Slashdot Mirror
Turning Network Free-Riders' Lives Upside Down
An anonymous reader writes "You discover that your neighbours are using your unsecured wireless network without your permission. Do you secure it? Or do you do something more fun? A few minutes with squid and iptables could greatly improve your neighbours' Web experience ..." Improve is a relative term, but this is certainly gentler than certain other approaches.
I use WEP, but this certainly looks a laugh. Might turn that off, and see if I can have some fun!
Every link could be tubgirl.
Your sig(k) has been stolen. There is a puff of smoke!
I'm surprised the guy didn't send every link to goats.ex... He was being way too nice.
What are the odds that a neighbor would use your network and then sue you for the content that your are sending to him?
It could be worse, it could be Monday.
How can you blame people for connecting to a wireless router with the ID "Free Porn"?
Granted, my neighbors didn't intentionally set their router up with that ID but they did leave it unsecured with the default password for the admin account. It was simply the neighborly thing to do to change their ID and resecure it with a new password (that, admittedly, they didn't know).
The Mongrel Dogs Who Teach
After reading the article and it's comments, I've decided that the best would be to make it allways load an upside-down goatse
Could just watch their traffic, and when they try to bid on ebay, just slow their traffic down, then out bid them. They'll rue the day they tried to outbid 'yourneighborfromhell' on ebay.
"We are all geniuses when we dream"
- E.M. Cioran
If your wireless network is unsecured, permission to use it is implied, and there are operating systems that will automatically use such networks, are there not?
One of my all-time favorites. :)
(Mootar) morons.
(Mootar) these people who live in my apartment complex are connected to my wireless
(Mootar) they must think they're super-cool hackers by breaking into my completely unsecure network
(Mootar) unfortunatly, the connection works both ways
(Mootar) long story short, they now have loads of horse porn on their computer
http://bash.org/?202477
Bugs are just features that have been fixed.
It's as much stealing as sending the signal into their home is trespassing.
I think you just shake your head at your failure to secure it in the first place, decide if you care, and if you do, lock it down.
Funny way to deal with it, though.
But can you imagine Joe Sixpack trying to explain to Pradeep that all the images in his web pages were being displayed upside-down (or better yet, blurry, or upside-down and blurry!), while all the text in the very same web pages was being displayed upside-right in crystal clarity?
Joe Sixpack probably doesn't know the differences between images and text. Pradeep would hear the word "upside down" or "blurry" and immediately think it was a hardware problem.
It'd probably take any of us half an hour to convince a second-tier tech that we weren't trolling him, never mind Joe Sixpack.
I'd give my left nut to hear the support calls on this. (Particularly as I'm pretty sure that those of you in tech support have no use for my left nut. :)
When my neighbour mooched my wireless I had a little fun with Cain & Abel. I got some good recipes from their private documents. Romano cheese really is better than parmesan on spaghetti!
You can have a lot of phun with this all-in-one cracker suite. Hell, if my neighbours had a MS-SQL server or Cisco switch I could have 0wned those too!
Improve is a relative term, but this is certainly gentler than certain other approaches.
I don't really see the point. It's funny as a practical joke. In terms of protecting your network... why not just secure it instead?
Calling someone on slashdot dumb - mostly free.
Making a dumb mistake while calling someone dumb - priceless.
Frankly, if you don't want others to use your wireless, just encrypt it. Annoying freeloaders this way is pretty much childish. Set up WPA-PSK (which is much easier than WEP and more secure, AFAIK) and be done with it.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
He already uses the notion of trusted and untrusted networks, yet he makes no effort at all to prevent 1) spoofing 2) non-IP protocols 3) access from the untrusted network to his trusted network.
If you plan to take on others, make sure your own stuff is secure.
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
It's impossible to steal unprotected wifi. If you leave your connection unprotected, that means you are purposely sharing it. Although flipping the pictures upsidedown is pure genious.
