KisMAC Developer Discontinues Project

mgv writes to let us know that the lead developer of KisMAC, a passive wireless network discovery tool for Mac OS X, is discontinuing the project. Michael Rossberg lives in Germany and that country has recently passed laws that would make his participation dangerous. He urges visitors to take a copy of KisMAC and its source as long as the site is up, so that development might be continued outside the US or EU. From the website: "There has not been a lot of time for KisMAC lately. However the motivation for this drastic step [lies] somewhere different. German laws change and are being adapted for 'better' protection against something politicians obviously do not understand. It will become illegal to develop, use or even posses KisMAC in this banana republic [i.e., Germany]."

First Post? Mod parent down.

This so totally doesn't make sense and is a desperate attempt at a FP that just doesn't fly. Mod down accordingly. Just calling him out. Thanks.

Seems like a waste

[MeditationSensation]

Hmm, couldn't he contribute anonymously somehow? Login via an encrypted protocol and send code under a "pen name" of sorts?

Re:Seems like a waste

[Paradise+Pete]

Hmm, couldn't he contribute anonymously somehow?

Well if he were going to do that he probably wouldn't announce it.

Re:Seems like a waste

[cheater512]

Maybe thats what he's going to do? :P

Cant let his secret identity get out can he?

Re:Seems like a waste

[Lonewolf666]

Then he still has to officially distance himself from the project.
Running the official KisMAC website is a big no-no in that context.

Re:apple security?

... Kismac doesn't break into Apples, it lets Apples passively monitor networks and has some basic attack functionality integrated. Your post might be [vaguely] on topic if this was a discussion about an Apple firewall, but for a passive wireless network stumbler? I don't think so...

Its a cracking tool

[MichaelSmith]

• MacOS 10.3
• reveals cloaked SSIDs
• reveals logged in Clients (incl. MAC Addresses)
• mapping and GPS support
• visualization of network
• PCAP im- and export
• support for 802.11b & g
• different attacks against encrypted networks
• deauthentication attacks
• Apple Script compatible (in newest SVN version)

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package.

Re:Its a cracking tool

[Klickoris]

Is there even a legitimate use for that?

Re:Its a cracking tool

[TorKlingberg]

So what does it take to be a "professional"?

Re:Its a cracking tool

[Jah-Wren+Ryel]

Is there even a legitimate use for that? To find out if your own network is vulnerable.

No matter what kind of bullshit laws get put into place to restrict 'cracking tools' - criminals will have them. Legally sticking your head in the sand will not make you any safer. Far better that tools like this are spread far and wide so that countermeasures, or at least recognition of the problems, are also spread far and wide.

Re:Its a cracking tool

[bky1701]

50$ in the right person's pocket.

Re:Its a cracking tool

[AntiNazi]

Because if you put the book at the back of the shelf no one will ever find it?

Re:Its a cracking tool

• Kismet runs on linux as well
  
• If you have sensitive data, why would you try to even put it on a wireless network with known exploits and vulnerabilities?
  
• Due to the inherent nature of wireless networking, anybody with a packet sniffer on their wireless interface can do this
  
• no argument here -- if people want to share their information about WAP's, that's their thing.
  
• oh noes!!1 ettercap anyone?
  
• see above -- anybody with a packet sniffer already can do this.
  
• most new network cards have support for b/g networks ... do you complain because your 10/100 network card does the same thing?
  
• If you run a wireless network based on technology with known exploits, that's your fault. Talk to your vendor / IT Admin / Senator / Lobbyist to get things changed
  
• See above
  
• A handy tool, nothing more.

Re:Its a cracking tool

[mgv]

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package.

Well, I have used it a bit, and I'm no professional. But having shown people how quickly their encryption fails is a good thing.

At the end of the day, your comment is one of security through obscurity.

Kismac doesn't hack the unhackable, it can however open up access points that are much less secure than their owners think, mostly due to failures by the vendors to use proper algorithms. Why this should bother you is unclear to me.

At the end of the day, the vendors are more likely to change their hardware if this sort of tool is widely available. If it was kept obscure, most hardware vendors would never patch their access points.

I've used it alot, but never actually hacked into anyone's computer by using it.

Its likely to be forked anyway and exist on in another country...

Michael (as the original poster of the article).

Re:Its a cracking tool

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package.

This statement urks me. So what should we do? Restrict free speech just a little so professionals get the easily installed package? Have someone complete a course and afford them the title of professional?

Of course, if we restrict free speech for this cause, whats to stop it from be restricted for other purposes? Locksmith tools to help people get in their cars and houses?

Tell me, what is the limit?

Personally, I believe there should not be any limit. Its black or white, all or nothing!! Once it becomes grey, its open to interpertation. Interpertation is BAD! This is what allowed the government to take property for "public purposes" (owned by a private corporation of course). Also, peaceful protesting is fine and legal, when the government can decide to regulate the location and timeframe (at night from 10:00 to 10:01 ONLY around a dark alley where no one would see them).

There you go, your gut feeling could send us spiraling down a loss of (more) rights we should be ...... righfully entitled to. No, wait. Rights are NOT a privilege, gift, or anything that should be revoked.

Re:Its a cracking tool

[Nixoloco]

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package. And why not? You would prefer to pay a ridiculous amount of money for such a tool?

Re:Its a cracking tool

[bmo]

"Is there even a legitimate use for that?"

Under German law, now, even nmap could be considered evil. Tools like this and kismac are mostly used to see if your pants are around your ankles with regards to your network, either home or commercial.

Why should people with home networks not have this tool available? The German law is stupid and makes everyone a victim while not taking the tools out of the hands of people who will use them anyway for nefarious purposes.

I can kill people with a hammer, or I can use it to build things. I choose the latter. Should we outlaw hammers because some people illegaly misuse them?

--
BMO

Re:Its a cracking tool

[itsme1234]

"Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package."

Apart from the fact that what you self-contradict yourself (if free speech is fine then you can just "free speech" a script that installs any program "nice/easily" and that should be fine too) I should point out that fortunately (in my opinion) it doesn't matter if you agree or not. Well, unless you live in the only countries I know where "cracking tools" are banned: North Korea, China and Germany but then you might have other problems than easy access to cracking software. There are many things some people don't like other people to do but that's perfectly fine it they live it at that (it's NOT fine if they want for example to kill all people working in certain days of the week like some -popular I might add- religion wants).

Re:Its a cracking tool

[No+Tears+In+The+End]

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package.

You're entitled to your opinion. As stupid as it is, you have the right to hold it. Allegedly, Lenin had a name for people like you.

NTITE

Re:Its a cracking tool

[OverlordQ]

No matter what kind of bullshit laws get put into place to restrict 'cracking tools'

It's not to restrict the tools, it's just so they have more things to accuse you of when you're charged to get something to stick.

Re:Its a cracking tool

[niceone]

Hey don't be so hard on the parent, maybe he just talks like Wallace.

It's a cracking tool! More cheese Grommet!

Re:Its a cracking tool

[_Sprocket_]

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package. You're right. Only professionals should have tools like this. If you're going to have this tool, you better be using it to lift credit card information from unsecured Point of Sale networks.

Re:Its a cracking tool

[_Sprocket_]

50$ in the right person's pocket. I think that's "customer". "Professional" is when the $50 goes in your pocket.

Re:Its a cracking tool

[pembo13]

Good! Now we can be sure that crackers will never have this, and that only professionals will.

Re:Its a cracking tool

[timmarhy]

cool, just what every community needs - more ways to have charges stick when the government takes a dislike to you! assholes.

Re:Its a cracking tool

[MichaelSmith]

I can kill people with a hammer, or I can use it to build things. I choose the latter. Should we outlaw hammers because some people illegaly misuse them?

Brings to mind the riots in Sydney about a year ago. A sporting goods shop almost sold out of baseball bats in a couple of hours. The manager called the police to ask for a suggested course of action. The cops suggested the store stop selling baseball bats for the time being.

Re:Its a cracking tool

Why yes, Michael! Melbourne *is* better than Sydney.

Re:Its a cracking tool

[WS+Tu]

I think he talk about the license let someone get the "expert" title. Like the Exam Fee of MCSE: http://www.whizlabs.com/mcse-exam/70-290.html

Re:Its a cracking tool

[mgv]

Brings to mind the riots in Sydney about a year ago. A sporting goods shop almost sold out of baseball bats in a couple of hours. The manager called the police to ask for a suggested course of action. The cops suggested the store stop selling baseball bats for the time being.

That is a difficult one. Whilst I think that the problem there is the person, not the bat, sometimes it is worth restricting some actions. I think that even the most pro gun supporter would say there is a limit on selling weapons. Its just where you want to draw the line. Baseball bats, knives, guns, semi-automatics, hand grenades, small tactical nukes? Somewhere along the line most people will agree its not a good idea to have these things for sale in the sports section of k-mart, irrespective of the individual's personal freedom. Most peoples rights to freedom should stop somewhere short of their right to kill them selves with a 10 megaton nuke in a densely populated city.

Now this is a little different from what KisMAC is about, however. Kismac is fairly useless if you have a good password and a network secured by a proper protocol. On networks that aren't properly secured, it can open them up with various amounts of grunt work, ranging from minutes to days.

Mostly, KisMAC helps secure the network by letting you attack your own network. It has very little to do with most current criminal activity online.

