Slashdot Mirror


Wardriving Worries Residents

sphynx99 writes "This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving, a "new method of privacy intrusion and identity theft". Nothing to worry about, though; "The Scottsdale Police Department plans to create a cyber-crimes unit next year."

22 of 530 comments (clear)

  1. Stupid people by Anonymous Coward · · Score: 5, Insightful

    Heaven forbid they setup their networks properly and save taxpayers thousands upon thousands of dollars. Why be responsible when you can just whine to the government?

  2. Hmmm... WEP Anyone? by rainman_bc · · Score: 4, Insightful

    I wish they'd just save everyone a lot of hassle and RTFM...

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  3. Fools... by Izago909 · · Score: 4, Insightful

    That's very interesting. I would like to see a comparison between the cost of the proposed cyber crimes division and the cost of sending high school nerds house to house to show these fools how to enable WAP/WEP encryption keys, MAC address filtering, and other proper precautions that most people are too lazy to read the instructions about, but concerned enough to perpetually bitch over. For real people, what the hell? If I knew I was living in a high crime area, I wouldn't leave home with the doors and windows wide open and then pretend that my ineptitude isn't at least part of the reason I was robbed clean. I also wouldn't recommend starting another bureaucracy who is responsible for cleaning up a mess that is easier to prevent in the first place.

  4. maybe... by SuperBanana · · Score: 4, Insightful
    This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving

    Maybe they could actually set up their access points properly. It's not hard. Even WEP is far from trivial for a wardriver to get past- they'd have to camp out and wait for "weak" packets...except for certain specific AP's that have faulty WEP key generation. The owner's manuals now cover turning on WEP/WPA quite nicely, have for years, and most of the glaring problems have been fixed long ago as well.

    What's next, people complaining about all the crime in their neighborhood but not locking their goddamn front doors? Oh...check.

    1. Re:maybe... by Anonymous Coward · · Score: 3, Insightful

      Maybe the fact that most people have it off by default is a clear indication that it IS hard for most people.

      The entire idea of WEP is horrible from a user-friendliness point of view. Here's just 1 example of how it could work better. I'm sure an actual HCI person could come up with something much better:

      1) Plug in router.

      2) Read instructions, which is a sheet of paper with minimal steps to get Windows to connect to the router. The *unique* name of the router is mentioned on the paper. (perhaps determining a unique name could be similar to what AOL does on those install discs - use two dictionary words and separate with a hyphen).

      3) The first website a user tries to visit is redirected to the router config.

      4) Config page gives simple options: "Put a password on this router so that others cannot access it." "Allow anyone to connect to this router and access the internet" "Ask me again in 5 days" etc.

      5) If user sets a password, it's a freaking password, not a 10+ digit hex code.

      6) Ask if user wants to change the name of the router. Do not mention SSID or anything else.

      7) Windows automatically recognizes the name change, since it sees that the MAC address is identical.

      8) Windows says "your router is now protected with a password. would you like to enter it now?"

      9) If the user enters the wrong password, it actually notifies the user, instead of allowing him/her to continue with no access.

  5. How are people supposed to know? by nulltransfer · · Score: 3, Insightful
    Many places offer wifi internet access for free, legitimately.

    If wardriving is a crime, how are people supposed to know which AP is the place offering free wifi and which is an ignorant home user? (other than the ESSID, which if the home user knows how to change, will probably be able to prevent it in the first place)

    This seems to me to be another case of the naive shifting responsibility to others...

    --

    My dog ate my sig
  6. A better approach.... by Chief+Typist · · Score: 4, Insightful

    What the Scottsdale PD should be doing is creating a program that helps the citizens setup their home network security. Give classes that teach people how to turn on WEP, how to use a firewall, etc.

    A community service, for sure. And since it's offered by the local PD, it would make the average user realize how important it is...

    -ch

  7. Re:Finally by Lord+Kano · · Score: 4, Insightful

    Maybe I am in the minority but I see stealing bandwidth, the same way as stealing movies off line, it seams like you hurt no one, but you are still stealing, no amount of justifying is going to change that

    Some people intentionally set up APs and leave them open because they want to. SOME of the open APs out there were intended to be used. If you don't want anyone to use your connection, don't leave it open. You're broadcasting signals into public areas. If you don't secure your network, you have no grounds to complain if someone uses the signals that you broadcast into public areas.

    I use WEP and MAC filtering on my network. It took 2 minutes to set up. There is no reason why other people can't.

