Slashdot Mirror
Wardriving Worries Residents
sphynx99 writes "This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving, a "new method of privacy intrusion and identity theft". Nothing to worry about, though; "The Scottsdale Police Department plans to create a cyber-crimes unit next year."
finally some one sees this as a real problem. For now the best solution (the one I also use) is to secure your network.
Maybe I am in the minority but I see stealing bandwidth, the same way as stealing movies off line, it seams like you hurt no one, but you are still stealing, no amount of justifying is going to change that
Heaven forbid they setup their networks properly and save taxpayers thousands upon thousands of dollars. Why be responsible when you can just whine to the government?
I wish they'd just save everyone a lot of hassle and RTFM...
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
That's very interesting. I would like to see a comparison between the cost of the proposed cyber crimes division and the cost of sending high school nerds house to house to show these fools how to enable WAP/WEP encryption keys, MAC address filtering, and other proper precautions that most people are too lazy to read the instructions about, but concerned enough to perpetually bitch over. For real people, what the hell? If I knew I was living in a high crime area, I wouldn't leave home with the doors and windows wide open and then pretend that my ineptitude isn't at least part of the reason I was robbed clean. I also wouldn't recommend starting another bureaucracy who is responsible for cleaning up a mess that is easier to prevent in the first place.
Maybe they could actually set up their access points properly. It's not hard. Even WEP is far from trivial for a wardriver to get past- they'd have to camp out and wait for "weak" packets...except for certain specific AP's that have faulty WEP key generation. The owner's manuals now cover turning on WEP/WPA quite nicely, have for years, and most of the glaring problems have been fixed long ago as well.
What's next, people complaining about all the crime in their neighborhood but not locking their goddamn front doors? Oh...check.
Please help metamoderate.
What good is a cyber crimes division going to do? How is this going to help people understand that they need to secure their networks? How about a community course offered on securing your WIFI? That'd be cheaper; and more effective.
This is not police business, this is the resposibility of Joe and Martha computer owner to ensure that their network is secure.
A quick look at the Scottsdale yellow pages reveals a great many business that offers such a service... and the costs would not be large.
To think that the concern is coming from "residents of an upscale neighborhood" is especially humourous.. or bothersome, depending on how you look at it. I'm betting that they are spending big $$$ securing their homes.. but would balk at paying a tech to secure their computer/ network. This is NOT police business. Period.
I support either much higher taxes on gated commuties, or the removal of publicly funded services for them. Why should my taxes contribute to things like roads and grounds keeping for a plot of land that I'm not even allowed to be on?
If wardriving is a crime, how are people supposed to know which AP is the place offering free wifi and which is an ignorant home user? (other than the ESSID, which if the home user knows how to change, will probably be able to prevent it in the first place)
This seems to me to be another case of the naive shifting responsibility to others...
My dog ate my sig
I agree. I want my taxes spent catching murderers and rapists, not doing things that normal citizens should.
I'm probably at the karma cap. Mod up a funny troll instead, it lightens the mood
What the Scottsdale PD should be doing is creating a program that helps the citizens setup their home network security. Give classes that teach people how to turn on WEP, how to use a firewall, etc.
A community service, for sure. And since it's offered by the local PD, it would make the average user realize how important it is...
-ch
Better analogy yet:
The Scottsdale residents have UHF video cameras in their bedrooms, and are concerned with people driving around with portable UHF TV's and watching them have wild monkey sex.
Protecting against wardriving is as simple as not using wifi, if you're too stupid to secure it.
"Once they're on your network, they can take their time attempting to hack into your computer and steal information," he said. "It's nearly impossible to find them, unless you see them sitting in their car outside."
Yes, it's so impossible to look out in front of one's house! Whatever will we do?
Really, I see how this can be a problem. But, that was possibly the worst way of detailing why it is one.
Newsflash: Just because I forgot to lock my door, that does not make it legal to enter my home, snooop around, not steal anything, and leave.
Interested in open source engine management for your Subaru?
Ummm, surely securing your wireless network is a better solution than moving into a gated community?
Everyone knows gated communities are full of materialistic and culturally bankrupt proletariats. Who'd wanna live near them?
In all cases, including "wardriving", there is no legitimate reason to collect the information or listen in. It's none of your goddamn business.
That's an opinion, not a fact.
the law is not based on whether or not they think their little "hobby" should be legal or not- it's based on decades of case law.
Certainly; but the law, in a roundabout manner, is a representation of what the people deem acceptable behaviour. Therefore, what the law should be is very germane for discussion. To argue otherwise is to run the risk of identifying currently-legal behaviour with 'good', and currently-illegal behaviour with 'bad'. While I'll agree that there is often an overlap between the two, that is never wholly the case. Consider the Jim Crow laws; backed up by decades of precedent, and wrong to the very last,
To base legal advice on what the law should be is dumb; to criticize those who air an opinion regarding what the law should be is even dumber.
