Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Wireless Networking The Internet Hardware

Wardriving Worries Residents 530

sphynx99 writes "This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving, a "new method of privacy intrusion and identity theft". Nothing to worry about, though; "The Scottsdale Police Department plans to create a cyber-crimes unit next year."
This discussion has been archived. No new comments can be posted.

Wardriving Worries Residents

Comments Filter:
  • by Anonymous Coward on Wednesday October 06, 2004 @10:29PM (#10456614)
    Scottsdale residents are concerned people are looking into their homes when their blinds are open. Police plan to start a blind closing service.
    • Re:In other news (Score:3, Insightful)

      by iluvcapra ( 782887 )
      Mod me down if you wish, BUT, why exactly is their always, without fail, some pithy Score 5: Funny AC post at the head of every story thread?
      • 'why exactly is their always, without fail, some pithy Score 5: Funny AC post at the head of every story thread?'

        Attempts for 'fr1st m0d'?

    • by agent ( 7471 ) on Thursday October 07, 2004 @02:24AM (#10457659) Homepage Journal
      SBC/Yahoo took upon them selves to install an 802.11b WiFi NIC into their latest DSL "modem". It is enabled by default with 64 bit encryption, and (now this is where I am not 100% sure) the WEP key is printed on the bottom of the unit. The SSID is "2WIRExyz" where xyz is in the set [0-9].

      I post my wireless research here. http://mb.citiwireless.com/ [citiwireless.com]

      If you liked what I had to say, please show you appreciation by making a contribution to the FreeNet project.
      http://freenet.sourceforge.net/ [sourceforge.net]

      Have Fun,
      -Steve

      Huhhhh, I said marriage. http://www.archive.org/search.php?query=marriage%2 0AND%20mediatype%3Amovies [archive.org]

  • Finally (Score:2, Insightful)

    by mpost4 ( 115369 ) *
    finally some one sees this as a real problem. For now the best solution (the one I also use) is to secure your network.

    Maybe I am in the minority but I see stealing bandwidth, the same way as stealing movies off line, it seams like you hurt no one, but you are still stealing, no amount of justifying is going to change that
    • Re:Finally (Score:4, Insightful)

      by Lord Kano ( 13027 ) on Wednesday October 06, 2004 @10:42PM (#10456719) Homepage Journal
      Maybe I am in the minority but I see stealing bandwidth, the same way as stealing movies off line, it seams like you hurt no one, but you are still stealing, no amount of justifying is going to change that

      Some people intentionally set up APs and leave them open because they want to. SOME of the open APs out there were intended to be used. If you don't want anyone to use your connection, don't leave it open. You're broadcasting signals into public areas. If you don't secure your network, you have no grounds to complain if someone uses the signals that you broadcast into public areas.

      I use WEP and MAC filtering on my network. It took 2 minutes to set up. There is no reason why other people can't.

      Copyrighted material is never intended to be downloaded from the internet without the permission of the copyright owner.

      BTW, how many fucking times do we have to say it? Copyright infringement is not "stealing", it's illegal, it's wrong, but it's not "stealing".

      LK
    • Re:Finally (Score:5, Insightful)

      by Izago909 ( 637084 ) * <tauisgod@g m a i l . com> on Wednesday October 06, 2004 @10:44PM (#10456732)
      If you choose to live in a glass house, when blinds are cheap, you for-go the right to bitch about people looking in on you. An ounce of prevention goes a long way. Now, if a hacker breaks your encryption and your MAC filtering, then you can complain.
    • Re:Finally (Score:5, Insightful)

      by Fjornir ( 516960 ) on Wednesday October 06, 2004 @10:57PM (#10456836)
      I'm not so sure you're looking at this the right way... First though, I want to make it abundantly clear that my comment is only meant to apply to open wireless networks. That said, let's take a pretend CB radio session as an example. I tune into channel 7 and PigPen and the RubberDuck are talking back and forth about the Mt. St. Helens eruption. There's a pause in their conversation and I hop in and say, "PigPen, this here's the ManOnTheStreet, so tell me good buddy, what's on the frontpage of CNN right now?" and PigPen responds, "RubberDuck, she's just blowing more ash for a month or two. ManOnTheStreet, Tiger Woods just married hisself some hot lookin' swedish model, and man can you see her tits but good through that dress of hers!"