    Copyrighted material is never intended to be downloaded from the internet without the permission of the copyright owner.

    BTW, how many fucking times do we have to say it? Copyright infringement is not "stealing", it's illegal, it's wrong, but it's not "stealing".

    LK

    --
    "Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
  8. Re:Finally by Izago909 · · Score: 5, Insightful

    If you choose to live in a glass house, when blinds are cheap, you for-go the right to bitch about people looking in on you. An ounce of prevention goes a long way. Now, if a hacker breaks your encryption and your MAC filtering, then you can complain.

  9. Re:In other news by NoMoreNicksLeft · · Score: 5, Insightful

    Better analogy yet:

    The Scottsdale residents have UHF video cameras in their bedrooms, and are concerned with people driving around with portable UHF TV's and watching them have wild monkey sex.

    Protecting against wardriving is as simple as not using wifi, if you're too stupid to secure it.

  10. Good Lord... by ItMustBeEsoteric · · Score: 4, Insightful

    "Once they're on your network, they can take their time attempting to hack into your computer and steal information," he said. "It's nearly impossible to find them, unless you see them sitting in their car outside."

    Yes, it's so impossible to look out in front of one's house! Whatever will we do?

    Really, I see how this can be a problem. But, that was possibly the worst way of detailing why it is one.

  11. Re:repeat after me by bconway · · Score: 3, Insightful

    Newsflash: Just because I forgot to lock my door, that does not make it legal to enter my home, snooop around, not steal anything, and leave.

    --
    Interested in open source engine management for your Subaru?
  12. Re:it's called eavesdropping by Aardpig · · Score: 3, Insightful

    In all cases, including "wardriving", there is no legitimate reason to collect the information or listen in. It's none of your goddamn business.

    That's an opinion, not a fact.

    the law is not based on whether or not they think their little "hobby" should be legal or not- it's based on decades of case law.

    Certainly; but the law, in a roundabout manner, is a representation of what the people deem acceptable behaviour. Therefore, what the law should be is very germane for discussion. To argue otherwise is to run the risk of identifying currently-legal behaviour with 'good', and currently-illegal behaviour with 'bad'. While I'll agree that there is often an overlap between the two, that is never wholly the case. Consider the Jim Crow laws; backed up by decades of precedent, and wrong to the very last,

    To base legal advice on what the law should be is dumb; to criticize those who air an opinion regarding what the law should be is even dumber.

    --
    Tubal-Cain smokes the white owl.
  13. Re:Finally by Fjornir · · Score: 5, Insightful
    I'm not so sure you're looking at this the right way... First though, I want to make it abundantly clear that my comment is only meant to apply to open wireless networks. That said, let's take a pretend CB radio session as an example. I tune into channel 7 and PigPen and the RubberDuck are talking back and forth about the Mt. St. Helens eruption. There's a pause in their conversation and I hop in and say, "PigPen, this here's the ManOnTheStreet, so tell me good buddy, what's on the frontpage of CNN right now?" and PigPen responds, "RubberDuck, she's just blowing more ash for a month or two. ManOnTheStreet, Tiger Woods just married hisself some hot lookin' swedish model, and man can you see her tits but good through that dress of hers!"

    Obviously PigPen could have ignored me. Or told me to go check myself. There was no requirement he answer my query. Same goes for any transaction that happens on the public airwaves -- like the wireless networking bands. I'll go so far as to say that MAC spoofing, or hacking the WEP key is definately wrong... But unless an open network is considered to be open am I liable if my linksys wireless nic connects to your default-settings linksys wireless hub instead of my default-settings linksys wireless hub?

    --
    I want a new world. I think this one is broken.
  14. Several observations by rindeee · · Score: 4, Insightful

    1. It's the end-users responsibility to know what the hell they're plugging in and what the necessary safety steps are. 2. The more we involve the Government in compensating for our ignorance by laziness, the more they WILL get involved. 3. In general, the more the Governement (at any level) gets involved, the worse the problem will get. 4. Most PDs do not have CyberCrimes divisions. I don't say this out of generalized ignorance, I've actually researched it. Of those that do have CyberCrimes divisions, those staffing it are mostly incompetant. This isn't by their own doing. Typically they are ex patrolman and detectives who knew enough to be labled and expert and thus get appointed to these units. There isn't enough training or budget for them to even think about staying on top of things. This goes all the way up the food chain into the Fed Law Enforcement arena. Until you get into organizations such as NSA and DIA (which are primarily doing research) there is a complete and utter lack of talent. The two exceptions to this that I have seen (and I'm sure there are others) are the FBI's computer forensics guys and the RCMP Cyber Crimes guys. 5. Police are reactionary by their very nature...as they should be. Again, they are there to enforce laws. The only time laws need enforcement is when someone is or is trying to break them. When police get into proactive activities they are pulled away from their real purpose (DARE, Public Relations by Officers, etc). While the idea of a completely reactionary police force isn't a popular one, it is in fact the only effective one. Just my experience based two cents. ER

