Slashdot Mirror
Wardriving Worries Residents
sphynx99 writes "This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving, a "new method of privacy intrusion and identity theft". Nothing to worry about, though; "The Scottsdale Police Department plans to create a cyber-crimes unit next year."
Instead of wasting tax payers' money, they should just use wired lans.
Why should the poor pay taxes to subsidize all these extra expenditure made for the sake of those who are wealthy?
I'm talking about those in the bottom of the scrap heap here. Those who don't even have computers, Joe Sixpacks.. like.. Homer!
Now, why would Homer have to pay more taxes so that Burns can have a safe wireless lan?
Those people who buy a wireless router should pay for a tax at time of purchase!
Online backup with Mozy, sounds like Ozzie, but more!
So on what basis are the residents reporting incidents? Or is it just upscale residents reporting scruffy people in beat up cars? (which is not necessarily a bad thing)
residents of an upscale neighborhood in Arizona are worried about wardriving
Geeks living in that area should consider advertising their services. Improving computer security and making money while doing it sounds like win-win situation to me.
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
I have a wireless I use for work and stuff, but at the same time I have an old Linksys AP I have broadcasting totally open. Lock Down the one you want to use, and just let the other sit online plugged into nothing.
well then i guess the question would be, what do you do when you pay to live in a gated community, and someone sitting in a car outside the gates is invading your privacy. from inside the gate, those security guards can shine their flashlight in my eyes all they want but ive got a pair of shades
"ownership" has nothing to do with it; its whether the communication is conducted via a method the user has a "reasonable expectation of privacy" using. "That someone isn't going to go park outside my house with a cantenna, and a laptop equipped with software specifically configured to listen for and capture traffic" is most certainly "reasonable", nevermind they have to be fully aware it's possible for others to very easily listen in. If you're intentionally operating a radio device looking for signals you know are not meant for you, that's called eavesdropping.
In all cases, including "wardriving", there is no legitimate reason to collect the information or listen in. It's none of your goddamn business. That has always been the case, and always will be, no matter what a bunch of pimply faced kids in a car with a pringles can think; the law is not based on whether or not they think their little "hobby" should be legal or not- it's based on decades of case law.
Please help metamoderate.
If you want to live in rich area like Scottsdale, you pay the sky high taxes for stupid shit like this. People live in areas like this for the stupid services. I'm sure you could list the services gated communities around the world do even stupider things.
A buddy of mine just had his neighborhood incorporated in the local city, they put in sewers, lights, and he can now use the local firedepartment and police, but his property tax went up. Was it worth it? Septics only cost a couple hundred to empty. Now, they charged him 20K, and he HAD to pay it. (And not including the money to hook upto the sewer, another 10K for pipe work.)
OT, speaking of Scottsdale, I almost hit a freaking Gatsby that ran a red light. And the lights are backwards compared the reset of phoenix. What a freaking wierd city.
Why bother creating a cyber-crimes unit for Scottsdale when for a fraction of the price they could hire some out of work coders to put together a secure your wi-fi community education program? Hell, enlist Mr. Anderson's 8th grade comp sci class for that matter. It would cost a lot less and put idle hands to work. The geeks could go war driving and stop at every house with an open access point. Problem solved. Oops, I forgot... gotta bulk up that standing army a bit more...
is your front door on my property? didnt think so. this is nowhere near the same as leaving a front door unlocked.
I don't live in Stonegate, I live in a nice apartment building. From my apartment, I can see 2 or 3 other networks. I don't broadcast my SSID, use WEP, and have MAC filtering enabled so I'm not too worried about it.
It's easy for us geeks to shout from the rooftops to just lock it down, but we are dealing with people who think putting a key inside a fake rock is a safe way of not getting locked out of their home. I am surrounded by Joe Sixpacks and Barbi Braindeads. They have no clue and no amount of education is going to fix it.
Here is an idea -- provide a USB port on the access point and configure them with a random WEP key, no SSID broadcast, and MAC filtering at the factory. Then take a USB key fob to the access point, automagically download the SSID and WEP key, and take it to each PC. The PC can install the SSID and the key, and then download their MAC. Take the fob back to the lan and plug it in to finish configure the MAC filtering. No fuss, no bother, no skills involved.
