as she is familiar with the slashdot masthead and has always stayed away whilst I read. Anyway, I tell her. Our resulting conversation was like this:
Wife: God, some people have way too much time.
Me: yea pretty wild huh.
Wife: Why are you grinning like that.
Me: huh? I'm not grinning.
Wife: You aren't thinking of going out to do this are you?
Me: Can't. I don't have wireless connectivity.
Wife: You've got DSL.
Me: --Edited speech about differences between dialup, dsl, wireless, 801b.11 blah blah blah.--
Wife: So you're telling me that you want to buy a laptop and walk around town with it?
Me: I didn't say that. We don't have the money anyway.
Wife: You'd do it though, wouldn't you?
Me: I dunno.
Wife: You would do it! Why the hell would you want to walk around and pry into other people computer networks.
Me: Dunno. Curiosity?
Wife: What? Curiosity. I might be curious to know why the neighbors are moaning so loud every night after letterman, but you don't see me over there with my x-10 camera laptop!
From there the discussion went downhill....
(ok moderators: Off topic, Funny, REAL LIFE)
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
"First things first -- but not necessarily in that order"
-- The Doctor, "Doctor
If you'd read, you'd see that they didn't access the networks, just scanned for APs. The author specifically states that he doesn't access the networks he finds, and talks about setting up his own unsecured AP for the sake of seeing how far away he can get in a plane and still access it.
do not read this line twice.
...they flew over my apartment, so I'm probably one of those Apple access points. Oddly enough, because of the construction style of my unit (apparently Spanish Mission Faraday), I can't get a reliable signal from one end of my unit to the other. Glad I can be of service to local pilot community, though.
I've been searching for a few years for a way to get legit, reasonably priced, Internet connectivity in cockpit. There are many web sites where pilots can get nearly real time weather data. If we could connect in flight we could see radar images of storms ahead. Commercial weather avoidance devices cost tens of thousands of dollars. It's frustrating that every ground-based wireless connectivity solution just won't work at 3,000-10,000 feet. Besides many, such as cellular systems, are is illegal to use in flight.
Commercial in flight internet links like ground-based AirCell and satellite phones, cost more than $3000 for equipment with conenct rates of $2-5 per minute.
The $3,000 PDA-based AnyWhere WX shows the potential. The promised inflight access to NEXRAD will fill the bill, but most avionics makers are planning systems that are still in tens of thousands of dollars range, when a laptop or PDA will do the job.
Your average weekend pilot isn't going to sign up for a $200 month subcription for something only used for a few hours on nice weekends. (Flamers should douse the fire. Most pilots are mere mortals that made flying a priority, just like those who sink money in hot cars or the hottest gaming machines. Most aren't really rich.
It would be a godsend if 802.11b connectivity could be made to work reliably in flight. Does anybody have any ideas on which wireless technology might fill the need?
Ever dream you could fly? Get up from the Flight Sim. I Fly
Incidentally, the "war-" prefix either comes from "wardialing" or is an acronym for "Wireless Access Reconaissance," depending on how politically-correct you feel like being.
Be who you are...and be it in style!
...what so cool in this waring? If they are really looking for networks that want to be found, would not it be easier to just create a service using which you can broadcast your location, description, coverage and other details. I quess I am missing something, but I don't see anything fancy in driving, flying, walking or swimming around in search of some spectrum. Is it just because everyone is still astonished about the fact that you can transfer bytes over air too ?
Had you read the article, you would have seen that he states that they thought up the idea about a month before the Australians posted their results. I'm not saying they were the first or not, but before critisizing, you should read the article!
I'm getting tired of the dozens of posts that obviously haven't read the article. People who do that simply show that they're missing the point of Slashdot alltogether.
My other sig is funny!
Is it the same to detect a system as to use it? If this were the case, anyone using a port-scanner, traffic sniffer, or even PING could be called a criminal. He didn't make use of the networks, just pointed out that they existed.
He also disclaimed his posting of the map, in that the locations marked are those of the plane as it detected the access points, not any indication of where the point itself exists. This is hardly an assist to others in breaking the law.
Any spoon would be too big.
The answer, my friend, is blowin in the wind...
I believe there are a lot of insecure WAPs out there because there are a lot of computers with nothing of interest on them. (or at least nothing the owner thinks would be of interest to anyone). And what do I care if someone leeches a little bandwidth now and then? Most users wouldn't even notice or know how to find out if someone was using their WAP.
Send lawyers, guns, and money. Dad, get me out of this.
First - I think these guys did an excellent job - and made a nice contribution by publishing their article w/pictures hosted etc...
My issue - is that the security problems are IMHO vastly overstated. I've worked at two companies with WAPs - and those were outside of our corporate/internal firewall.
If someone wanted to work over the WAPs, they would use them like a home DSL line, and simply VPN in. No security problem there.
As for private home users, and even some small businesses (as both my parents run offices with non-secured WAPs) - the security risk is only as great as the value of their data, divided by the cost to get to it. If any of you want to (i) find, and (ii) hack my father's office's legacy Dos-based auto/office management software, than by all means - we've been in need of a windows compatable update!!! (hehe).
