Slashdot Mirror
Wartrapping?
netphilter writes "This article on ZDNet writes: "A "honeypot" trap consisting of a Wi-Fi-equipped laptop is the latest weapon against drive-by hackers." Although I'm sure that I've heard of this somewhere before, it appears that the latest twist is that this company is looking to sell them to corporations. Hmm...I wonder what the warchalking symbol for a honeypot really would look like?"
I'm guessing the submitter wasn't thinking of Winnie the Pooh...
Liam
I don't get it, why not just configure your network not to hand out IP addresses to anyone who asks? Does this wireless thing have no security at all?
-- Ed Avis ed@membled.com
)( :-(
or
)NO!(
Or failing that a picture of a fat bear with handcuffs being lead away by the brain police. Damn you Pooh bear...
is this really gonna make a difference? Ok, they know you're connected, they know your IP address. So what? How are they going to actually track you down? Then what? Call 911? Interesting article but the ramifications are still unclear.
There is nothing inherently safe about liberty. That's why so many people died protecting it.
What they use to put all the crap in...
I'm not really a web designer, I just play one on the Internet.
Imagine a distributed network of Wi-Fi honeypots taking in unique ID's, and distributing a "do not provide access" list to it's corporate subscribers.
Things could get sticky.
This exact same story was on net-security.org yesterday. If you would like more information about this topic go to this story @ net-security.org.
Fighting for Peace, is like Fucking for Virginity.
Send it into the building to disable the honeypot laptop.... It can use its onboard signal strength meter to search for it and then with some onboard weapons in the Mark II version (remember its a DARPA project....) BOOM!! no more honeypot...
-jon
think that there's a warchalking symbol for a honeypot. I think that writing SANDERS in really poor backwards handwriting is good enough. /me hopes people aren't lame, and they get the joke
The GeekNights podcast is going strong. Listen!
I wound't call em hackers, just opportunists.
Trying is the first step towards failure.
A honey pot is slang for a vagina as well as a computer used to trap misfits. I think and femal genetalia related symbol would do nicely.
Reality is that which refuses to go away when I stop believing in it. --Phillip K. Dick (remove SPAM to email)
Well, I for one am glad that we are going to see a crackdown on today's tech-obsessed miscreant.
Than exposing your network and then trying to catch people who break in.
Since even a secured wireless network can be broken into in about 30 minutes,
it makes more sense to treat the wireless network as an external network.
All accesses to the 'real' internal network then go through the firewall as if they came from the Internet.
Doing anything less than this seems to be courting danger.
Sig for sale or rent. One previous user. Inquire within.
Can we dispense with the prefixing of "War" to anything 802.11 related, PLEASE?! This is just stupid now.
Historically, "wardialing" was phr33k-slang for the rapid dialling of phone numbers. Exactly what does this have to do with 802.11? Driving around and listening to packets is not the equivalent of "wardialling", nor is it in any way similar.
And don't even get me started on the idiotic term "Wi-Fi"...
I always assumed "wardrivers" were people who are too cheap to pay for a broadband connection. I wasn't aware that they actually were hackers.
Boy am I really out of the Token Ring.
It is quite possible to do wireless without opening up your entire company network. Just like it's possible to NT networking securely.
The problem is for the most part there are idiots in control of the corporate IT that have impressive MS certifications after their names but don't know diddly squat. This quote:
proves it and let's us know who they plan on selling to.And just what is it they plan to do when they get people logged into their honey pot? Call the police? Oh man please.
You know you're a geek if you've ever replied to a tagline.
I've always believed that flat out good security was a much better solution than trying to eliminate all who would probe your security. Take for instance firewalls that claim to "track down attackers"--I don't care about that. Anyone with half a brain can get an IP address from their firewall logs. All I want is a firewall that locks down all unused ports, and offers program-specific access settings. This stops most portscans and worms. The idea of a honeypot may be important in certain cases, i.e. when very clever hackers have been found invading networks, even after they were secured well. But an ounce of prevention (locking down your wireless network in the first place) is worth a pound of cure (honeypots).
OT, does anyone know of a Netstumbler-like tool that works with the Toshiba e740's built in Prism wireless card?
"I may be quite wrong." - Socrates
maybe instead of a symbol we could put a nest of killer bees near the point and then that would be the form of security too. :-)
-(|||) - is that a honey pot symbol?