Go to one of the translation websites and type the following:
Osama Bin Laden has just been killed and [your neighbor's name and address here] has just collected the $25 million reward from the Americans!
Translate it into Arabic then cut-and-paste it into one of the Jihad web sites in the Middle East where the beheading videos always get uploaded to first.
Check that your insurance papers are in order and then go take a couple days vacation a few hundred miles away. When you come back, no more asshat neighbors.
For those that are struggling to understand how the author of this article is accomplishing his approach, here is some further information.
The author obviously has a Linux server in his house, that is running DHCPD
To selectively send some clients to some locations, and others to the normal internet, he assigns an IP address on a different network to clients that don't have MAC Addresses that he knows about.
Forwarding on to sites of his choice is done by using IPTables, which is a utility that allows you to configure the packet filtering components of the Linux TCP/IP Stack. In this instance, the Linux box is just functioning as a firewall, and he is selectively sending requests from certain IP addresses to different hosts of his chosing.
Finally, the Up-side-down and blurry-image conversions is accomplished by sending page requests from those before-mentioned IP addresses to a proxy server, which in this case is Squid - and then allowing the proxy server to run a script which calls an ImageMagick command called mogrify which allows you to resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more.
And that folks, is the rest of the story.
Lindsay Blanton
RadioReference.com
This is hilarious! My coworker and I just sat here laughing and coming up with other great ideas for having fun with hijackers' browsing experience:
;)
;)
-Occasionaly replace images with random google-image-searched images
-Translate any text on a web page on the fly into some very English-like language but different enough to make the pages impossible to understand
-Translate text on the fly into languages with non-arabic characters
-The obligatory replacing all images with random porn images
-Keep the first/last letters of every word the same, but jumble the letters in between. You have seen this site, haven't you?
-Invert the colors of all images on the web pages
-Convert all graphics to grayscale, or 16-color
etc. etc.
The possibilities are obviously pretty extensive... I think after hearing about this I'll be a little more careful with my usage of other peoples' wireless networks!
I just moved into a new flat and as it took a while to get internet access, I had to "steal" someone else's wireless (although I take the position that if they want to beam radition through my property, I can do what I want with it). I took the strongest unsecured signal but because (being a sneaky bastard) I know what I would do if I ran an unsecured wireless access point I just tunnelled everything through an SSH tunnel to a proxy at work.
If you're so intent on leaving it open, I'd suggest just getting their mac address and assign it back to 169.254.x.x or 127.0.0.1. That way, if they actually do anything illegal, its not tracked to you.
You're just flipping webpages, right? What's to stop them from getting on a P2P network and sharing/downloading files? What's to stop them from visiting illegal porn sites?
Doing this to them will just make their internet useless. Not as funny, but safer IMO.
Another thought: Is there some way to randomly route their requests to a totally different webpage? Say they want to go to Google, etc. Is there some way to redirect their request to a randomly-generated (but real) URL? I'd suggest something in a foreign country.
Cruising the internet on my TI-99/4A @ a whopping 300 baud!
sorry, I am a supporter of open networks. I think the freifunk olsr-protocol approach of open wireless networks is best. We don't need internet providers and we don't need internet provider which leak our communication data to the governments and endanger the freedom of the net. The net should be a net and wireless technology is great for the creation of a real P2P internet.
I cannot support any action against people who use your network. It is against my understanding of hacker ethics. When you don't like it then close your network. But no childish games please.
I may even say that I find it unethical to exclude your neighbours from using your network but I respect your opinions. When your network is open it means: Be free to use it. Not: You can use it but I will fuck up or intercept your communication.
At first, I thought there were way too many screenshots. I mean, ok, we get it. But then at the bottom of the FA, it pays off. After the dumb kitten and upside-down stuff (where they know someone is fucking with them) we get to the treasure: blurry-net. That's subtle and I love it. The ideal prank for the proverbial Man In The Middle would be to do things to confuse the endpoints, not merely annoy them.
