Warflying 2013 Access Points in Los Angeles

Kallahar writes "We went warflying over Los Angeles and Orange counties yesterday. Flying in a small plane at 1400 feet we detected 2013 802.11b APs in 75 minutes, 71% had no WEP encryption. A map and some pretty pictures are up at my writeup."

That's nuts

[GabeK]

What I find pretty amazing is the 500+ people with the default SSID. It's like my apartment complex...if I'm not careful, I can get on one of three different networks and not know it!

Hey thats my SSID

[Delta-9]

"Hackerish SSID (h3lpm3) 15 (0.7%)"

Hey thats my SSID!

All kidding aside, I wonder how many /. readers' SSIDs are in that netstumbler log, and I wonder how many are afraid to reply and say so since their GPS coords are associatated to their SSID.

1400 feet?

[planckscale]

You would think at that alitude they wouldn't pick up anything, considering my buddie's WAP won't reach his backyard. I wonder if they're mostly business WAPs?

Warbussing

[spooky_nerd]

I had a similar, but lower tech, experience just yesterday. On a bus ride through Seattle I flipped open a standard laptop with a Cisco wifi card, and found dozens of access points. Most of them where open. I wonder how long it will be until wireless companies start offering security out of the box? How hard would it be to have a wireless access point that shipped with a random password and instructions on how to use it? It's pretty obvious that the average person doesn't realize what the risks are. I know because as a desktop support tech I get asked about this all the time. As soon as I start talking about things like WEP and MAC addresses, I see eyes glazing over.

How to leave my access point *IN*secure?

[PCM2]

1430 of them being unsecured, that bothers the heck out of me.

OK, my immediate reaction is ... why?

Fine, corporate "enterprises" (beginning to hate that word) should have secured their wireless networks. But lets face it, most of the APs discovered are probably Linksys routers sitting in some dude's office. Exactly why do all of these need to be secured?

I'm a normal, conscientious Internet user. Most of the day, my Internet usage consists of email and (I admit) wasting time on Slashdot. I'm not looking at porn, and I'm not wasting significant amounts of bandwidth. Honestly, who should care if I happen to use their unprotected wireless network?

Furthermore, I personally wouldn't care if anyone used mine. I would love to feel confident that I could leave my wireless access point unprotected. Several points nag me, however:

• Every now and then, I'm going to want to download some Linux ISOs. (OK, I mean labels' entire catalogs of songs on MP3.) When I want to do that, *I* should have the bandwidth to do it. I pay for it, I get dibs. So far, I don't know of anything available to your average consumer that will let you throttle bandwidth for your "guests" at will (or, ideally, automatically -- my own MAC addresses get top priority).
• The kiddie porn issue is an issue. As is, I guess, MP3 downloading. I don't want to have to firewall out P2P ports (and play the game of "what port are they using this week") just to protect myself from people using my AP who are too dumb to cover their tracks. No, I do not believe "but my port was unprotected, open to the world" is going to hold up in court.
• People are, by and large, bastards. If I leave my AP unprotected, it's not going to be used occasionally by passers-by etc. It's going to be my next-door neighbor, using it to download massive AVIs all night long, all the time thinking "hee hee hee, this dumbass left his wireless AP unprotected." If I were to open my AP, I'd want the first thing to pop up on your browser to be a notice letting you know that, yes, I see you, yes, I'm logging you, and yes, if you were a decent person and you wanted to use this thing all the time, you might drop by, ring my doorbell, and offer to kick me a couple bucks every month.

Furthermore, I'd like to publicly thank the various people around town whose unprotected access points I've used without permission. You never knew I did it, but it probably saved me some hassle.

And finally, I'd like to publicly ask owners of coffee shops, delis, diners, bars, and other lounge-around spots: Have you ever considered not charging for that miraculous wireless network you just "installed"? Face it, Internet access is a flat fee for you. You want to bring in customers to buy that cup of half-and-half (I once heard that milk-based froofy coffee drinks have such an exorbitant profit margin that Starbuck's is essentially in the milk business). So why not do it by offering them a place to sit around, relax, and use their laptops? Seems to me it's no skin off your nose. Coffee shops have been providing shelves of books for years -- why not Internet access?

I bring it up because the coffee shop down the street from my house recently switched from offering free wireless access to charging for it -- something like $15/month, fully a third of the cost of a DSL line that will give me full high-speed access around the clock. Lots of other places are starting to do the same here (San Francisco) -- the "trial period" is over, now you have to pay.

I ask you: Where's the sense in that? I had just gotten into the habit of spending my mornings in that coffee shop, eating bagels and coffee while I got some work done, when they pulled the rug out from under me. Now the main thing that keeps me going down there is the fact that a couple of the shop's neighbors have their own wireless APs -- unprotected, of course. So now I'm not going to the shop as often, I'm buying less coffee and bagels, and worse, you went ahead and paid for all that (evidently quite expensive) Internet hardware and now I'm not going to be part of that new profit-center either.

Make it free, man! Wired magazine said as much, months ago.