  15. Re:it's called eavesdropping by tonsofpcs · · Score: 3, Insightful

    Yes, but if Joe Driver decides to drive in front of your house with your open network, and connects to it for internet access, just a simple google query, nothing illegal, nothing questionable, no packet sniffing, it isn't really eavesdropping. PLUS WiFi networks are not covered as Telephone communications, and thus are not covered by the regulations that I cannot listen to them. I can listen to them just as legally as I can listen to HAM bands, Police bands, or the FM radio in my car.

  16. Re:In other news by Chas · · Score: 5, Insightful

    Still better.

    Scottsdale residents are actively broadcasting wild monkeysex. But want to arrest and sue anyone who actually looks at it.

    If you open up your home and invite people in (and that's essentially what an unsecured wireless network IS), don't be surprised if they see something you wouldn't want them to see.

    Now if they crack your WEP key, etc. THEN you have a right to bitch.

    Otherwise STFU!

    --


    Chas - The one, the only.
    THANK GOD!!!
  17. Re:In other news by iluvcapra · · Score: 3, Insightful

    Mod me down if you wish, BUT, why exactly is their always, without fail, some pithy Score 5: Funny AC post at the head of every story thread?

    --
    Don't blame me, I voted for Baltar.
  18. Re:WEP? HAHAHAHAHAHAHAHAHA by rainman_bc · · Score: 4, Insightful

    but why when the war driver can drive another block and deal with the next unsecured access point? Using WEP is the same as using the club. Sure, you don't protect a Ferrari with it. However for most people, they throw the club on because the theif will move on to the next car. So if you're a bank or something, yeah, WEP sux. However for most home users (which TFA was about BTW), WEP is MORE than adequate.

    --
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
  19. Educating the public. by BorgCopyeditor · · Score: 5, Insightful
    It's occurred to me that if it really is simple enough to set up a secure wireless network, then that information ought to be easy enough to communicate. What is really the problem, then, is not that the good people of this town are "too stupid" to set these things up, but that no one has yet communicated to them effectively the message that they should care about securing their networks. This is really a matter of educating the public. Word of mouth would be a good start, and surely the manufacturers bear some responsibility, but I wonder if a few well-placed (and respectful) e-mails to local newspapers in this town could also help.

    Just think, people don't really know how to fix their own cars, but they know enough to know what sorts of problems might crop up, and more importantly, enough to do what needs to be done to maintain their cars reasonably well within the limits of what they, as nonexperts, can do. The only reason people know this is that there has been a culture passed from one person to the next of this kind of practical knowledge. Maybe some geeks should do their part to help disseminate the (frankly not very extensive) knowledge necessary to secure home wireless networks.

    --
    Shop as usual. And avoid panic buying.
  20. Geeks Understand Machines, Not People by reallocate · · Score: 4, Insightful

    Typically, post here are full of smarmy comments from geeks and techs and poseurs who may understand machines but don't have a clue about how their own species operates.

    Here's the scoop: If someone's Internet connection is insecure, they will blame you -- the techies -- for not making it secure. Everytime someone starts to preach about "stupid users" getting what they deserve because they aren't running the right firewall or using some software du jour, those "stupid users" are hearing techies recommend cumbersome technical remedies for problems caused by techie failures in the first place.

    People want this stuff to be secure when they plug it in. If it isn't, it's your fault, 'cause you make the stuff.

    Wireless is insecure. That's not the users' fault. It's your fault. First one to make it secure makes a billion dollars.

    --
    -- Slashdot: When Public Access TV Says "No"
  21. Re:In other news by Chas · · Score: 3, Insightful

    No. This is NOT leaving your door unlocked.

    Because you don't go around screaming "MY DOOR IS UNLOCKED! COME ON IN!", which is what broadcasting an unsecured wireless signal is.

    You're pushing signal out into public airspace. So don't be offended when someone actually makes use of your "exhibitionism".

    --


    Chas - The one, the only.
    THANK GOD!!!