dslreports logo
That Evil War-Driving Menace
All war drivers want to steal?
Like many reports on the "menace" that is War Driving, this local Utah news report is long on fear, and short on detail. "And from the car, [war drivers] could access everything sent across the signal -- account numbers, passwords, business documents. If that's not enough, they can make you criminally liable by downloading illegal material, using your computer's Internet address. Chris Coberly, Data Doctors: "We could sit outside in the car, hook up to your network and search for child porn or things like that. When that happens, the FBI tags you. And when they come, there's no way to prove it wasn't you." No way?
view:
topics flat nest 

kdepasquale
join:2004-03-13
Oakland, CA
·SONIC
Ubiquiti UDM-Pro

kdepasquale

Member

"fixing it?"

From the article:

Fixing it can be as easy as clicking on "settings" and making a few adjustments, but each system is a little different. To Stay Safe, you need to change the default SSID, disable the SSID broadcast and change the Default Password.

Unfortunately the news is not giving the public accurate information. Most wardrivers are smart enough to get past the disabled ssid broadcast. While disabling ssid broadcast is a deterrent, it's certainly not a fix. WPA/WPA2 or at a MINIMUM WEP is the way to go,

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: "fixing it?"

Yup... some also have scheduling built into the wireless. Why leave your wireless up/open 24x7 ?
Use encryption, and also, don't leave your PC wide open. If your PC isn't open how are your accounts/files going to be accessed? The main thing would then be just securing your network from those that would sponge off of it, or download through your Internet connection. I only use the WiFi access when I need it. It doesn't always play nice with my bluetooth.
melps
join:2002-01-05
Paramus, NJ

1 edit

1 recommendation

melps to kdepasquale

Member

to kdepasquale

Wardriving vs Free Area Wide Wi-Fi

Is there a difference in terms of personal PC security?

Someone connects to your network via wardriving
vs.
both u and the "wardriver" are on the same free area-wide wi-fi network.

You still have to protect yourself no matter how both got on
to the same network.

digiblur
Premium Member
join:2002-06-03
Louisiana

digiblur to kdepasquale

Premium Member

to kdepasquale

Re: "fixing it?"

I noticed that too. They don't even say about any encryption. Kismet would pick up there signal in a heart beat.

Data Doctors need to go back and read the manual.... LOL!!!

Alpine6
Premium Member
join:2000-01-11
Atlanta, GA

1 recommendation

Alpine6

Premium Member

The real question...

"Are all war drivers thieves?" - No

"Are all war drivers utter losers?" - Yes

Adam

Rickez
Goinginsane
join:2000-09-02
Three Rivers, MA

1 recommendation

Rickez

Member

Re: The real question...

I'm a loser baby, so why don't you kill me?!?!?!?!?!
Expand your moderator at work
Belial5221
join:2000-08-10
Lafayette, LA

Belial5221 to Alpine6

Member

to Alpine6
Actually,it is stealing.They are using the service you paid for,without your permission.It's like me using your creditcard without your permission.
gefflong
join:2003-02-18
Aledo, IL

gefflong

Member

Re: The real question...

reply to Belial5221

Actually it's not stealing. It requires no "hacking" capabilites to get onto someone's wireless network if there is no protection. Hell, every windows xp laptop with a wireless card will help you "steal" (as you put it) any wireless network it finds. It pops right up and asks you if you want to join.

It becomes "stealing" when the connection is protected and you start trying to break in.
Belial5221
join:2000-08-10
Lafayette, LA

Belial5221

Member

Re: The real question...

War driving is usually(not always) used as a term to find open networks for future use,and then when used(without permission),is illegal.If someone is going around to find open networks,and letting them how to fix it,then it could be a good thing,as long as they don't use/misuse the network/connection.

gefflong,say your house door was open.Is it legal for me to go in,and do whatever I want,since I don't have to bypass any security?According to what you say,it's legal.The better thing for me to do,if I saw an open door,would be tell you,or leave a note explaining how to fix the problem.

to koolman2:"wardriving != connecting to networks"
If that's true,how do you find it open,without connecting?
I hope you mean 'wardriving != using networks'

I'm sure war driving started off as something with illegal intentions(probably covering tracks),but everyone twists it(for a clearer conscious),so there's multiple definitions,that mean different things.Kinda like "cleave",it means to split apart,and can mean put together.That's probably why there's a problem defining the legality of it.

koolman2
Premium Member
join:2002-10-01
Anchorage, AK

1 edit

koolman2

Premium Member

Re: The real question...

