Slashdot Mirror
Secret Service Goes War Driving
JSC writes "Looks like the Secret Service is taking a page from the WarDriving handbook. Your tax dollars at work includes springing for the Pringles can for the antenna."
← Back to Stories (view on slashdot.org)
Is there a comprehensive guide to wardriving on the net? Where can I learn to do the markings?
Wardriving honeypots?
They are planning on informing companies that they have leaky wireless networks. They aren't doing it to leach bandwidth like most wardrivers.
I bet they paid way too much for those Pringles cans (like their $400 hammers and $600 toilet seats).
I do it. :)
Why should I care if the SS does it
Right Kyle?
"Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
Actually, most vendors advertise WEP as a security mechanism for these wireless networks, but as we all know, it is pretty much useless. I wonder if the writers of the article wrote the above statement knowing this fact, or if they just got lucky.
Warchalking PDF FAQ and check out This site
Peterson recently drove down a major Washington street and found over 20 wireless networks, many of which had no security at all. Peterson said his probes are part of good police work, like a patrolman driving through a neighborhood.
I know of someone who drove downtown in my hometown and picked up many wireless networks. This included 4 laptops with pringle can antennas. Among one of these networks he noticed the name was the state Lottery, thats right, the lottery. As he looked up, he was passing the building for the state lottery. It is interesting to see how many open wireless networks that there are in a town.
He also informed one company of the open network (he knew the network admin) and immediatly lost his ip for that network.
Is it illegal to pick up the wireless network as you drive by, if you don't do anything with it? Or is it illegal to pick it up and browse the net or both?
If companies want security let them hire someone to secure them and audit their security. How is this something that should come from taxes? It makes great sense to audit themselves or anything of key importance but just random wardriving sounds like a waste of $$$.
At what price learning? At what cost wisdom? The price is a man's peace of mind, and the cost is his life.
I find it interesting that when the Secret Service goes around wardriving and alerting network owners of insecure networks it's okay, but then Joe "gray"-hat hacker does the same thing these same network owners attempt to prosecute the individual.
-IOVAR Web Dev Platform
Ive been wanting to make one of these for awhile now. You can find some absolutely splendiferous pictures here: http://verma.sfsu.edu/users/wireless/pringles.php
The Blade Itself
Isn't the FCC gonna be on their ass?
Im glad my tax dollars are going to someything like this. Not that they are war driving but they are using pringles cans. I mean i personally wouldn't spend my money on a nice antannea so why should the govt. spend my money on one. if a pringles can is good enough for me than its good enouh for the govt.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
A quasi-mainstream news source called warchalkers "independent security researchers." That's gotta be a first.
-a
How to rationalize theft.
Maybe this publicity will create some market for a security product to be used for wireless. A lot of companies don't realize that wireless networks allow potential hackers an easy way around a firewall, and as such, there's little demand for a product to prevent such a breach. If the SS can bring that to light with their Pringles can, maybe that will change. And maybe Pringles will get into network hardware too. That'd be ironic.
Yahoo! News Sun, Sep 29, 2002
Search for Advanced
Agency Probes D.C. Wireless Network
Sun Sep 29, 1:37 PM ET
By D. IAN HOPPER, AP Technology Writer
WASHINGTON (AP) - Secret Service agents are putting a high-tech twist on the idea of a cop walking the beat. Using a laptop computer and an antenna fashioned from a Pringles potato chip can, they are looking for security holes in wireless networks in the nation's capital.
The agency best known for protecting the president and chasing down counterfeiters has started addressing what it calls one of the most overlooked threats to computer networks.
"Everybody wants wireless, it's real convenient," Special Agent Wayne Peterson said. "Security has always been an afterthought."
The effort is part of a new government plan to build relationships with businesses so that they will feel more comfortable reporting hacking attempts to authorities. Recent anti-terrorism legislation gave the FBI ( news - web sites) and Secret Service joint jurisdiction over electronic crimes.
Wireless networks are cheap; a small one can start at less than $200. They make it easy for workers to wander around with their laptop or handheld computers and for visiting employees with their own computers to get on to the local office network.
These networks are becoming common in airports, universities, coffee houses, businesses, homes and even some public squares. But they are sold with no security measures, and protecting a wireless network from hackers takes more knowledge than what network installation guides typically offer.
Because of security concerns, the White House recently proposed banning some wireless networks in federal agencies. Faced with industry protests, the administration dropped the idea when it released a draft version of its cybersecurity plan this month.