There, problem solved. No computer can connect until it's done, and the system is delivered secure. Leave the web configuration utilitiy so if someone want's to turn it off to deliver free access they have a choice. That will take skills, or at least someone who can RTFM.
I rarely read replies, it's my opinion and if you thought about your opinion a little more, I'm OK with that.
I think that eventually I'll set up firewall rules such that people without a VPN key will be able to websurf at very low rates, which should keep people from fucking with my wireless network entirely. As it is, I have it set up such that only VPN connections are allowed so no one can use it anyway. Unless they find a hole in netfilter that's exploitable with a default-drop rule and few inbound connections allowed, which is not impossible, or they find a hole in the VPN software, I'm pretty much immune to anything other than someone using my connection for something naughty.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
You need a few gigabytes of packets to crack WEP. The way most people use their wireless networks I wouldn't worry too much. Also, if you change your WEP once a week (or more often if you use it extensively) you are pretty much safe.
The only risk you have is your neighbour (no sane person will wait for a gig outside your house).
MAC-filtering can also be effective, although you could still suffer a DoS attack from someone who has cracked your WEP, but that's just a friendly remainder to change your WEP.
Of course, the best would be to use WPA[2] combined with a logon service like NoCatAuth, where you effectively kill all routing unless they authenticate.
For Joe Schmoe WEP suffices.
Ponder how you might feel if you were a Regular Joe using your WiFi equipment. You read the confusing literature and try your best to secure your WiFi network. But you're not exactly sure if you go it right. Now you find out that there are people out there lurking around in your neighborhood whose sole purpose is to look for unsecure networks and... and you don't know what, but you're not exactly excited to find out what these wardrivers are going to do once they've gained access.
Will they gain access to your network? Maybe, mabye not. But it makes you nervous because unlike most Slashdot readers, technology is not your life. You're just doing your best with the stuff you bought at the local ComputerShack.
In many ways it is like using Windows. You try your best to secure it against malware and spam, yet the stuff still gets in. You've read the manuals and you do your best, but this stuff that was supposed to be easy is not only a pain in the ass, it now can potentially screw with your life.
The worst part is that the Internet is now so tightly intertwined with most people's lives that to do without it is a major inconvenience. True, nobody is forcing you to use WiFi, but you want convenience, and you don't want to be victimized by people who for all you know could have serious malicious intent. You don't know who these wardrivers are, but you do know that they drive around snooping for open networks. Now tell me honestly, if someone were driving around your neighborhood snooping for open telephone lines, and you had no idea whether your telephone line was secure or not, wouldn't be a bit nervous?
Bashing on regular computer users perpetuates the stereotype that technically-savvy computer geeks are elitist snobs who take every opportunity to trumpet their intellectual superiority while taking advantage of the less technically-inclined.
Read the EFF's Fair Use FAQ
Actually you can inject ARP packets very easily into WEP'd networks and get lots and lots of packets as a result. WEP is useless. Try 802.1x or at least WPA.
My other car is first.
There are two sides to every coin. My WAP is open. Intentionally. All I have to say is: please don't make it illegal for other people to use it.
Random and weird software I've written.
WEP is better then not having anything at all tho. if you have WEP, that means someone will have to use effort to get into it, and instead, they can just go two houses down to find someone else with WiFi that doesnt have any security enabled. (and the majority of the time, the router itself isnt even password protected either)
You misunderstand the grandparent -- all he's saying is that enabling WEP, even if the key is "password", is an unequivocal signal that the public is not welcome to connect.
Wardrivers should respect that.
But an AP with no WEP or MAC filtering, and SSID broadcast on, looks like an invitation to use. This is reinforced by precedent: I know of multiple AP's around town configured like this intentionally by their owners for public use.
Newsflash: I'm on a public street when I pick up a transmission you're making on a public, unlicensed frequency. I'm not walking through your unlocked door to plug in a CAT5 to your home network.
I had a neighbor who I cut his wifi because he was so freakin' paranoid about someone warjamming his connection from the sidewalk. Anyway, this guy is gone, hasn't been able to get a job etc etc... thus, had to vacate his loft. sorry to see a guy with 15 years admin experience... but there's a limit to how much good intentioned paranoia can be tolerated in a corporate atmosphere. So while he was in a sense right... he was flat out wrong. And it cost him his livelyhood.