Criminalising this tool will not make people much safer, if at all. Arguably it makes things more secure - I've persuaded a number of people to change their encryption to WPA by demonstrating how quickly their base stations can be compromised.

Much better I do it than someone else.

I think the German authorities would be much better working on philshing attacks, scam emails, and so on.

Of course, that would require some real work, not like this...

Michael

Re:Its a cracking tool

I can kill people with a hammer, or I can use it to build things. I choose the latter. Should we outlaw hammers because some people illegaly misuse them?

I'm sorry, what did you say? I was writing my name in the snow with a shotgun.

Re:Its a cracking tool

[poopdeville]

Rioters were buying baseball bats? Sounds like a lame riot to me.

Re:Its a cracking tool

[muridae]

Nmap helped me pick out a flaw in my sister's router. She asked me to figure out why it needed rebooting once a day, nmap showed several open ports, and after hitting one multiple times the router locked. Repeat the experiment, it locks again. Experiment concluded.

Kismet showed some family members why they needed both wireless encryption and MAC filtering. Telling them I was going to log every IM conversation, and then showing them the logs went a ways towards convincing them that their wireless was not really all that secure. They now know that MAC filtering only keeps out the honest, and WEP only hides their data with a thin layer of gauze, but at least it is their informed choice now.

Kismet and other wireless scanners have helped me pick out channels for my router based on where they have the least interference. I blame a cranky windows 'wireless assist tool' for picking the strongest AP instead of the one I select, but since it was what I was dealing with I just made the best out of it.

And yes, wireless scanners have also found me open hotspots to connect to when I am traveling. If the coffee shop leaves it on after hours, how am I supposed to ask for permission anyways?

Re:Its a cracking tool

[IBBoard]

is there even a legitimate use for that?

To find out if your own network is vulnerable.

I know of a company near to where I work who do it as a business for large organisations. They'll be brought in to test network security and use all sorts of tools, including the simple ones like nmap and port scanning.

If you want to check that your network is safe in a similar way but don't have several thousand to burn, what's wrong with checking?

This is another one of those "will limit the rights of law abiding citizens while the criminals continue to ignore it (because they're criminal)" laws.

Re:Its a cracking tool

[_Sprocket_]

I think he talk about the license let someone get the "expert" title.

Like the Exam Fee of MCSE: http://www.whizlabs.com/mcse-exam/70-290.html MCSE, huh? My statement still stands. ;)

Re:Its a cracking tool

[IBBoard]

Yes, but a politician can understand a hammer. It's heavy, blunt and simple on the whole (no comments on similarity ;) ) where as this new-fangled intarwebs-net-tubes and its associated applications must be dangerous in some way, otherwise children wouldn't be using it.

Or something like that.

Re:Its a cracking tool

[Ohreally_factor]

Sounds more like a Canadian riot, doesn't it?

Re:Its a cracking tool

Kismac doesn't hack the unhackable, Well duh. You're just restating a definition.

it can however open up access points that are much less secure than their owners think, mostly due to failures by the vendors to use proper algorithms. Isn't that exactly what {cr,h}acking is?

Re:Its a cracking tool

[Jah-Wren+Ryel]

Rioters were buying baseball bats? Sounds like a lame riot to me. Lol! Classic case of the police helping the criminals by preventing the law-abiding people from protecting themselves.

Re:Its a cracking tool

[jimicus]

I am a professional. Part of my job is to ensure security on our systems.

I appreciate having a nice easily installed package because if I'm looking to test a particular aspect of the network for security, I'm not looking to spend 15 hours getting the tool working in the first place. Alternatively you could provide the nice easily installed package commercially - for a fee - but then you're assuming that those with criminal intent have neither money nor means of pirating. Both of which are patently untrue.

This does not exactly require an IQ in excess of 150 to figure out.

Therefore, I can only assume that you, Sir, are either an idiot or a troll. Which is it?

Re:Its a cracking tool

[TheRaven64]

Telling them I was going to log every IM conversation, and then showing them the logs went a ways towards convincing them that their wireless was not really all that secure Just wondering, but what brain-dead IM service allows connections that don't go via SSL?

Re:Its a cracking tool

[umghhh]

There is a debate of sorts (i.e. politicians do the talking) currently about german secret police and their right to spy on you in any way it sees fit - by breaking into you private computers too. Could this be a coincidence? Maybe the guy refused to talk to them and they let him know he is next to be thoroughly investigated for possible law violations. Incidentaly abbreviation of state's name can be transalted as Banana Republik Deutschland. It fits quite well actually.

Re:Its a cracking tool

[muridae]

So if they leave their door unlocked after hours, it's okay to go in and get yourself a cappuccino? Neat!

I turn on my computer, their AP says 'hey, I'm a network, connect to me.' My wireless card says 'hey, I'm MAC address 11-11-11-11-11-11, can I please connect,' and their AP says sure.

The locked door analogy just doesn't cut it. Think of the coffee shop having a robot butler that they forget to program correctly. It serves at all hours instead of just working hours. Who's fault would that be? Now, take your archaic straw man and get lost.

Note: I did not suggest or imply that I decoded their WEP key to get an internet connection.

Re:Its a cracking tool

[angulion]

To bring in the car analogy, this seems more like making cars and alcohol illegal instead of the act of drunk driving..
Of course driving and drinking everyone knows, so making them illegal would never even come into question.

Re:Its a cracking tool

[muridae]

Just wondering, but what brain-dead IM service allows connections that don't go via SSL?

Well, that particular example was some time ago, but I believe it was AIM. I think that was back between '00 and '03 but if I tried to narrow it down someone would probably point out that I couldn't have used Kismet since it was only release last month or something.

Re:Its a cracking tool

[ukatoton]

MSN does not encrypt messages being transmitted at all, which I really hate, given it's popularity amongst friends of mine.

Re:Its a cracking tool

[Danathar]

That was the most insightful comment I've seen in a long time (REALLY!).

If a government wants you in jail they don't need stuff like anti-terrorism laws to do it. All they have to do pick some obscure small local, state, federal statute, search your house and arrest you.

What? Look at that copy of Michael Jackson on tape! Please produce the original AND the receipt. Don't have it? Well that's 5 years in jail and $50,0000 per copy!

Now there is a little exaggeration going on above (just a little) but democracies have so many laws on the books now that are not prosecuted that a prosecutor could pick whatever they want. As long as it's not a public trial chances are they could get away with it.

Re:Its a cracking tool

j00 just lost mad ./ respect d00d. j00r like -100 respect now

Re:Its a cracking tool

[ericartman]

20 bucks, same as downtown

Cart

Re:Its a cracking tool

[garry_g]

Why should people with home networks not have this tool available? The German law is stupid and makes everyone a victim while not taking the tools out of the hands of people who will use them anyway for nefarious purposes.
You're right. The law is stupid, as stupid as the politicians are that created it. This must be the first stupid law that has been passed.

NOT! Bro, take a look around - UK has a dense net of cameras all over, not too sure about their laws. US passed totally intolerable laws after 9/11 that even US courts decided later on were unconstitutional. European parliament passed a law requiring storage of communication information for anywhere between 6 months and 2 years, without the slightest evidence of the people breaking any law. There are discussions of allowing the nick-named "Federal Trojan" to be used to secretly invade and scan computers for proof of crimes, without requiring court orders. Plus several other laws in discussion that severely cut into the rights of free citizens. The most outrageous fact: Once they found out that what they were suggesting was against the german constitution, the next thing the said was that the constitution would have to be altered. Great. The bad thing is: Both German majority parties are in this together. So unless half of the German citizens start to vote for minorities, there's no real legal way of stopping this junk.

Re:Its a cracking tool

[Crayon+Kid]

Just wondering, but what brain-dead IM service allows connections that don't go via SSL?

Umm, all of the most-used ones? AFAIK, Google Talk is the only one of the popular networks that does it, and that's because it's based on XMPP (Jabber).

Yahoo, MSN, AIM/ICQ, none of them have encryption. Whenever I find someone using Pidgin/Gaim I can convince them to install a plugin like gaim-encryption, but my buddies who use the official clients are sitting ducks (and me along with them).

Re:Its a cracking tool

[JonathanR]

How's it going there Mick?

Re:Its a cracking tool

[Adam+Hazzlebank]

A hammer isn't really a very good analogy. "Killing" and "Building" are different activities. With KisMac the issue is performing the same activity with different intent.

A better example might be a gun. I can use a gun to murder people, or I can use it to kill in self defense. Unfortunately this doesn't really support the argument as well...

Re:Its a cracking tool

[Tim_UWA]

You're wrong: rights are a privilege, not a right.

Re:Its a cracking tool

Baseball bats in a Canadian riot? More like hockey sticks; am I rite?

Re:Its a cracking tool

[UncleTogie]

You're wrong: rights are a privilege, not a right.
You've been listening to Alberto Gonzales talk about the Constitution again, haven't you?

Re:Its a cracking tool

[mini+me]

KisMac is more like a key. I can use it to unlock my own door, and, with any luck, it will also unlock my neighbour's door. Because it can potentially be used to unlock my neighbour's door, it is imperative that we criminalize all possession of keys, regardless of intent.

