Slashdot Mirror


Wardriving Worries Residents

sphynx99 writes "This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving, a "new method of privacy intrusion and identity theft". Nothing to worry about, though; "The Scottsdale Police Department plans to create a cyber-crimes unit next year."

17 of 530 comments (clear)

  1. Bleigh by Gentlewhisper · · Score: 5, Interesting

    Instead of wasting tax payers' money, they should just use wired lans.

    Why should the poor pay taxes to subsidize all these extra expenditure made for the sake of those who are wealthy?

    I'm talking about those in the bottom of the scrap heap here. Those who don't even have computers, Joe Sixpacks.. like.. Homer!

    Now, why would Homer have to pay more taxes so that Burns can have a safe wireless lan?

    Those people who buy a wireless router should pay for a tax at time of purchase!

  2. 'tampering' wifi signals? by haluness · · Score: 3, Interesting
    At one point the article mentions residents reporting that their WiFi signals were tampered with? That sounds strange - why (how?) would wardriving tamper with signal - should'nt the act simply connect to unprotected AP's?


    So on what basis are the residents reporting incidents? Or is it just upscale residents reporting scruffy people in beat up cars? (which is not necessarily a bad thing)

    1. Re:'tampering' wifi signals? by Solder+Fumes · · Score: 4, Interesting

      I got curious one evening and took a short drive around my semi-rural neighborhood. I discovered 26 wireless networks, only 10 of which were secured. Almost all of the unsecured networks were using the default "linksys" configuration right out of the box. This means that anyone can connect to their network with full administrative control by logging in to 192.168.1.1 with no username and the password "admin" as published in the Linksys manuals. In fact, I can see two nodes like this from my own apartment. These people probably have no idea if they're even connecting to their own cable modem. And they're leaving their router open to full administrative control by anyone on the street; someone could even turn on the remote management and no longer have to be physically near the node.

      It's ridiculous, and wireless router manufacturers should make it mandatory to choose passwords and security phrases. Simply resolve all internet access to the internal configuration page until the router has been successfully configured.

  3. Get to work, geeks! by Bull999999 · · Score: 5, Interesting

    residents of an upscale neighborhood in Arizona are worried about wardriving

    Geeks living in that area should consider advertising their services. Improving computer security and making money while doing it sounds like win-win situation to me.

    --
    1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
  4. Re:Stupid people by BrookHarty · · Score: 4, Interesting

    If you want to live in rich area like Scottsdale, you pay the sky high taxes for stupid shit like this. People live in areas like this for the stupid services. I'm sure you could list the services gated communities around the world do even stupider things.

    A buddy of mine just had his neighborhood incorporated in the local city, they put in sewers, lights, and he can now use the local firedepartment and police, but his property tax went up. Was it worth it? Septics only cost a couple hundred to empty. Now, they charged him 20K, and he HAD to pay it. (And not including the money to hook upto the sewer, another 10K for pipe work.)

    OT, speaking of Scottsdale, I almost hit a freaking Gatsby that ran a red light. And the lights are backwards compared the reset of phoenix. What a freaking wierd city.

  5. Words from a Scottsdale resident ... by johnlcallaway · · Score: 4, Interesting

    I don't live in Stonegate, I live in a nice apartment building. From my apartment, I can see 2 or 3 other networks. I don't broadcast my SSID, use WEP, and have MAC filtering enabled so I'm not too worried about it.

    It's easy for us geeks to shout from the rooftops to just lock it down, but we are dealing with people who think putting a key inside a fake rock is a safe way of not getting locked out of their home. I am surrounded by Joe Sixpacks and Barbi Braindeads. They have no clue and no amount of education is going to fix it.

    Here is an idea -- provide a USB port on the access point and configure them with a random WEP key, no SSID broadcast, and MAC filtering at the factory. Then take a USB key fob to the access point, automagically download the SSID and WEP key, and take it to each PC. The PC can install the SSID and the key, and then download their MAC. Take the fob back to the lan and plug it in to finish configure the MAC filtering. No fuss, no bother, no skills involved.