Tubal-Cain smokes the white owl.
WEP is still alot better than running a completely unsecured wireless network "out-of-the-box". If they took that simple precaution they could probably detur most wardrivers because they'd rather keep looking for an unsecured network than dick around with breaking WEP.
1. It's the end-users responsibility to know what the hell they're plugging in and what the necessary safety steps are. 2. The more we involve the Government in compensating for our ignorance by laziness, the more they WILL get involved. 3. In general, the more the Governement (at any level) gets involved, the worse the problem will get. 4. Most PDs do not have CyberCrimes divisions. I don't say this out of generalized ignorance, I've actually researched it. Of those that do have CyberCrimes divisions, those staffing it are mostly incompetant. This isn't by their own doing. Typically they are ex patrolman and detectives who knew enough to be labled and expert and thus get appointed to these units. There isn't enough training or budget for them to even think about staying on top of things. This goes all the way up the food chain into the Fed Law Enforcement arena. Until you get into organizations such as NSA and DIA (which are primarily doing research) there is a complete and utter lack of talent. The two exceptions to this that I have seen (and I'm sure there are others) are the FBI's computer forensics guys and the RCMP Cyber Crimes guys. 5. Police are reactionary by their very nature...as they should be. Again, they are there to enforce laws. The only time laws need enforcement is when someone is or is trying to break them. When police get into proactive activities they are pulled away from their real purpose (DARE, Public Relations by Officers, etc). While the idea of a completely reactionary police force isn't a popular one, it is in fact the only effective one. Just my experience based two cents. ER
No, but if you leave your blinds open I have the right to look in your windows and see what you have. Don't like it? Shut your damn blinds (or curtains).
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Wow...imagine if the article said that they had done this...inside a gated community.
Fact of the matter is that gated communities without a guard stationed there offer little extra security. It will help stop the casual opportunistic theft, but does nothing against people who are interested in getting in. People just tailgate in or rely on the same mechanism that the school busses, garbage trucks and other utilties use.
If I'm standing outside and I use the light from your porch to see something, am I stealing from you?
/bin/fortune | slashdotsig.sh
Well, okay. Could be many folks don't RTFM because they're typically written by many geeks like those here, who can not write clearly and concisely a coherent, well written sentence without a typo to sentence ratio of 10:1. From reading many of those manuals, it appears the more someone can obfuscate the more superior they feel. Of course it's job security, because that increases "calls for help" and consultant fees. In the end, a company gets on its managers for engineering a poor product and the engineers get to start all over with another project that, thanks to poor documentation, will also be configured inappropriately. A cycle that repeats endlessly. User documentation is almost always the last thing written, in a rush, and almost always by the people most remote from the project's design and implementation.
Like leaving a wireless network, "open", I believe leaving one's home or car doors unlocked is not prudent, but it's not an invitation for people to steal or even snoop. For every locked door, there are a dozen other ways into a house. How many locks can be opened with a credit card? How many sliding doors can be opened by lifting the door? How many door hinges are on the outside of the door? For every manner that exists to secure a computer/network, there are probably a dozen ways to circumvent the security. We thought WEP was secure, it isn't. We thought WAP was secure, it isn't. It's always a cat and mouse game, or time/risk vs. benefit trade-off. Tenacity, technology and time will usually find a way. Surreptitiously using someone's wireless connection may or may not have an effect on the network. And though content-containing radio waves can't be generally seen, they are considered, by many courts, to be property. Just read a few stories about DirecTV's hackers.
Too many knee-jerk reactions here blaming users. Of course many users are clueless about network security. It's NOT their business to necessarily know how to secure a network. That's the task of the design engineers. At some level, everyone relies on someone else. For all the "great" system administrators out there, how many of you can fault-isolate a contemporary processor to the gate-level? Yet you use processors all the time and documentation is available for the research.
As for the "wasted" tax dollars for police to patrol an upscale neighborhood. I don't see anything wrong with that. Those people are probably paying a disproportionate share of taxes. Until you've reached the 35% and over tax bracket yourself, watch who you're bitching at. Someday you'll be there and you'll be a bit concerend when you see a few "strange" cars driving "slowly" through your neighborhood as if casing.
Yes, but if Joe Driver decides to drive in front of your house with your open network, and connects to it for internet access, just a simple google query, nothing illegal, nothing questionable, no packet sniffing, it isn't really eavesdropping. PLUS WiFi networks are not covered as Telephone communications, and thus are not covered by the regulations that I cannot listen to them. I can listen to them just as legally as I can listen to HAM bands, Police bands, or the FM radio in my car.
Video Production Support
Still better.
Scottsdale residents are actively broadcasting wild monkeysex. But want to arrest and sue anyone who actually looks at it.
If you open up your home and invite people in (and that's essentially what an unsecured wireless network IS), don't be surprised if they see something you wouldn't want them to see.
Now if they crack your WEP key, etc. THEN you have a right to bitch.
Otherwise STFU!