Re:Its a cracking tool

[Adam+Hazzlebank]

I don't buy this analogy, partly because trying your key randomly in order doors isn't going to work (ok there are certain flawed implementations but..) and secondly because it's not the use the tool was designed for. If anything you could say it's like a lock pick. You can use it to test how easy it is to break in to your house or you could use it to break in to someone else's house. Again, the problem is that people might be inclined to agree that lock picks should only be made available to licensed professionals. Don't get me wrong, I think both Kismac and lockpicks are fine. But I'm not sure society in general would agree with me.

Re:Its a cracking tool

[blacklint]

Yup, to the best of my knowledge, AIM is unencrypted. Even the password is only "roasted" before being transmitted, which can easily be reversed. It's quite horrifically insecure, but for most useless conversations, it's just fine (the same way the public phone network is insecure). People have made various client addons for securing AIM, but very few pairs of people both use them. The only major protocol I know of that is secure is Jabber / Google Talk, which can connect via SSL.

Re:Its a cracking tool

Thanks for the clarification. I have little sympathy for those people here who think that it's okay to break into WEP networks just because their security is weak, but it seems you're not one of their number.

Re:Its a cracking tool

[Ohreally_factor]

I think that's against some unwritten rule. I mean, what would happen if there was a riot and a hockey game broke out?

Re:Its a cracking tool

[Millenniumman]

If anything you could say it's like a lock pick. You can use it to test how easy it is to break in to your house Huh? Generally, I think their legitimate use is to unlock things the owner lost the key for. There are other solutions to this when dealing with networking (reseting hardware, etc.).

Re:Its a cracking tool

Indeed.... rights are.. uhm.... RIGHTS....

Re:Its a cracking tool

[Adam+Hazzlebank]

fair enough, I think the analogy still holds.

Re:Its a cracking tool

[cky625]

horribly accurate

Re:Its a cracking tool

>I turn on my computer, their AP says 'hey, I'm a network, connect to me.' My wireless card says 'hey, I'm MAC address 11-11-11-11-11-11, can I please connect,' and their AP says sure.

Yeah, and you were absolutely helpless to stop it, right?

Spare us the rationalizations, OK?

Re:Its a cracking tool

[NoMaster]

Notice, though, that the police didn't order him to stop selling baseball bats. Their suggestion was basically that, if the shopkeeper felt the bats were destined for use on heads rather than baseballs, he should probably stop selling them - something I'm sure the shopkeeper had already worked out for himself, and was just looking for a little reassurance of (while giving a heads-up, as it were, to the police).

Besides, I'd rather a cricket bat. A couple of inches shorter, yeah, but about 40% heaver - and it has both a flat and a sharp side, so you have a choice between stopping power or pure damage. And, if all else fails, you can play cricket with it...

Re:Its a cracking tool

[muridae]

I really hate arguing with ACs, but since you asked.

Where, exactly, is the rationalization? If you, for what ever reason, left a computer on the front porch with a sign saying 'free internet access' then you would be completely insane to expect people not to use it. Now then, where exactly is this different from a shop leaving an open AP available 24/7?

Now, if you think I was rationalizing that 'my computer just connected, it's not my fault,' then you are still completely off base. Call me a geek, but 802.11 has tons of ways to both turn off advertising an open network and protecting it. If a business leaves the lights on and doors open with a sign saying 'take a brochure or leave a note' then I doubt they would mind if I did exactly that. If I had gone in and messed with the router settings, after cloning a MAC address and hacking the WEP key, then you might have a point. Otherwise, you are just looking for a reason to suggest that the technology should protect you, instead of taking responsibility for the technology you use.

Re:Its a cracking tool

[nsayer]

My wireless card says 'hey, I'm MAC address 11-11-11-11-11-11

If your wireless card is claiming that its address is a broadcast address, then it is misconfigured or broken.

Re:Its a cracking tool

What are you talking about? Here in the U.S. we have eliminated gun related crimes by putting little stickers on entrances to businesses stating "No Guns Allowed" - there's even a picture in case the potential criminal can't read. So, having a law against "cracking tools" should do the same for electronic crime.

Re:Its a cracking tool

[koi88]

I don't agree with having this tool available to non-professionals in a nice easily installed package.

However, if it came in a terribly complicated to install package, available only to professionals, it would be okay for you?

Re:Its a cracking tool

Agreeing to block knowledge is futile. For as long as people have been free they have been able to learn and gain whatever knowledge they wish. They feed the people "fear" and take their freedom in exchange for it. Politicians and bureaucrats will fail - as has always been the case throughout history when a government has attempted to hush and quell the spread of knowledge. If they want an infowar, give'm hell!

The ignorant Arrogance of German politicans.

[SlashdotTemporaryAcc]

Because of its vagueness, this yet to be commenced, but already passed law is a severe threat to the German security community! Experts of different interest groups have repeatedly expressed their serious concerns, but the politicans - naturally knowing better than any expert can - decided otherwise. For more information, please visit: http://www.phenoelit.de/202/202.html

Re:The ignorant Arrogance of German politicans.

Mod parent funny!

Captcha : Innards :-)

Re:The ignorant Arrogance of German politicans.

[dballanc]

The ignorant Arrogance of politicans in general. The road to hell is paved with good intentions, but the only thing the politicians really seem care about is making sure it's also a toll road.

Re:The ignorant Arrogance of German politicans.

[F-3582]

I remember trying to write a story about this on /.

It's been "Pending" for two months, now...

Can he continue 'remotely'?

[fadilnet]

Can he not have a server setup outside Germany and remotely access it and keep the development going on? Simple Example: VNC The development will be outside Germany, in a way. Or, he can break KisMAC into different components, components which are viewed as 'harmless' by the GOV, unless when they get together.

Re:Can he continue 'remotely'?

[nukem996]

If they wanted to charge him they still would and while he may still win because the program is running on a computer in a different country it still would cost him alot of time, money, and energy that he probably doesn't want to spend.

Re:Can he continue 'remotely'?

[kju]

First: If he accesses the server from germany, development will not be considered to happen outside of germany. Second: Won't matter anyway, as german law declares itself to be applicable to what a german does even outside of germany.

Re:Can he continue 'remotely'?

[bombshelter13]

Curious, how does the second part of that actually work? Let's say, hypothetically, I was a German citizen with dual citezenship in, let's say, oh, I don't know, Australia. Let's say that I left Germany 10 years ago, and have been living in Australia since, until, one day, I'm arrested for shoplifting. Will I be charged for the crime by both the Australian and German governments? What if the Australian court finds me not guilty, will I be extradited back to Germany to stand trial again there?

Re:Can he continue 'remotely'?

[Alphager]

Curious, how does the second part of that actually work? Let's say, hypothetically, I was a German citizen with dual citezenship in, let's say, oh, I don't know, Australia. Let's say that I left Germany 10 years ago, and have been living in Australia since, until, one day, I'm arrested for shoplifting. Will I be charged for the crime by both the Australian and German governments? What if the Australian court finds me not guilty, will I be extradited back to Germany to stand trial again there? As most western countries, Germany only allows one trial for one crime. The rules were mostly set to combat sex-tourism involving minors in countries like Thailand.

It's a security tool, dummy

Thanks Michael for your support of free speech. I'm really pleased to hear you think it's "fine".

Why don't people seem to get that making these programs obscure does not make you safer? I for one want to monitor my wireless network to see if they are vulnerable to such "cracking" (goddammit, "cracking" is removing copy protection and has been for two decades!!) tools.

They tried to shut down nmap in the same way (it first appeared in Phrack, btw), but I think most people will agree it's an absolutely essential tool for securing your network and checking for open ports, etc.

Making these types of programs illegal (it's this just a macafied kismet?) is absolutely crazy and will result in more, not fewer security breaches.

Re:It's a security tool, dummy

[mgv]

From the AC:

Thanks Michael for your support of free speech. I'm really pleased to hear you think it's "fine".

As there are two Michael's posting here, I'm just guessing you aren't referring to me...

Why don't people seem to get that making these programs obscure does not make you safer? I for one want to monitor my wireless network to see if they are vulnerable to such "cracking" (goddammit, "cracking" is removing copy protection and has been for two decades!!) tools.

They tried to shut down nmap in the same way (it first appeared in Phrack, btw), but I think most people will agree it's an absolutely essential tool for securing your network and checking for open ports, etc.

Making these types of programs illegal (it's this just a macafied kismet?) is absolutely crazy and will result in more, not fewer security breaches.

Its based on kismet. It has the usual aqua gui-ness about it, but remains a pretty powerful tool. One of the most impressive finds on a mac, and part of why I was so impressed when I switched to apple. *nix power combined with a user interface that was just too easy.

And I think that every thing that this german law does for KisMAC, must surely apply to kismet also...

Michael

Re:It's a security tool, dummy

[MichaelSmith]

To take an extreme position, I do not believe it would be a good idea for the wireless network configuration dialog in gnome to have a text field for the key and right beside it, a button to use network traffic to obtain the key.

Re:It's a security tool, dummy

[mgv]

To take an extreme position, I do not believe it would be a good idea for the wireless network configuration dialog in gnome to have a text field for the key and right beside it, a button to use network traffic to obtain the key.

Of course not. Done properly, it would automatically fill the key in for you. :)

Michael

Re:It's a security tool, dummy

[mrchaotica]

You ought to file that as a feature request for both GNOME and KDE.