War driving is basically going around and sending out a signal requesting a response from any and all access points that can hear you. You are thus not connecting, but merely requesting a single transmission of data. To connect to the network, you must first get this information, then change to the same channel, address the access point by name, and request to connect.

Every 802.11a/b/g client card is constantly sending out the request, which, by the way, is called a beacon packet. Therefore, we would all be breaking the law without even knowing it, right?

And no, I meant that war driving != connecting to networks, as it is not.
gefflong
join:2003-02-18
Aledo, IL

4 edits

gefflong to Belial5221

Member

to Belial5221
It's not the same thing Belial, but nice try.

Even if my front door is open, it's still my property and it would be trespassing.

Your "comparision" breaks down when the radio waves travel into public territory or territory privately owned by someone else. If I am sitting on my own private property and somebody's wireless network is being broadcast all over the place, then that's their own fault.

Not unlike public airwaves, where anyone with a TV and rabbit ears can receive local channels. Pay TV encrypts those signals and thus, it becomes illegal when people try to decrpyt those signals and watch without paying.

Take satellite TV for intance... It is broadcast to everyone and anyone can pick up the signal. That's not illegal. It, however, IS illegal to decrypt that signal and watch it without paying. If they didn't have their signal encrypted, would it be illegal for us to watch it? I don't think so... I didn't ask them to broadcast it to me. and If they don't want me to watch for free, then encrypt it. Simple as that.

You are trying to compare apples to oranges. Let's keep it apples to apples.

koolman2
Premium Member
join:2002-10-01
Anchorage, AK

koolman2

Premium Member

Re: The real question...

In that case, though, you would be passively using the signal - the same goes for WiFi. The problem arises when you attempt to send a signal back to the network to gain access; that's where it becomes illegal.
gefflong
join:2003-02-18
Aledo, IL

gefflong

Member

Re: The real question...

I disagree, but this argument could go on forever.

In the end...

If you don't want me to use your internet connection from either a publicly accessible place or from my own private property, then secure your signal.

End of story.

cableties
Premium Member
join:2005-01-27

cableties

Premium Member

Re: The real question...

Forever...

If homeowner had front door open, and I could see and hear his TV, why not sit on the curb and watch the show? Is it illegal? no. If owner left door open, then owner is liable for what i see. But if I trespass, then I am breaking law.

If owner is broadcasting signal outside their property, is it legal to receive signal, but illegal to use it?

My nephew once bragged he was using Xbox live w/o paying for internet connection. I asked how and he said he got a wifi adaptor and put it in his window. He was getting 5 bars from someone in the neighborhood, totally unsecured 'Linksys' SSID.
I made him aware that it was illegal to tap off anothers inability to secure. Then it turned into a debate. Then he got a cablemodem and I showed him how to secure their lan/wifi (thanks to DSLreports/BBR)

koolman2
Premium Member
join:2002-10-01
Anchorage, AK

koolman2 to gefflong

Premium Member

to gefflong
Mine is secured with WPA AES 256-bit encryption. What you're trying to say, though, that by simply pressing the button that says "Scan" to connect to your own network, you are breaking the law because you have to connect to each and every access point that can see you, as they will ALL send their information back. This just simply is not the case. To connect to a network means that you have to physically ask the network operator (in this case the access point) for permission to connect. Simply asking for information is not doing that.

Visit the Wireless Networking Forum if you want to get the same answer from dozens more people. In the meantime, I guess I'll just let you continue to think that scanning for networks is illegal.
Belial5221
join:2000-08-10
Lafayette, LA

Belial5221

Member

Re: The real question...

I see what you're saying.I think it's all the misuse of words that is the problem.I thought you had to actually try connecting to see if it's secure.My friends use wireless,but it don't tell you if it's secure or not,unless you try to connect,then it asks for passwords.Maybe it's a setting,or something?

But what still gets me is,why would someone want to know if there's a open network,unless they plan on using it at some point?And if someone is sitting in front of your house,then they aren't just scanning,they are probably using,or trying to use it.

koolman2
Premium Member
join:2002-10-01
Anchorage, AK

koolman2

Premium Member

Re: The real question...

When you go to connect to your network, your computer first has to send a packet out to see the network. In the process, any other networks close by respond as well, and you end up seeing a list of available networks, secure or not. The software also lists what kind of security is enabled, as this information is sent out along with all of the other information.

