Slashdot Mirror
Sydney Has 10,000 Unsecured Wi-Fi Points
daria42 writes "A bunch of researchers have been driving around Sydney, Australia, and scanning for unsecured Wi-Fi networks. You'd think that in this day and age, with all that we've learned about security, that Wi-Fi security would be almost universal ... but the truth is that about 2.6 percent don't even have basic password protection. Extrapolating a little, that adds up to 10,000 unsecured Wi-Fi networks across Sydney alone."
No wonder they implemented a filter!
This 'bunch of researchers' wasn't Google was it?
.. .providing a nice free service for their customers? heck, I even use the free unsecured internet access on the bus these days!
Honestly I don't think this will come as a shock to ANYONE who has a wifi enabled device. There are unsecured access points everywhere in any given metropolitan space. I can get wifi reception in most places of three forks montana, a town with a population of less than 2000!
We'll probably have 10,000 or more when done. The goal is to have a complete coverage network, I'm talking everywhere, no drops. The building I work in has a couple hundred (we actually found a bug in old Intel wireless drivers, they couldn't handle over 99 visible APs). Every one has an unsecured network on it. The reason is we wish to provide visitors and guests with an easy way to get on the Internet. It is limited, web only, speed filters and so on, but it is open. The same APs also have secured networks on them, there is a WPA2-Enterprise network that you can access with your campus login and password that then has no speed or port restrictions, but of course you need a campus login. There is a VoIP network too (the reason for total coverage) but it is just for testing at this point.
It has nothing to do with being unaware of security, everything to do with not being assholes. A PSK security system would be worthless. It would be an unadministratable nightmare to try and change the password often enough and distribute it to do any good. Enterprise security works great for students, employees, and so on but isn't very helpful when you are talking guests, or just the public who wants to use our facilities (and we are a public institution and so have a duty to them). So open is the answer. You get on, it directs you to a "You agree to this shit," page, and away you go.
Some of those might be intentional: I run an unencrypted wifi AP which is
bandwidth limited and routed through Tor as a public service. It is used regularly.
Also not covered will be those with open APs but additional authentification/encryption
layers, e.g. using a VPN.
Around here (not Australia, admittedly), open wifi is nearly non-existent (and all open
ones I've encountered over the last two years or so seem to fall into the categories above) -
WEP "secured" APs are another story however, there is still a worrying number of those around.
And I'm certain most WEP users are entirely unaware of their de-facto openness.
Sorry, I'm just not seeing how this would be news to anyone technically adept enough to be interested in reading slashdot. Unsecured wifi is a problem in every part of the world, from third world countries just learning to use it to the most advanced countries. Ten thousand is a big number, but it shouldn't come as a surprise to anyone.
So what? If you use an insecure connection you know you are vulnerable to people who like to read your email and see what websites you visit. And the owner of the connection risks getting all kinds of viruses for free, and people downloading pr0n and other stuff via her network. Who else but the two people I mentioned should care?
-- Cheers!
Maybe they all 10,000 residents read Bruce Schneier's blog:
http://www.schneier.com/blog/archives/2008/01/my_open_wireles.html
Also, I know TFA mentions "Residential Locations", but I wonder if there were any coffee shops dotted around which offer free wifi. Maybe none, but a short sentence in the article would help me sleep at night :)
As an Australian I am quite surprised that the number is so high. Here it has been the norm for ISPs to tiered monthly data plans where you pay for how much you use. From cheap plans for $20/mo for a few GB aimed at old people who only forward on chain emails from 1997 right to 1TB plans for torrenting all that public domain and Creative Commons content. Once it's used up your connection is throttled to an unusable 64kb/s for the remainder of the month (though some ISPs sell data recharge things).
Unlike Americas "unlimited" one-size-fits-all these users are losing what they paid for. Why would people be so stupid as to let their neighbours use up their 25GB on their shitty Telstra plan? Is setting up WPA2 really that difficult? Can these people read an instruction manual?
I also find it depressing that WPS even exists.
Unicode in Slashdot
I run a open access Wireless AP, the SSID is "free wifi" and it redirects traffic to a local rickroll/nyancat video loop (randomizes each time)
WPA has no structural flaws. It's as strong as the passcode you use. If I use a random 64 character passcode with a full alphabet (upper and lower case alpha, numerals, special characters) then I would comfortably give you until the heat death of the universe to crack it, that same password. It's not going to happen. You'd be better off kidnapping the owner and beating it out of them, that at least COULD work.