There is no way to "catch" someone with a modified satellite dish and hitting the AP from 2 miles away. At the most they have is my MAC address, hah, or what they think is my MAC address.
Not all people accessing wireless networks drive up to the front door.
I think many corporate IT people are instinctively scared of anything "free". This looks like a lame effort to sell a new "service" to these suckers.
If you want wireless security, take your WAP and plug it into a spare interface on your firewall, or whatever hardware you're using to do your VPN. Now send out a memo saying 'We now have wireless access. In order to use the wireless access you'll need to use that VPN software that we gave you so you could work from home'.
Only accepting authenticated IPSec connections is going to do a hell of a lot more good than getting useless statistics on how many people wanted to hit google while sitting in that park half a block down the street from your office.
I recently worked at a large government organization (in Canada if it matters). The particular organization held a lot of information classified secret. It was all stored on a password protected mainframe that users accessed through telnet.
Well, someone had liked the idea of setting up wireless networking for a group of users in the building. The admin who installed the system simply used MAC address authentication as the only security on the WLAN. They only had so many wireless nics, so they simply added those addresses.
The problem here is that the admin did not realize the security hole he had just opened, as we all know that mac addresses offer no security at all. Though the wireless network I was able to capture plaintext telnet sessions, which included logins and passwords, and I could gain mainframe access from my car in the parking lot. (BTW, don't attempt these types of activitys without your employers permission).
If the admin had done his homework he would have at a minimum turned on WEP (although it is not secure either, but before the crack was out it was thought to be). Finnaly I convinced them to start using the built-in LEAP authentication and a RADIUS server, as well as limiting the access that users could have with their wireless nics (ie, no telnet access though the wireless). With simply a little deeper look into the security aspects of 802.11, the admin wouldn't have opened the huge security hole in the first place.
The reason Santa is so jolly is that he knows where all the bad girls live.
Darn those gansta boyz. Is nothing too taboo for their cutting edge lyrics?
I am a Karma Library.
Maybe it was here....
Obviously as you point out the police won't really be able to do anything. Maybe if you sent out your own security but then it's a bit hard to prove anything. Anything more sinister like sending a virus to the hackers machine would be illegal.
absolutely useless, leave your house door and wait and count how many people come in? So we don't need to make a secured network, all we need to do is "manage" how many people are walking through our door. And do what, beat them with a broom stick? Another reason this is useless, (atleast in my area) the driving community is somewhat closeknit so the moment someond detects one of these pots, it will be all over the net, thus making the product/services useless.
Useless sig.
I would never use one of those airport systems because ANYONE could be spoofing it. There could be someone sitting next to me with a laptop in his suitcase.
It is good that someone tries to chart this problem. At least it makes big corporations aware of the problem with wireless systems and the security issues associated with them.
I like the idea of wireless internet access everywhere, but not though stealing bandwidth of some business with bad security. I feel very bad for the companies being hacked and abused because of the bad security of the wireless solutions they use.
It surprises me that no-one thought of this before the technology was launched.
If KPMG set up this machine as an access point with no encryption or network connection, how could they analyze the data before it was already erased by a clever wardriver...
Valuable WinUSER
1069 Penn Ave, Washington DC.
(100) 555-1069
192.168.1.1
Press 1 to recieve list of all songs and movies ever watched on this PC.
Press 2 to recieve social security number
Press 3 to recieve mother's maiden name
Press 4 to be authenticated as vendor with power of attorney for Valuable WinUSER.
Press 5 to spam.
Oh wait, 192.168.1.1 is a local IP. Bill, you need to store medical records so we can cross reference the social security number with the real ISP, thanks.
Friends don't help friends install M$ junk.
But, I guess these hacker sorts, like Protestants, feel free to misinterpret Our Lords words in any manner they see fit for their own selfish gratification, it doesn't cost them anything to piggy back on someone elses wireless access costs (well, except for eternal damnation).
A. Rightmann
would be for a pair of parentheses () with a zigzag line down the middle, like a closed beartrap viewed from above.
-- Proud descendant of semi-nomadic cattle-herders.
Or they could just people dumb enough to use WinXP and wireless on their laptop and the bad luck to pass a honeypot.