That's how you would know that there are other networks around.
koolman2

koolman2 to Alpine6

Premium Member

to Alpine6
wardriving != connecting to networks

(note: != is read as "not equal to")
Techman21
join:2005-04-14
Richmond, VA

1 edit

1 recommendation

Techman21

Member

And the media's...

perceptions are once again incorrect. This is what happens when ignorant people unfamiliar with a particular field try to explain something to the uneducated.

War driving IS NOT hacking. War driving is merely the practice of pin pointing access points and noting where they are.

And the term hacker has been beaten more than a dead cat. The term hacker: »www.webopedia.com/TERM/H ··· ker.html does not mean malicious. It is given a bad rap by ignorant/uneducated reporters. Perhaps they should learn about computers before reporting on them.

lol. I wonder if their "experts" simply read the manual that came with the router/ap. RTFM!! Jebus. How many times does this have to be said. Ignorance isn't an excuse. Go ahead...commit a crime out of ignorance and see how the judicial system treats you. (note:don't actively do this, my point was you could commit a crime unknowingly and still be charged and tried.)

And by their own report they 'illegally' entered into a network. And by default you aren't able to glean all that info on a person. You'd have to actively search for it, which is NOT what war-drivers do.

News agencies need to get a clue.

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

Re: And the media's...

It's just the general public's fear from something they don't understand. One person cries wolf and everybody else repeats it. They don't want to understand and news articles like this get our helpdesk ringing with employees asking questions like "Can they steal my (insert something here) if I have wireless?"

AnonProxy
Premium Member
join:2001-05-12

1 recommendation

AnonProxy to Techman21

Premium Member

to Techman21
yeah sure buddy, keep telling yourself people only war drive to pinpoint locations....jesus.

exocet_cm
Writing
Premium Member
join:2003-03-23
Brooklyn, NY

exocet_cm

Premium Member

Re: And the media's...

said by AnonProxy:

yeah sure buddy, keep telling yourself people only war drive to pinpoint locations....jesus.
He didn't say that is what they only do. He said "war driving IS NOT hacking. War driving is merely the practice of pin pointing access points and noting where they are."

What they do after that is up to them.
geden
join:2004-04-23
Elwood, IN

geden to AnonProxy

Member

to AnonProxy
I run a private wisp, and yes I use netstumbler to find open channels to minimize interference. I don't need no stinkin' hack to pilfer someone else's bandwidth, I use it as a tool to keep my customers happy.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102 to Techman21

Member

to Techman21
I agree - the media should be putting out the definition of 'cracker'
»en.wikipedia.org/wiki/Cr ··· mputing)

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5 to Techman21

Premium Member

to Techman21
said by Techman21:

perceptions are once again incorrect. This is what happens when ignorant people unfamiliar with a particular field try to explain something to the uneducated.
You have to cut the news guys a little slack. Not much, but a little. Their average listener probably has about a 5th grade reading level and are dumb as rocks. If they had put together a comprehensive report that can fully explain the nuances of the problem and how much effort is involved in really making your system secure, it would have been a 1/2 hour report before the listeners would have had a chance of understanding it. And after about 30 secs, all those needing the help would have started listening to some local sports talk show.

aefstoggaflm
Open Source Fan
Premium Member
join:2002-03-04
Bethlehem, PA
Linksys E4200
ARRIS SB6141

3 edits

aefstoggaflm to Techman21

Premium Member

to Techman21
said by Techman21:

perceptions are once again incorrect. This is what happens when ignorant people unfamiliar with a particular field try to explain something to the uneducated.

War driving IS NOT hacking. War driving is merely the practice of pin pointing access points and noting where they are.
From http://www.wardriving.com/doc/Wardriving-HOWTO.txt
quote:
There is no cut and dry answer to this question, but simply driving around a
city searching for the existence of wireless networks, with no ulterior
motive cannot be deemed illegal.

said by Techman21:

And the term hacker has been beaten more than a dead cat. The term hacker: »www.webopedia.com/TERM/H ··· ker.html does not mean malicious. It is given a bad rap by ignorant/uneducated reporters. Perhaps they should learn about computers before reporting on them.

News agencies need to get a clue.
I agree with that.

Thanks to "hackers" we have linux.

Maybe someone should write to these news agencies and point to these thread(s)...