If you build it, nerds will come. Soylentnews.org
There was a time when most WiFi hotspots were password-free and we could connect to the internet for free in most urban areas when we were travelling, with latencies and speeds that put 3G to shame.
Now, those times are gone forever. No more free internet for the casual user. No more sharing and love.
People like to talk about security but it's bullshit. We are not the winners in this ordeal. ISPs are. The security issues have an easy technical solution: The same one used by french ISPs to let its customers connect to other customer's WiFi.
They have a password-free Hotspot that sends you to web login and a separated, bandwidth-shaped VLAN for guests so they can't access network shares or do anything else.
R.I.P free WiFi. You will be missed.
Wireless networks are not secure even with WPA/WPA2, unless you feel like changing the password every other day. Even my grandma is sharp enough to follow the instructions on various youtube-clips for cracking WPA/WPA2..
Oh? Beyond brute-forcing with dictionary passwords? Mind providing a link to one of those videos?
I think I would've heard of WPA2 being broken, it being AES-based and all...
I had a spare AP, so I decided to leave it open for the public to make use of my internet during the day. The AP is on a manual time switch (you know, the one that plugs into the wall) so it switches the AP on at 8am, switches off at 5. Real technical stuff I know but seriously, what's the deal with all the press surrounding unsecured wifi nextworks? Is it still 2005? Even if people have encryption or mac address filtering, it's not going to make the world of difference? If someone wants something other than internet, I'm pretty sure 9/10 of those people know how to crack a wifi password or spoof an mac address. I think the important question is, how many people leave the default router password as the same? or how many un-patched windows/mac pc's are sitting behind that router?
But how many of those 2.6% have MAC address filtering? No password, but if you try to connect it won't work. You're not encrypted, so your packets can still be sniffed. But if you just want to stop casual users logging on and stealing your bandwidth it's a perfectly acceptable solution.
because it's impossible to to spoof a MAC address isn't it.
Plausible deniability.
So, evidently, Sydney has too many secured wifi points, right? 2.6% unsecured is less than the percentage of people with no financial information or anything interesting enough to steal... grandparents who don't do banking online are buying wireless laptops. Possibly, 2.6% of Sydney wifi administrators are confident of their ability to monitor access to their networks. If the ISPs take over the anti-virus implementation, as they are starting to do in the USA, the only problem would be lost business to the ISPs.
Hmmm.
Gently reply
LAWSUIT!!!
Boredom is bliss.
I would say Buenos Aires probably has ten times that many unsecured wifi spots and we are actually proud of it.
I'm all for security and strong passwords and all that, but so far, no one has been able to give me a good enough reason for me to bother with "securing" my wireless network.
People can sniff your passwords! -- I don't send them in the clear; I use SSH and SSL for everything.
You'll get viruses! -- I don't trust my network; I treat it as part of the public Internet and use sensible firewall settings.
People will use your bandwidth! -- I don't care. My bandwidth isn't capped.
People will use your connection for child porn and you'll be sent to Gitmo! -- This is the only argument I've heard that has at least some semblance of relevance. It's still pretty weak, though. If it were true, cafes, hotels and similar establishments would find themselves in hot water all the time and I have never heard of such a case.
What else is there?
FTA: "In total, 382 networks were detected with 2.6 per cent operating without password protection."
So, out of all the networks they tested, only 9 networks we unsecured? I don't think this small a pool is very significant statistically. There could be a number of reasons for those 9 people to be operating a wifi without a password. It isn't necessarily just being "uninformed"
Sure, I guess a psychic could divine a working MAC address.
Or a non-psychic could simply look for one that is currently used and being accepted. Ideally you would monitor for a while and find one that is switched off, but it seems to work (with a high error rate) if you spoof an existing MAC address even when its active.
I choose to leave my wireless open. I view wireless "security" like this: 1) Write a secret message on a plain postcard. 2) Put it in to a safe. 3) Drive the safe to the post office. 4) Take the postcard out of the safe, give the post office people the postcard. 5) Postcard is now sent through the postal service. Now, the postcard transport to the post office IS secure, it's in a safe, nobody can read it, it's all good and super secure. The security breaks somewhat when the postcard is delivered to the post office, just like your "secure" wireless data connection is somewhat broken when it reaches the Internet, but.. people seem to like this kind of security. If you really want security then you need end-to-end encryption like SSL and https. My view is that thinking wireless "security" gives you much real security is just dump. It does prevent people from using your wireless, and that's about it. I don't mind, fetching a web page used close to zero percent of my bandwidth anyway.