(Seriously, why not? It's not as if networks using weak encryption would have actually been secure anyway; this just provides better usability!)

Re:It's a security tool, dummy

[lucas+teh+geek]

if someone wants to believe that their weak encryption grants them security, the rest of the world is under no obligation to make their belief a reality. weak encryption is weak encryption. the sooner people stop using it the better.

svnsync

Quick, someone use svnsync to download the subversion history of the project!

Re:apple security?

[mgv]

... Kismac doesn't break into Apples, it lets Apples passively monitor networks and has some basic attack functionality integrated. Your post might be [vaguely] on topic if this was a discussion about an Apple firewall, but for a passive wireless network stumbler? I don't think so...

Agreed.

In fact, the airport base stations seem to be quite secure from simple attacks.

What KisMAC demonstrates, more than any thing else, is that if you are using WEP for security, you are usually deluding yourself. A decent percentage of WEP base stations will surrender their passcode within 5-10 minutes, even if nobody is on their network.

Its that scary..

Michael

Alternatives...

[fadilnet]

Though KisMAC is still out there, there are alternatives such as Airsnort, Airattack, WepLab, Web,.. Can a live CD such as this one http://www.securityfocus.com/infocus/1814#auditor be booted off a macintelatosh?

Lost Freedom

[twenty3inhouse]

What bothers me (i've never heard about this software before) is the trend for western countries to move away from individual freedom. I live in Australia, it is happening here - the doctor that was held without charge for 3 weeks. I know it's happening in the US, but now it seems to be happening in other western countries too. Are there any western countries whose citizens aren't losing their individual freedoms?

At least we are having an inquiry into the matter. How is it in other countries?

Re:Lost Freedom

[keeboo]

Are there any western countries whose citizens aren't losing their individual freedoms?

Well.. It's not happening in Brazil.
I guess the politicians here are too busy counting their money.

Re:Lost Freedom

[Tablizer]

is the trend for western countries to move away from individual freedom.

It is caused by two factors working together.

First, is the terrorism McCarthyism, and second is big corporations gaining more political influence than voters.

Re:Lost Freedom

Are there any western countries whose citizens aren't losing their individual freedoms?

Although what happened to Haneef was unjust, he was charged and bailed within two weeks, not three. Also, he's not an Australian citizen, so he's sort of irrelevant to your point.

Re:Lost Freedom

Then the terrorists has won... and the politicians are obviously too stupid to see it.

Re:Lost Freedom

[jabuzz]

I would also add that he gave his mobile phone SIM card to someone who turned out to be a terrorist. It's not like he was picked out at random for no reason and persecuted. He had the misfortune to associate himself with someone that carried out terrorist acts. In such circumstances it was entirely reasonable to bring him in for questioning. That he has been let free shows that the system is working.

Re:Lost Freedom

[dkrug]

I am an American living in Germany. Germany seems to still be quite tolerant and liberal when it comes to personal freedom vs. many other Western countries. However, there have been a number of recent moves to try bringing Germany more in line with the US, Australia and the UK with regards to being a control state. Not too long ago, the German Interior Minister tried to push through some laws limiting personal freedom and strengthening surveillance authority, all in the name of "protecting" its citizens from the threat of terrorism. Fortunately, this was shot down (for now). But it doesn't mean other attempts won't be made. The scary thing is that what was being attempted seemed to be coming directly from Bush's play book.

It appears that the threat and fear of terrorism is a tool being used by those in power to further strengthen their position. So is it really the terrorists that have won, or those in power who have based their moves on using a "convenient" set of circumstances? Who can say for sure that the 9/11 attack was not the modern version of the Reichstag fire?

I think it is time for all rational, thinking people who place a high degree of importance on personal freedom, regardless of nationality, creed or ethnicity to join together to collectively keep a watch on moves to limit same, regardless of where, and institute measures to work within our respective systems to counter any such moves. Clearly, we will still need Government until the day when most people of the world understand that personal freedom must be accompanied by acceptance of responsibility for one's own actions.

But we also must understand that Governments exist primarily to benefit those on the inside, and therefore are inherently evil and need to be controlled. The nature and motivations of our Governments are best illustrated by the clips and transcripts of interviews with prominent politicians from many countries showing them stuttering and spluttering when being asked if they think it is a good idea to institute a plebiscite methodolgy for passing the majority of laws in their respective countries (as Switzerland does).

So, now that I have made the above statements, I will have to avoid taking any trips in small planes for a while ;-)!

Re:Lost Freedom

[Movi]

I would guess pretty much any of the scandinavian countries (Norway or Sweden for example).

Re:Lost Freedom

[GodFjotten]

Yes, there is no doubt a reason why the piratebay can continue to exist in Sweden, and why "dvd-jon" could assemble decss in norway ... But rest assured, corporate patent-angst is copulating with the short-sightedness of politicians up here too ...

Re:Lost Freedom

[arivanov]

C'mon, that fell through in hours after the arrest so they kept him under suspicion because he had bought a one-way plane ticket.

If that is a sufficient reason in itself, my entire family should go in jail straight away because we are going on our next holiday and coming back on a staggered schedule and thus forced to use one-way tickets for all trips. The idiots from British Airways (and most other airlines) do not allow you to have 3 people on the same e-ticket coming out and 2 of them returning on one date and one on another. You either have to book them separately (which you can't if one of them is under 14) or as separate one way tickets.

And let me not get into how exactly did Howard government bend the law when it lost the reasons to hold him. The moment they had nothing to hold him for they revoked his visa and held him on that account for "immigration violation". Classic case of using terrorism for propaganda in an election year. Almost as good as the British government inventing scary anti-airplane liquid plots to comply with their naso-rectal interfacing obligations to support an american congress election.

Re:Lost Freedom

[jgrahn]

I would guess pretty much any of the scandinavian countries (Norway or Sweden for example).

Possibly Norway; they're not part of the EU. Here in .se, we lose freedom all the time ... although perhaps not as quickly as e.g. the british.

Re:Lost Freedom

[RAMMS+EIN]

I know from people who live in Denmark (for those not in the know: that's a scandinavian country) that ISPs there refuse to answer DNS queries for certain sites. As far as I know, this isn't actually mandated by the government, but it's censorship nonetheless.

Re:Lost Freedom

[RAMMS+EIN]

I have my eyes set on Canada. I'm sure people here can point out what's going wrong there (and please do), but it seems to me things are a whole lot better there than in the EU or the USA.

Re:Lost Freedom

[Movi]

Yet you get to keep and legally use Pirate Bay :)

Re:Lost Freedom

[Hatta]

the doctor that was held without charge for 3 weeks.

Does it matter that he was a doctor?

Re:Lost Freedom

[ChristTrekker]

Germany? The country whose police forcibly removed a teenager from her home because her parents dared to educate their children themselves? And ordered psych evals for the parents in order to determine if their Christian beliefs amounted to a mental disorder? And suggested that the best way to resolve the situation would be for the parents to relinquish custory of their other children?

Yeah...Germany's real tolerant.

Re:Lost Freedom

[dkrug]

Well, I would say that anything approaching a fanatical belief in anything could be construed to be a mental disorder. Home schooling is permitted in Germany, but not under any/all circumstances. I will most certainly take the position based on personal experience (I have three daughters who were born and raised here) that Germany takes child welfare VERY seriously, and there is nothing wrong with that.

As for being tolerant, while countries like the UK and France are spending so much time passing and enforcing no head scarf laws, in Germany women are allowed to do so and are not persecuted for it for the most part. There are a lot of Muslims in Germany that live among Christian (and atheist) Germans with little friction. I have one daughter attending school in a class that is almost 50% Muslim and there are no problems. So what is the lesson here? Avoid cultural, ethnic and racial policies and laws that promulgate polarization and instead promote and foster tolerance and integration. I think that the US, the UK, France and Australia can learn something from this if they want to. The problem is that they know this already, but in fact want social polarization and alienation in order to "divide and conquer".

But of course all is not rosy (it never is). There are a number of German politicians that see all the "fun" that those in the aforementioned countries are having, and want to play too. The German Interior Minister is one of those, but fortunately he has so far been kept on a leash. All this terrorism fear mongering to support power agenda is something that all who value personal freedom must be ever vigilant against. I remind those who are either old enough to remember or have done a little reading of history that back during the RAF days in Germany (I lived here during all of that), when bombs were going off all over the place, and assassinations and kidnappings were common occurrences, no German politician would have dared even think of trying to push something like our USAPATRIOT Act through or attempt to turn Germany into a surveillance state such as the UK is and the US is rapidly becoming. And this in spite of what the PTB hoped would happen through the execution of programs like Gladio.

I and most other people living in Germany (both German and foreign) hope that it is never forgotten what can happen when a Government becomes too powerful, efficient, and controlling. And religion must ALWAYS be completely separated from the State.

Re:Lost Freedom

[ChristTrekker]

I would say that anything approaching a fanatical belief in anything could be construed to be a mental disorder. Home schooling is permitted in Germany, but not under any/all circumstances.

I think you meant to say "Home schooling is not permitted in Germany, not under any circumstances." Belief that government can fix everything is certainly a mental disorder.

Re:I blame George Bush

At the risk of running afoul of Godwin's Law... What are you, a nazi?

