Slashdot Mirror
War Driving To Be Protected In NH
AllMightyPaul writes "A big article on Wired.com talks about the new House Bill 495 that would legalize the innocent stumbling upon open wireless networks. Basically, it put the burden of securing a wireless network on the owner of the network and allows people to connect to open networks that they believe are supposed to be open. This is excellent news as I'm sure we've all tried to connect to one wireless network and ended up accidentally connecting to another one. Being from NH, now I can finally drive through Manchester and connect anywhere I want with little worry, but not until after January 2004, and that's if the bill passes the Senate."
war driving lessons
Why do I h8 apple?
From the article: "Like most state and federal computer crime laws, New Hampshire's existing statute says it is a crime to knowingly access any computer network without authorization"
Basically before if you were driving past a starbucks and picked up their connection you could be doing something illegal. I expect it's still illegal to crack WEP (easy as it may be) but using random open wireless is Ok.
- The identifier you are referring to is the SSID (Service Set Identifier).
- wardriving programs operate by putting the wlan card into promiscuous mode and sniffing all the wireless traffic passing through the air. I beleive that they also send out probes for SSIDs.
- If you are not using WEP (Wired Equivalent Privacy), then everything transmitted is cleartext. However, WEP has been proven insecure, and should not be relied on for any sensitive data.
And yes, there are alot of Linksys default SSIDs out there.Kismet - Wardriving application for Linux
Airsnort - On-the-fly WEP cracking for Linux
1Computer Related Offenses; Network Security. Amend RSA 638:17, I to read as follows:
I.
So, the way I read it is: the owner is responsible for securing the network, but its legal IF and ONLY IF you were legally granted access, would have been granted access if asked, or had no way of knowing whether or not you were allowed to use the network.
This doesn't protect wardriving at all: if you're knowingly going around looking for unsecured wireless access points, you've already failed 1 & 2. The only issue up for debate is 3: would you have known that you were not authorized? I'm sure once this hits court, the party with the better lawyer is going to win.
Mooniacs for iOS and Android
The article seems to shed a positive light on the NH law proposal, which places the burden of network security on the operator, and the negligence for not securing the Access-Point if they get h@x0r3d. That makes a lot of sense because it not my fault that when I walk down the street and your Access point is bombarding me with your signal. I cannot help but to receive the signal if its there. The analogy is walking around at high-noon and being subjected to sunlight, because I cannot help this unless I burden myself to apply a coating of sun-screen. That sun-screen lotion is the wireless equivalent of a firewall but the major difference is that the sun screen is there for my optional protection. It not my burden to protect myself from your spewing of wireless packets since they do not cause me harm.
;)
The wireless protocol stands for themselves, and in a court of law they would be easy to examine line by line until the judge/jury is brain dead from the tech-jargon. Not to mention the various accredited folks who can demonstrate with freely available software that WEP is more of an annoyance. MAC based filtering is weak since it is possible to spoof the mac address with most 802.11b hardware drivers. Simply bombard the AP until the ARP table refreshes with you mac as the end point that *should* be getting the traffic. The solution most folks I know use is a hybrid of various methods. One way is to make each wireless node use VPN to the router behind the AP, and use WEP (as an annoyance) on the ether. Disabling the 802.11 beacon is the first thing that should be done, else it your fault for advertising the existence of your wireless network in the first place. As I mention before, MAC filtering helps as an annoyance to would-be-infiltrators. Finally, rename your SID to anything except "WIRELESS" as many folks get on by simply looking for the default SID.
This is my advice, as a war-driver, I know all the tricks. Enjoy!
It isn't a lie if you belive it.
I just wish everyone would pay more attention to the last two amendments in the Bill of Rights:
Amendment IX
The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people.
Amendment X
The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people.