Chas - The one, the only.
THANK GOD!!!
Mod me down if you wish, BUT, why exactly is their always, without fail, some pithy Score 5: Funny AC post at the head of every story thread?
Don't blame me, I voted for Baltar.
but why when the war driver can drive another block and deal with the next unsecured access point? Using WEP is the same as using the club. Sure, you don't protect a Ferrari with it. However for most people, they throw the club on because the theif will move on to the next car. So if you're a bank or something, yeah, WEP sux. However for most home users (which TFA was about BTW), WEP is MORE than adequate.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Just think, people don't really know how to fix their own cars, but they know enough to know what sorts of problems might crop up, and more importantly, enough to do what needs to be done to maintain their cars reasonably well within the limits of what they, as nonexperts, can do. The only reason people know this is that there has been a culture passed from one person to the next of this kind of practical knowledge. Maybe some geeks should do their part to help disseminate the (frankly not very extensive) knowledge necessary to secure home wireless networks.
Shop as usual. And avoid panic buying.
No you're not. You're legally making a regulation-compliant transmission on a public frequency, and legally receiving a reply on that frequency. Not only that, but the reply was specificly addressed to you, so you aren't even eavesdropping.
The probe request itself that you are talking about isn't even an attempt to gain access to anything which it is clear you weren't supposed to have access to.
Ok, locks only make locksmiths richer. Why, then, do we lock our houses? Even "minimal" deterrents don't deserve complete negligence because someone can find a way around them.
ACs are modded -6. I don't read you, I don't mod you, I don't see you. Don't like it? Don't be a coward.
IANAL But I disagree, if the person is monitoring your electronic communications thats clearly in violation of federal wiretapping laws, if however if they are using an OPEN ap (ie no security just find and connect) and there is no warning or banner to NOT use it, they have a reasonable expectation that this AP is there for public use and their use of it is certainly NOT illegal.
The key point isn't that it's less attractive than your neighbor's WLAN. After all we are suggesting that all neighbors in that neighborhood close their APs, right?
WEP is a reasonable protective measure because an attacker has to actively circumvent it to gain access. Under these circumstances, sending law enforcement after intruders would be a valid choice. It's a weak lock, but it is a lock.
With the anti-wardriver attitude some people have right now, you could turn the table on them: Just drive around with an open access point and sue everybody who has his computer conveniently configured to connect to the next best hotspot.
A better analogy is that people are accessing other peoples internet service because they don't have a clue about security. That is - lose this obsession with the right analogy.
Look, an analogy is simply a means to illustrate a concept. If you think an analogy is inappropriate, say so. Don't try to fix it so that you get an equally inaccurate idea that is more fitting to your own prejudices.
Why bother locking your front door? I can just come along and kick it off its hinges. What's the point of locks?
I'd say the judge made it perfectly clear that eavesdropping on private conversations (as Jane Doe understands them) remains illegal even when new technology makes it easy. The Geek is not above the law.
Typically, post here are full of smarmy comments from geeks and techs and poseurs who may understand machines but don't have a clue about how their own species operates.
Here's the scoop: If someone's Internet connection is insecure, they will blame you -- the techies -- for not making it secure. Everytime someone starts to preach about "stupid users" getting what they deserve because they aren't running the right firewall or using some software du jour, those "stupid users" are hearing techies recommend cumbersome technical remedies for problems caused by techie failures in the first place.
People want this stuff to be secure when they plug it in. If it isn't, it's your fault, 'cause you make the stuff.
Wireless is insecure. That's not the users' fault. It's your fault. First one to make it secure makes a billion dollars.
-- Slashdot: When Public Access TV Says "No"
come on now, if I leave my door unlocked, it is still not OK for you go come into my house. That is a better analogy
No. This is NOT leaving your door unlocked.
Because you don't go around screaming "MY DOOR IS UNLOCKED! COME ON IN!", which is what broadcasting an unsecured wireless signal is.
You're pushing signal out into public airspace. So don't be offended when someone actually makes use of your "exhibitionism".
Chas - The one, the only.
THANK GOD!!!
It doesn't quote residents who are upset that someone is using their WiFi without asking.
The whole issue would probably be moot if they had just set up encryption in the first place. People need to be educated on this. I'm not sure how much of a part the wireless makers are taking, I don't remember much in the documentation, it should be on the "quick start" pages, but it usually isn't.
What is more worrysome here is the prosecution aspect if it is allowed to continue without some sane boundaries. I can't accidentally break into someone's house or steal someone's car. I can accidentally log on to the wrong wi-fi network, similar to what my cousin did when he visited my apartment a while back. The more convenient technology becomes, the easier it is to break some law you are not aware of; especially with the abundance of public-use wi-fi areas proping up now. The ironic aspect of the discussion is that the same people painting all wardriving as malicious because they can't secure their own networks would probably be the same people who would unwittingly break the laws they are screaming to create because it is so easy to access the wrong network.