      Obviously PigPen could have ignored me. Or told me to go check myself. There was no requirement he answer my query. Same goes for any transaction that happens on the public airwaves -- like the wireless networking bands. I'll go so far as to say that MAC spoofing, or hacking the WEP key is definately wrong... But unless an open network is considered to be open am I liable if my linksys wireless nic connects to your default-settings linksys wireless hub instead of my default-settings linksys wireless hub?

    • If I'm standing outside and I use the light from your porch to see something, am I stealing from you?

    • Re:Finally (Score:5, Interesting)

      by Cecil ( 37810 ) on Wednesday October 06, 2004 @11:50PM (#10457105) Homepage
      There are two sides to every coin. My WAP is open. Intentionally. All I have to say is: please don't make it illegal for other people to use it.
  • Stupid people (Score:5, Insightful)

    by Anonymous Coward on Wednesday October 06, 2004 @10:31PM (#10456627)
    Heaven forbid they setup their networks properly and save taxpayers thousands upon thousands of dollars. Why be responsible when you can just whine to the government?
    • Re:Stupid people (Score:5, Interesting)

      by BrookHarty ( 9119 ) on Wednesday October 06, 2004 @10:52PM (#10456793) Journal
      If you want to live in rich area like Scottsdale, you pay the sky high taxes for stupid shit like this. People live in areas like this for the stupid services. I'm sure you could list the services gated communities around the world do even stupider things.

      A buddy of mine just had his neighborhood incorporated in the local city, they put in sewers, lights, and he can now use the local firedepartment and police, but his property tax went up. Was it worth it? Septics only cost a couple hundred to empty. Now, they charged him 20K, and he HAD to pay it. (And not including the money to hook upto the sewer, another 10K for pipe work.)

      OT, speaking of Scottsdale, I almost hit a freaking Gatsby [gatsbycars.com] that ran a red light. And the lights are backwards compared the reset of phoenix. What a freaking wierd city.
  • by rainman_bc ( 735332 ) on Wednesday October 06, 2004 @10:32PM (#10456633)
    I wish they'd just save everyone a lot of hassle and RTFM...
  • repeat after me (Score:5, Informative)

    by ophix ( 680455 ) on Wednesday October 06, 2004 @10:33PM (#10456643) Homepage
    purely passive wardriving is NOT a crime.

    now connecting to their access point and using their internet/network for whatever... that might be, i am not a lawyer, so i cannot say. what i do know is that RF signals are not owned, for if they were i could sue for criminal trespass when the other guy's signals cross my property.
    • Depends on what the definition of 'passive' is.

      Just monitoring beacon packets? Yes, that's legal.

      Monitoring all traffic (e.g. running kismet with logging on), not legal, it's a violation of the Federal wiretapping laws.
    • what i do know is that RF signals are not owned,

      "ownership" has nothing to do with it; its whether the communication is conducted via a method the user has a "reasonable expectation of privacy" using. "That someone isn't going to go park outside my house with a cantenna, and a laptop equipped with software specifically configured to listen for and capture traffic" is most certainly "reasonable", nevermind they have to be fully aware it's possible for others to very easily listen in. If you're intentiona

      • In all cases, including "wardriving", there is no legitimate reason to collect the information or listen in. It's none of your goddamn business.

        That's an opinion, not a fact.

        the law is not based on whether or not they think their little "hobby" should be legal or not- it's based on decades of case law.

        Certainly; but the law, in a roundabout manner, is a representation of what the people deem acceptable behaviour. Therefore, what the law should be is very germane for discussion. To argue otherwise

      • by LostCluster ( 625375 ) * on Wednesday October 06, 2004 @11:14PM (#10456959)
        its whether the communication is conducted via a method the user has a "reasonable expectation of privacy" using

        That's a standard that the existance of the concept of wardriving shoots a nice big hole through...

