KisMAC Developer Discontinues Project

mgv writes to let us know that the lead developer of KisMAC, a passive wireless network discovery tool for Mac OS X, is discontinuing the project. Michael Rossberg lives in Germany and that country has recently passed laws that would make his participation dangerous. He urges visitors to take a copy of KisMAC and its source as long as the site is up, so that development might be continued outside the US or EU. From the website: "There has not been a lot of time for KisMAC lately. However the motivation for this drastic step [lies] somewhere different. German laws change and are being adapted for 'better' protection against something politicians obviously do not understand. It will become illegal to develop, use or even posses KisMAC in this banana republic [i.e., Germany]."

The ignorant Arrogance of German politicans.

Because of its vagueness, this yet to be commenced, but already passed law is a severe threat to the German security community! Experts of different interest groups have repeatedly expressed their serious concerns, but the politicans - naturally knowing better than any expert can - decided otherwise. For more information, please visit: http://www.phenoelit.de/202/202.html [phenoelit.de]

Doesnt work in all Macs

He urges visitors to take a copy of KisMAC and its source as long as the site is up, so that development might be continued outside the US or EU

FYI: KisMAC doesn't work in passive mode in the latest ibooks with Atheros AR5008 chipset.

Re:Doesnt work in all Macbooks

Darn submit button! noticed that myself afterwards. I'm aware that on the older Macbooks (pre 2007) it works fine. But Apple has changed the chipset recently to Atheros and all kinds of problems have crept up, airport dropping connection and so on. It's un

As someone with dual citizienship and..

a family of lawyers, I'd caution anyone tempted to think of this as an Us Vs. Them scenario. This kind of shit happens everywhere, and it's really only by having the protection of the guns of any particular country that you gain any measure of freedom past the average level that the man on the street considers the lowest possible. It sucks, but this is the reality of the situation. You've only got as much freedom as isn't either explicitly protected, or passed by when politicians make their rounds in "protecting" you against harming yourself.

German goverment also sponsors security tools

The irony of the situation is that the German government actively sponsors [nth-dimension.org.uk] work on security tools such as GPG [bsi.bund.de], OpenVAS [openvas.org], BOSS [bsi.bund.de].

Re:

... Kismac doesn't break into Apples, it lets Apples passively monitor networks and has some basic attack functionality integrated. Your post might be [vaguely] on topic if this was a discussion about an Apple firewall, but for a passive wireless network s

Re:

Sirs,

Eventually you are missing the point. KisMac is a tool that can discover APs and Point to Point wireless network, Crack WEP, Crack WAP (given a dictionary) and make Injection Attacks with selected hardware (prism cards mostly). So it's just not a pure

Re:

So what does it take to be a "professional"?

Re:

50$ in the right person's pocket.

Re:Its a cracking tool

Free speech is fine but I don't agree with having this tool available to non-professionals in a nice easily installed package.

Well, I have used it a bit, and I'm no professional. But having shown people how quickly their encryption fails is a good thing.

At the end of the day, your comment is one of security through obscurity.

Kismac doesn't hack the unhackable, it can however open up access points that are much less secure than their owners think, mostly due to failures by the vendors to use proper algorithms. Why this should bother you is unclear to me.

At the end of the day, the vendors are more likely to change their hardware if this sort of tool is widely available. If it was kept obscure, most hardware vendors would never patch their access points.

I've used it alot, but never actually hacked into anyone's computer by using it.

Its likely to be forked anyway and exist on in another country...

Michael (as the original poster of the article).

Re:Its a cracking tool

Is there even a legitimate use for that?

To find out if your own network is vulnerable.

No matter what kind of bullshit laws get put into place to restrict 'cracking tools' - criminals will have them. Legally sticking your head in the sand will not make you any safer. Far better that tools like this are spread far and wide so that countermeasures, or at least recognition of the problems, are also spread far and wide.