[edit]I found an interesting read (PDF file) How to Avoid Ethical and Legal Issues In Wireless Network Discovery. Things like, if you want to share your wi-fi, name it public. Stumbler Code of Ethics v0.2 and Ways to avoid accidentally getting a DHCP address and accessing a network

AnonProxy
Premium Member
join:2001-05-12

AnonProxy

Premium Member

War driving...

What is the purpose but to pirate at a minimum a signal...is that theft...yes.

EOT

directv2006
@rogers.com

directv2006

Anon

stealing signal?

LOL, stealing an encrypted signal would be illigal.

using an unencrypted signal is simply sharing!

(probably still not allowed by your ISP, but that is a whole other topic)
gefflong
join:2003-02-18
Aledo, IL

gefflong

Member

small problem

From the Article:

"We could sit outside in the car, hook up to your network and search for child porn or things like that. When that happens, the FBI tags you. And when they come, there's no way to prove it wasn't you." No way?

-------end of article-------------------

I'm not a laywer, but wouldn't there be a little problem called lack of EVIDENCE? If there was no illegal material in the home or on the computers when they searched, how could the homeowner be charged?

LinuxJunkie
join:2005-01-19
Cyberspace

LinuxJunkie

Member

Re: small problem

If the FBI was able to gain access to the log on a particular kiddie porn site, they could theoretically trace the IP address back to its point of origin: which would be the person's internet connection that was used to access the kiddie porn. Similar to the way the RIAA traces down "pirates," and we all know how accurate they are with that.
gefflong
join:2003-02-18
Aledo, IL

gefflong

Member

Re: small problem

Ok. So let's say they do that and track it back to someone's IP address. That still doesn't fix the "evidence" problem when they do a search of home and computers and find nothing.

SilenceGold
Premium Member
join:2003-07-31
Canyon Lake, TX

SilenceGold to LinuxJunkie

Premium Member

to LinuxJunkie
If the FBI found the bullet, they have to find the murder weapon unless there are other better evidence that can be used.

Chuckles0
Premium Member
join:2006-03-04
Saint Paul, MN

Chuckles0

Premium Member

No way?

No way to prove it wasn't me? Uhm... try proving it WAS me!

tim_k
Buttons, Bows, Beamer, Shadow, Kasey
Premium Member
join:2002-02-02
Stewartstown, PA

tim_k

Premium Member

Re: No way?

said by Chuckles0:

No way to prove it wasn't me? Uhm... try proving it WAS me!
Would you really want to go through all that trouble? The Feds would take all your computers away and your name will appear in newspapers. You'll still need a lawyer; who needs all that grief?

Chuckles0
Premium Member
join:2006-03-04
Saint Paul, MN

Chuckles0

Premium Member

Re: No way?

What trouble? What they're looking for wouldn't be on my computer. ...this is all in theory though because I don't use a wireless router...

Or I could say not only do I leave my wireless access unsecure I leave my front door unlocked too!

Tek465m
@frontiernet.net

Tek465m

Anon

Uneducated Media trolling again

"We could sit outside in the car, hook up to your network and search for child porn or things like that. When that happens, the FBI tags you. And when they come, there's no way to prove it wasn't you."

I have a similar problem.

We have illegals crossing our border. Many times they are passing through ranches and private property to get across. I would like to see Law Enforcement arrest the property owners for allowing them to come into our country.

The logic dictates if you don't secure your property you should be held liable.

Why is this so difficult? Companies release technology, en masse, that most people don't understand, and we act surprised that the few that do understand it, exploit the holes in the system. Just pick *any* technology. (Doesn't even have to be this century!)

It's always going to be a game of cat and mouse!!

•••••

Phylop
Premium Member
join:2002-11-17
Reston, VA

Phylop

Premium Member

Spin....

This is just more spin to make people who aren't in the "know" scared, just like the Fox News channel. War-Driving is mostly a hobby of mapping wireless access points, it's not about stealing bandwidth and personal data.

There are simple ways to protect yourself from War-Driving and other wireless intrusions:

1. If you have extremely confidential information, you shouldn't have wifi.
2. If you must use wifi, use encryption, such as WEP, or something more effective such as WPA/WPA2. Also considering using MAC address filtering.
3. If you aren't computer/network savvy, consider having a savvy friend that you trust help you setup your wifi. In my opinion I would not trust the technicians/service people from ISPs, I've had experiences with neighbors where they left their networks completely insecure.

Do this, and you shouldn't have to be "afraid" anymore.