... say a year or two from now. But his appproach seemed to me to be a major "WTF", even with WEP and MacAddressed access combined, all they could do is warjam. So who gives a rats ass. The spammers as always will be looking for easy targets. Who'd want to collect a gig of data from some dude in downtown SF to hack his wifi AND manage to clone a mac address? I mean he had a lesser DSL connection than me!!! Sure more machines, but still.. every admin should be paranoid, but not too paranoid to be able to live with reality.
I hung out with him frequently because me and him got along. When he aboned his wifi and went back to ethernet. I asled him what that was about. He mentioned that he was unable to "absolutely secure his wifi network". My rhetoric to him was "Why the %^&** would someone want to sit out on the sidewalk and warjam your wifi? I mean.. what do you matter and why would anyone give a %^&%?". His answer? "The spammers man... they're everywhere and will take whatever they can get. And I run windows here as well as Red Hat". Right answer but wrong again. Sure, we'll be seeing that in says to come, wardriving for network access to attack and then spam
If I am home and using my wireless access point which I leave open because I like to share, and I am roaming around my house, go in my kitchen and my computer automatically switched networks to my neighbors, how am I at fault? If they didn't want someone using it, they should have secured it. Ignorance on their part doesn't make it illegal on my part. If they are blasting the radio and I can roam around my house sometimes hearing my radio and sometimes theirs, it doesn't make it illegal for me to listen to it.
You should be able to setup your network so that your MAC's get full priority, all others can use your leftover bandwidth. NoCatAuth should be able to hand this. Throw in a firewall and a wondershaper so their downloads don't crush your ACK's and you have something that makes everybody happy, except maybe your provider.
Consumer WAP's should operate in this mode by default with a nice wizard to help people set it up securely and easily. Cringely would probably argue you should get a penny per megabyte they transfer.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
There have been some analogies here trying to demonstrate how rediculous this is, but I've got a take I don't see posted already. Let's ignore for a second the technical details of associating to APs, broadcasting one's SSID, "inviting people in" by running a DHCP server, etc.
Wardriving is analagous to walking down the street ringing doorbells. Some people ignore you. Some people come out and say hi. Some invite you in for tea. There's nothing wrong with knocking, even though some knocks precede burglaries. You don't see the cops setting up special task forces to investigate phonecalls even though that's a great way to find out that somebody's home and you shouldn't try to break in, do you?
Maybe I'm missing something, but this whole thing seems rather silly.
High-speed Road Trip (18.000KPH)
If the damned fools would at least be intelligent enough to even change their access point's passwords that'd be a significant help right there. I had to deal with this stupidity the other evening in my own apartment building.
____ _______
Duty now for the future!
have i been accosted due to my wardriving (walking) exploits...by some fatass who warned me that the neighbors around here "didn't like people walking around at night"...
Not just non-geeks! I can't tell you how many times I've enabled WEP on a Linksys router, only to have all hell break loose, and nothing works any more. AP's drop off, clients can't connect. Sometimes a firmware upgrade helps, sometimes it only makes it worse.
If these are the problems I, as an IT professional, am having, I only cringe to think of what that non-geek is going through.
seriouslyexcited.net
I don't know about anyone else, but I like to be able to pick up a good signal where ever I am... in fact, I leave a node open just for folks passing by. Hey, see it, use it, respect it, and it'll always be there!
You just got me thinking, what about a WiFi honeypot? You run two networks: one correctly protected, WEP enabled, that you keep for yourself. This is the one tied to the internet. The second network is wide open, and tied to a server that logs access to the "network". In reality, the second is nothing more than a host of files, typically webpages, and has no access to mail or web services.
The server is only connected to the first network via a physical switch, which also disables the unencrypted network. Then the admin can review the attempted accesses (webpages, other servers, etc.). These sites can then be spoofed on the server (or non-malicious ones can be downloaded directly). Flip the switch, and the server is back up and running, eagerly awaiting to waste the time of the next WarDriving Wookie.