Re:Its a cracking tool

No matter what kind of bullshit laws get put into place to restrict 'cracking tools'

It's not to restrict the tools, it's just so they have more things to accuse you of when you're charged to get something to stick.

Re:Its a cracking tool

cool, just what every community needs - more ways to have charges stick when the government takes a dislike to you! assholes.

Re:

To bring in the car analogy, this seems more like making cars and alcohol illegal instead of the act of drunk driving..
Of course driving and drinking everyone knows, so making them illegal would never even come into question.

Re:Its a cracking tool

"Is there even a legitimate use for that?"

Under German law, now, even nmap could be considered evil. Tools like this and kismac are mostly used to see if your pants are around your ankles with regards to your network, either home or commercial.

Why should people with home networks not have this tool available? The German law is stupid and makes everyone a victim while not taking the tools out of the hands of people who will use them anyway for nefarious purposes.

I can kill people with a hammer, or I can use it to build things. I choose the latter. Should we outlaw hammers because some people illegaly misuse them?

--
BMO

Re:

I can kill people with a hammer, or I can use it to build things. I choose the latter. Should we outlaw hammers because some people illegaly misuse them?

Brings to mind the riots in Sydney about a year ago. A sporting goods shop almost sold out of baseball bats in a couple of hours. The manager called the police to ask for a suggested course of action. The cops suggested the store stop selling baseball ba

Re:

Brings to mind the riots in Sydney about a year ago. A sporting goods shop almost sold out of baseball bats in a couple of hours. The manager called the police to ask for a suggested course of action. The cops suggested the store stop selling baseball bats

Re:Its a cracking tool

I think that's against some unwritten rule. I mean, what would happen if there was a riot and a hockey game broke out?

Re:Its a cracking tool

Nmap helped me pick out a flaw in my sister's router. She asked me to figure out why it needed rebooting once a day, nmap showed several open ports, and after hitting one multiple times the router locked. Repeat the experiment, it locks again. Experiment concluded.

Kismet showed some family members why they needed both wireless encryption and MAC filtering. Telling them I was going to log every IM conversation, and then showing them the logs went a ways towards convincing them that their wireless was not really all that secure. They now know that MAC filtering only keeps out the honest, and WEP only hides their data with a thin layer of gauze, but at least it is their informed choice now.

Kismet and other wireless scanners have helped me pick out channels for my router based on where they have the least interference. I blame a cranky windows 'wireless assist tool' for picking the strongest AP instead of the one I select, but since it was what I was dealing with I just made the best out of it.

And yes, wireless scanners have also found me open hotspots to connect to when I am traveling. If the coffee shop leaves it on after hours, how am I supposed to ask for permission anyways?

Re:Its a cracking tool

Just wondering, but what brain-dead IM service allows connections that don't go via SSL?

Umm, all of the most-used ones? AFAIK, Google Talk is the only one of the popular networks that does it, and that's because it's based on XMPP (Jabber).

Yahoo, MSN, AIM/ICQ, none of them have encryption. Whenever I find someone using Pidgin/Gaim I can convince them to install a plugin like gaim-encryption, but my buddies who use the official clients are sitting ducks (and me along with them).

Re:Seems like a waste

Hmm, couldn't he contribute anonymously somehow?

Well if he were going to do that he probably wouldn't announce it.

Re:Can he continue 'remotely'?

If they wanted to charge him they still would and while he may still win because the program is running on a computer in a different country it still would cost him alot of time, money, and energy that he probably doesn't want to spend.

Re:Can he continue 'remotely'?

First: If he accesses the server from germany, development will not be considered to happen outside of germany. Second: Won't matter anyway, as german law declares itself to be applicable to what a german does even outside of germany.

Somewhat OT: Managers

Part of being a good manager is that you directly manage only stuff you understand.

So if the owner of the company you work for has hired a competent CIO and lets him do his job, that is perfectly OK. In my experience, those who are halfway tech-savvy and s

New country?

How about Gnufoundland?