Slashdot Mirror

← Back to Stories (view on slashdot.org)

Wi-Fi in the Sky

Posted by michael on from the new-heights dept.

mindless4210 writes "In an attempt to have the greatest warflying run to date, members from Daily Wireless, Tom's Hardware, SoCalWUG, and Highlands Highspeed teamed up for an amazing two-plane mission around Southern California. They picked up over 3000 access points and 900 clients, established a point to point link between the two planes, and successfully video conferenced in real time over the connection. This is also the first time that the wireless network detection tool Kismet has been taken up in the air, reporting over twice as many APs as NetStumbler. There is some footage of the flight in divx format available here."

32 of 148 comments (clear)

  1. How much info? by GaussianInteger · · Score: 5, Interesting

    How much information can they REALLY gather from flying overhead? I assume that those planes travel as speeds > 85mph. Given the range of most APs, and the altitude of the plane, wouldn't they only be in range for a couple of seconds?

    1. Re:How much info? by transient · · Score: 3, Insightful

      You can slow a 172 down to about 60 MPH if you're careful. Dunno about the Piper though.

      --

      irb(main):001:0>
    2. Re:How much info? by Texas+Rose+on+Lava+L · · Score: 3, Interesting

      Actually, if it's a windy enough day, you can get your ground speed down to zero MPH. Just fly 60mph into a 60mph headwind. For that matter, if it's a really windy day, you can fly backwards.

      --

      Rank Presidents by th

    3. Re:How much info? by transient · · Score: 4, Informative

      True airspeed most certainly does not take wind into account. You're thinking of ground speed. True airspeed is calibrated airspeed corrected for altitude and non-standard temperature.

      --

      irb(main):001:0>
  2. Wi-Fi in the Sky... by UniverseIsADoughnut · · Score: 5, Funny

    ... With Dimonds?

    1. Re:Wi-Fi in the Sky... by mattjb0010 · · Score: 3, Funny

      Or "Lucy in the sky with Wi-Fi". Puts a whole new twist on the mile high club.

  3. Roadtrip soon, which GPS? by Jon+Howard · · Score: 3, Interesting

    I'm going to go on a roadtrip from the East Bay heading north. My friends will be taking a second car, and we've already decided to set up a link between us for the trip (can you say deathmatch?) - but I need to pick up a pair of GPS units on the cheap. Does anyone have a recommendation for a cheap, gpsd compatible unit?

    1. Re:Roadtrip soon, which GPS? by PatJensen · · Score: 4, Interesting

      Jon, Units just need to support the open GPS NMEA protocol. USB is preferred because it can be powered by your laptop without a bulky adapter or take a lighter port. I'd recommend some of the GPS "mouse" devices that are imported from Japanese manufacturers and are on eBay for $60-$80. No display but they are great for navigating with Streets and Trips or Netstumbler, etc. They will probe as a standard serial device at 9600 baud which you can feed to your navigation software. I'm in the East Bay about every 2 weeks and I frequently run kismet there quite successfully. Using an external antenna helps a lot too! Pat

  4. Warning...! by Anonymous Coward · · Score: 5, Funny

    Our access point is protected with the Patriot Missle Defense System. Offenders are liable to be shot down.

    Your Friend,

    D. McBride.

    1. Re:Warning...! by Jardine · · Score: 3, Funny

      Anyone know the unit cost of a missile?

      I'm not sure about the hardware, but I think the software is $699

  5. Don't bother with the video dl... by tvh2k · · Score: 4, Informative

    ...it's just of some cherokee flying around, nothing special.

  6. Kismet Superiority by WwWonka · · Score: 5, Interesting

    This is also the first time that the wireless network detection tool Kismet has been taken up in the air, reporting over twice as many APs as NetStumbler.

    This week I realized how much better (like we needed proof) Kismet is over Netstumbler, even the newly released version

    Had to fly to our San Francisco office and do some "networking stuff". Stayed in the Hyatt on Embarcadaro, where ironically they were hosting SecureIT 2004...make sure you use ' or ''=' to login to the Hyatts wi-fi service as admin for free. ;-)

    Anywho, did some wireless sniffing with my "Cantenna" and on average picked up two to three times as many APs/Peers with Kismet than Netstumbler. Same equip on a dual booting laptop.