They will collect all the statistics of how many people connect to the laptop and bitch about it to extremist groups like the RIAA to get people who are caught doing this life sentences.
sound about right?
Alternative 1:
1. Buy the honeypot from this Van Strien fellow, packaged as "a security tool for corporate Wi-Fi users" with "a beautiful user interface". Estimated cost: _____
2. Maintain it. Estimated cost: ______ per month.
3. Keep someone on the payroll to watch for suspicious activity. Estimated cost: _____ per month.
4. When suspicious activity is found.... um... what exactly do you do then?
Alternative 2:
1. Let laptop users connect through Wi-Fi to the company's VPN server, just like the road warriors. Nothing except this server is accessible through the wireless network. Estimated cost: _____
Would anyone fill in the blanks for me? I want to see which one is more cost-effective.
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
"Warpotting"?
My
Limekiller
Historically, "wardialing" was phr33k-slang for the rapid dialling of phone numbers. Exactly what does this have to do with 802.11? Driving around and listening to packets is not the equivalent of "wardialling", nor is it in any way similar.
Actually, wardialing referred to having your computer rapidly dial phone numbers and look for modems that would allow anyone to connect. The idea was that Joe Scriptkiddie would start a wardialing program when he got up in the morning and it would dial a randomized list (because the phone company is looking for lots of numbers being dialed sequentially) of phone numbers all day. In the afternoon when he got home from Junior High, he would check to see if the program had found any "interesting" information (modems on numbers that he didn't know about before) and if so he would add them to his "to-investigate" list.
If we define warX to mean aimlessly using method X to find hosts that will talk to anyone, that fits with the definition of wardialing - aimlessly dialing numbers in the hope of finding a modem. Even though driving isn't the most important component of wardriving (one could walk, I suppose), the term wardriving seems to fit. It means aimlessly driving around with a laptop scanning for hosts that will talk to anyone.
Can we dispense with the prefixing of "War" to anything 802.11 related, PLEASE?! This is just stupid now.
As far as I know, wardriving is the only war* term related to 802.11 technologies.
For those of us looking for wireless acess, we just want to check email and check a few web pages. There's no way of telling whether a unsecured wireless network was deliberately unsecured to allow people to access the Internet, (like many people and some businesses - notably, Starbucks - do) or whether it was left unguarded due to ignorance, laziness, or boneheadedness.
If you find people accessing your network and you don't want to share, lock it down. What's the point of a honeypot? To find all those roving bloggers on park benches, obsessively updating their fans on the minutiae of their lives? What are you gonna do when you find them? Slap them on the wrist?
Doesn't everyone realize that this is the future? Unfettered access to information, whether you're in line at the DMV, at the park with the kids, Saturday morning soccer, whatever. What other technology is going to bridge that last mile? Nobody's putting fiber down in my neighborhood. Wireless seems like the best option for fast, ubiquitous acesss to me.
Ture.
It's a research tool for security firms that can help provide data that will help sell security services
False. It's a research tool for security firms that can't provide security because their clients insist on using insecure software like Microsoft Windows TM. I imagine the silly thing will disrupt legitimate corporate communications and collect a bunch of usless "Valuable user at 192.168.1.1" information.
As you seem to suggest, the only way to secure your wireless network is to treat it as an external insecure network. The streams must be encryped (WEP no good) and the connections must be authenticated. If you don't do that you just might end up with half your NT admins in the park accross the street.
If you just hand out IP addresses and service to anyone who walks by, you can expect people to take it. They might as well put PCs on the street and then complain when people stop and surf or play solitair. Duh, what will they think of next, trying to secure bags of money in the lobby with nerve gas?
Friends don't help friends install M$ junk.
Airscanning? Scannetting? Scandriving? Probing? WiScanning? AirSniffing? Airdunking? AirPorting? AirProbing? ScannerDriving?
Relive the BBS Past - One Byte at a Time! www.ssabbs.com
Please tell me that you don't still have classified info available through telnet. Please tell me you meant ssh or VPN. Wireless or not...
Mentioned one month ago here on slashdot this fakeAP software sends out lots of 802.11b beacon message with different SSIDs. Hide in the noise for the good it will do you.