Doesnt work in all Macs

[bananaendian]

He urges visitors to take a copy of KisMAC and its source as long as the site is up, so that development might be continued outside the US or EU

FYI: KisMAC doesn't work in passive mode in the latest ibooks with Atheros AR5008 chipset.

Re:Doesnt work in all Macs

[mgv]

FYI: KisMAC doesn't work in passive mode in the latest ibooks with Atheros AR5008 chipset.

I presume you meant macbooks here - it works fine in passive mode with the ibooks, they don't have that chipset. It does work fine with a USB prism chipset 802.11b/g key if you have a macbook.

Michael

Re:Doesnt work in all Macs

[ttldkns]

could you give me an example of which branded USB wireless b/g keys are prism based? I've never been able to find any in the UK.

MOD PARENT UP

[deftcoder]

Also, nice sig. Isn't that a Schneier quote? I could've sworn I've seen it before... and it's been a while since I read Applied Crytography.

Re:MOD PARENT UP

[mgv]

Also, nice sig. Isn't that a Schneier quote? I could've sworn I've seen it before... and it's been a while since I read Applied Crytography.

I rather liked it :)

I'm not sure where it comes from - I don't think its a Schneier quote and I've had a quick search on google & wikiquote to try and find the reference - I can't.

Someone posted this on /. and it met the essential criteria - I liked it more than my previous .sig - It describes the futility of DRM better than anything else I could say...

Michael

Re:Doesnt work in all Macbooks

[bananaendian]

Darn submit button! noticed that myself afterwards. I'm aware that on the older Macbooks (pre 2007) it works fine. But Apple has changed the chipset recently to Atheros and all kinds of problems have crept up, airport dropping connection and so on. It's understandable that KisMAC doesn't support it because its completely different chipset and they haven't updated KisMAC's hardware support after 2006.

Re:such a sad day...

[megaditto]

I think the parent makes a good point.

What are the linux/windows alternatives to this 'product' anyways?

Re:such a sad day...

Kismet.

As someone with dual citizienship and..

[Joe+Tie.]

a family of lawyers, I'd caution anyone tempted to think of this as an Us Vs. Them scenario. This kind of shit happens everywhere, and it's really only by having the protection of the guns of any particular country that you gain any measure of freedom past the average level that the man on the street considers the lowest possible. It sucks, but this is the reality of the situation. You've only got as much freedom as isn't either explicitly protected, or passed by when politicians make their rounds in "protecting" you against harming yourself.

Re:As someone with dual citizienship and..

[nagora]

This kind of shit happens everywhere, and it's really only by having the protection of the guns of any particular country that you gain any measure of freedom past the average level that the man on the street considers the lowest possible.

The only reason we need guns is to protect us from the sort of jerks who own guns...

TWW

Re:As someone with dual citizienship and..

[morethanapapercert]

it seems to me that a government (*any* government) has it's share of jerks and aside from perhaps the Vatican, can you name me one government that *doesn't* own guns? It is therefor safe to conclude that one purpose of owning firearms is to protect one's own $RIGHTS from the jerks in government if/when the jerks come into power and get to set policy/enact legislation.
From what I have read, the rebels in the colonies were pretty clear on this when they were setting up a self-governing system way back in the 1700's. As far as they seemed to be concerned, the purposes of private firearms were:
1)To defend one's life, property, privacy etc from other individuals
2)So that the common population could serve as a militia in the event of war against a foreign power
3)To ensure a degree of sovereignty for the common man to prevent the government from becoming oppressive
4)When all else fails, to give the common man the basic tools for revolt, so that an oppressive regime can be replaced, by force if necessary.

I will readily concede that any capability can be abused, criminals can and indeed do use firearms in the commission of crimes. However, the men who became known as The Founding Fathers knew that decent law-abiding folk greatly outnumber criminals. Giving everyone equal access to personal firearms only makes the common person the equal of the criminals, and since good folk so out number the bad, crime and such can be kept to a minimum. Furthermore, while it can be argued that having guns in the hands of the common people makes tragic accidents or certain types of crime more likely, gentlemen like Franklin and Jefferson seemed to feel that those four reasons I mentioned were so important as to outweigh the risks. Personally, I quite agree with that line of reasoning, it's a shame Her Majesty's servants here in Canada don't.

my captcha was deplores...how appropriate

Re:As someone with dual citizienship and..

[Doctor_Jest]

Yeah, whatever. You don't want to exercise your 2nd Amendment right? That's your choice.

Don't piss on those who do. Remember, the Bill of Rights isn't a document that "grants" these rights... it's a document that _SPELLS OUT_ the rights, so that everyone can see the rights you HAVE, regardless of government.

The people who intend on dismantling them need an unarmed populace in order to accomplish it. Even Jefferson advocated revolution... when the government no longer served the people's needs.

Government is set up at our convenience. We control whether it lives or dies. And the Constitution is ours... not theirs.

Re:As someone with dual citizienship and..

[nagora]

The people who intend on dismantling them need an unarmed populace in order to accomplish it.

So we need guns to protect us from the jerks that have them.

Government is set up at our convenience. We control whether it lives or dies. And the Constitution is ours... not theirs.

Dream on, kid.

TWW

Re:As someone with dual citizienship and..

[Agripa]

The only reason we need guns is to protect us from the sort of jerks who own guns...

Because violence did not exist before firearms.

Re:As someone with dual citizienship and..

Actually, in the US, just over 2/3 of all guns fired in anger are fired to repel a home/business invasion or personal attack. In most cases the attacker is not not armed with a gun (they are harder to get than you think, more traceable, and likely to land you in jail forever), but are armed with a knife, crude instrument, or his/her own sheer size.

-A Federal Agent (and no I'm not a spy)

Re:As someone with dual citizienship and..

[nagora]

Because violence did not exist before firearms.

Brilliant argument for handing out the lethal weapons to any retard who can fill in a form.

Do you think you can make any attempt to connect the existance of violence to the virtues of distributing weapons capable of long-range mass killings? Or is that pathetic knee-jerk stock phrase as far as your reasoning goes?

TWW

Re:As someone with dual citizienship and..

[Agripa]

I figured one short quip deserves another one. If you found my brevity to be insufficient for the seriousness of the problem, please forgive me.

Ignoring for the moment the practical problems in placing the apple back on the tree, the existence of firearms within American society is at best orthogonal to violence. We have proportionally high rates of assault using other weapons such as knives, bats, and a variety of household items. Unless you can successfully argue that the proliferation of firearms increases the number of knife assaults and rapes, I am not prepared to believe that firearms in of themselves are a cause of violence. Certainly they have the potential to make a merely crippling assault deadly but they have the virtue of more then compensating by doing so for the attacking party as well. Nothing says I will not be a victim more then a seriously injured or dead attacker.

Further, by restricting access to firearms and their use beyond those who are obviously disqualified to handle them, we both remove a valuable crime fighting tool (although not a decisive one) and encourage the type of society which would prefer to acquiesce to a hijacking or other violent act ultimately to the detriment of all.

Re:As someone with dual citizienship and..

[NoMaster]

... aside from perhaps the Vatican ...

Just for the interest, the Swiss Guards of the Vatican are all highly trained in firearms and, since the 1981 assasination attempt, many are issued with firearms (particularly when on protection duty overseas).

As far as they seemed to be concerned, the purposes of private firearms were:
1)To defend one's life, property, privacy etc from other individuals
2)So that the common population could serve as a militia in the event of war against a foreign power
3)To ensure a degree of sovereignty for the common man to prevent the government from becoming oppressive
4)When all else fails, to give the common man the basic tools for revolt, so that an oppressive regime can be replaced, by force if necessary.

I'm not USian, so I could well be missing something, but from my understanding there's nothing in the constitution or other evidence of the time to support your points 3 & 4. Sure, the ambiguity of your 4th Amendment has been co-opted to support those interpretations by others since then, but...

The American constitution is actually quite a well-written and precise document, despite being written in layman's language of the time. Just because language changes, and people's interpretations change, doesn't mean that their intentions have changed.

Hence my .sig - with the emphasis on "well-regulated"...

Re:As someone with dual citizienship and..

[WNight]

Regardless of what "well regulated" means, "shall not" seems easier to understand.

The amount of intellectual dishonesty around this one phrase is staggering. What else could it possibly mean? Even if it started "An overstuffed sofa, being important to nothing, ..." it would still end in the same unambiguous way. I'm a Canadian and I can see this as plain as day. The 4th is supposed to allow people to keep and bear arms (not just guns) as appropriate to militia use.

Perhaps you think this sentiment is outdated, though I would disagree citing your current politics, but it surely was the intent of the founders.

Did they stick this amendment in there, close to the top, just to say something useless like it's nice for people to join the reserves and when there, you might as well let them use a gun?

Sheesh!

Re:As someone with dual citizienship and..

[Doctor_Jest]

Read the constitution. Read the founding fathers. Read Jefferson, to be specific. You need some schooling, kid.

Then tell me to dream on. YOU'RE the one who's dreaming. Just because the government doesn't currently think so, that doesn't mean it's wrong now.

It's amazing... I respond to an offtopic post and I get modded offtopic.

Guess there aren't enough gun-nut loners in the slashdot community.

3 hour tour

[Tablizer]

Open-source should buy and island and form a new "country". Call it Stallmanland? Stalland? Nah. Needs work.