The next step is to spy on them and see what websites they visit, and then insert some fake content one day. For example, if they use it to read CNN, insert a casual story about a nuclear weapon getting used in the Middle-East or South Asia, or a story about the president of USA selecting a new vice-president due to the assassination last week ("What?! I didn't hear about that!"), or the CDC in Atlanta is investigating the recent rash of improbable claims about the dead returning to life to feast on the flesh of the living, etc. If they visit Slashdot, then the jig is probably up, but maybe it would be great to have a story where a security study found Windows98 to kick OpenBSD's ass and then a bunch of comments where everyone agrees that the findings pretty much match their own experience, along with complains about "how is this news for nerds?!"
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Reminds me of my first run-in with wireless at home.
After noting that the same bozos kept connecting to my network as soon as I powered it up, I tried configuring the wireless router to only accept the MAC addresses of my computers. No dice: at best it didn't work, at worst the router locked up and I had to do a hard reset.
So I phoned tech support. Rather than answering my question ("Why can't I lock the router to specific MAC addresses?") they proceeded to attempt to walk me through setting up WEP. I told them that wasn't what I wanted to do, that it was my router, my network, and I did in fact know a thing or two about networks. Eventually 2nd level tech support called and admitted that locking to MAC addresses was broken, and they had no ETA for a fix. I took the router back and bought one from a different manufacturer. It works fine.
I still like the idea of leaving part of it public and dispensing scrambled content...LOL!
...laura
Actually, the best part of this is that your network is still usable by the random joe in the apartment two buildings over. It may be frustrating, granted, but it is better than nothing when the guy has no choice. If you're trying to read the news or get your mail, that's no big deal; if you're browsing imageboards and all your pictures are screwed up, well, it's a subtle hint to invest in your own connection.
You misunderstand. Your dumb is like your taint. Down under my butt. Showing your dumb to someone is like mooning them.
When information is power, privacy is freedom.
by leaving it open he is inviting other people to connect.
Some computer says to the router "Hey, can I come in?" and the router says "Sure". Now, the moment you put something up, like needing a password, then you are no longer inviting people in.
Computer says "Hey, can I come in" router says "Sure, if you know the password."
Or you can encrypt it
Computer says "Hey, can I come in?" the router says "KE*jd7638JDEJE*834899(&^&#nd&#&bd*e#"
The Kruger Dunning explains most post on
Network freeloaders put themselves at risk... It would be trivial for someone to set up a "Free Internet" wireless AP and then run phishing attacks, sniff IM conversations, e-mail, etc. Considering how little the average internet user even pays attention to SSL, one could very easily imitate a bank, ebay, paypal, etc... One should certainly think twice before freeloading on someone's wireless network - and if you do, at least tunnel your connection securely (even socks5 over an SSH tunnel, etc)..
i'm far from expert on the subject, but if you are on the same subnet , sniffing should be trivial.
Sniffing has nothing to do with subnetting. It has very much to do with the hardware that connects you. If you're both connected to the same hub, you can see all of each other's traffic. If you're both connected to the same switch, you can't.
Note that as a Slashdot comment, this an extremely simplified explanation and not a complete picture.
I'm a big tall mofo.
That was a terrible poem.
If you leave a wireless netowrk open, they are not intruders. In fact, when their computer asked your connection is it was ok to connect, the wireless connection said yes.
The wireless is broadcasting into their home, and it is cnotently loking for connections.
The Kruger Dunning explains most post on
A car left idling with the door open advertises itself. Stealing it would still be wrong. I'm sorry, but your moral compass is flawed.
It must have been something you assimilated. . . .
The analogy is not flawed. So the router is "visible", with an option to make it invisible. Big deal. My garden is visible from the street, but I can put a tarp around it to obscure its existence. What you are saying is that, unles I put a tarp up around my garden, everyone has a right to use it.