    There, problem solved. No computer can connect until it's done, and the system is delivered secure. Leave the web configuration utilitiy so if someone want's to turn it off to deliver free access they have a choice. That will take skills, or at least someone who can RTFM.

    --
    I rarely read replies, it's my opinion and if you thought about your opinion a little more, I'm OK with that.
  6. Re:it's called eavesdropping by LostCluster · · Score: 5, Interesting

    its whether the communication is conducted via a method the user has a "reasonable expectation of privacy" using

    That's a standard that the existance of the concept of wardriving shoots a nice big hole through...

    A wide-open 802.11x access point can be seen as an open invitation onto that network. Afterall, there are many public places that intentionally set their networks to be wide open in order to encurage use by visitors/customers.

    The lack of intent doesn't have much to do with it... if you set up a wide open network, you're giving an internationally recognized signal. One should know the customs of what they're dealing with lest they unintetionally make such a signal.

  7. Re:WEP? HAHAHAHAHAHAHAHAHA by tyldis · · Score: 5, Interesting

    You need a few gigabytes of packets to crack WEP. The way most people use their wireless networks I wouldn't worry too much. Also, if you change your WEP once a week (or more often if you use it extensively) you are pretty much safe.

    The only risk you have is your neighbour (no sane person will wait for a gig outside your house).

    MAC-filtering can also be effective, although you could still suffer a DoS attack from someone who has cracked your WEP, but that's just a friendly remainder to change your WEP.

    Of course, the best would be to use WPA[2] combined with a logon service like NoCatAuth, where you effectively kill all routing unless they authenticate.

    For Joe Schmoe WEP suffices.

  8. Amazing assumptions by Infonaut · · Score: 4, Interesting
    The responses to this article are pretty solidly along the lines of, "Those stupid rich fuckers need to RTFM, rather than being worried about wardrivers."

    Ponder how you might feel if you were a Regular Joe using your WiFi equipment. You read the confusing literature and try your best to secure your WiFi network. But you're not exactly sure if you go it right. Now you find out that there are people out there lurking around in your neighborhood whose sole purpose is to look for unsecure networks and... and you don't know what, but you're not exactly excited to find out what these wardrivers are going to do once they've gained access.

    Will they gain access to your network? Maybe, mabye not. But it makes you nervous because unlike most Slashdot readers, technology is not your life. You're just doing your best with the stuff you bought at the local ComputerShack.

    In many ways it is like using Windows. You try your best to secure it against malware and spam, yet the stuff still gets in. You've read the manuals and you do your best, but this stuff that was supposed to be easy is not only a pain in the ass, it now can potentially screw with your life.

    The worst part is that the Internet is now so tightly intertwined with most people's lives that to do without it is a major inconvenience. True, nobody is forcing you to use WiFi, but you want convenience, and you don't want to be victimized by people who for all you know could have serious malicious intent. You don't know who these wardrivers are, but you do know that they drive around snooping for open networks. Now tell me honestly, if someone were driving around your neighborhood snooping for open telephone lines, and you had no idea whether your telephone line was secure or not, wouldn't be a bit nervous?

    Bashing on regular computer users perpetuates the stereotype that technically-savvy computer geeks are elitist snobs who take every opportunity to trumpet their intellectual superiority while taking advantage of the less technically-inclined.

    --
    Read the EFF's Fair Use FAQ
  9. Re:In other news by jrockway · · Score: 3, Interesting

    Actually you can inject ARP packets very easily into WEP'd networks and get lots and lots of packets as a result. WEP is useless. Try 802.1x or at least WPA.

    --
    My other car is first.
  10. Re:Finally by Cecil · · Score: 4, Interesting

    There are two sides to every coin. My WAP is open. Intentionally. All I have to say is: please don't make it illegal for other people to use it.

