Brian Stempin on 2 Oct 2007 20:05:58 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Verizon FIOS & open wireles

  • From: "Brian Stempin" <brian.stempin@gmail.com>
  • To: "Philadelphia Linux User's Group Discussion List" <plug@lists.phillylinux.org>
  • Subject: Re: [PLUG] Verizon FIOS & open wireles
  • Date: Tue, 2 Oct 2007 16:05:48 -0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=tkmbHDUr/q/tCkrblvfjUSG93kKWQSiFhveay12F3eI=; b=sd3mMmzb1FTVCL2PC66Ui1mjnasSuV7Vvmb0YxEFNZ3MWdGhpIt7JbWQy8hxhwGutzgl1BL7+PJ/yzlNyfsvwOM6d37EwcJs290kSTx9ieMSjTgB+tgDWPzVBXAB6DAWvUgrlrZ5ywU5jiy3W1N6TGth9plseOdWkR5RVF+cxGo=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org

> The day-to-day probability of such an event is pretty low, but the cost of
> such an event probably outweighs the pain of shoring-up your wireless
> connection.  As I said earlier in the thread, I would have gone this route
> to keep myself anonymous as a highschooler.  This would lead me to believe
> that many (young) people would realize this.

That is quite a lot of assumption, but thank you for labeling it as
such. I disagree with your conclusions. For me, the frustration to
myself, my friends, and neighbors outweighs the risk.

> Case and point:  Delaware County Comm. College had a bomb threat emailed to
> them a couple of months ago.  The perp used an open wireless AP that was
> owned by another educational entity.  (a) They never found the guy, (b) they
> never will, and (c) what do you think would happen if such activity were
> traced back to your ip address?

Okay, so what did happen when the authorities did trace the IP
address back to the other educational entity?

This was one of the press releases from the DA's office:  http://dsf.chesco.org/da/cwp/view.asp?A=11&Q=629772&pp=3
From what I gathered in that document and from what I can recall from the reports on KYw1060, the DA was able to rule out that the threat originated from the school's machines.  I will, however, note this:
At this point about 200 people have been interviewed, court orders have been obtained to retrieve evidence concerning the source of the threatening emails, and police have examined videotapes and other physical evidence.  All investigative techniques and resources are being utilized as needed.  The investigation continues at this moment, and will until the writer has been captured.

More on this later on...

Were there any accusations leveled, either at the institution or at
its students?

No names were mentioned in the article that I linked, but as per the quote above, there were at least 200 people interviewed regarding the email.

I'm with you for a and b, but you are making a false leap of logic
in c. Although certain civil liberties are threatened or damaged in
our currently terrorized society, I've yet to see an example where
the presumption of innocence is one of them in a case like this. Can
you point to one?

I never said that this was a civil liberties matter.  I not once ever claimed that the US government would somehow violate you illegally.  In fact, the reason that I would not want to be under investigation would be because of this quote:

court orders have been obtained to retrieve evidence concerning the source of the threatening emails

I don't know about you, but I need my b0xen.  By leaving my WAP open, I in turn enable some jackass to abuse my generosity, which will in turn open me up to having a court order filed against me demanding that I hand over my equipment.  This is not something I want to go through.  I do not want to lose my machines.  For some people, this will lead to a financial loss, some larger than others.  Even though in my case the financial loss would be minimal, I would have to say that this coupled with the (legal) invasion of privacy is simply not worth it.  Could you imagine, having to be in and out of court, stripped of your equipment?  Sharing with my neighbor is not worth that to me.  If I really wanted to share that bad, I'd figure something else out.

Once upon a time we had a good person to speak to points precisely
like this. Trooper John, you still out there?

(The same is, of course, not true with the RIAA's and MPAA's
litigation. It is a simple exercise to prevent usage of your
connection for P2P sharing.)

> Having said that, I also want to note that this is not reason to
> be paranoid.

Okay... so what IS the reason to be afraid then?

The stated above is the reason to be afraid.  Afraid, but not paranoid.  I don't say up late at night worrying about the FBI giving me a colonoscopy because some kid got into my tubes. 

You seem to be asserting, here, that real reason I should be afraid
of leaving my AP open is not that someone will do something evil
using it and I'll get blamed for it, but just that someone I don't
know will use my connection rather than moseying on down the block
to find another one.

Did I miss something? Because, that's exactly what I'm trying to do:
share my Internet connection.

My apologies for mangling this a bit.

What I was trying to convey is that you should be afraid of an unknown person using your connection for evil. 

One of the arguments I often get back is something along the lines of "Why bother?  An attacker can break any wireless encryption if they wish"
To which I respond:
"It's not worth their time when someone else down the street has an open connection that requires no effort."

The point is that no matter how easy or hard your connection is to crack, it's not worth an attackers time if all they're looking for is an internet connection.  They'll simply move on, which is what I would assume you would want an attacker to do.

> Last time I checked, greater than 75% of all residential WAPs
> had no security,

Do you have any statistical evidence to back that number up? How
did you "check" this "last time"?