        A wide-open 802.11x access point can be seen as an open invitation onto that network. Afterall, there are many public places that intentionally set their networks to be wide open in order to encurage use by visitors/customers.

        The lack of intent doesn't have much to do with it... if you set up a wide open network, you're giving an internationally recognized signal. One should know the customs of what they're dealing with lest they unintetionally make such a signal.
      • Yes, but if Joe Driver decides to drive in front of your house with your open network, and connects to it for internet access, just a simple google query, nothing illegal, nothing questionable, no packet sniffing, it isn't really eavesdropping. PLUS WiFi networks are not covered as Telephone communications, and thus are not covered by the regulations that I cannot listen to them. I can listen to them just as legally as I can listen to HAM bands, Police bands, or the FM radio in my car.
      • > In all cases, including "wardriving", there is no > legitimate reason to collect the information or
        > listen in. It's none of your goddamn business.

        I operate a bunch of 802.11b 2.4ghz access points in my area ( somewhere in the order of 6 ), a couple of connections commercially but mostly for employees / acquaintances of our company with an assortment of antennas and gear.

        We also operate a fair bit of Trango gear in the 5.3Ghz and 5.8Ghz spectrums, the fundamentals are the same.

        Scoping out who
    • Re:repeat after me (Score:4, Insightful)

      by bconway ( 63464 ) * on Wednesday October 06, 2004 @10:49PM (#10456770) Homepage
      Newsflash: Just because I forgot to lock my door, that does not make it legal to enter my home, snooop around, not steal anything, and leave.
      • Re:repeat after me (Score:3, Interesting)

        by ophix ( 680455 )
        is your front door on my property? didnt think so. this is nowhere near the same as leaving a front door unlocked.
      • Re:repeat after me (Score:3, Insightful)

        by rainman_bc ( 735332 )
        No, but if you leave your blinds open I have the right to look in your windows and see what you have. Don't like it? Shut your damn blinds (or curtains).
      • Re:repeat after me (Score:3, Interesting)

        by _Sprocket_ ( 42527 )
        Newsflash: I'm on a public street when I pick up a transmission you're making on a public, unlicensed frequency. I'm not walking through your unlocked door to plug in a CAT5 to your home network.
  • Bleigh (Score:5, Interesting)

    by Gentlewhisper ( 759800 ) on Wednesday October 06, 2004 @10:34PM (#10456647)
    Instead of wasting tax payers' money, they should just use wired lans.

    Why should the poor pay taxes to subsidize all these extra expenditure made for the sake of those who are wealthy?

    I'm talking about those in the bottom of the scrap heap here. Those who don't even have computers, Joe Sixpacks.. like.. Homer!

    Now, why would Homer have to pay more taxes so that Burns can have a safe wireless lan?

    Those people who buy a wireless router should pay for a tax at time of purchase!
    • Re:Bleigh (Score:2, Insightful)

      I agree. I want my taxes spent catching murderers and rapists, not doing things that normal citizens should.
    • Now, why would Homer have to pay more taxes so that Burns can have a safe wireless lan?

      Because that's how America works. It's the same reason my tax dollars go to those idiots who live in hurricane alley and need to rebuild their house for the 4th time.
  • by haluness ( 219661 ) on Wednesday October 06, 2004 @10:34PM (#10456649)
    At one point the article mentions residents reporting that their WiFi signals were tampered with? That sounds strange - why (how?) would wardriving tamper with signal - should'nt the act simply connect to unprotected AP's?