But seriously - what use would you have for your neighbor's email or home document/resume, etc... and would you really go thru the trouble of hacking a next-door Pentium running WinXP? I think it's far more likely to be the sploits' of a script/trojan than an individual.
All good companies will have seperate VLANs (or equivalent) running different things - i.e. the WAP should be firewall'd like the rest of the net etc...
Not to mention - anyone can be hacked over the internet, even with firewalls, but to use WAPs, you have to be within the range - typically 1/4km. Do you have the time/car/laptop/battery life to drive to your 'enemy' or soccer-mom's house and hack the encryptions? (yes I can spell - watch some more southpark).
BR
nuff said.
What's the big deal?
Well, if I had a new klez worm varient to unleash, what better way to introduce it to the world than jumping on some poor sap's low security WAN?
Crack attempts, spam, kiddie porn, whatever. Any internet activity that people avoid for fear of being traced down can be easily, safely pulled off by leeching off of some poor sap's WAN.
I'm glad to see geeks making a fuss about a glaring security hole like this. The more fuss, the more press, the more dummies with LinkSys wireless routers start securing their connections.
--
Something similar occured when I was a little kid, a few months after we got our garage door opener.
:)
Our neighbor, seeing ours and talking to my dad about it, decided to go out and buy/install one.
As to my dad: To his credit, he modified the resistors. (No DIPs, you had to clip resistors here) But he only clipped one.
Neighbor did the same thing when he installed his - He clipped just one.
Well, we hit that 1 in 7 chance of picking the same resistor. All of a sudden, our neighbor's garage door opened on him. So he walked to the garage, and hit his button.
Ours went up, his closed. My dad walks out. Eventually, they're both standing there and figure out what happened.
Both of em' clipped a second resistor and made sure not to clip the same one this time.
retrorocket.o not found, launch anyway?
What this means is that you can use a radio that you have an FCC license for, or an unlicensed radio that is allowed in aircraft. (Example: Amateur radio gear and 802.11 equipment.)
You STILL can't use your cellular phone, because the FCC does not allow cell phones to be used more than a certain (very low) altitude AGL, because the phone suddenly gets LOS to multiple towers, which will cause interference with those towers. (At best case, each tower will see your signal and consider you a user and work around you - Still, that means that instead of using up 1 users' worth of capacity on one tower (the way the system capacities are designed), you will use up 1 users' worth of capacity on numerous towers.
Note in the article how much improvement there was in range when he was 1500 feet up - This is EXACTLY why cell phones are illegal in the air. Not because they interfere with flight systems, but because they interfere with cell phones on the ground.
retrorocket.o not found, launch anyway?
Nope, as said before, he looked at the broadcasts from the WAPs and discerned from there.
It would be the same as me listening to music you broadcast over the radio (i.e. one of those cd-car radio thingys.) I could be driving by you, and tune into your "music" by accident... nothing illegal.
Karnal
From what I read, though, they did not specify which ones were insecure. They only specified that most were set to their default SSID (of which, if you're reading slashdot, you have a higher than average chance of realizing that "certain SSID" = "certain manufacturer default SSID"). Even so, doesn't mean that the specific access point doesn't have WEP or MAC restrictions turned on (again, per the article.)
Karnal
"How, exactly, would this law be enforced? "
I'd send a few villagers over to build a couple of SAM sites.
"Derp de derp."
Even more interesting, since it is usually very easy to change it and then turn off SSID broadcasts on the access point, rendering stuff like netstumbler pretty much ineffective. All this basic security without even using wep.
"I'd send a few villagers over to build a couple of SAM sites."
Not a bad idea! SAM sites only cost $600 and are fully automatic. Villagers work for 50 food. The only problem is that you'll have to keep your supply of wood up so you can build more power generators!
The assesment was pretty accurate: Hundreds of WAPs, cool stats. Also, confusing it with the Austrailians didn't mean it was a copy cat of the Austrailians. As ever, read the story. The blurb is so you know what you are clicking on. ~geogeek
The problems with making 'wardialing' illegal is that it's often done by accident. Consider the case of the guy who had a public access site up, and got overrun by StarBucks. Some of these people didn't want StarBucks. Are we going to throw people in jail because someone put up a conflicting access point?
Free Software: Like love, it grows best when given away.
There's one little diamond there in a residential area that's almost certainly my WAP. I think I may have even noticed the plane go by, as we don't get that many low-flying civil aircraft in this area due to its proximity to the military and commercial air traffic. How interesting. 'Scuze me while I go pull the power cord out of the Linksys.
That could be an alternative name to "warflying". I can see where "warstorming" comes from (think "barnstorming").
However, why are we using full-size planes for this? A serious model plane could do the job as well, if done right. Tightly strap in an IPaq and a small GPS, padded, with an external antenna on the Orinoco card. Add MiniStumbler, some gas, and go.
Even better, with some custom software on the IPaq, and assuming you stay in range of your AP, there may be a chance of real-time telemetry. Add a camera card and spy on your neighbours... no, now I'm just getting silly!
(this is not a