    1. Re:Kismet Superiority by necro2607 · · Score: 5, Informative

      Netstumbler won't report APs which aren't broadcasting their SSID in the beacon frame, whereas Kismet will. This makes a huge difference as many users are going to choose the option to make their AP "stealth" since they think it'll keep their AP hidden from "hackers" and war-drivers and the likes.

  7. Re:How much info? - Plenty by necro2607 · · Score: 5, Informative
    To quote the book "Maximum Wireless Security" from Sams Publishing:

    Many Access Points have the ability to be configured in a stealth mode, thus "disabling the beacon" as one of their options. In reality, the beacon frame is still sent every 100 milliseconds--only the SSID has been removed.

    Information made available by a single beacon frame, one of which is sent 10 times a second:

    • Basic Service Set ID (BSSID)
    • WEP-enabled or not
    • Type of device: AP or peer
    • MAC address of wireless device
    • Channel device was heard on
    • Signal strength of device
    • Longitude and latitude (if using a GPS)

  8. Video?! by theparanoidcynic · · Score: 5, Funny

    Will they ever learn? Anything but plain text fed to ./ will turn your server into a heap of molten destruction. . . . .

    --
    Only in a Slashdot fantasy can a Slackware install turn into several hours of sex . . . . .
  9. WEP (in)security assumptions by David+Jao · · Score: 5, Interesting
    The article incorrectly assumes that WEP enabled networks are more secure than non-WEP enabled networks. You can tell by the red/green color choices and the choice imprecations that the authors think poorly of un-WEPd networks. Unfortunately, in reality the best way to secure a wireless network is one that does not involve WEP. It is well known that WEP is insecure and thus one must resort to other means in order to secure a wireless network against known attacks.

    As a starting point, the WaveSEC homepage describes a way to secure a wireless network entirely using IPsec, without relying on WEP. In addition, for a small home network you can get away with static IP addressing instead of using DHCP, and in this way you can gain all the benefits of WaveSEC security without needing any software patches (since if you look closely all the software patches are DHCP related).

    IPsec is supported in Windows 2000 and up, Linux 2.6 (natively) or 2.0 and up (with Free S/WAN patches), and FreeBSD; unfortunately I have no firsthand knowledge of MacOS support. The main drawback of IPsec is that it is a very complicated protocol and takes a lot of effort to set up. Making different systems interoperate with each other is especially challenging -- for this task, I recommend the Free S/WAN interop page which links to an eclectic pile of guides covering most of the possible combinations.

    My own home wireless network is a mix of Linux and Windows XP clients all connected via IPsec, and I have much more confidence in its security than I would otherwise have with WEP.

    1. Re:WEP (in)security assumptions by necro2607 · · Score: 4, Interesting

      I was waiting for someone to mention this...

      The ONLY security WEP provides is merely delaying any would-be 'hacker'.

      Simply sit within the range of a wireless network with your laptop, collect enough packets with Ethereal or a similar tool, and you'll have the AP's WEP key.

      Proof of concept: WEPCrack, open source program for cracking WEP keys from tcpdump, prismdump or ethereal captures.

      For detailed info on why WEP is insecure, go here. Plenty of info on various types of Wifi attacks and vulnerabilities.

    2. Re:WEP (in)security assumptions by necro2607 · · Score: 3, Informative

      One thing is, though, that you can actually try dictionary or brute-force password cracking on individual packets, so you could just capture a few packets and do a dictionary or brute-force crack in the comfort of your own home, or even just leave it to your 2ghz home desktop to do the cracking while you're at work or whatever.

      You can see an explanation of this here, with a detailed explanation of how you could potentially crack a WEP key in half a minute...

      Of course, brute-forcing a 104-bit key is going to take a long time, but the point is that you can do it without sitting outside some business' office overnight. ;)

    3. Re:WEP (in)security assumptions by David+Jao · · Score: 4, Insightful
      WEP is known to be insecure. However, for the average joe, it is good enough ... would you as a hacker, spend a night in your car outside some dudes house in the hopes that they might compplete an online transaction with a CC?