9/11: Never forget it was a false-flag operation
Just because they were "open" doesn't mean you could actually do anything with them.
I used to have a wireless network where all the clients were software-firewalled and the only traffic accepted over the wireless interfaces was VPN traffic to a server also on the wireless network (and that interface similarly firewalled). Hell, you didn't even have DHCP service on that interface.
So a million people could "join" my wireless network but:
1) None of them could talk to each other.
2) None of them could talk to the Internet.
3) None of them could talk to my computers.
4) None of the traffic they could potentially sniff with a "promiscuous" sniff of the network was at all useful or revealing to them.
But it meant that the wireless negotiation was quick and easy (I've had no end of problems with WPA2 gear just dropping off the network when a WPA, WEP, or open network on the same hardware works just fine all the time), nobody had to remember silly passwords, I could use client-keys long before WPA allowed you to do such things and it was impossible to make me join an "alternate" network with the same SSID and pretend to be my home network.
Just because there was no WEP/WPA password doesn't mean there was no security, or that it wasn't intentional (e.g. public wifi access points), or that it even connected to another computer at all - let alone the Internet. I'm not saying that there weren't people with stupidly insecure connections but a scary number means nothing without justification:
How many of the "secure" stations actually had quite a weak password (e.g. same as the SSID?)?
How many of the insecure stations would route to the unmodified Internet at all (upside-down-ternet actually gives you scripts to mess with people who access your wifi without the right credentials - like turning web images upside down, or redirecting them to pictures of kittens)?
How many of them would let you connect but would only allow access to a single MAC (which isn't "secure" as such, but a damn sight better than nothing)?
How many of them were actually fake honeypots deployed to catch people's details because they were stupid enough to log in on unknown, insecure networks?
Scary numbers sell headlines. I'd want facts, considering that for many years I didn't trust WEP or WPA with my networks and so only deployed them as a hindrance to eavesdroppers, not an actual security layer - because everything was VPN and treated as an "unsecured" connection. People who came to my house could never work out why, when they connected with the advertised password (if any), they couldn't actually do anything even once connected.
It isn't about not wanting to be nice, nowadays when police kick the door down first and ask questions later you don't want to be in a position where the local pervert has an easy route to browse his kiddie porn through YOUR network. Even if you can later prove it wasn't you the hassle and trouble involved is just not worth the risk. Even when most use crap security there generally is no point to breaking it as there is nearly always some other moron that leaves theres open. Even from my living room where I am typing this I can see 11 AP's, 2 of which are completely open.
in any big city, try NYC or LA, or Detroit or Chicago, or any of the other big US Cities = full of inept people that bought PCs & laptops all connected via unsecured wifi because it is easier than running Ethernet cable all over the house
Politics is Treachery, Religion is Brainwashing
Nono, I understand but since I live in Thailand (and not in the US), they've pretty much blocked everything already! Plus, even in Thailand, they do a little bit of investigation before actually throwing someone to the ground and hand cuffing them!
Computer Hackers Running Rampant Ruse of Running Runtimes
On online newspaper has broken the story that the majority of computer terrorism happens because of downloading executables and running them. "This results in the innocent user being asked why they were running TransvestiteIslamicHookers.avi.exe."
An internet security expert from PMITA University in Melbourne, Greg Markovy, said downloading executables could attract attacks on any devices on the same network, leading to the loss of personal data, such as bank statements and credit card numbers. ''The likelihood that the executable will be used by someone else is high,'' he said. Hackers can turn home computers into robots, using them to send spam and attack other computers."
Nicolas Awhole, a law lecturer at Queensland University of Technology, said that if an unauthorised user illegally downloaded copyrighted material, it could be traced back to the network owner. ''It could be quite difficult to prove that it wasn't in fact you,'' Dr Awhole said.
Dr Awhole gave one final reminder: "Remember, anyone at any time can accuse you of anything, write hate speech on your wall, send an envelope with your return address, or hack into your computer. It's up to you to prove your innocence."
How many more years will slashdot have an off-by-one error on your Score in your profile?
I refuse to live in a world where Americans need "your papers please" or where our police are thugs. I refuse to be bullied by the TSA. It is our choice what world we wish to live in. If you give in, you give up; That way lies fear, depression, and death. I live in the same bright world that Ronald Reagan spoke of, a city on a hill....