    So on what basis are the residents reporting incidents? Or is it just upscale residents reporting scruffy people in beat up cars? (which is not necessarily a bad thing)

    • Indeed, this is strange -- if the residents aren't smart enough to figure out how to secure their access point, how are they going to be smart enough to know when their WAP is being accessed via wardriving?
      • It could be that their SSIDs were altered to something else, which is not all that uncommon, especially when you look at WIFI maps. So, if they hop on their laptop, and select the AP, the name could pop up saying "you are connected to XXXX" and that's how they might know something is up.
    • Maybe they noticed their throughput was a little lower and bringing up their porn took a little longer. Personally I think they're full of it but thats just me.
    • by Solder Fumes ( 797270 ) on Wednesday October 06, 2004 @11:17PM (#10456973)
      I got curious one evening and took a short drive around my semi-rural neighborhood. I discovered 26 wireless networks, only 10 of which were secured. Almost all of the unsecured networks were using the default "linksys" configuration right out of the box. This means that anyone can connect to their network with full administrative control by logging in to 192.168.1.1 with no username and the password "admin" as published in the Linksys manuals. In fact, I can see two nodes like this from my own apartment. These people probably have no idea if they're even connecting to their own cable modem. And they're leaving their router open to full administrative control by anyone on the street; someone could even turn on the remote management and no longer have to be physically near the node.

      It's ridiculous, and wireless router manufacturers should make it mandatory to choose passwords and security phrases. Simply resolve all internet access to the internal configuration page until the router has been successfully configured.
  • Fools... (Score:5, Insightful)

    by Izago909 ( 637084 ) * <tauisgod@g m a i l . com> on Wednesday October 06, 2004 @10:35PM (#10456659)
    That's very interesting. I would like to see a comparison between the cost of the proposed cyber crimes division and the cost of sending high school nerds house to house to show these fools how to enable WAP/WEP encryption keys, MAC address filtering, and other proper precautions that most people are too lazy to read the instructions about, but concerned enough to perpetually bitch over. For real people, what the hell? If I knew I was living in a high crime area, I wouldn't leave home with the doors and windows wide open and then pretend that my ineptitude isn't at least part of the reason I was robbed clean. I also wouldn't recommend starting another bureaucracy who is responsible for cleaning up a mess that is easier to prevent in the first place.
    • Re:Fools... (Score:2, Insightful)

      by mpost4 ( 115369 ) *
      Does not always work. even in low crime areas (or places you would think to be lower in crime)

      Take for instance I lock my car doors all the time, at night I park in my churches lot (you think people would have a bit of respect for a house of worship) well 2 Sundays ago I find that over night my car radio was stolen, they brock into the car via the close window, while the car was parked in the churches lot. People who want to break the law are not going to be stopped by locks or web and mac address filte
    • Re:Fools... (Score:5, Funny)

      by surprise_audit ( 575743 ) on Thursday October 07, 2004 @12:24AM (#10457283)
      I'd like to see the high school nerds being the cyber crimes division.

      I suppose the police chief could get into trouble for it, but it would be really funny if an officer went around to each complainant with a 10-year-old kid and told them, "We're here to help secure your WiFi." "Sure, officer, but why's the kid here?" "Oh, he's the WiFi security expert. I'm just driving him around because he's too young to drive himself..."

  • maybe... (Score:5, Insightful)

    by SuperBanana ( 662181 ) on Wednesday October 06, 2004 @10:36PM (#10456662)
    This article describes how residents of an upscale neighborhood in Arizona are worried about wardriving

    Maybe they could actually set up their access points properly. It's not hard. Even WEP is far from trivial for a wardriver to get past- they'd have to camp out and wait for "weak" packets...except for certain specific AP's that have faulty WEP key generation. The owner's manuals now cover turning on WEP/WPA quite nicely, have for years, and most of the glaring problems have been fixed long ago as well.

    What's next, people complaining about all the crime in their neighborhood but not locking their goddamn front doors? Oh...check [metrowestdailynews.com].

    • Re:maybe... (Score:3, Insightful)

      by Anonymous Coward
      Maybe the fact that most people have it off by default is a clear indication that it IS hard for most people.

      The entire idea of WEP is horrible from a user-friendliness point of view. Here's just 1 example of how it could work better. I'm sure an actual HCI person could come up with something much better:

      1) Plug in router.

