Slashdot Mirror
Growth of Wi-Fi Opens New Path for Thieves
E. Harley writes "Wi-Fi connections are popping up all over the place from retails locations, schools, municipalities, and homes. Unintentionally or not, most of these wi-fi hot spots never change the system's default settings, hide the connection from others, or encrypt the data sent over it. This NY Times article [Free registration required] talks about the size and extent of the problem, and what has happened with law enforcement investigating criminals using these public connections. Also, the article updates us on an earlier Slashdot story about wardriving. That case is still pending."
When criminals operate online through a Wi-Fi network, law enforcement agents can track their activity to the numeric Internet Protocol address corresponding to that connection. But from there the trail may go cold, in the case of a public network, or lead to an innocent owner of a wireless home network.
After reading the article, it gives me the impression that you have a license to do just about any illegal internet activity so long as your WiFi router uses the default SSID, broadcasts its SSID and keeps the default passwords. If anything is traced back to you, you just blame the WiFi-Boogeyman for any illegal activities originating from your IP address.
I'm a big tall mofo.
Schlep your lappy to a Starbucks, tap into the wifi, and fire up Driftnet (linux) or EtherPEG (mac). Watch what flies by... hours of entertainment.
Speak truth to power.
Now, I realize that I'm the exception, but how hard can it be to type 192.168.1.1 in a web browser? Of course, people should check the air pressure in their tires once a week, and clean the air filter on the furnace once in a while...
"Well, good luck finding a judge that doesn't run a bestiality site."
Part of the problem is that the manufacturers don't disable anything by default...instead, you can literally plug a wireless router in and it'll instantly work assuming your internet connection uses DHCP to get its IP address.
Perhaps the easiest way to solve this problem is to disable the wireless part of the router until you run the setup program (or even better, make it launch the browser so it will work on any OS) and make you go through the steps of enabling encryption and everything.
I have WPA enabled on my wireless router (a Linksys WRT54G with the latest firmware) and MAC filtering. I broadcast my SSID ("Break this"), but that is more for ease of use then anything.
I then enabled SSL for the admin pages, so I must type https://192.168.1.1/ (the actual IP is different) to reach the router's admin page. I figure between SSL and WPA, it will be pretty hard for someone to break into my router's admin page.
The key is, with WPA and MAC filtering that will keep out all but the most determined out. If they ever got past that and onto my wireless network, I have logs so I could manually block them.
Notice how this NY Times articles is careful to associate each of this poisonous trio of ID Theft-ChildPorn-Terrorism with...WiFi.
And what a coincidence that just as this article is being published, that all over America, state governments are trying to decide whether to outlaw municipal wifi. Of course, this drive to outlaw municipal wifi is in NO WAY connected to this article that tends to associate wifi with THEFT, CHILD PORN, and TERRORISM. And in no way would the telco and cable TV lobbies that stand to lose BILLIONS (if municipal wifi takes off) try to get the NY Times to help make wifi look bad.
No way the media would do that! They have integrity. They would never sell out to the telco-cableTV lobby like that.
Would they?
eat shiat and bark at the moon