Re:3 hour tour

[Tablizer]

Come on now, why is it "off-topic"? It is based directly on this statement from the submitter:

"He urges visitors to take a copy of KisMAC and its source as long as the site is up, so that development might be continued outside the US or EU."

OSS-friendly laws and practices can be established in a new island country. Security research could also be done without being visited by mean corporate lawyers or the FBI.

Re:3 hour tour

Stallmanistan

Re:3 hour tour

[bill_mcgonigle]

Come on now, why is it "off-topic"? It is based directly on this statement from the submitter:

Somebody with mod points is traversing their foes list. It figures.

Those of us without points today appreciate your suggestion, point to Sealand as an example of What Not To Do, and suggest that Cuba might be up for sale soon.

Guns...

[NEOtaku17]

My German friends laughed at me because of my guns.
"Why would you need that unless you are going to kill someone?" they said.
"To protect myself from others who have them" I said.
"Then why don't they make them illegal?" they said.

I wonder if people will ever understand that criminals don't care about the law. After all, if they did they wouldn't be criminals. Outlawing things like this only hurts the good guys.

Re:Guns...

[Suicyco]

Well, guns are only used to kill. Thats their sole purpose. I say so what? Taking away my right to possess killing devices doesn't remove them from the people I most need them for. Namely criminals and the armed authorities. The whole reason a populace needs guns is to allow them to remove those in power should that become necessary. I don't care about hunting. I care about having an equalizer that allows me and my fellow citizens to retake power. No, not retake. To reinforce who really has the true power. No government ever can control an unwilling populace, and they know that. Fortunately for them, most people are willing to take it up the ass. But that doesn't last forever. That is the true fear of any government. It is not foreign invaders. It is their own people. All revolutions come from within. As they should.

Re:Guns...

[Baumi]

My German friends laughed at me because of my guns.
"Why would you need that unless you are going to kill someone?" they said.
"To protect myself from others who have them" I said.
"Then why don't they make them illegal?" they said. Not trying to start an endless gun argument here, but that analogy is flawed. You wouldn't be able to accidentially kill or hurt someone with this piece of software. And while you'd want to keep the program out of your kids' reach (as soon as they're computer literate enough to use it), if they did manage to get their hands on it, they couldn't endanger themselves and others by playing with it the same way they could if they found a gun.

No matter what you think about gun ownership, the potential consequences of gun abuse are far greater than those of misusing a program like this one, so there's no inherent reason both should be treated equally by law.

Re:Guns...

[kinabrew]

I think grandparent's point was more along the lines of

If someone's going to break into a network, this law is probably the least of the ones they intend to break.

ie, this law isn't going to prevent anyone with malicious intent from having and using a program like KisMac, but it will prevent people from using KisMac as a tool to learn and test their own network security.

Regardless of grandparent's opinion on guns, that is one similar argument that can be made.

Re:Guns...

of course good gun control legislation targets both legal and illegal guns.

Re:Guns...

[mr_matticus]

Except that it works. Taking away the guns results in tremendously fewer gun deaths. There are approximately 150 gun deaths per year in Canada. That's right, one hundred and fifty; that number before the laws were enacted was ten times higher. There are 12,000 gun homicides per year in the US (roughly 100 times as many with just ten times the population).

Seems to me that's a fairly strong case. Gun control didn't take away everyone's guns (you can still have hunting/recreational weapons and you can get handgun licenses); it certainly didn't affect those in military, law enforcement, and other legitimate security-related fields. Same principle here. If you've got a legitimate use for the software and you've used it consistent with that, there's no reason this law would get in your way. What seems more likely is that this is a sensationalized pot-stirrer reacting strongly to a crowd of excitable Slashdotters via an over-cautious bit of speculation by one developer absent any legal advice.

Re:Guns...

[Graff]

Taking away the guns results in tremendously fewer gun deaths. And taking away water would result in tremendously fewer water deaths but I still wouldn't advocate that we all move en-masse to Mars.

Re:Guns...

[kinabrew]

You're arguing against something I didn't argue.

I was only pointing out that there was similarity between the arguments. I didn't mention whether I supported the argument as it pertains to guns. But in the case of KisMac, it's a valid argument. Outlawing KisMac and programs like it just isn't going to stop the people trying to break into your network.

Acquiring a gun is one thing. Downloading or copying a computer program from one of the billions of computers in the world, on the other hand, is a different, much simpler thing.

Re:Guns...

Bad comparison

Owning guns don't make you safe. If someone's after you they'll get you, unless you find other ways to protect yourself from a gun or better from the people who're after you.

Using security assessment tools, on the other hand, does make a network safer, by showing the vulnerabilities.

Re:Guns...

Misinformation just isn't right... In nearly every instance, gun control has resulted in a net increase in violent crime. Yes, even in Canada. Here's a quick analysis by a well known author in the subject: http://johnrlott.tripod.com/op-eds/NationalPost615 04.html

Re:Guns...

[Paulrothrock]

Yeah, if you outlaw drugs only outlaws will have drugs.

Re:Guns...

[mr_matticus]

Not at all. You said outlawing guns isn't going to stop people from shooting you. The evidence points to the contrary. Outlawing this would undoubtedly cut down on people breaking into networks.

What it's not going to stop are people determined to get what's on your network, so the gun argument is specious. Gun control laws are designed to cut back on "non-professional" or impulse-based murders. There's no illusion that an assassin or someone who has made the premeditated decision and plan to kill someone would be stopped by those laws. But the number of those deaths is quite small. The number of "professional" hackers is also small compared to the "hobbyists" and script kiddies who cause trouble because of the availability of tools to do so. They're neither smart nor determined enough to break in on their own.

I'm not saying this is an effective law to pass or that I support it. But the gun analogy is horribly wrong because a) it's not the same aim, and b) gun control laws DO stop people from gun homicides. Nine times out of ten, in fact, based on Canada's experience. That's a pretty effective and reasonable law.

Re:Guns...

Unfortunately for you, that source *is* the misinformation. The data collection methodology doesn't indicate any causal relationship. The same data sources your "well known author" used also indicated that the number of people who used guns to PREVENT a crime against their person was infinitesimally small--less than 1% in most categories. Allowing people to carry guns does not therefore lower crime rates, as your ill-gotten premise would lead people to believe.

Re:Guns...

[kinabrew]

Bullshit.

You're either confusing what I said with something another poster said, or you're deliberately lying in order to karma-whore.

I never said a damn thing about whether the argument applies equally-well to guns and KisMac. I simply pointed out that the argument which is made for guns is similar to the argument used in this situation.

And if anyone wants to verify that, here are the links to my previous posts in this thread:
My original post
My second post

Re:Guns...

[mr_matticus]

Accusations of non-existent karma whoring, aside, this is what you said:

ie, this law isn't going to prevent anyone with malicious intent from having and using a program like KisMac, but it will prevent people from using KisMac as a tool to learn and test their own network security. The argument might be made in both cases, but it's wrong in both cases.

Gun control laws DO prevent most people from having guns. They do NOT prevent people with legitimate uses for guns from having them. This law does NOT prevent tools like KisMac from being used by professionals or those who otherwise have permission. It DOES keep it out of the hands of punk kids and armchair/lazy hackers who cause nothing but trouble but aren't skilled or interested enough to hack it (pardon the pun) on their own.

The argument is just plain wrong on both sides. You're trying to use a decidedly flawed argument from the gun context in support of your views (or in defense of the OP's views) on the KisMac issue. That simply doesn't work.

Re:Guns...

[kinabrew]

Funny how all of your posts are modded to +2 seemingly the second they're made, isn't it?

Re:Guns...

[kinabrew]

My mistake there. I thought I had that off, and even launched another browser where I wasn't logged in in order to verify.

I screwed up.

But so did you in your accusation. I never said anything about how I felt in regard to how the argument relates to guns.

Re:Guns...

You're an idiot... the percentage of people that regularly carry guns with them is already quite small. When you multiply that by the probability of getting robbed, you get a damn small number. 0.01 x 0.01 is 0.0001, or .01%. That doesn't give people like you the right to deny other law abiding citizens the means for effective self defense just because a different subset of the population uses those same means for acts of violence.

As for calling the source misinformation, I think he's done a pretty damn good job of showing that whenever strict gun control is implemented, it does not lower the violent crime rate. No, you can't prove causal relationships with complex societal systems, but you can quite easily show that a political policy is completely ineffective at its stated goals, and when that same policy inherently violates the rights of people who do not use it for violent purposes, the situation seems pretty damn cut and dried to me.

Re:Guns...

A gun isn't effective self-defense if the chances of your needing it are less than the chances that you or someone else will harm or kill someone with it (accidentally or impulsively).

Law abiding citizens have no need to carry a firearm with them in public, particularly when the rest of the population does not have one. You can't even say that fear of being shot is a deterrent to criminals, because they tend to go after easy targets and even without that the odds are strongly in their favor, at least a thousand to one. All data sources indicate that gun "self defense" is the exception, not the rule, in the US. Take away guns for 99% of the criminals and it becomes effectively zero.