      2) Read instructions, which is a sheet of paper with minimal steps to get Windows to connect to the router. The *unique* name of the router is mentioned on the paper. (perhaps deter
  • A good to solve this problem is to simply get residents to lock down their WAPs. An even better way would be to have this be a part of the default setup for WAPs. And ofcourse the best way would be to just get the paranoid people to run ethernet throughout their houses. No need to get laws involved when there's a fairly easy technological solution to this problem.
  • Get to work, geeks! (Score:5, Interesting)

    by Bull999999 ( 652264 ) on Wednesday October 06, 2004 @10:38PM (#10456677) Journal
    residents of an upscale neighborhood in Arizona are worried about wardriving

    Geeks living in that area should consider advertising their services. Improving computer security and making money while doing it sounds like win-win situation to me.
  • If I was to broadcast my 'privacy' unsecured 10 miles around... could I really complain of privacy intrusion and identity theft? Yeah right...
  • This is not police business, this is the resposibility of Joe and Martha computer owner to ensure that their network is secure.

    A quick look at the Scottsdale yellow pages reveals a great many business that offers such a service... and the costs would not be large.

    To think that the concern is coming from "residents of an upscale neighborhood" is especially humourous.. or bothersome, depending on how you look at it. I'm betting that they are spending big $$$ securing their homes.. but would balk at payi
  • If I drive around and find (and pinpoint) unsecure wireless networks, is it illegal to say, "your network is unsecure.. see, I'm on it right now. I'll secure it for you for $20"?

    It'd be hard for them to say no, so... kinda easy money, or is there some kind of law that states I have an obligation to tell someone if something is wrong (although I'm sure there isn't.. for techonlogy.)
  • by nulltransfer ( 725809 ) on Wednesday October 06, 2004 @10:40PM (#10456701)
    Many places offer wifi internet access for free, legitimately.

    If wardriving is a crime, how are people supposed to know which AP is the place offering free wifi and which is an ignorant home user? (other than the ESSID, which if the home user knows how to change, will probably be able to prevent it in the first place)

    This seems to me to be another case of the naive shifting responsibility to others...

  • Don't use wireless. I don't believe that using wireless in a home is wise. I don't care about protocols and encryption - there's always some vulnerability that eventually pops up in hardware or software. Why take the chance if you don't have to?

  • Wardriving has been around for several years now, and they are just now getting worried?

    Aside from breaking into network shares, I do not see a major threat really -- wouldn't want any bad hackers to have access to the shared Music drive .... would we?

    All financial transactions done over the Internet use some form of data encryption, so someone sniffing in on the network would just get a bunch of garbage.

    Whatever man.
  • While the article is absolutely informative in a panic-causing sort of way, they're a little off on their history.

    http://en.wikipedia.org/wiki/Wardialing

    While Wargames popularized the practice (among geeks anyway) it was not the origin of it.
  • that having enough money to afford to live in a gated community doesn't mean you necessarily have a clue. Gee, what a bloody shock.

    Are we going to start seeing lawsuits against the manufacturers of WiFi hardware that ships with weak security configurations? That's about the only eventuality which will trump the need for companies to cater to the stupidi^Wlowest common denominator.

  • by Chief Typist ( 110285 ) on Wednesday October 06, 2004 @10:42PM (#10456717) Homepage
    What the Scottsdale PD should be doing is creating a program that helps the citizens setup their home network security. Give classes that teach people how to turn on WEP, how to use a firewall, etc.

    A community service, for sure. And since it's offered by the local PD, it would make the average user realize how important it is...

    -ch
  • Also in August, three Michigan men pleaded guilty in a case that will likely result in the nation's first wardriving convictions.

    Federal prosecutors in Charlotte, N.C., said the men found an unprotected Wi-Fi access point at a Lowe's home-improvement store parking lot in suburban Detroit, using wardriving tactics to steal credit card numbers from the retailer.

    So we need these laws because the credit-card-fraud lobby has kept the practice of stealing people's card info perfectly legal for far too long...

  • Federal prosecutors in Charlotte, N.C., said the men found an unprotected Wi-Fi access point at a Lowe's home-improvement store parking lot in suburban Detroit, using wardriving tactics to steal credit card numbers from the retailer.