  11. Re:In other news by darkain · · Score: 3, Interesting

    WEP is better then not having anything at all tho. if you have WEP, that means someone will have to use effort to get into it, and instead, they can just go two houses down to find someone else with WiFi that doesnt have any security enabled. (and the majority of the time, the router itself isnt even password protected either)

  12. The Unemploid Paranoid System Admin by l0ungeb0y · · Score: 4, Interesting

    I had a neighbor who I cut his wifi because he was so freakin' paranoid about someone warjamming his connection from the sidewalk. Anyway, this guy is gone, hasn't been able to get a job etc etc... thus, had to vacate his loft. sorry to see a guy with 15 years admin experience... but there's a limit to how much good intentioned paranoia can be tolerated in a corporate atmosphere. So while he was in a sense right... he was flat out wrong. And it cost him his livelyhood.

    I hung out with him frequently because me and him got along. When he aboned his wifi and went back to ethernet. I asled him what that was about. He mentioned that he was unable to "absolutely secure his wifi network". My rhetoric to him was "Why the %^&** would someone want to sit out on the sidewalk and warjam your wifi? I mean.. what do you matter and why would anyone give a %^&%?". His answer? "The spammers man... they're everywhere and will take whatever they can get. And I run windows here as well as Red Hat". Right answer but wrong again. Sure, we'll be seeing that in says to come, wardriving for network access to attack and then spam ... say a year or two from now. But his appproach seemed to me to be a major "WTF", even with WEP and MacAddressed access combined, all they could do is warjam. So who gives a rats ass. The spammers as always will be looking for easy targets. Who'd want to collect a gig of data from some dude in downtown SF to hack his wifi AND manage to clone a mac address? I mean he had a lesser DSL connection than me!!! Sure more machines, but still.. every admin should be paranoid, but not too paranoid to be able to live with reality.

  13. Re:repeat after me by LnxAddct · · Score: 3, Interesting

    If I am home and using my wireless access point which I leave open because I like to share, and I am roaming around my house, go in my kitchen and my computer automatically switched networks to my neighbors, how am I at fault? If they didn't want someone using it, they should have secured it. Ignorance on their part doesn't make it illegal on my part. If they are blasting the radio and I can roam around my house sometimes hearing my radio and sometimes theirs, it doesn't make it illegal for me to listen to it.

  14. Re:it's called eavesdropping by DeadBeef · · Score: 3, Interesting

    > In all cases, including "wardriving", there is no > legitimate reason to collect the information or
    > listen in. It's none of your goddamn business.

    I operate a bunch of 802.11b 2.4ghz access points in my area ( somewhere in the order of 6 ), a couple of connections commercially but mostly for employees / acquaintances of our company with an assortment of antennas and gear.

    We also operate a fair bit of Trango gear in the 5.3Ghz and 5.8Ghz spectrums, the fundamentals are the same.

    Scoping out who is running networks and where they are pointing and roughly what EIRP they run is absolutely essential to ensure that I don't stomp on other peoples networks and that I run my own networks in channels that receive the least interferance.

    I am completely uninterested in the data that crosses other peoples networks, and I am not defending people who are into snooping the _traffic_. But from a RF point of view, this is absolutely my business, as this is the only way that you can be a 'good citizen' in unlicenced spectrum.

    --
    I am a lawyer and this constitutes legal advice and I shall indemnify you against any losses arising from taking it.
  15. Let them in by bill_mcgonigle · · Score: 4, Interesting

    You should be able to setup your network so that your MAC's get full priority, all others can use your leftover bandwidth. NoCatAuth should be able to hand this. Throw in a firewall and a wondershaper so their downloads don't crush your ACK's and you have something that makes everybody happy, except maybe your provider.

    Consumer WAP's should operate in this mode by default with a nice wizard to help people set it up securely and easily. Cringely would probably argue you should get a penny per megabyte they transfer.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  16. Re:In other news by galaxy300 · · Score: 4, Interesting

    Not just non-geeks! I can't tell you how many times I've enabled WEP on a Linksys router, only to have all hell break loose, and nothing works any more. AP's drop off, clients can't connect. Sometimes a firmware upgrade helps, sometimes it only makes it worse.

    If these are the problems I, as an IT professional, am having, I only cringe to think of what that non-geek is going through.