If these companies are willing to spend the money and effort to set up a honeypot, why aren't they willing to spend the money and effort to secure their wireless networks in the first place?!
unless the honeypot has rooftop rf direction finding and megawatt laser blaster.
BOFH: Hey, tripwire shows we got a fly in the honeypot!
PFY: (looking out window with binos) Really? It could be that guy at the sidewalk cafe with the notebook out.
BOFH: Heheh, Mr. warwhiz left port 139 open and admin share on! Now where did you put smbclient?
PFY: In daisy/pub. Go for it and I'll let you know of any change in facial expression.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
)///( /// means 'unsafe area'
Three slashes over the warchalk symbol.
True technology evolves -- and this is how these 'environmental' networks will become secure, finally -- not through laws and threats against "hacking"....
Does anyone know of a good site that explains how to easily and fairly securely set up a VPN?
Ya know, I was just thinking the other night how people need to accept wardriving wether they like it or not. Physical proximity on an open 802.11 network is very much so like dialing a point to point link; you should see me in my basement trying to get access to my wireless access point on the third floor- I move a foot to the left, check signal strength, bring the laptop up, check strength, then down, check strength, until I find a spot where I can get good enough reception. lather rinse repeat.
The only other term I could think of would be involve grep, however that implies a more sequential search and regular expressions.
In the future, I would want to not be isolated from my friends in the Space Station.
Maybe I'm a dumbass, but dosen't MAC address filtering address most of the security issues related to Wi-Fi?
#2...
The honeypot will be a laptop with a Prism wireless LAN card, which can act as a Wi-Fi access point. The laptop will have no other network connection, but will appear to the hacker as a possible entry point to the corporate network.
Imagine a Beowulf of these.
Karma: The shiznight, mostly because I am the Drizzle.
Nope, through telnet. It is internal only, ie, the users telnet into an internal mainframe, but with the internal network having internet access (through a firewall), and a WLAN (with no firewall/security at the time), you could get to the mainframe from the WLAN easily.
The reason Santa is so jolly is that he knows where all the bad girls live.
This also relates to discussions about cooperative wireless mesh networks. If you want people to volunteer to share their wireless node with neighbors, you have to provide a box that enables it to be done safely. If the design isn't rock solid and foolproof, all it takes is a little FUD to damage the necessary trust that makes people feel ok volunteering.
The idea of placing an access point outside the wired network is probably the correct solution given the claimed weaknesses in WEP, and it might save you from replacing all those cards immediately. If I was proposing adding wireless access to a corporate or educational campus, I would propose this exclusively. No access points inside the gateways, and access the internal network resources as if you were coming in from outside. If you use a VPN solution for telecommuters, the same would work for wireless access. Now you have end2end security on your external people, and whatever your policy is about sharing out some bandwidth for free, it's more like giving a free drop to a nonprofit down the hall. You'd just hook them up to your external router with no internal access.
There was also a small comment in the interview with Vint where he says that he wishes they had designed in access controls for each node from the start. This would probably be a big help here as well as with problems related to IP spoofing and such. Perhaps IPv6 would be an opportunity to get this in, but if it isn't in the spec yet (anyone know?), it's probably too late.
.
I suspect that the first problems are going to be identification, notification and most of all entrapment.
This is nothing to fear, there is nothing to fear, but caution should be observed.
Record your activity and the instant you are notified that it is a restricted system GET OUT and STAY OUT.
Do not destroy your records, keep 2 copies in different locations, you may need them.
My larger concern is that these are unregulated frequencies and corporate use combined with prosecution could inspre the less altruistic to push to have them regulated (in the US).
Van Strien plans to run several honeypots in different offices across London, and move them about within the buildings, so that if wardrivers become aware of their existence they will not know for sure which are real access points and which are honeypots
"Yeah, maybe if we keep moving around, they'll think we're a new AP"
I take it they've never heard of MAC Address's
http://doc.weblogs.com/2002/07/31#makeFunNotWar
I believe the following are already taken: - "Kilroy was here" - "Frodo lives" - "Eternity" "WAREZ HERE" though is still available.
John Maynard Keynes: "When the facts change, I change my mind. What do you do?"
by telling us they're using a...
Prism wireless LAN card
shouldn't this make it possible to detect honeypots through a unique characteristic of this manufacturer?
