Run For Your Lives! War Drivers On The Loose!
from the oh-boy dept
BroadbandReports gets extra points today for finding this one. There have been a ton of overhyped “evils of open WiFi” articles out there, usually written by reporters who clearly don’t understand the technology. However, I think this one is, by far, the most amusing. First of all, let’s be clear: there are security risks involved with WiFi. People who set up networks should be aware of these risks, as well as the policies of their service providers. However, that does not mean that completely locking up your network is a necessity (depends on what you do) or that war-driving is wrong or dangerous. However, police in Indiana have been told that they need to stop paying as much attention to shoplifters and speeders, and to focus on “roving cyber thieves”, better known as war drivers. That’s right, they’re on the loose and they’re coming to your town! They might even (gasp! no! say it ain’t so!) use your internet connection! Oh, the horror. But, it gets worse. Some of them communicate with chalk or even satellite to tell each other where other open networks might be. The article says (and you have to use the direct quote on this one): “They even put a so-called wireless hot spot on the Internet.” I shudder just thinking about it. What will become of us all?
Comments on “Run For Your Lives! War Drivers On The Loose!”
But now they're behind your firewall
But now they’re behind your firewall and can roam your LAN for goodies, print to your printer, send spam from your IP address, get you in trouble for violating your ISP’s TOS…
Re: But now they're behind your firewall
I think the point was this isn’t a big deal compared to the other crimes mentioned. I agree with the author, why should police be worried about WiFi hotspots 😛
Security is the responsibility of the owner; if you leave your keys in your car someone might take it – heck they might run your car into the local computer store to steal a laptop to use so they can steal WiFi
Re: But now they're behind your firewall
All of which are illegal and they can get in trouble for it. The access itself isn’t necessarily illegal…
And, if you set your system up properly, they won’t necessarily get access to your LAN – just your connection.
As for ISP TOS, I think I pretty clearly state that you shouldn’t do this unless your ISP allows it – and there are some that do.
I’m not talking about corporate WLANs here, which obviously should be secured. But if a home user leaves their system open, but takes the necessary precautions to protect themselves, why is that on the same level as shoplifting?
Re: Re: But now they're behind your firewall
The problem is that wireless access points default to the insecure configuration (open access). Consequently, most people who unwire their house are completely unaware that somebody can “plug in”. I think the car analogy is a bit off, since cars come with locks by default. I think a better analogy would be an outdoor power outlet. On most houses, outdoor power outlets are not secured; anybody can walk up and plug in. If somebody were wandering through your neighborhood plugging into everybody’s outdoor power outlet, wouldn’t you want the police to investigate?
Re: Re: But now they're behind your firewall
>>And, if you set your system up properly, they won’t necessarily get access to your LAN – just your connection.
Right. Nearly always the MAC addresses of machines that need access are known. Merely setting the network to reject non-authorized MAC addresses neatly resolves the security issues.