Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Networking Security

Defcon "Warballoon" Finds 1/3 of Wireless Networks Unsecured 209

Posted by Soulskill from the floating-point-operation dept.
avatar4d writes "Networkworld is reporting about a warballooning operation (similar to wardriving) that was disallowed by the management at the Riviera Hotel in Las Vegas, but was covertly launched anyway. The team found approximately 370 networks, and about a third of those were unsecured. In addition to that, the project managed to show how trusting the local law enforcement agencies really were: 'Near the end of the operation, a Las Vegas Metropolitan Police cruiser drove by the parking lot to see what was going on. Hill and his team waved. The police officers waved back and drove off.'"
This discussion has been archived. No new comments can be posted.

Defcon "Warballoon" Finds 1/3 of Wireless Networks Unsecured More

Defcon "Warballoon" Finds 1/3 of Wireless Networks Unsecured

Comments Filter:

  • Open by choice? (Score:5, Interesting)

    by ishmalius ( 153450 ) on Sunday August 10, 2008 @01:54PM (#24547221)
    Don't assume people's motives for having an open AP. Rather than security ignorance, altruism is a perfectly good reason to turn off WEP and WPA.

  • Re:The Police just waved? (Score:3, Interesting)

    by Angelwrath ( 125723 ) on Sunday August 10, 2008 @02:01PM (#24547301)

    Let's also remember to mention that:

    A. These people were not committing crimes.
    B. The cop most likely wouldn't have the foggiest idea what they were doing.
    C. Police on the street aren't the ones that track down cyber criminals, that's handled by other organizations.

  • Re:So let's get this straight (Score:2, Interesting)

    by Pictish Prince ( 988570 ) <wenzbauer@gmail.com> on Sunday August 10, 2008 @02:04PM (#24547323) Journal
    If people weren't overspecialized by the public stupefaction system police actually would be able to deal correctly with a larger number of situations. However, this is not in the interests of those who want a stupid, brutal police state.

  • geeks are bringing us the police state (Score:5, Interesting)

    by speedtux ( 1307149 ) on Sunday August 10, 2008 @02:10PM (#24547401)

    Are there really people stupid enough to think that awareness of security holes is something new? Every major piece of infrastructure over the last century has had major security holes. But rather than gleefully exploiting and exposing them for personal fame and fortune, the people who figured it out just shut up about them. Why? Because they understood that fixing those holes would be costly and intrusive, and it would ultimately still not make the system really safe.

    So, if you enjoy body cavity searches, universal surveillance cameras, automated defense systems, and dealing with proprietary and intrusive access controls everywhere you go electronically or physically, then go ahead and keep wardriving and warballooning and defconnning.

    Just be aware that it is your actions that are bringing us the police state, because once a bunch of geeks stands up and says "hey, your infrastructure isn't secure and we are at risk", then politicians and lawmakers have to act.

  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Sunday August 10, 2008 @02:10PM (#24547403)
    Comment removed based on user account deletion

  • Re:So let's get this straight (Score:5, Interesting)

    by Drakonik ( 1193977 ) <drakonik@gmail.com> on Sunday August 10, 2008 @02:18PM (#24547499) Homepage

    A standard social engineering technique used time immemorial has been to look as though you should be somewhere.

    Quoted for truth. Several of my teachers told my class that if we wanted to, we could just wander around the school instead of going to classes, as long as we looked like we were on an errand. I'm not sure whether I should think that it's cool that I could get past authority figures by simply acting like I know that I belong, or whether I should be scared that someone who knows how to act like they belong somewhere can generally get access to that place.

  • Re:Open by choice? (Score:5, Interesting)

    by dwater ( 72834 ) on Sunday August 10, 2008 @02:19PM (#24547515)

    I do.

    There's even an organisation around where I live/work that promotes it. It's called wippies :

    http://www.wippies.com/www.phtml [wippies.com]

    For a free year long commitment, they will send you a free wifi router that will run a second wifi network 'on the side' for other subscribers to use when they're away from home. There's a google map of coverage somewhere on their site, but I can't find it right away...

  • Re:The Police just waved? (Score:2, Interesting)

    by HiggsBison ( 678319 ) on Sunday August 10, 2008 @02:41PM (#24547703)

    The police were friendly, waved, and didn't bother to investigate something that by all rights did not look overtly illegal.

    Anywhere else in the world it could look like a school science experiment. In Vegas, especially during Defcon, it should be assumed to be a novel approach to gaming a casino.

  • Re:So let's get this straight (Score:3, Interesting)

    by Jarjarthejedi ( 996957 ) <christianpinch@@@gmail...com> on Sunday August 10, 2008 @03:14PM (#24547993) Journal

    Asking for perfection isn't a bad thing, expecting it is.

    In this case, however, I don't see how the officer did anything wrong. A bunch of kids (effectively, you know how geeks get when they're doing something marginally legal with technology) hanging out in a field with a balloon...what are you going to do? I'd say they responded properly, driving in to check it out (probably called in), realizing it wasn't anything important, and making the people aware that they were there before leaving.

  • Re:i hate you all (Score:5, Interesting)

    by Anonymous Coward on Sunday August 10, 2008 @03:14PM (#24547995)

    Yes, ours is "unsecured". It gets you to a DNS which answers only one query and an "internet" where the only thing that you can send to is an IPSEC VPN server. Much good may it do you. DefCon should concentrate on real security (is IPSEC as good as OpenVPN or does it's over-compexity make it more vulnerable) and not messing around with pretending to secure your wireless with WEP/WPA and all the other hop by hop garbage.

  • Re:Open by choice? (Score:2, Interesting)

    by dugenou ( 850340 ) on Sunday August 10, 2008 @04:05PM (#24548455)
    How similar is this to FON [fon.com] ?

  • Re:i hate you all (Score:3, Interesting)

    by jimmyhat3939 ( 931746 ) on Sunday August 10, 2008 @05:41PM (#24549257) Homepage

    My thing is i don't understand why people don't just make unsecured wifi routers that firewall one user from another. That way, you can get on the internet from it, but it's much harder to hack others on the same segment.

  • Re:i hate you all (Score:3, Interesting)

    by Restil ( 31903 ) on Sunday August 10, 2008 @05:46PM (#24549301) Homepage

    The summary only mentioned the police drive by, not the hotel's assertion that police concern was a primary factor in disallowing the balloon launch, which is what makes the complete lack of concern at the end ironic, and therefore worth mentioning. Nobody's talking about unwarranted strip searches.

    -Restil

Slashdot Top Deals

"I've seen it. It's rubbish." -- Marvin the Paranoid Android

Close