[UFO Chicago] [declan@well.com: FC: FBI releases advisory about
802.11-spotting "wardriving"]
Larry Garfield
lgarfiel@students.depaul.edu
Tue, 13 Aug 2002 15:22:16 -0500
Well, in theory they may be correct, it's like tapping someone's cable
line for "free cable". On the other hand, one could just as easily
argue that a company that has open APs that anyone can easily access is
not taking reasonable measures to protect their service, making it more
of a broadcast network like analog TV. (Now, using that connection to
hack into the company's server's is still a felony, because it's illegal
entry, not illegal use.)
Discuss.
Lukas Eklund wrote:
>
> I don't know if any of you have done any warchalking/driving in chicago, but
> I thought you might find this of interest.
>
> --
> Lukas Eklund
> leklund@tastytronic.net
>
> ----- Forwarded message from Declan McCullagh <declan@well.com> -----
>
> Date: Tue, 13 Aug 2002 15:18:17 -0400
> From: Declan McCullagh <declan@well.com>
> To: politech@politechbot.com
> Cc: billshore@fbi.gov
> Subject: FC: FBI releases advisory about 802.11-spotting "wardriving"
>
> This letter is from last month but we haven't covered it on Politech
> before. Read it carefully: The FBI claims that using an open 802.11
> access point without explicit authorization may be a federal crime
> ("theft of services").
>
> -Declan
>
> ---
>
> From: Bill Shore [mailto:billshore@fbi.gov]
> Sent: Monday, July 08, 2002 9:56 AM
> To: billshore@fbi.gov
> Subject: Wireless networks - Warchalking/Wardriving
>
> It has recently been brought to my attention that
> individuals/groups have been actively working in the Pittsburgh area
> as well as other areas of the United States including Philadelphia,
> and Boston, and the rest of the world for that matter, to identify
> locations where wireless networks are implemented. This is done by a
> technique identified as "Wardriving." Wardriving is accomplished by
> driving around in a vehicle using a laptop computer equipped with
> appropriate hardware and software http://www.netstumbler.com/ to
> identify wireless networks used in commercial and/or residential
> areas. Upon identifying a wireless network, the access point can be
> marked with a coded symbol, or "warchalked." This symbol will alert
> others of the presence of a wireless network. The network can then be
> accessed with the proper equipment and utilized by the individual(s)
> to access the Internet, download email, and potentially compromise
> your systems. In Pittsburgh, the individuals are essentially
> attempting to map the entire city to identify the wireless access
> points, see here,
>
> http://mapserver.zhrodague.net/cgi-
> bin/mapserv?mode=browse&layer=all&layer=q
> uadsheets&layer=borough&layer=roads&layer=ap&zoomdir=1&zoomsize=2&imgxy=458+
> 165&imgext=-80.175489+40.268422+-79.733217+40.621536&map=%2Fmnt%2Fhog%2Fwebs
> ites%2Fmapserver%2Fpublic_html%2Fpa%2Fpgh.map&savequery=true&program=%2Fcgi-
> bin%2Fmapserv&map_web_imagepath=%2Fmnt%2Fhog%2Fwebsites%2Fmapserver%2Fpublic
> _html%2Ftmp%2F&map_web_imageurl=%2Ftmp%2F&img.x=250&img.y=197.
>
> Also, check this article from pghwireless.com,
> http://www.pghwireless.com/modules.php?name=News&file=article&sid=19
>
> Identifying the presence of a wireless network may not be a
> criminal violation, however, there may be criminal violations if the
> network is actually accessed including theft of services, interception
> of communications, misuse of computing resources, up to and including
> violations of the Federal Computer Fraud and Abuse Statute, Theft of
> Trade Secrets, and other federal violations. At this point, I am not
> aware of any malicious activity that has been reported to the FBI here
> in Pittsburgh, however, you are cautioned regarding this activity if
> you have implemented a wireless network in your business. You are
> also highly encouraged to implement appropriate wireless security
> practices to protect your information assets,
> http://www.cert.org/research/isw/isw2001/papers/Kabara-31-08.pdf
>
> There are several articles available with additional details
> including http://www.warchalking.org as well as
> http://www.pghwireless.com. A copy of the coding symbols is attached
> in .pdf format. If you notice these symbols at your place of
> business, it is likely your network has been identified publicly.
>
> If you believe you may have been compromised or if you have
> any questions regarding this activity, you are encouraged to contact
> the appropriate law enforcement agency. The FBI office in Pittsburgh
> and High Tech Crimes Task Force can be contacted at 412-432-4000.
>
> <<warchalk.pdf>>
> Bill Shore
> Special Agent
> FBI-Pittsburgh
> 3311 East Carson Street
> Pittsburgh, PA 15203
> 412-432-4395
> billshore@fbi.gov
>
> -------------------------------------------------------------------------
> POLITECH -- Declan McCullagh's politics and technology mailing list
> You may redistribute this message freely if you include this notice.
> To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
> This message is archived at http://www.politechbot.com/
> Declan McCullagh's photographs are at http://www.mccullagh.org/
> -------------------------------------------------------------------------
> Like Politech? Make a donation here: http://www.politechbot.com/donate/
> Recent CNET News.com articles: http://news.search.com/search?q=declan
> CNET Radio 9:40 am ET weekdays: http://cnet.com/broadband/0-7227152.html
> -------------------------------------------------------------------------
>
> ----- End forwarded message -----
>
> _______________________________________________
> UFO Chicago -- Users of Free Operating Systems
> Free Software Rules -- Proprietary Drools!
> http://ufo.chicago.il.us/cgi-bin/mailman/listinfo/ufo
--
Larry Garfield AIM: LOLG42
lgarfiel@students.depaul.edu ICQ: 6817012
-- "If at first you don't succeed, skydiving isn't for you." :-)