Queensland Police to Look For Unsecured WiFi Spots

← Back to Stories (view on slashdot.org)

Queensland Police to Look For Unsecured WiFi Spots

Posted by samzenpus on Thursday March 22, 2012 @06:54PM from the going-down-under-cover dept.

OzPeter writes "As a part of National Consumer Fraud week, the Queensland Police are going war driving in order to identify insecure WiFi setups. From the press release: 'The War Driving Project involves police conducting proactive patrols of residential and commercial areas to identify unprotected connections. Police will follow this up with a letterbox drop in the targeted area with information on how to effectively secure your connection.' While some people may like having an open WiFi AP its interesting to see that the Police also feel that 'Having WEP encryption is like using a closed screen door as your sole means of security at home. The WPA or WPA2 security encryption is certainly what we would recommend as it offers a high degree of protection.'"

19 of 255 comments (clear)

Min score:

Reason:

Sort:

How times have changed by Aaron+B+Lingwood · 2012-03-22 19:01 · Score: 4, Interesting

Merely 15 years ago I was doing the exact same thing and have been, on umpteen occasions, questioned, detained, given a 'move on' notice or just generally harassed.

--
[Rent This Space]
1. Re:How times have changed by davester666 · 2012-03-22 19:25 · Score: 4, Insightful
  
  Being able to flash a badge lets you get away with murder...why would wardriving be on the do-not-do list?
  
  --
  Sleep your way to a whiter smile...date a dentist!
2. Re:How times have changed by Anonymous Coward · 2012-03-22 22:35 · Score: 4, Funny
  
  LOL, you failed hard.
It's Basic Infrastructure by mdm42 · 2012-03-22 19:03 · Score: 5, Interesting

I have an open Wifi setup. My attitude is that connectivity has become basic infrastructure, and all "lock it down" freaks have just bought into the agenda of ISPs who don't want us to share bandwidth to boost their own profits.
If you're a guest in my home, you're welcome to use the bandwidth, along with the lights and water. Can you imagine visitig a friend only to be told, "Look, here's the PIN code to unlock the lights, and here's the key in case you want to wash your hands." Ridiculous. I accept that there's a risk of someone lurking in their car outside the property boundary to leech off my internet connection, but there's a risk of someone stealing water from my outside, unprotected taps, too. OTOH, if bandwidth were shared freely everywhere there'd be no need to sneak around "stealing" it, would there?
It's the 21st Century, man. Get over it!

--
New mod option wanted: -1 DrunkenRambling
1. Re:It's Basic Infrastructure by hawkinspeter · 2012-03-22 20:28 · Score: 5, Interesting
  
  What I do is use a WPA2 network that all my devices use and an open network for guests to use that is firewalled from accessing the other network. That gives me the best of both worlds.
  
  My attitude is that if I'm out and about and want to get WIFI, I'd like other people to provide open guest networks, so it makes sense for me to provide one for other people to use.
  
  --
  You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
2. Re:It's Basic Infrastructure by hawkinspeter · 2012-03-22 20:31 · Score: 4, Informative
  
  Use HTTPS Everywhere https://www.eff.org/https-everywhere/> and make sure that any confidential data is over https and then it doesn't matter that the WIFI is un-encrypted.
  
  --
  You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe
3. Re:It's Basic Infrastructure by mvar · 2012-03-22 20:48 · Score: 4, Insightful
  
  You should be more worried if someone uses your WiFi internet connection to do something illegal. Next moment the cops will be raiding your house, seizing all your hard drives for further examination, while you go through all the hell of the legal process attempting to prove that you are not an elephant. No thanks, if a guest wants to access my wifi he should ask for the password and take the extra 30 seconds needed to type it in.
4. Re:It's Basic Infrastructure by im_thatoneguy · 2012-03-22 20:50 · Score: 4, Interesting
  
  I have an open Wifi setup. My attitude is that connectivity has become basic infrastructure, and all "lock it down" freaks have just bought into the agenda of ISPs who don't want us to share bandwidth to boost their own profits.
  Screw the ISP I don't want my cheap-ass neighbors slowing my Netflix down to a crawl while they download 10 seasons of some anime shit.
  If we all "had internet" and people stuck to HTTP web traffic I wouldn't care. But I've had roomates before--hell I have myself as a roomate and I know that my internet is not big enough for the both of me from time-to-time let alone neighbors.
  If I had a gig-e pipe they could be free to do as they please but I don't pay for my apartment building's electric bill, I pay for mine. And based on the fact that I can't even leave my laundry detergent on my little spot of shelf in my apartment building without it being used up in a couple weeks (and 2 loads of laundry from me) I know if they could secretly plug their water into my tap they would.
  If I'm playing TF2 I expect there to be 0 torrenting and streaming on my connection so that my pings stay reasonable. It's bad enough knowing if one of my computers found an 'interesting' RSS feed let alone having two moochie neighbors.
5. Re:It's Basic Infrastructure by Stalks · 2012-03-22 22:41 · Score: 4, Informative
  