You can tell a 3com NIC from its MAC address, why not apply a simlar technique here and flag the honeypots!
Wait are we still talking about wireless networking here? mmmmm Honeypots
Now that is bad news.
I recently purchased a zaurus + dcf650 and loaded kismet + the qt kismet app. Plugged it in, cycled to my local shop and back and had a look - no signals. None whatsover.
Anyway, tinkered around with the settings, rebooted a coupla times, ifconfiged up and down (you get the idea) and before you knew it, 2 APs detected from within my lounge. Walked outside, another 2. Next day, on the way to the the train station - another 6. From the station to work ( a ten minute walk), another 30. Around 50% of these bothered using encryption and when I put the kismet packet logs into ethereal, I didn't have a lot of stuff, but I did get a few web pages browsed and even a few pop3 account emails and passwords.
Now I'm no hacker - I did this warwalk just as I read so damn much about it (on sites like this), but either these companies / individuals want there bandwidth used or they really have completely clueless admins who have no idea what their unleashing on there networks. I feel like emailing the addys I did get with a "please secure your network", but that'd probably go to the poor users who have no idea what they're doing but have been given a neat tool by their IT dept.
So what to do ?
Two wrongs may not make a right, but three
For a new symbol:
http://www.crwflags.com/fotw/images/p/pea-cnd.gif
Make War Not Love!
Buy a Nintendo DS Lite
Admiral Ackbar.
'nuff said.
Where does the school board find them and why do they keep sending them to ME?
You stole my bit!
--in this day there is no real need other than to create more useless busywork for the IT guys to adopt wireless inside offices. Really. Buildings are now all wired, use hardwires and cables that are already there, get on with the business of producing widgets that the company's main focus should be. Places that really need it can be secure, a plethora of techniques exist. this cracker vs hacker vs white hat vs blackhat vs greyhat is silly. Bust, prosecute and imprison the living snot out of some blackhats, like what should have been done long ago in computer era years, and get on with business. And I mean 1337 kids, treat them as adults for blackhatting. The word will get around that maybe being a blackhat isn't cool. If the geek community don't clean up it's own act, believe me, the politicians and businessmen will clean it up for you with crippled hardware and even more extreme laws. They are doing it now, this should be a clue. If anyone knows a blackhat, turn them in, right now. make a choice, you are a non thieving honest person or you aren't, there isn't a middle ground on breaking and entering and theft. In meat world it's a crime, in cyber world it's a crime. If you knew of a burglar or a rapist, turn them in. Same with a cyber burglar and a cyber rapist, it matters not if it's bits and bytes, criminality is just that, criminal, and unless 'civvies" can differentiate and remove criminals from their midst by shunning them and turning them in to the police then we are just going to continually become innundated with the big brother version of law enforcement, which hardly anyone wants. Blackhats are not robin hoods, they are highwaymen of the 21st century, just as much bad guy crooks as in the olden days when they held up stagecoaches and robbed the local bank or train going by. Scumbags in other words. Treat them as such inside your own circle of friends. Don't hang with or emulate scumbags. They are not "elite", they are crooks. I know there are crook blackhats reading this. Please stop. And be aware there is a growing revulsion with your actions, eventually someone is going to turn you in, or you will get caught another way, and you will be doing time in club fed. If youthink it's a game, no matter how old you are, you haven't grown up. If you "justify" it by some lame logic you are 'exposing security loopholes" you are making lame excuses. here's the deal, you don't walk around and try peoples doors on their cars and homes to see if they are unlocked. You don't wardrive around snooping. it's the same thing. If you find or see an open door you don't go in that persons house. if you find an open network you stay out of it, period,, if it isn't yours or you haven't been invited in, you stay out, wired or wireless. This is black and white decent or indecent behavior. There is no gray area.
Please make a separate section for these stupid War* stories to go in, so that I can block that section in my user preferences.
Thank you.
'P
/\ /\
|
d_ q__O
I don't understand why people think it is so difficult to secure wireless. All you need to do is have encryption running on the box, and use some kind of authentication firewall between the wireless box and the rest of the network. We're doing this at my company, and so far it works great. We even set up a credit card payment system on the box, so people that don't have passwords (non-employees), can kick us a few bucks and get access to our T-1.