You do realize WPA does on the fly rekeying ... RIGHT? The password changes over time automatically on its own, generally about once an hour ...
Even my grandma is sharp enough to follow the instructions on various youtube-clips for cracking WPA/WPA2..
Really? WPA2 eh? your grandma can do something no one else can do ... via non-existent youtube clips ... I am impressed.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
I wonder how many of them are Free Public WiFi.
You traveled to Sydney many times ON BUSINESS ... and didn't experience a lot of the open wifi access points that are located in RESIDENTIAL areas ... shocker ... really
Unless you happen to be doing business in someones house, then your experience has no reason to match with these results.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
I do it easier.. I have a spare 54GL sitting at the peak of my attic without any internet on it broadcasting about 60 AP's that say... Linksys, netgear, dlink, etc all open and unsecured. The cool part is the AP sits on a metal plate SHIELDING it's signal from my home. you cant see the AP's it's broadcasting from inside the house. (Knowing how RF works is a good thing)
It had two effects.
1 - it chased all the neighbors away from the channel I have them all broadcasting on.
2 - it forced all the neighbors to actually configure their routers to not have the name "linksys, dlink, netgear....." and they added encryption as they all show locks now.
Works great, and I am sure I give the wardriving kiddies as well as leaches fits when they try to connect to them. the one real AP up there called "FreeWifi" is my throttled and filtered free wifi AP I provide. works great and last time I checked it was getting used at least 5 times a week. It times out and drops you to a capture page every 50 minutes to annoy the cheap neighbors trying to leach. And no it does not mess up my WiFi as I use the channel it's on. it's the quietest channel for 4 blocks around because of my broadcaster.
Do not look at laser with remaining good eye.
If you know about security, then you also probably know that setting passwords on wifi won't guarantee you security anyway.
IF you knew about security you'd knew that stopped being true 6 years ago.
Anything you want to e secure should be done over ssl, ssh, or VPN.
Really, so AES used for SSL, SSH or your VPN (assuming it does use something at least as powerful as AES) is somehow different than AES used in WPA2? Please enlighten me on how, I write this sort of software for a living, I'd leave to learn something new that no one else has ever heard of.
Another thing to mention, even if you use Ethernet, your data can be sniffed off the network as soon as it hits the ISP anyway if its not encrypted.
Unless of course, you're using SSL or some other for of encryption for your data ... and either way, broadcasting on an unencrypted wifi network is more like shouting your data at the top of your lungs in the middle of the street and then bitching that someone else heard it, where as a wired connection is more like a personal message sent through the mail. One is FAR more likely to cause you problems than the other for a number of reasons.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
You'd be better off kidnapping the owner and beating it out of them, that at least COULD work.
Or possibly not. I don't know about you, but I don't remember the 64 random characters in my passcode, and no amount of beating is going to make me remember. Of course, if you ask me where I wrote it down, that you could beat out of me, but it's on my desktop computer, and once you have access to that, all bets are off anyway.
What Slashdot users know != what the general public knows.
Spoofing a MAC that is already in use works just fine, but you should assign an IP manually as DHCP will think you are the same user and give you the same IP..
If you spoof their MAC address and manually take their IP too, it will usually knock the other user offline and they probably wont have the skills or tools to work out what's happening.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
So what you're telling me is, over 97% of users secure their wifi networks?
Honestly I never would have thought we could get the percentage that high. That's good news.
Sigs are awesome huh?
WPA has no structural flaws.
Not quite correct, there is this little thing called; "Hole196", It is not a big flaw, In terms of practical impact, But it is there :)
"Men will never be free until the last king is strangled with the entrails of the last priest." - Denis Diderot.
Broadcasting a specific SSID from an AP that uses a captive portal and is routed out to the Internet and firewalled from other networks is not "insecure". Article is absolutely meaningless.
Seriously, it's like an unsecured AP with more consumer confidence. It takes 15 mins. at most on decent hardware to crack WEP.
The sad thing is that most ISPs don't make WPA readily available to their customers.
Here in the US, I run an open access point on a DMZ with some traffic and speed restrictions. I run it for the convenience of my friends and guests. I'm no attorney, but we still prosecute the people who commit crimes, not the owners of the stuff used to commit the crime.
Why is it my responsibility to police the activity of others "trespassing" on my property? If a criminal is running through my back yard is it my responsibility to tackle him or shoot him? If a bad guy steals my car and uses it to rob a bank, or run someone over, am I responsible for the consequences?