That has led some independent security researchers to drive -- or even use a private plane to fly -- through cities to map networks. Those maps, which are usually posted on the Internet, show where a person can get a free Internet connection on a private network.
The Secret Service ( news - web sites) wants to let businesses know that their Internet connections and private networks might be at risk. Companies informed about security holes can reconfigure their networks to make them more secure.
Peterson's tools are a laptop, a wireless network card and one of three antennae mounted on his car. One is a small metal antenna; the second is a large, white, 2-foot-tall tube; the third is a homemade antenna made out of a Pringles can. They boost the reception of his wireless network card, allowing the agent to point them in different directions to get the best signal.
A Pringles can is ideal because of its shape -- a long tube that lets someone to point it at specific buildings -- and its aluminum inner lining. It acts like a satellite dish, collecting signals and bouncing them to the receiver, which is then wired into a laptop.
Peterson recently drove down a major Washington street and found over 20 wireless networks, many of which had no security at all. Peterson said his probes are part of good police work, like a patrolman driving through a neighborhood.
"I feel it is part of crime prevention to knock on the door," Peterson said.
The act of "wardriving," a term taken from older "wardialing" programs that called random telephone numbers looking for unlisted modems, has become so prevalent that enthusiasts are using chalk marks on streets and sidewalks to point out networks in public places.
Peterson said there has not been any reported "warchalking" in the Washington area yet, but if one was found agents would alert the network owner.
Chris McFarland, head of the Secret Service's Electronic Crimes Task Force, said his agents have begun evaluating computer security along with other concerns when they scout out a place where the president or other protected dignitary will go.
McFarland said, for example, that agents have had extensive discussions with officials at George Washington Hospital about improving its wireless network security.
While the agents plan to offer their expertise to anyone who asks, they are focusing on places most important to their mission of protecting public officials. The hospital is several blocks from the White House and treated Vice President Dick Cheney ( news - web sites) during his heart problems.
Agents also checked out computer systems at the Salt Lake City Olympics, last year's Super Bowl and the World Bank ( news - web sites) in advance of weekend protests.
"People can wreak havoc with these systems very easily," McFarland said. "It's almost like triage."
___
On the Net: Secret Service: http://www.usss.treas.gov
*munch*munch*munch**munch*munch*munch**munch*munch *munch*
n ch *munch*
n ch *munch*
"Hey Agent 423.. got any more Pringles?"
*munch*munch*munch**munch*munch*munch**munch*mu
"No, but I could sure use another Coke.."
*munch*munch*munch**munch*munch*munch**munch*mu
Stories about wardialing are popping up everywhere now. So how do you prevent unauthorized access to your wireless LAN? I have 128-bit encryption enabled. Is that enough to prevent bandwidth stealing/snooping or is there something else?
Peterson recently drove down a major Washington street and found over 20 wireless networks, many of which had no security at all. Peterson said his probes are part of good police work, like a patrolman driving through a neighborhood.
"I feel it is part of crime prevention to knock on the door," Peterson said.
So that's what port scans are, just knocking on the door, part of crime prevention, and not malicious in and of itself.
Seems to me that if there is a legitimate law enforcement use (checking for security) that is being performed by law enforcement agents, then private citizens can do it under the same pretence. Like a neighbourhood watch.
They are probably just following the war chalking marks around town.
FoundNews.com - get paid to blog.,
I can't believe that Secret Service agents are being used for this when our southern border is being completely overrun!
This is total government waste, and it makes me sick. The government's job is to protect our borders, and the corporations should be in charge of securing their own networks and hiring their own wardrivers, not making joe taxpayer foot the bill.
Once upon a time, the military-government-corporate-et cetera complex had ALL the cool toys. Now, they are ripping off tricks that are widely posted by juveline nerdophiles. Now, if the government could only figure out how to clone gold, we could get out of our national debt. Best they go to the nearest MUD forum and get a crack off of some script-kiddies.
Voodoo Girl is the bomb!
All the Kidding asie. I belevie this is one of the best things The Secret Service is doing. The amount of Damage one regoue person can do be warcralking is reduced because these people are making the system admim's aware of the problem.
Another question is that What if the secret service informed a Sys Admin that his Network was "open". and he was susequently hacked is this sys admin liable for the damage caused??
Of course the secret service is war-driving.. Do they really want to repeat the embaressment of being caught
looking at Britney Spears websites?(lycosasia.com)
from the article: But they are sold with no security measures, and protecting a wireless network from hackers takes more knowledge than what network installation guides typically offer.