I've been called a "Fucking Dick" by better people than you.
me mother is dead, you insensitive clod!
I for one beleive that paying gor internet access nowadays is a silly idea in and of itself. With so many wifi hobbyists why not?
Besides, last time I checked there was no "law" prohibiting this...
ZedLeCates
)o(
^
|
The people doing the wardriving/walking/chalking are not doing anything illegal, AFAIK. The people running the network left a door open on a public street. If they don't want people in, they should lock the door.
The only purpose of this would be to determine whether people were looking for open networks. I can save them some money right here: the answer is "yes" - now spend your money securing your network instead of hiring consultants and "investigating."
I don't fault the company making the honeypot in this case. They're simply taking advantage of the cluelessness of companies.
I can't imagine why you'd want to BUY this though; renting one should be enough. You rent, you find out people are snooping around, you take the thing back and start concentrating on locking down.
Even better; hire someone to come by once every few months and try to break into your network. If they can, then fix the problem. Repeating this occasionally takes care of the departments/individuals that go down to Fry's and buy a WAP and install it without the knowledge of the IT dept.
Is a giant dick! Cause it'll fuck you in the ass if you get caught
Or maybe something less lewd on a publicly veiwed wall.. like... a lot of exlamation points or.. ooh! Beezelbob! That should be the symbol, just draw a big picture of satan! Or maybe they could draw a circle, with another cirlce inside, then X the whole thing out, then use tangents on the bigger circle, then a big rectangle around that, and some small circles randomly placed around it.. Or a pie. Definitely pie. Draw a pie, for honey pot, because pie is good, good is bad, bad is evil, honey pots are evilly good, at turning me on sm ithers.
Even if I say something insightfull or inteligent, it doens't matter cause I'm an ass.
It originally came from the movie WarGames. (He was using an IMSAI 8080 and what sounded like a Bell 202 modem.)
One line blog. I hear that they're called Twitters now.
No, spoofing is one of the oldest tricks in the book. I make *my* machine look like *their* machine, so whatever you do you're doing on *my* machine. Want to run ssh? Fine, you're running my ssh, which I've just happened to hack to catch all your keystrokes.
The easy case of spoofing was back in the TTY days. Just write a program that clears the screen and prints out a "login: " prompt. Trap the password the user enters, present a "invalid login" message, and bail (and exit the program to present a real login message in the meantime). You've now just trapped a password, and the user pretty much just figures the first login attempt was a typo.
- Matt
1. Buy the honeypot from this Van Strien fellow, packaged as "a security tool for corporate Wi-Fi users" with "a beautiful user interface". Estimated cost: _$50k____
:-)
2. Maintain it. Estimated cost: ___$0___ per month.
3. Keep someone on the payroll to watch for suspicious activity. Estimated cost: _$1k (partial employee)____ per month.
4. When suspicious activity is found.... um... what exactly do you do then? (Discuss it in 3 meetings and then take no action)
Alternative 2:
1. Let laptop users connect through Wi-Fi to the company's VPN server, just like the road warriors. Nothing except this server is accessible through the wireless network. Estimated cost: __$20k___
Ok, I filled in the blanks....what do I win?
if you bilk them WITHOUT lying or mis-representing yourself is it a crime ? Unless of course they are legally not capable of making desicions for themselves. I see your point and the analogy is not perfect, but...
:)
"Trespass is the proper remedy for the several acts of breaking through an enclosure, and coming into contact with any corporeal hereditament, of which another is the owner and in possession,and by which a damage has ensued. There is an ideal fence, reaching in extent upwards, a superficie terrae usque ad caelum, which encircles every man's possessions, when he is owner of the surface, and downwards as far as his property descends; the entry, therefore, is breaking through this enclosure, and this generally constitutes, by itself, a right of action. The plaintiff must be the owner, and in possession. There must have been some injury, however, to entitle the plaintiff to recover, for a man in a balloon may legally be said to break the close of the plaintiff, when passing over it, as he is wafted by the wind, yet as the owner's possession is not by that act incommoded, trespass could not probably be maintained; yet, if any part of the machinery were to fall upon the land, the aeronaut could not justify an entry into it to remove it, which proves that the act is not justifiable."