Any reasonable person would say the perpetrator of the crime is responsible for the consequences of committing that crime.
By leaving my property, my access point, open for the convenience of others, what crime have I committed? I say none. Any other law holding ME responsible for the crimes of OTHERS is unjust.
-ted
My open AP sits on a segregated subnet. It is also running a captive portal. If you need to get into my private network, you must use a VPN client. If you want to browse freely on the Internet, you must authenticate to the captive portal.
They are shipping routers that have encryption turned off by default. And the routers have WEP as an option. The manufacturers could ship all their routers with WPA-2 and a randomized password that is shipped separately in the box. But they dont.
What is one that allows you to segregate the wired from the wireless so they cannot talk to one another. I would like a wireless router that: The wireless can only access the wan. Do any of them do that? Extra points for a router that can only be administered via the wire.
I miss the good ol' days where you could fire up your device in a park or apartment complex or wherever and find an AP to connect to. Not any more.... You see a dozen APs, all locked down. End of an era...
I live in a RV and have commercial Wi-Fi client mounted in my RV with a Yagi antenna on the roof where my TV antenna used to be.
My best connection distance to date is 2.3 miles from a ridge top campground in a state park to a KOA campground in the valley below.
In my travels around the country I have only been parked in a few places where I can not find at least one open access point to connect to.
In fact in my experience the smaller the city the better the likelihood of an in range open access point. Open access points are my connection to the outside world now.
What is much more important is the 2.6 percent. Sydney has 4.5 million people, so 10.000 seems like a low number to me. It would be interesting to see these numbers from other cities and/or countries.
Downside will be that the number 10.000 sounds like a lot and will be treated as such by the media.
Don't fight for your country, if your country does not fight for you.
Did they consider that many of these might just be hotspots that were intentionally left open? 2.5% doesn't strike me as an unreasonable percentage of people that intentionally leave their wifi open. It'd be relatively simple to modify the test procedure to attempt to connect to the networks and 1) see if they can lease an IP address, which would tell if they at least have MAC-based authentication enabled, and if they can get an IP 2) see if they get the expected text when trying to connect to a predetermined website, which would tell them if there's a captive portal operating. Both of those things could be seen as valid reasons for leaving wifi networks unencrypted, but I wouldn't necessarily call either of those scenarios an "open and unsecured" network.
For tonight's news we are going to bash the poor retards who can't seem to secure their APs because, you know, anyone could drive to your backyard and plant child pornography all over your drives and make your printers spit it out non-stop, God forbid!. Tomorrow there will be another slashstupidity about how we need more freedom and how to combat Big Money and Big Brother by using open proxies and stick it up the stablishment's ass and that leaving your AP open is mighty tech-cool, libertarian and fashionable. Oh, the humanity.
Newsworthy you ask?
This is a blatant slashvertisement for Australia's largest Wireless ISP, Linksys.
Calling someone a "hater" only means you can not rationally rebut their argument.
I choose to leave my wireless open. I view wireless "security" like this: 1) Write a secret message on a plain postcard. 2) Put it in to a safe. 3) Drive the safe to the post office. 4) Take the postcard out of the safe, give the post office people the postcard.
I got this far before I realised your view of security is horribly broken.
The point of WiFi security is to prevent others from using your wifi when you dont want them to. There are a few reasons for this,
1) control what gets put through your network.
2) prevent others from using your bandwidth, slowing your connection down.
3) Prevent others from consuming large chunks of your download cap (very prevalent in Oz).
Now how WPA works is.
1) put your postcard (packet) in a safe (encryption).
2) send that safe to the post office (router).
3) Authorised agent at the post office opens safe with the key you gave them. The post office carries out the instructions on the post card (NAT) on your behalf.
The whole point of this is to prevent anyone sending instructions to the router without your authorisation. This entire process is done completed the internet is even involved, NAT and firewalls on the router is security against internet based attacks, WPA is the defence against local attacks.
Do you now understand that wireless security is completely separate from gateway security and is not broken by it.
Calling someone a "hater" only means you can not rationally rebut their argument.
In my area, if you drive around town then a lot of places show up as "Unsecured wireless network" but if you try to access the Internet through it, it redirects all traffic to one particular location that wants you to put in a username/password (which you have to have paid for via some other channel previously).
Just because it's not using WPA or WEP doesn't mean it's insecure. Many such networks use other end-to-end methods to secure data that needs to be secured, and invites the public in. This is especially common in Oregon, for example.
Furries make the internet go.