    Seeing as how they were in the parking lot, I don't reckon they were using "wardriving tactics", eh? I think they were just plain hacking at that point, but I guess that doesn't sound scary enough.
  • Good Lord... (Score:5, Insightful)

    by ItMustBeEsoteric ( 732632 ) <ryangilbert@gmai[ ]om ['l.c' in gap]> on Wednesday October 06, 2004 @10:48PM (#10456763)
    "Once they're on your network, they can take their time attempting to hack into your computer and steal information," he said. "It's nearly impossible to find them, unless you see them sitting in their car outside."

    Yes, it's so impossible to look out in front of one's house! Whatever will we do?

    Really, I see how this can be a problem. But, that was possibly the worst way of detailing why it is one.
  • Enable web encryption, problem solved. Move along. Seriously; this is a huge upscale neighborhood that's bloody enclosed!, they can affoard to not let anyone run a public network, and force them to hire admins to set up WEP (if there too inept/busy to do it themselves)
  • Larry Paprocki, executive director for Stonegate, issued warnings to neighbors after more than six residents told him they thought their Wi-Fi signals were tampered with.

    According to the Scottsdale police report, the Stonegate resident who granted access to a suspect in August noticed a charge to an online store on his American Express card.


    I saw an EVIL HACKER using his computer on the corner, and then someone stole my credit card number!

    It will be amusing or depressing to see how a prosecutor (and a j
  • by MacDork ( 560499 ) on Wednesday October 06, 2004 @10:52PM (#10456796) Journal
    Why bother creating a cyber-crimes unit for Scottsdale when for a fraction of the price they could hire some out of work coders to put together a secure your wi-fi community education program? Hell, enlist Mr. Anderson's 8th grade comp sci class for that matter. It would cost a lot less and put idle hands to work. The geeks could go war driving and stop at every house with an open access point. Problem solved. Oops, I forgot... gotta bulk up that standing army a bit more...
  • by stienman ( 51024 ) <.adavis. .at. .ubasics.com.> on Wednesday October 06, 2004 @11:00PM (#10456866) Homepage Journal
    I fail to see what exactly they are going to arrest or prosecute people for.

    This is a radio transciever operating completely within legal regulations.

    If you don't want me to listen to your router's packets, don't transmit them.

    If you don't want you router to respond to my 'specially crafted' transmissions, then tell it to ignore me.

    Of course, it's far more complex than that, but current law does not seem to apply to this on the surface. It may apply to your actions once you are using their resources, but only marginally.

    -Adam
  • by rindeee ( 530084 ) on Wednesday October 06, 2004 @11:02PM (#10456877)
    1. It's the end-users responsibility to know what the hell they're plugging in and what the necessary safety steps are. 2. The more we involve the Government in compensating for our ignorance by laziness, the more they WILL get involved. 3. In general, the more the Governement (at any level) gets involved, the worse the problem will get. 4. Most PDs do not have CyberCrimes divisions. I don't say this out of generalized ignorance, I've actually researched it. Of those that do have CyberCrimes divisions, those staffing it are mostly incompetant. This isn't by their own doing. Typically they are ex patrolman and detectives who knew enough to be labled and expert and thus get appointed to these units. There isn't enough training or budget for them to even think about staying on top of things. This goes all the way up the food chain into the Fed Law Enforcement arena. Until you get into organizations such as NSA and DIA (which are primarily doing research) there is a complete and utter lack of talent. The two exceptions to this that I have seen (and I'm sure there are others) are the FBI's computer forensics guys and the RCMP Cyber Crimes guys. 5. Police are reactionary by their very nature...as they should be. Again, they are there to enforce laws. The only time laws need enforcement is when someone is or is trying to break them. When police get into proactive activities they are pulled away from their real purpose (DARE, Public Relations by Officers, etc). While the idea of a completely reactionary police force isn't a popular one, it is in fact the only effective one. Just my experience based two cents. ER
  • by johnlcallaway ( 165670 ) * on Wednesday October 06, 2004 @11:10PM (#10456935)
    I don't live in Stonegate, I live in a nice apartment building. From my apartment, I can see 2 or 3 other networks. I don't broadcast my SSID, use WEP, and have MAC filtering enabled so I'm not too worried about it.