Wireless networks may make themselves conspicuous, but that does not confer an invitation to use them. The connection between "visible" and "inviting" is not legally or morally valid. (I am excepting the concept of "attractive nuisance", but I don't think open routers will come under that area of liability)
"As God is my witness, I thought turkeys could fly." A. Carlson
The upside down images will clog the tubes and slow the delivery of internet to Ted Stevens. This should never be tried unless you live outside US.
..... best things in life are not so free..........
I suppose you could also add a frame to every page and then sell advertising space. Since you probably know a bit about your neighbour it is much easier make targeted advertising. Of course you could always make the top frame read:
"This is borrowed bandwidth. Have you thought about getting your own connection."
Oh and make sure it is flashing. Actually you could make it so that the whole content flash. Now that would be annoying.
Jumpstart the tartan drive.
Upside down is cute, but blurry is just too fantastic.
You know they were on the horn to the vendor after punching every monitor control and several loud screaming matches and an expensive service call for a monitor that then worked just fine on the bench...
As a webmaster I can now say April 1 just got very far away...
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
or replace every 100th picture with a picture of them.
The Kruger Dunning explains most post on
Even something as amorphous as bandwidth is a limited resource. To paraphrse the head of the commerce committee, an open wireless connection is not a dump truck you can just load up with as much as you like; it's a tube!
Sure, if you want to make sure nobody uses your tube, you should protect it. But just because you don't doesn't mean you're giving explicit permission. If I leave my bike on my front lawn without a lock and someone steals it--even if they give it back before I notice it was gone--it's still theft.
The CB App. What's your 20?
This was hillarious. I loved the upside-down images! The comments for this story have been entertaining...
However, I suspect the neighbor of just not understanding how things work. I'll bet they set up a wireless access point in their house, put in the wireless card, and fired up the machine, which connected to the first network it could see, and they assumed it was theirs.
IANAL... But I play one on
What would be the legal implications if your neighbor decided to use your WiFi connection to do illegal activities? What would be your liability? Especially if you already knew that your neighbor was using your WiFi access? It's one of the reasons I clapped down on my WiFi access. That can also be one of the problems of having "fun" with your neighbor's free loading your WiFi access. You can't use the claim you didn't know they were doing it.
I also don't buy the idea that "if they didn't secure it, it's an invitation to use it." If I leave my front door unlocked or left a window open, I still don't expect the neighbors to come right in and rummage around my icebox. You certainly won't be successful in that argument if they complained to the police.
If you want to piggy back on someone's network, ask first. It's not that hard to do, and most people don't mind.
If you want to open your network to the public, divide it into two networks (one secured and one unsecured), close potential trouble ports, and direct everyone to an opening page where you make no claims of any warrenty for service, and that your network can only be used for legal purposes. That'll protect you from most legal problems.
What you are saying is that, unles I put a tarp up around my garden, everyone has a right to use it.
No, actually we're saying that if your garden pelts us with carrots and peas as we walk past on the public street, we're at liberty to catch them and consume them. Only if you place anti-vegetable-flight netting around your garden (or stop planting vegetables that lend themselves to comparison to an unsecured WAP) does it become incumbent upon us to behave as good citizens.
Hey! Analogies are fun! Somebody compare Internet privacy law to hunting and fishing licenses!
Finally modding someone offtopic when they rant about what "Begging the Question" means: priceless.
The bandwidth part is easy to handle, assuming you've got a Linux box between the WAP and the gateway. Amonth the various iptables modules are ones that do rate-limit matching and per-IP queueing. You could easily give each poacher access to the internet without restricting the available ports but at a rate that resembles a 4800 baud modem. That way they would have enough bandwidth to download email and surf essential web sites but not enough to get you into trouble with warez traders.
For some of these cases you refer to.
I'm legitimately interested in them, not just looking for a chance to bash you.
Build a man a fire, he's warm for one night. Set him on fire, and he's warm for the rest of his life.
They drink your blood?