LinuxJunkie
join:2005-01-19
Cyberspace

LinuxJunkie

Member

Re: Spin....

WEP is completely ineffective as it can be decrypted in about five minutes flat with a decent signal. WPA should be used AT A MINIMUM.
Derfel
join:2004-06-06
Winnipeg, MB

Derfel

Member

Wifi...

From the top floor of my building, I get 12 Wifi signals, and then my own. I'm the only one secure or password (WPA) protected.

I have a script running on my box that monitors traffic on my router. If anyone tries getting on my router that isn't authorized, I scan the horizon for people with laptops and such. Only once have I had to grab my hockey stick and go for a little stroll to a mini-van parked on the street... ended up being 2 guys trying to be heroes hacking the only passworded AP in the area.

LinuxJunkie
join:2005-01-19
Cyberspace

1 edit

LinuxJunkie

Member

Re: Wifi...

quote:
Only once have I had to grab my hockey stick and go for a little stroll to a mini-van parked on the street
So wardriving isn't okay but assault is? Nice logic. And before saying "it wasn't assault," please lookup the actual legal definition of assault. It may not have been BATTERY if you didn't actually use the hockey stick on them, but it certainly could be viewed as the THREAT of using force which is assault.
gafink
join:2006-02-11
Dover, DE

gafink

Member

MAC Address only

You could also use your mac address on your network and everything else is blocked
rwisenrich2
join:2005-04-14
Cape Coral, FL

rwisenrich2

Member

Re: MAC Address only

think some

I'm a war-driver and watch out i'm coming in my minivan down a street near you to steal your wifi and you know sit outside in front of your house for hours, so i can get crap speeds and use bittorrent and DC++ to steal stuff with your line. I will also be installing all kinds of sypware so i can steal your info. Your not safe anymore turn off your routers and cpus. Hide in your basements and cellers. It's WAR and your wifi is the battle ground. :mad

IT'S JUST A F------ GAME PEOPLE COME ON USE YOUR MIND AND THINK SOME!!!!

koolman2
Premium Member
join:2002-10-01
Anchorage, AK

koolman2 to gafink

Premium Member

to gafink
Ineffective. MAC addresses can be pulled right out of the air and spoofed faster than WEP can be decrypted (which is pretty damn fast today).
rwisenrich2
join:2005-04-14
Cape Coral, FL

rwisenrich2

Member

think some

I'm a war-driver and watch out i'm coming in my minivan down a street near you to steal your wifi and you know sit outside in front of your house for hours, so i can get crap speeds and use bittorrent and DC++ to steal stuff with your line. I will also be installing all kinds of sypware so i can steal your info. Your not safe anymore turn off your routers and cpus. Hide in your basements and cellers. It's WAR and your wifi is the battle ground. :mad

IT'S JUST A F------ GAME PEOPLE COME ON USE YOUR MIND AND THINK SOME!!!!

JoeyDee
Premium Member
join:2004-07-23
Las Vegas, NV

JoeyDee

Premium Member

Re: think some

Actually, it's really some sorry ass outside salesman like me trying to send an email to the home office to enter an order.

If someone reading this owns one of the NAP's I used, thanks!

Joe

DaMaGeINC
The Lan Man
Premium Member
join:2002-06-08
Greenville, SC

DaMaGeINC

Premium Member

Raido.

I guess listening to the Raido is considered stealing aswell. Since I dont pay for it, and I use it. Humm. Leave it open, Learn the hard way. Simple as that.
Belial5221
join:2000-08-10
Lafayette, LA

Belial5221

Member

An idea...

How about wifi device makers secure the products.They could use random generators for passwords,and have the cards with all the setup info in the box.That way everyone gets a different code,and nobody is left unsecured.Then if someone really wanted to share,they'd have to actually read and learn how to use it properly.

Although,you'd probably have many people complaining it don't work right out of the box.So they'd have to go back to selling unsecured devices.Then we'd see the issue come up all over again.

t
@216.100.x.x

t

Anon

it wasn't me, it was the neighbors!

There's an doctor office next to a Starbucks near me that had that problem. people would sit in the Starbucks and use the open ap next door instead of Starbucks' pay ap. after the doctor's office got busted by the feds for just that reason, all they did was force them to replace the equipment and secure the network. they hired a company that does nothing but install secure wireless ap's to do that, but that company is crap. all they did was install a different consumer level wireless router and left it open and with all defaults.