      I agree that for most people (and maybe even for me), WEP is good enough. However I should point out that I did actually spend a night cracking my own access point's WEP encryption and my success in that effort is what motivated me to seek a better solution.

      My bigger objection is with the article's premise that the unWEP'd networks are automatically insecure. WEP is neither necessary nor (fully) sufficient for really good security. People who really know what they're doing don't actually use WEP. The writers of this article (and many other writers) present a very simple "TURN ON WEP" message that does not adequately convey the subtleties of what is in fact a very complicated security situation.

      I don't necessarily expect a sermon in every article, but I would appreciate a more moderated message and at least some kind of acknowledgement that there is more going on behind the scenes.

    4. Re:WEP (in)security assumptions by Beryllium+Sphere(tm) · · Score: 3, Interesting

      Umm, it's not hard to spoof a MAC address.

    5. Re:WEP (in)security assumptions by bbdd · · Score: 3, Informative

      with kismet, you will be able to see the valid mac addresses being used on the network, without being connected to it. from their homepage:

      "Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic."

      then use something like macchanger, and you're in!

  10. I'm still amazed... by LqqkOut · · Score: 5, Interesting
    I'm still amazed at the number of unsecured WAP's! Who are these people!?

    Wait, nevermind! All of the unsecured AP's must just be Mom & Pop coffee shops offering free nodes. Right, must be it.

    While sitting at my coffee table, Kismet shows 4 wireless networks available (without an external antenna) and each of these networks has WEP enabled, the message must be getting through to some people!

    I know absolutely nothing about Microsoft's WI/FI API, but imagine a virus that spreads throughout the mess (er, mesh) created by the unsecured wireless networks. Hmm... and if the virus is smart enough to determine the WAP's manufacturer, it could even use the default admin password to blow massive holes in the router's firewall as well. While it's not very likely in my geographic location, it could definately be feasible in more densely populated areas.

    Oh, and kudos to Kismet for blowing NetStumbler out of the water!

    --

    -- In Soviet Russia, radio listens to YOU!

  11. Mirror of movie by paulproteus · · Score: 4, Informative

    I have made a mirror of the movie so you can spare Tom's the bandwidth.

    --
    |/usr/games/fortune
  12. Re:why bother with the video? by John+Hering · · Score: 4, Informative

    Sorry about the bum video clip, we had our hands full operating all the equipment! Check out the piece on CNN next sat at 12:00PM PST/ 3:00PM EST for some great footage and complete video coverage of the flight.

  13. A few months ago I did this over San Francisco by ConsumedByTV · · Score: 4, Interesting

    It was a single plane flying over the San Francisco bay area. I used Kismet as well... I think I wasn't the first but I did beat these guys by a long shot.

    Two photos here:

    kismet photo, San Francisco.

    We had an ibook scanning as well, it picked up about 1/10th of the networks. All in all without very good equipment (knoppix, old kismet, nothing special) we got about 190 networks.

    It's possible with a good antenna to circle and get online, it's also possible to make cell phone calls if you should feel like it (not that we did that). We were flying at about 2000 feet for most of the time.

    It wasn't the last time we did it either. War flying can be fun with a GPS that records the altitude as well as the lat+long.

    --


    "Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
  14. Nevermind that... by uberdave · · Score: 4, Funny

    Nevermind how much info they can gather, but rather, how are they going to mark the sidewalk?

    --
    "I'm not impatient. I just hate waiting." - My Dad
  15. Dumb idea by johnthorensen · · Score: 3, Insightful
    OK, well here's a list of things I see wrong with this article:
    • Using uncertified transmitters in a GA aircraft
    • Unexperienced pilots flying formation
    • DOOR POPPING OPEN AT TAKEOFF

    As a pilot myself, I've got to say that these guys didn't exactly have their heads screwed on straight the day they went to do this. You couldn't PAY me enough to fly formation with another pilot whom I didn't know well, and someone obviously wasn't being too careful if doors are popping open. The wi-fi transmitters probably aren't that big of a deal, but I believe it may still be illegal, and I'd hate to do have all that gear running without a decent idea of what it was going to do to my avionics. Overall, a stunt like this does little to advance any sort of "science", and probably wasn't worth the risk to the 4 lives involved

    -JT
    1. Re:Dumb idea by not5150 · · Score: 5, Interesting

      "Overall, a stunt like this does little to advance any sort of "science", and probably wasn't worth the risk to the 4 lives involved"

      Hmmm.... Wasn't this said to the Wright Brothers?? Of course, we all know what failures they turned into /sarcasm off.