You also can't demonstrate that such policies are ineffective. The conclusions of your favored author are wrong, and just looking at the data sources can show you as much. The intent: cut down gun deaths and injuries. The result: a wholesale reduction of 90%. That's quite effective as laws go. What did you even give up? Merely the "right" to carry a firearm in public or to have weapons without a specific license--which is handedly trumped by the right of others not to fear your cowboy misuse of that firearm in public. Statistically speaking, you are a bigger danger with that gun. Incidental increases in other crimes are also not a consequence to blame on gun control, and of course it's spurious to imply that crime rate reductions are faster in the US because of lax gun laws (they're not, in fact, faster at all, looking over the past several decades). Taking away guns does not make people more violent, unless you're an NRA member who was overruled when protesting that ban.

Re:Guns...

Funny...I had a similar experience. A friend (who knows I have an assault rifle, as well as multiple other pistols and rifles) asked why I had those guns - fully expecting the "they are for sporting use" reply. I surprised him with a completely honest answer - "to kill people". I pray to God I never need to, but should the need for self-defense arise, and my guns are near me, I will not hesitate to defend myself and family. THAT is why I own my guns.

Re:Guns...

Did you ever watch "All in the Family"? There was an episode in which Archie Bunker (gotta love him!) said the answer to all these hijackings of airplanes was to give everyone a gun when they stepped on the plane. Interesting idea.

Highly impractical, of course (can you see grandma trying to just carry that .44 Magnum?), but think about it. If you know that EVERYONE has the same capability as you, and an incentive to stop you if you try to commit a crime, will you do it? I'm guessing you'd think really hard first. I'm guessing you'd just sit there and ask for a coke.

Reminds me of the old saying - "God did not make men equal, Colonel Colt did".

Re:Guns...

[Chrontius]

Do you care about gun deaths, or total deaths? Because in Britian, they have a knife culture and are planning to crack down on belt crime. I couldn't make this shit up.

Gun control laws DO prevent most people from having guns. They do NOT prevent people with legitimate uses for guns from having them.
What, then, constitutes legitimate uses in your opinion?

If you want to argue guns, I'll argue guns. If you want to argue software, I'll argue software. But if you want to argue guns, I'll probably win.

Stop trying to derail this discussion, please. I'm doing enough to do so on my own.

OSS Island? I don't see it. How about Free City?

How about a city? We could call it Stallmangrad. You just have to sign over your rights as you walk through the city gates so that they can be properly protected from the evil capiteelists.

"banana republic"

[Futurepower(R)]

Quote: "German laws change and are being adapted for 'better' protection against something politicians obviously do not understand. It will become illegal to develop, use, or even possess KisMAC in this banana republic [i.e., Germany]."

It's amazing when someone calls his own country a "banana republic".

Managers who were older than 20 when the personal computer revolution began have seldom bothered to learn about the new technology. I guess we will just have to wait until the old dinosaurs retire.

Re:"banana republic"

It's amazing when someone calls his own country a "banana republic".

Know many people who aren't "Bond Babies"?

I have many friends who have started to call the USA a Banana Republic. I've done it myself. To qualify, the country has to achieve a certain level of pervsive and endemic corruption, display a "We on't give a shit" attitude to basic maintenance of infrastructure and evidence a low regard for the value of human lives.

I've gone so far as to call the neocon USA a "third world shithole".

Re:"banana republic"

> It's amazing when someone calls his own country a "banana republic".

What would you expect after East-Germany took over West-Germany? We call it Stasi 2.0.

> Managers who were older than 20 when the personal computer revolution began have seldom bothered to learn about the
> new technology. I guess we will just have to wait until the old dinosaurs retire.

This has not only to do with computers. Our Home Secretary also talks about planting trojans in PCs, arresting terror suspects without charge and even randomly killing them. In a country where the death penalty is forbidden by the constituion! Oh, and they use fighter jets to intimidate demonstrators here.

Re:"banana republic"

[Shohat]

There is no need to learn about computers to be a good manager.
I personally develop Thermochemical real-time control devices; the owner of the company I work for doesn't own a computer, and all his email is managed by his secretary. He is a brilliant mechanical engineer and a good businessman, much more competent than the email/berry/collaboration obsessed middle-managers that you probably consider the tech-savvy personnel that should lead companies.

Re:"banana republic"

I have many friends who have started to call the USA a Banana Republic. I've done it myself. To qualify, the country has to achieve a certain level of pervasive and endemic corruption, display a "We don't give a shit" attitude to basic maintenance of infrastructure and evidence a low regard for the value of human lives. Welcome to the club. I started saying these things in the mid-1990s.

Re:"banana republic"

[LKM]

It's amazing when someone calls his own country a "banana republic".

Actually, most people living in western, progressive countries are very critical towards their own country. There are a few countries where stupid jingoism is rampant, and interestingly, these are often the among the more backwards ones.

I'd say being critical towards your own country is one of the signs of a progressive, enlightened society, and an important part of a working democracy.

Iraq as an example of a success?

[fantomas]

I suppose by your logic you see Iraq as an example of a success, then? A well armed populace sorting out their own problems and fighting off foreign forces, different groups attempting to "retake power"? I assume you defend the rights of the Iraqi people to own their own weapons?

Seems like a bit of a mess out there to me and that things would be better sorted out by unarmed people talking their way through their problems rather than shooting their way through them. You may remember that revolutions have also happened peacefully (e.g. former Soviet republics).

I think Iraq is a fine example of what happens when a heavily armed populace try to sort out their own problems.

Re:Iraq as an example of a success?

[jabuzz]

I would also point out that revolutions that are not peaceful can occur with largely unarmed populations. I would point to the 1989 Romania revolution as a prime example.

Re:Iraq as an example of a success?

[Suicyco]

When you have a foreign invader who IS armed to the teeth, I'd say absolutely the iraqi people need weapons. Lots of them. It is THEIR land, isn't it? They have the right to sort it out however they see fit, not how some far removed foreign power sees fit. If they wanted Saddam out of power, they should have removed him. Saddam certainly wasn't harassing foreign powers when the US decided to invade.

Most revolutions need the power of an armed populace, even if said power is not used. The power of the people to enforce their will upon their leadership needs a sharp point sometimes.

The former soviet republics did not leave the union by revolt. The union collapsed and from an internal power struggle that WAS heavily armed. It doesn't really matter though, guns should never only be for those who want to use them to maintain power.

Re:Iraq as an example of a success?

Sitting in Baghdad right now, I can inform you that the cause for chaos in Iraq can not be tied solely to the prevalence of firearms. The most horrific violence doesn't even involve guns or explosives.

Put it this way, I will never look at a piano in quite the same way again.

The violence has as much to do with the culture in the Middle East as it does with the guns. But that's much too long to get into. I'll just sum up by saying that you only have part of the equation, and not a very large or important part of it.

Re:apple security?

[eiapoce]

Sirs,

Eventually you are missing the point. KisMac is a tool that can discover APs and Point to Point wireless network, Crack WEP, Crack WAP (given a dictionary) and make Injection Attacks with selected hardware (prism cards mostly). So it's just not a purely listening software neither limited to only apple basestations (Airport).

So long the problem is that Germany choose to make illegal tampering with telecomunications, which could be good, but eventually forgot to leave a exception of fair use for research pourposes which is not good.

Enrico

Same thing with FPGA passwd cracker at sump.org

The same apparently happened with the FPGA based unix password cracker located at http://sump.org/projects/password/

Replacement?

[tecker]

Does anyone know of a good replacement for KisMAC. In my opinion it was the best one out there and now that the project is being discontinued I will have to live with the crapshoot that was the passive Atheros drivers.

Can anyone recommend a replacement?

Re:Replacement?

[mgv]

oes anyone know of a good replacement for KisMAC. In my opinion it was the best one out there and now that the project is being discontinued I will have to live with the crapshoot that was the passive Atheros drivers.

Can anyone recommend a replacement?

Wait for the "fork". The code will be moved to another site, and I suspect that development will continue on.

No need to reinvent the wheel...

Michael

Re:Replacement?

Wait for someone else to step up and make a diffrance you lazy @$$ holes. You both need your freedoms stripped from you, and bitch slapped back into clonesville.

Re:Replacement?

[Vitaliy]

Check out http://www.istumbler.net/

Re:Replacement?

[Stalin]

No. From iStumbler's FAQ:

Why can't iStumbler see my network?
iStumbler scans by sending out probe packets via an Apple interface Access Points MAY respond to these probes but they might also be configured as private networks. iStumbler can now see any network you are connected to, if it's responding to probes or not. iStumbler is intended to find publicly available wireless. Making your network private is the equivalent of putting up a "No Trespassing" sign and the tool respects that.

KisMAC puts a wireless card in monitor mode to discover private networks. iStumbler only finds networks you are currently connected to and networks that announce their presence. It is not a sufficient replacement for KisMAC.

Re:Replacement?

I use a VMWare Fusion (you could use Parallels too, of course) virtual machine running Ubuntu Linux with AirCrack-NG. It's a bit of a pain to set up, like anything Linux driver-related always is, but there are two big advantages over KisMAC. First, the cracking algorithms in AirCrack-NG are much better, having been updated more recently. You only need one tenth as many IVs to crack a network, making it practical in a short time basically wherever you are. Second, driver support, particularly for injection is much better. For instance, KisMAC has been hinting at injection support for Ralink USB devices for almost a year now, while it's already available in AirCrack-NG on Linux.

Governments do this for one reason

[rolfwind]

Make everybody a criminal in theory, so it's easier is to suppress the general population.