  A linux box, iptables experience and a couple of WiFi cards/AP would be ideal, however there is an easier way..
  Your ADSL/Cable router plugged into your ISP offers unprotected WiFi.
  Buy another cable router and plug it into the above router offering protected WiFi behind its own NAT/Firewall.
  Internet <--> ROUTER <--> ROUTER <--> LAN
6. Re:It's Basic Infrastructure by Anonymous Coward · 2012-03-22 23:02 · Score: 4, Insightful
  
  By everyone locking down their wifi you provide credibility to the claim that an IP equals a perpetrator.
  If I were to say, brute force your WPA2 using my graphics card, you would have a harder time making your case than if your wifi was open and it could have been anyone.
  I care more about protecting the innocent than persecuting criminals I guess.
7. Re:It's Basic Infrastructure by alphred · 2012-03-23 01:02 · Score: 5, Interesting
  
  Yes, but in order to discover that there is nothing on your PC, the police will break down your door, search your house and remove all computer-related devices that they can find. After a few months in their possession, and a thorough search of the contents, they will conclude that you must have hidden the illegal content on a thumb drive or some other device that they must have missed. In the meantime, your name and details of the search incident will have been released to the local press and the court of public opinion will have already reached a verdict of guilty that you and your family will have to live under forever. Lack of evidence in this case is not the same as innocence.
  
  Now, this scenario may or may not be likely, but you do have to ask yourself if it's worth it to have an open connection.
Accountability by rwa2 · 2012-03-22 19:06 · Score: 5, Insightful

Plus, it's easier for them to book you for thought crimes they catch you committing via their IP taps. They'll have none of that "but my wifi is open -- it could have been anyone" defense. That won't work for you, sir, you'll be held accountable for whatever flows through your pipes!
Google by Aaron+B+Lingwood · 2012-03-22 19:09 · Score: 4, Interesting

Doesn't google already have this data?
This looks like a money grab from this years' budget
The QPS is always complaining that they do not have enough funding to pay their staff. Now they are wasting precious manhours to mine data that they could easily purchase (or even receive for free) from Google.

--
[Rent This Space]
I wonder what they will say by Anonymous Coward · 2012-03-22 19:15 · Score: 5, Funny

NSW police may be interested in my wifi ssid "Police_Surveillance_Van_71A"
1. Re:I wonder what they will say by lexsird · 2012-03-22 20:47 · Score: 4, Funny
  
  I name mine "Warning: Virus Detected!"
  
  --
  Take the Red Pill.
Re:wifi security by Anonymous Coward · 2012-03-22 19:17 · Score: 5, Interesting

Insecure WiFi != Insecure network.
At home I have two WiFi network over the same AP, one is open an the other use WPA2, they are in independent networks and with a firewall between both, plus the open is capped to use at max 2mbps.
Re:Broken security by SilentChasm · 2012-03-22 19:38 · Score: 4, Informative

As far as I know WPA/WPA2 isn't broken, only WPS's PIN mode (enter an easy 8 digit number instead of a complicated alphanumeric passphrase). Granted you can still bruteforce the PSK itself instead of the PIN but then you've just got the same problem of weak passwords that many other things do.
Re:Broken security by thegarbz · 2012-03-22 19:58 · Score: 4, Informative

WPA and WPA2 isn't broken. There's only a configuration problem in WPS (a system designed to bypass having to enter a WPA key, who thought that was a good idea anyway?). Even that isn't broken as such. The effect is that the brute force attack has been simplified to the point where it is achievable to actually perform rather than having to brute force the entire array of usable keys. A simple configuration change that either fixes the problem or better yet limits the number of tries or the rate of tries for connecting using WPS would instantly make it secure again.
The irony? Older access points which support WPA and WPA2 but don't support WPS are quite secure.
The double irony? I have never had WPS actually work on my access point even when the PIN is known, so I'm amazed that this is a suitable attack vector in the first place.
I broadcast about 120 open AP's by Lumpy · 2012-03-22 22:29 · Score: 4, Funny

All of them named Linksys, Dlink, Wireless, etc... and all to a single router that is connected to nothing at all.
It significantly reduces the volume of idiot neighbors that do not configure their new wireless as many times they will connect to me instead.
Works great, when I shut it off, I see no more default router names.
It also screws with the wardrivers, I look at some of the maps every few months and see my location with a giant pile of AP names around my building.

--
Do not look at laser with remaining good eye.