      Doors pop open all the time. During flight training, flight instructors tell students what to do in the case that a door pops open. It's actually not a big deal, if you have the proper training. The air pressure keeps the door almost closed.

      Inexperienced pilots flying formation?? Do you know what kind of formation we were flying? Did you know that both pilots have hundreds of hours? The pilot of the Cherokee has a private airstrip with 5 planes and a helicopter.

      The closest we ever got to each other was about 100 feet. Most of the time we were at least 300 feet away.

      As far as the wifi messing with the avionics. Yeah there is a chance... but I did a previous warfly in December, 2003. We didn't experience any problems. Also, it doesn't really matter if the wifi messes with avionics, as we flew VFR. We followed visual landmarks, and used a moving map GPS.

      Accidents happen... you can't stop that. People get hurt/killed in the name of science every day. Some people take the risks, other people just talk about them.

      not5150

    2. Re:Dumb idea by kfg · · Score: 3, Interesting

      . . .probably wasn't worth the risk to the 4 lives involved

      Personally I'd say making this assessment is strictly the business of the 4 lives. If someone wants to attempt a free climb of the north face of the Eiger it really makes no nevermind to me.

      Risks to others are another story.

      Of course, you risk other people's lives every time you take a drive to the mall as well, in tight formation with God knows who doing God knows what. There's no clean ethical cutoff.

      Of course, on a typical day cars don't just drop out of the sky onto your head either, although it's been known to happen.

      KFG

    3. Re:Dumb idea by tyler_larson · · Score: 3, Informative
      * Using uncertified transmitters in a GA aircraft

      What the hell is that supposed to mean? Even on a commercial scheduled flight, any electronic device at all that the pilot and/or carrier deems safe is allowed--and that's under IFR. For GA craft under VFR, there's nothing even remotely illegal or even discouraged about it. There's obviously nothing dangerous about it. Steam gauges, visual navigation. You could lose your whole electrical system in those conditions and still continue the flight safely and legally as planned (albeit not in LAX's airspace) The 2.5 GHz transmitters aren't going to interfere with the com radios, though--you could test that on the ground. Hardly the stuff that would put lives in danger. Did you read your FAR/AIM manual before you took your written test? I did. Yep, the whole damn thing. And let me tell you, there's nothing illegal about what they did.

      * Unexperienced pilots flying formation

      That would be dangerous if they were inexperienced. But how did you arrive at that conclusion? Certainly not by checking the FAA registry -- At least one of the two is an instructor.

      * DOOR POPPING OPEN AT TAKEOFF

      A bit out of the ordinary, sure, but certainly not the stuff of disaster. The Cessna is, after all, a 1973. Perhaps the door latch needs work. Still, an open door has never caused an accident on an unpressurized aircraft. Never? Never. Not even one. Sometimes the pilot forgets to fly the plane when he sees that the door is open. But that's just training.

      No, I don't see anything inherently dangerous about the operations they were conducting. Actually, I think you just came up with a few objections to their procedures to find an excuse to let the slashdot world know that you're a pilot.

      In fact, I was thinking it would be fun to do in my area, if I can get someone to man the laptop. :)

      --
      "With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea...."
      RFC 1925
  16. Just one more reason... by vwjeff · · Score: 3, Funny

    to put an anti-aircraft defense system on my roof.

  17. Been there, done that by jmoore2333 · · Score: 3, Interesting

    I've personally taken my Powerbook 17' w/ integrated 802.11g up in a friend of mine's plane (Grumman American) and was able using kismac for 10.3 (OS X) to pick up some faint wireless base stations, nothing strong enough to actually forge a connection. We had to be flying reasonably slow, and low but it did work. I also had a 802.11 connection going to another laptop, but it was in the co-pilot's seat.