Re:Governments do this for one reason

[soomon]

and that's what just happens here (in germany) it's alsmost illegal to live her :S

It most definitely is "Us versus Them"

Politicians are the scum of the earth everywhere. There hasn't been a community-loving politician since Ghandi, and even him we see with rose-tinted glasses and behind the fog of history.

> You've only got as much freedom as isn't either explicitly protected, or passed by when politicians make their rounds in "protecting" you against harming yourself.

That would be so if we were all entirely separate individuals fighting independently, but as long as the politicians "allow" us global communications (and it's hard to ban) then we have the force of numbers, and we have as much freedom as we are willing to fight for. Fortunately the "fight" is largely a matter of posturing, with blood lost only rarely --- the main weapon is making politicians look like total morons in public, which they make it very easy to do.

The reason why we've been losing freedoms hand over fist recently is apathy, and the fact that the politicians are better at propaganda than we are, because of TV. But with a bit of luck, the nature of media might change soon, and the online media is far less susceptible to control.

For the time being though, it's definitely an "Us versus the Politicians" world.

Hmmm

"Free speech is fine"

In my experience, people who say this really *don't* think free speech is fine. What they mean is "Free speech is fine as long as it doesn't affect me in any way. If it does, then I'm really not for free speech"

"but I don't agree with having this tool available to non-professionals in a nice easily installed package"

See? I knew I was right.

You're missing something critically important: who gets to define who is the "professional"? Anybody who makes money working with computers? Or some sort of "certification" is required? Stallman is a kook, but you're making the guy look like a genius when it comes to protection.

At what point does a piece of software go from being legal for "regular folks" to one that requires this special license to use? You're the worst kind of person to make this decision because (a) you really don't like free speech (b) you have no idea what should be done (c) but damnit just outlaw it (d) even if you can't understand what you're asking for (e) and if you're not doing anything wrong, what's the big deal with the government intruding into your life even more.

Please please please. Move into the country and never bother normal folks again.

Re:Its a cracking tool (way off-topic)

[gomiam]

If they leave their TV on after-hours, it's okay to stand in front of the store and watch it (and if I have a universal remote, maybe even changing the channel), isn't it? Unlike your cappuccino case, no entry is needed. When you look for an analogy, choose a correct one ;-) In both my example and the hotspot's there is no automatic extra cost for the store.

German goverment also sponsors security tools

[timbrown]

The irony of the situation is that the German government actively sponsors work on security tools such as GPG, OpenVAS, BOSS.

Re:German goverment also sponsors security tools

[RAMMS+EIN]

They've also done a number of other Good Things. The trick is that:

1. The German government isn't a single entity. One part can make good decisions whereas another can make bad decisions, both at the same time.
2. They may actually be trying to make things better for the citizens, and just making the occassional misstep.
3. Germany is a democracy, and thus, the government changes.

Re:Doesnt work in all Macbooks

No, actually, it does work on the new macbook's - you just have to compile KisMAC from sources on your specific "macbook that won't run kismac".

Don't ask me why it works, I have no idea, but works it does - and I'm running the mid 2007 macbook model here.

Re:apple security?

"Eventually"

You keep using that word. I do not think it means what you think it means.

Somewhat OT: Managers

[Lonewolf666]

Part of being a good manager is that you directly manage only stuff you understand.

So if the owner of the company you work for has hired a competent CIO and lets him do his job, that is perfectly OK. In my experience, those who are halfway tech-savvy and start micromanaging things cause a lot more problems.

Risk

[nurb432]

And when he gets caught he goes to prison. All that risk over some, while nice, not earthshaking/freedom supporting software?

Re:I blame George Bush

At the risk of running afoul of Godwin's Law... What are you, a nazi? No, she's a troll.

Unless I'm mistaken

[porkchop_d_clown]

this is a Mac port of Kismet. If you're interested in security issues you might want to subscribe to Pauldotcom's security weekly podcast - that's how I learn about most of this stuff.

New country?

[kybred]

How about Gnufoundland?

Re:New country?

[macmurph]

I suggest the capital be Gnu York or Gnu Orleans.

Re:New country?

[denis-The-menace]

You are about 58 years late.
It was it's own Country before that.
http://en.wikipedia.org/wiki/Newfoundland

No source tarballs?

[jgrahn]

From the project FAQ:

The source code is only available with subversion, a CVS replacement.

I was going to download it (as a gesture; my only Mac runs Linux) but no way I'm going to install SVN just for that! Odd decision, not even providing weekly builds ...

NOT BEING DISCONTINUED

[doggkruse]

KisMAC is not being discontinued, it is only being moved to servers outside of Germany.

Intel macs, not "any macs"

[SuperBanana]

FYI: KisMAC doesn't work in passive mode in the latest ibooks with Atheros AR5008 chipset.

You mean Macbook; I know, stupid term, but "iBook" means a completely different platform, albeit in the same market segment. And it doesn't work in any INTEL Macs; it looks like it works, acts like it works- finds some networks- but nothing beyond broadcast SSID frames are recorded, except for a very limited number of people who probably have one specific revision. You're best off with a PPC system.

Frankly, the guy / the team wasn't getting anything done; this is just a formal announcement for what's been going on for more than a year. The application has seen no UI refinement in 2+ years, there is very little proper documentation, nobody's doing a good job of actually tracking what hardware does/doesn't work, the changelogs aren't maintained, and there's been very little progress on the most important front: support of built-in Apple hardware. Kismet now has more support for said hardware than KisMac does.

This is a complete cop-out. It's been on the brink of abandonware practically since it started.

Hmmm, even basic optimization illegal?

[Immerial]

One of the things that I use KisMAC for is to see which channel range has the least amount congestion, especially since you can get a lot of WiFi networks on the same channel when people just use the router defaults. I live in a very dense area and I find I can really improve my network performance greatly by optimizing my channel. I have helped a number of friends and family optimize their WiFi networks this way. Now it sounds like something basic like this could be illegal in Germany! That's pretty messed up.

kismac was a great tool

[sentientbrendan]

it was probably the easiest to use tool of its type, and all of the mac users that I knew that were interested in security used it. It really sucks that the main developer is going to be pushed off the project.

For those who haven't used it, it is significantly better than kismet for linux. It brings together kismet, and a number of other open source tools for wep cracking and integrates them into a easy to use UI. It is pretty trivial (point and click) to break a wep network with kismac. I've tried the same with the linux tool chain, and it is a pain in the ass in comparison.

I hope that someone else restarts development on this project. It really is a valuable tool that would be a shame to lose.

Re:kismac was a great tool

Hahaha, hilarious, Kismac is better than Kismet because it "integrates [the toolchain] into a easy to use UI"

Mac users just keep getting dumber and dumber . . .

Re:Doesnt work in all Macbooks

[lakeland]

I have a macbook on which I cannot connect at all to a WAP which an iMac next to it uses all the time. Even right next to the WAP it would report unexpected errors. I spent a while trying to diagnose the problem (including installing kisMac, and finding it didn't work at all on the macbook) before giving up and buying a cheap 802.11g + ethernet switch, which I can connect to from a phoenominal range on the macbook.

As a bonus, I'm now using WPA2 security, though I don't know how secure it really is thanks to the lack of working tools like kisMac.

lol

If passive sniffers are illegal, only criminals will have passive sniffers.

Wait, I've heard something like that before...

Re:Its a cracking tool (way off-topic)

[angst_ridden_hipster]

In both my example and the hotspot's there is no automatic extra cost for the store.

Unless, of course, they have tiered pricing based upon bandwidth used. Or, to extend your analogy, it may be possible that those other channels are pay-per-view :)

The Freedom to drift O/T

[NoMaster]

I would also add that he gave his mobile phone SIM card to someone who turned out to be a terrorist.

I'm sure you really meant to say "over a year ago, just before leaving England, he gave his prepaid SIM card with unused credits to his second cousin - who was picked up by police following the Glasgow bombing, but later released without charge.

The SIM card in question was found in his cousin's house."

Go virtual.

[Thomas+Shaddack]

Why set it in a physical space? The Cyberspace was already declared independent. Run the development via hidden servers accessible via Tor or other suitable technology. A combination of cloaking and redundancy may buy us all few more years of relative freedom.

My Banana (Respooblic) is bigger than yours

[codeButcher]

Europeans and Americans complain about such trivialities. Come live in a real banana republic for a year (and not in a high security, paid-for-in-Forex complex either - rather live just like a local middle-class citizen).

(And no, this is not to denigrate the concern about the gradual slide towards a global police state.)

The only thing appropriate to say is...

[master_p]

...they can kis m ac!!!

(Seriously: banning tools instead of banning people will only make the problem worse. Just because computers can calculate missile trajectories, they are not tools of terrorism. This logic will drive us nowhere as humanity.)

why are people so desperate for hw analogies

Let software thing be itself.

Re:apple security?

Dumbass

Re:Its a cracking tool (way off-topic)

[gomiam]

Unless, of course, they have tiered pricing based upon bandwidth used. Or, to extend your analogy, it may be possible that those other channels are pay-per-view :)

The tiered pricing is a possible problem, I will agree. Then again, I doubt they would have a contract of this kind: as enterprises they want to have predictable costs, so they would most certainly buy flat-rate Internet access. Oh, and it's the first time I know of a pay-per-view channel being accessible by using the remote on the TV box (you don't mean you would play around with the TV provider's box, do you?).