Notice, there is the PRESUMPTION of DAMAGES, while it may in fact meet some of the points for trespassing I don't think that simple use would be upheld unless you lived in Texas
errr....umm...*whooosh* *whoosh* Is this thing on ?
they'd be "Airpots"?
- Tjp
I am in wallow with my inner money grubbing capitalistic pig. ... Oink!
Using weak metaphors to argue about computer security gets really old. A closed door, locked or not, is an indication that you're not supposed to go in unless the owner wants you there. Likewise, a WEP-protected network may be easy to get into, but the use of WEP is a sign that you're not wanted there. And just like a house with an Open House sign on the front, my wireless network has no such "go away" signal because I want people to use it. (Of course, just like an Open House sign does not mean "please burn my house down", my 802.11b base station is not an invitation to abuse my network, just an opportunity.)
If, during a discussion, a badly stretched analogy is used and replied to, that discussion is basically over. Any further comments will involve stretching the analogy in the direction each person wants it to go in rather than the original topic.
One line blog. I hear that they're called Twitters now.
well duh, it matters! Canada only has, like, three secrets. And two of them have to do with maple syrup. I wouldn't lose much sleep over it.
Oh, those warwalkers are so evil! They're actually accepting our offer to communicate! Let's demonstrate our moral virtue by creating false invitations to use our network backed with bogus MAC addresses so they don't catch on! Bleh.
"Hmm...I wonder what the warchalking symbol for a honeypot really would look like?"
A picture of Pooh with a honeypot on his head, "Oh bother."?
Just because you can mod me down, doesn't mean you're right. Shoes for industry!
If there WAS a honeypot symbol, wouldn't it have potential to be abused? As in, draw on your own sidewalk to scare away hackers. How do you know if it's real or not? Of course if this was done a lot, it would lose believability.
I am unclear about something; I have a wireless network at home built on d-link cards, which have 256bit WEP encryption. Is 256 any safer than, say, 40 ? Or is there something fundamentally flawed in the whole security setup that makes even 1024 bits insecure ?
Never, ever lose a file again. Ever.
Mind the legal language folks. I seem to recollect that US law is based in part on British law, but it's likely that it has diverged.
AFAIK (IANAL): in England and Wales, trespass is not a *crime*. There is a big distinction between crimes which are tried in criminal courts and other actions (torts) for which there is only a civil remedy. If someone comes onto your land you don't in general have much comeback against them unless they do some harm or damage - they haven't committed a crime. If they do damage, then you may be able to claim recompense in civil courts, but it's still probably not a crime.
However, if they are armed, then it's armed trespass, which IS a crime and you can call the cops straight away. In cases of ordinary trespass the police will be very disinterested because their responsibility is basically criminal not civil law.
What they say about GPS not working indoors is right.
Anywas, we're not taking about MAC addresses here... GPS would be an expensive and impracticle means of identification.
There are plenty of ways to secure a network, people just aren't putting forth the effort - if it's important enough just set up a VPN
I've done this at my work over the past few days and at least once a day "someone" logs in and leaves 30 minutes later. One was an Agere card and the others were d-link cards verified by checking the mac address here. I didn't have a packet sniffer on it but I found it interesting that the hits were that frequent here in Downtown Chicago.
and to think that all this time I had believed it to be some variant of hip-hop for toads...
A MODERN FABLE
Aesop's fables and other traditional children's stories involve allegory
far too subtle for the youth of today. Children need an updated message
with contemporary circumstance and plot line, and short enough to suit
today's minute attention span.
The Troubled Aardvark
Once upon a time, there was an aardvark whose only pleasure in life was
driving from his suburban bungalow to his job at a large brokerage house
in his brand new 4x4. He hated his manipulative boss, his conniving and
unethical co-workers, his greedy wife, and his snivelling, spoiled
children. One day, the aardvark reflected on the meaning of his life and
his career and on the unchecked, catastrophic decline of his nation, its
pathetic excuse for leadership, and the complete ineffectiveness of any
personal effort he could make to change the status quo. Overcome by a
wave of utter depression and self-doubt, he decided to take the only
course of action that would bring him greater comfort and happiness: he
drove to the mall and bought imported consumer electronics goods.
MORAL OF THE STORY: Invest in foreign consumer electronics manufacturers.
-- Tom Annau
- this post brought to you by the Automated Last Post Generator...