Every access point I've ever setup had simple instructions for enabling WEP. Granted, WEP isn't the end-all of wireless security, but I'll bet that the the SS's definition of "secure" and "not secure" is equivilent to "wep" or "no wep". Granted, most of the networks I see wardriving (airboxing!) have a default ssid like "linksys" or "WLAN", so I guess a lot of users probably never even attempt to configure their AP. But it certainly doesn't require "more knowledge than network installation guides typically offer".
__
Choose mnemonic identifiers. If you can't remember what mnemonic means, you've got a problem. - Larry Wall
For physical crime, you simply cannot protect yourself easily: there is no low-cost, convenient technology to protect yourself from a bullet or a fist.
But you have complete and easy control over most kinds of cyber crimes: if anything, you save money by going with the safer solution.
In different words, it looks to me like our tax dollars are making up for software deficiencies created by companies that rush products to market and by companies that install technology without understanding it.
Has Nokia accused them of piracy yet?
I have not a single time used someone elses AP for access, yet I have collected over 4300 here in the LA area... check out my picture repository: http://wardrive.eyecannon.com
works much better.
Let's get realistic about this - The SS is doing this because they can. They have a huge budget and lots of nifty toys. They're supposed to know "what's going on" around DC, so they have license to snoop around to an extent. Their basic job description probably leaves many of them plenty of free time. Someone probably read an article in Wired, and thought it was cool. That's kind of what happens when you empower virtually unaccountable branches of the government; in this dept the SS has nothing on the CIA, for example....
with 53,000 faked access points: http://www.blackalchemy.to/Projects/fakeap/fake-ap .html
after the USD5000 toilet seat the USD5000 pringle can? administration at work...
"...and we're here to help you." Is a phrase that ought to strike fear into anybody's heart! Dollars to doughnuts this is not the "helpful" measure it is being made out to be.
Be careful out there!
Dog is my co-pilot.
I don't think that it is their job to go around and tell people that their network is open to the public.
On the other hand, maybe the builders of these items will start including some real default security in their products.
Or maybe people will wake up and start taking some responiblity for their actions! (yeah, right...)
III.IIVIVIXIIVIVIIIVVIIIIXVIIIXIIIIIIIIVIIIIVVIII
...this being done by or under the NSA? After all, this sounds exactly like what their charter calls for. I am confused as to why the SS is involved with performing these tests as it is clearly the NSA's domain. On top of all that, I'm not really sure that this is a role I want to see our goverment actively persuing.
"I feel it is part of crime prevention to knock on the door," Peterson said.
No, its acting like an annoying neighbor to knock on the door. It doesn't even occur to this guy that he might just be annoying people who have open networks on purpose.
that they are allowed to do this withthe sirens OFF. Fucking speeding cops.
All Troll + "offtopic" mods are meta moderated as "Unfair", because you abused the system.
It's nice to see how well your tax dollars are at work,
as others have commented.
It's probably important to point out however, that is this by no
means the SS's first foray into matters having very little to do with
what we traditionally expect of them, nor into so-called "cyberspace."
Look here
for the article entitled "STEVE JACKSON GAMES WINS LAWSUIT AGAINST
U.S. SECRET SERVICE" on the Electronic
Frontier Foundation's Legal
Cases archive.
Alternatively, look at the summary
on the Steve Jackson Games site itself, where the answer to "Why was
SJ games raided?" is answered... "guilt by remote association".
How many of us know someone who would also fall under the "guilt
by remote association" blanket? (Have you watched the evening news
recently?)
Perhaps the moral is: Beware of men with dark clothes and sunglasses
eating commercial potato chips these days. (Their initials may be more
than just coincidental, eh?)
The only up side to this that I can see is that this incident led to
the creation of the
EFF itself.
I'm here at marist college in NY and they block p2p programs too. some can connect, but cant download. others cant connect at all. But there is one program that works. http://www.slsk.org its called soul seek and it seems to get through the network.
In the beginning there was data. The data was without form and
null, and darkness was upon the face of the console; and the Spirit of
IBM was moving over the face of the market. And DEC said, "Let there
be registers"; and there were registers. And DEC saw that they
carried; and DEC separated the data from the instructions. DEC called
the data Stack, and the instructions they called Code. And there was
evening and there was morning, one interrupt.
-- Rico Tudor, "The Story of Creation or, The Myth of Urk"
- this post brought to you by the Automated Last Post Generator...