That number was a rough estimation  that I generated from from my days of war driving.  You do have a point:  I do not have a good source for this.  I didn't spend too long poking around, but I did find this:  http://review.zdnet.com/4520-7297_16-5509700.html

Specifically, this paragraph:
Wardriving as a valid security tool
Fact is, organized wardriving has provided valuable computer security statistics. Speaking at this year's Black Hat Briefing in Las Vegas, Chris Hurley of the WorldWide WarDrive organization found the number of new wireless networks has grown exponentially, from 9,374 networks in September 2002, when the first survey was taken, to 228,537 networks this year, although it should be noted that the survey does not take into consideration intentionally public wireless networks, such as those from wireless cafes. Within the last year, the percentage of those using wireless encryption protocol (WEP) has gone up, from 32 percent one year ago to 38 percent this year, as many companies have started to lock down their wireless networks. However, the number of those using the default wireless settings has actually gone up, from 27 percent last year to 31 percent this year. Hurley said this conflicting piece of information is probably the result of low wireless equipment costs, giving more home users the opportunity to buy a wireless router, then get it running in their homes later that evening. The challenge now is to get them to secure their networks.


The numbers above state that overall, about 40% of WAPs use WEP.  This also takes business into consideration, whereas I only made the claim for residential networks.  This neither confirms nor denies my original number, but still proves my point:  There's a lot of open networks out there.

My own observation in various parts of the city of Philadelphia
suggests that number of open wireless APs in residential areas is
more like 20% of the signals visible. For example:

13th and Chestnut: roughly 15 APs visible, three "open", two of
which fail to pass traffic to the Internet.

9th and Tasker: three APs, only one open, functions

51st and Locust: no APs broadcasting SSID, one that does not (and
does function if you know the SSID)

2nd and Girard: 6 APs visible, two open, both pass traffic (but
one's pretty flaky).

(None of those count the earthlinkwifi etc. APs, half of which just
don't work anyway.)

 

I did most of my wardriving in rich, newly built neighborhoods a few years ago.  We could go on speculating for days as to why there's such a difference.

On 10/2/07, gabriel rosenkoetter <gr@eclipsed.net> wrote:
At 2007-10-02 10:02 -0400, Brian Stempin <brian.stempin@gmail.com> wrote:
> The day-to-day probability of such an event is pretty low, but the cost of
> such an event probably outweighs the pain of shoring-up your wireless
> connection.  As I said earlier in the thread, I would have gone this route
> to keep myself anonymous as a highschooler.  This would lead me to believe
> that many (young) people would realize this.

That is quite a lot of assumption, but thank you for labeling it as
such. I disagree with your conclusions. For me, the frustration to
myself, my friends, and neighbors outweighs the risk.

> Case and point:  Delaware County Comm. College had a bomb threat emailed to
> them a couple of months ago.  The perp used an open wireless AP that was
> owned by another educational entity.  (a) They never found the guy, (b) they
> never will, and (c) what do you think would happen if such activity were
> traced back to your ip address?

Okay, so what did happen when the authorities did trace the IP
address back to the other educational entity?

Were there any accusations leveled, either at the institution or at
its students?

I'm with you for a and b, but you are making a false leap of logic
in c. Although certain civil liberties are threatened or damaged in
our currently terrorized society, I've yet to see an example where
the presumption of innocence is one of them in a case like this. Can
you point to one?

Once upon a time we had a good person to speak to points precisely
like this. Trooper John, you still out there?

(The same is, of course, not true with the RIAA's and MPAA's
litigation. It is a simple exercise to prevent usage of your
connection for P2P sharing.)

> Having said that, I also want to note that this is not reason to
> be paranoid.

Okay... so what IS the reason to be afraid then?

You seem to be asserting, here, that real reason I should be afraid
of leaving my AP open is not that someone will do something evil
using it and I'll get blamed for it, but just that someone I don't
know will use my connection rather than moseying on down the block
to find another one.

Did I miss something? Because, that's exactly what I'm trying to do:
share my Internet connection.

> Last time I checked, greater than 75% of all residential WAPs
> had no security,

Do you have any statistical evidence to back that number up? How
did you "check" this "last time"?

My own observation in various parts of the city of Philadelphia
suggests that number of open wireless APs in residential areas is
more like 20% of the signals visible. For example:

13th and Chestnut: roughly 15 APs visible, three "open", two of
which fail to pass traffic to the Internet.

9th and Tasker: three APs, only one open, functions

51st and Locust: no APs broadcasting SSID, one that does not (and
does function if you know the SSID)

2nd and Girard: 6 APs visible, two open, both pass traffic (but
one's pretty flaky).

(None of those count the earthlinkwifi etc. APs, half of which just
don't work anyway.)

--
gabriel rosenkoetter
gr@eclipsed.net

___________________________________________________________________________
Philadelphia Linux Users Group         --         http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug



___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug