~e; wild-wild-Wireless
From
bc <human@electronetwork.org>
Date
Fri, 4 Jan 2002 09:36:52 -0600
[more on wardriving and the vulnerability of wireless networks and
connections (cellphones included) in the EM dataspace. tapped & located...]
This message was forwarded to you from ZDNet (http://www.zdnet.com)
Why the wireless world's not ready for you
By Lee Schlesinger, AnchorDesk
January 2, 2002 9:00 PM PT
URL:
New York and Boston are close enough that there's little
difference in time between an airplane flight and a train ride
door-to-door to downtown Manhattan. I prefer Amtrak--it's less
disruptive, with no excruciating cab ride from LaGuardia and less
walking overall.
While I spent the first hour-and-a-half of my latest train ride
back to Boston writing a story about the trade show I had just
attended, I let my computer do most of the heavy lifting for this
column. I popped an Orinoco Silver wireless network adapter into
my Sony PictureBook notebook and launched a clever application
called Network Stumbler.
RUNNING IN A BACKGROUND WINDOW, Network Stumbler scans the
airwaves for 802.11b wireless activity. If there's an access point
or peer adapter within range, it lists it, along with some vital
information, such as its Service Set Identifier (SSID)--an
identifier that designates a logical network--and whether it uses
encryption. If you have a global positioning system device
attached to the PC, Network Stumbler even lists discovered
devices' longitude and latitude, which you can then pinpoint on a
map using mapping software.
Network Stumbler's results were revealing. I found 79 wireless
devices: 76 were access points, and 3 were clients. Of these, only
19 access points had WEP security enabled. That means that, should
I have had the time and interest, I could easily have piggybacked
onto the others' network connections to get Internet access--in
effect, stealing bandwidth. If their internal networks were poorly
secured, I could have read and possibly even uploaded files onto
their internal clients and servers.
Want to know which access points aren't secured? The only ones I
can identify are MIT and the MIT Media Lab (and someone who chose
Apt. 10A as his SSID). Kudos to Art Technology Group, Andor
Capital Management, and CNET Networks for enabling WEP.
And which vendors have the largest share of the wireless
networking market? Cisco and Agere, the Lucent spinoff that
markets the WaveLAN and Orinoco brands, lead the list with 25
access points apiece. Other players included Linksys (11),
Cabletron spinoff Enterasys (4), Addtron (3), D-Link (2), and
Compaq (2).
I WAS SURPRISED at how few wireless access points I found on my
train ride. Between Pennsylvania Station in New York and South
Station in Boston, Network Stumbler turned up only 43 devices. The
other 33 were all in and around Kendall Square in Cambridge,
Mass., home of MIT and a hotbed of technology development. Of
course, Amtrak's Northeast Corridor passes through marshes and
across rivers as well as through a few cities, so maybe the low
count isn't that surprising. Or maybe it indicates that, so far,
wireless networking hasn't taken off in proportion to the amount
of press it's getting.
This was certainly an unscientific survey, but it highlights just
how easy it is to access networks if they leave a wireless hole
open. If you're exploring wireless at work, or even at home--as
many, myself included, are--use WEP if you want to keep your
traffic private and your passwords hidden.
Are you disappointed with the state of wireless networking? Or
have you had good luck with it? TalkBack to me!
Lee Schlesinger is the senior technology editor for ZDNet's Tech
Update section.
(fair-use, .edu, ~e.org 2002)
the electronetwork-list
electromagnetism / infrastructure / civilization
http://www.electronetwork.org/