    It's easy for us geeks to shout from the rooftops to just lock it down, but we are dealing with people who think putting a key inside a fake rock is a safe way of not getting locked out of their home. I am surrounded by Joe Sixpacks and Barbi Braindeads. They have no clue and no amount of education is going to fix it.

    Here is an idea -- provide a USB port on the access point and configure them with a random WEP key, no SSID broadcast, and MAC filtering at the factory. Then take a USB key fob to the access point, automagically download the SSID and WEP key, and take it to each PC. The PC can install the SSID and the key, and then download their MAC. Take the fob back to the lan and plug it in to finish configure the MAC filtering. No fuss, no bother, no skills involved.

    There, problem solved. No computer can connect until it's done, and the system is delivered secure. Leave the web configuration utilitiy so if someone want's to turn it off to deliver free access they have a choice. That will take skills, or at least someone who can RTFM.
  • Amazing assumptions (Score:5, Interesting)

    by Infonaut ( 96956 ) <infonaut@gmail.com> on Wednesday October 06, 2004 @11:40PM (#10457055) Homepage Journal
    The responses to this article are pretty solidly along the lines of, "Those stupid rich fuckers need to RTFM, rather than being worried about wardrivers."

    Ponder how you might feel if you were a Regular Joe using your WiFi equipment. You read the confusing literature and try your best to secure your WiFi network. But you're not exactly sure if you go it right. Now you find out that there are people out there lurking around in your neighborhood whose sole purpose is to look for unsecure networks and... and you don't know what, but you're not exactly excited to find out what these wardrivers are going to do once they've gained access.

    Will they gain access to your network? Maybe, mabye not. But it makes you nervous because unlike most Slashdot readers, technology is not your life. You're just doing your best with the stuff you bought at the local ComputerShack.

    In many ways it is like using Windows. You try your best to secure it against malware and spam, yet the stuff still gets in. You've read the manuals and you do your best, but this stuff that was supposed to be easy is not only a pain in the ass, it now can potentially screw with your life.

    The worst part is that the Internet is now so tightly intertwined with most people's lives that to do without it is a major inconvenience. True, nobody is forcing you to use WiFi, but you want convenience, and you don't want to be victimized by people who for all you know could have serious malicious intent. You don't know who these wardrivers are, but you do know that they drive around snooping for open networks. Now tell me honestly, if someone were driving around your neighborhood snooping for open telephone lines, and you had no idea whether your telephone line was secure or not, wouldn't be a bit nervous?

    Bashing on regular computer users perpetuates the stereotype that technically-savvy computer geeks are elitist snobs who take every opportunity to trumpet their intellectual superiority while taking advantage of the less technically-inclined.

    • by SJS ( 1851 )

      The responses to this article are pretty solidly along the lines of, "Those stupid rich fuckers need to RTFM, rather than being worried about wardrivers."

      Yeah, pretty much, as that's generally the response of J. Random Middle-Class user when regaled with stories of the SRFs crying out for the cops to protect $TOYs. (Say, increased patrols in the rich neighborhoods 'cuz the crime rate is up 3% -- let those ghettos go rot as those folks are all freeloaders and criminals anyway.)

      Seriously, wouldn't t

  • by l0ungeb0y ( 442022 ) on Thursday October 07, 2004 @12:22AM (#10457276) Homepage Journal
    I had a neighbor who I cut his wifi because he was so freakin' paranoid about someone warjamming his connection from the sidewalk. Anyway, this guy is gone, hasn't been able to get a job etc etc... thus, had to vacate his loft. sorry to see a guy with 15 years admin experience... but there's a limit to how much good intentioned paranoia can be tolerated in a corporate atmosphere. So while he was in a sense right... he was flat out wrong. And it cost him his livelyhood.

    I hung out with him frequently because me and him got along. When he aboned his wifi and went back to ethernet. I asled him what that was about. He mentioned that he was unable to "absolutely secure his wifi network". My rhetoric to him was "Why the %^&** would someone want to sit out on the sidewalk and warjam your wifi? I mean.. what do you matter and why would anyone give a %^&%?". His answer? "The spammers man... they're everywhere and will take whatever they can get. And I run windows here as well as Red Hat". Right answer but wrong again. Sure, we'll be seeing that in says to come, wardriving for network access to attack and then spam ... say a year or two from now. But his appproach seemed to me to be a major "WTF", even with WEP and MacAddressed access combined, all they could do is warjam. So who gives a rats ass. The spammers as always will be looking for easy targets. Who'd want to collect a gig of data from some dude in downtown SF to hack his wifi AND manage to clone a mac address? I mean he had a lesser DSL connection than me!!! Sure more machines, but still.. every admin should be paranoid, but not too paranoid to be able to live with reality.
  • by fawlty154 ( 814393 ) on Thursday October 07, 2004 @12:31AM (#10457318)
    I find it hilarious that if a know-nothing computer user buys a network card, plugs it in to their computer, accidentally connects to the "default" network, they are actually guilty of tresspassing...
  • Let them in (Score:5, Interesting)

    by bill_mcgonigle ( 4333 ) * on Thursday October 07, 2004 @12:52AM (#10457387) Homepage Journal
    You should be able to setup your network so that your MAC's get full priority, all others can use your leftover bandwidth. NoCatAuth should be able to hand this. Throw in a firewall and a wondershaper so their downloads don't crush your ACK's and you have something that makes everybody happy, except maybe your provider.

    Consumer WAP's should operate in this mode by default with a nice wizard to help people set it up securely and easily. Cringely would probably argue you should get a penny per megabyte they transfer.
  • by BorgCopyeditor ( 590345 ) on Thursday October 07, 2004 @12:53AM (#10457393)
    It's occurred to me that if it really is simple enough to set up a secure wireless network, then that information ought to be easy enough to communicate. What is really the problem, then, is not that the good people of this town are "too stupid" to set these things up, but that no one has yet communicated to them effectively the message that they should care about securing their networks. This is really a matter of educating the public. Word of mouth would be a good start, and surely the manufacturers bear some responsibility, but I wonder if a few well-placed (and respectful) e-mails to local newspapers in this town could also help.

    Just think, people don't really know how to fix their own cars, but they know enough to know what sorts of problems might crop up, and more importantly, enough to do what needs to be done to maintain their cars reasonably well within the limits of what they, as nonexperts, can do. The only reason people know this is that there has been a culture passed from one person to the next of this kind of practical knowledge. Maybe some geeks should do their part to help disseminate the (frankly not very extensive) knowledge necessary to secure home wireless networks.

  • by reallocate ( 142797 ) on Thursday October 07, 2004 @04:51AM (#10458022)
    Typically, post here are full of smarmy comments from geeks and techs and poseurs who may understand machines but don't have a clue about how their own species operates.

    Here's the scoop: If someone's Internet connection is insecure, they will blame you -- the techies -- for not making it secure. Everytime someone starts to preach about "stupid users" getting what they deserve because they aren't running the right firewall or using some software du jour, those "stupid users" are hearing techies recommend cumbersome technical remedies for problems caused by techie failures in the first place.

    People want this stuff to be secure when they plug it in. If it isn't, it's your fault, 'cause you make the stuff.

    Wireless is insecure. That's not the users' fault. It's your fault. First one to make it secure makes a billion dollars.
  • by dema ( 103780 ) on Thursday October 07, 2004 @08:45AM (#10458853) Homepage
    "Once they're on your network, they can take their time attempting to hack into your computer and steal information," he said. "It's nearly impossible to find them, unless you see them sitting in their car outside."

    It's impossible to see, unless you open your eyes!

You are always doing something marginal when the boss drops by your desk.

Working...