August 19, 2005
Massport trying to shut down Continental's free WiFi service at Logan
Massport (Massachusetts Port Authority) is trying to stop Continental from offering free WiFi service to its President's Club members by invoking security and interference issues, according to a recent WiFiNetNews report.
Glenn points out the issue here remains if municipalities and individual landlords have the right to restrict privileges to unlicensed spectrum.
What's amusing here is the fact that this IS an unlicensed band. Believe it or not, Continental has all the right in the world to not have to use the T-Mobile service and put up their own. Security and interference are irrelevant in unlicensed spectrum. What Massport is doing can be analogous to going to a national park and bringing water, to find that the Park Ranger confiscates yours to sell you some.
Via WiFiNetNews
Posted by darkmoon at 10:09 AM | Comments (0) | TrackBack
July 31, 2005
WiFi Gun from Defcon
MAKE is promising a HOWTO soon so I'll be patient, but this is the latest WiFi gun from The Schmoo Group that can detect rogue APs and is built from a PPC device and parts you can scrounge from wireless APs. Too neat.
Via MAKE
Posted by darkmoon at 02:03 AM | Comments (0) | TrackBack
July 24, 2005
Computer Hacking and Unauthorized Access Laws
From the National Conference of State Legislatures, here is the complete State guidelines to computer hacking and unauthorized access. For each state, the law differs but it is definitely a worthy resource to browse if you ever wondered where your legal rights lay. Note that this says nothing about federal laws that you tamper with such as the CFAA.
Also another warning. Looks like the site is a bit dated (09/04/02)
Posted by darkmoon at 12:01 AM | Comments (1) | TrackBack
July 05, 2005
DIY WiFi Antennas
WiFi antennas are omnis off the shelf. This means that all the power is distributed in a 360 degree pattern around the antenna. The easiest way to increase your range and direct the signal is to change the antenna into a directional. Popular Science shows you how with some cardboard, you can build some ugly, but useful antenna deflectors to increase your range and redirect the RF power to where you want it.
And if you're not interested in creating ugly antenna deflectors, purchase some Flatennas from Tritium. Same thing as above, just a bit better looking.
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
July 03, 2005
Hacking a Microsoft MN-700
Here is a tutorial for hacking a Microsoft MN-700 wireless router into a linux operated wireless router that is pretty much comparable with the Linksys WRT54G. Who knew that you could take something as crappy as the MN-700 and turn it around?
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
June 02, 2005
Power over Ethernet
Power-over-Ethernet or PoE, basically uses the unused pairs in your ethernet cable and drives low-voltage power over them to power your device, assuming your device can take PoE.
Using a little hardware hacking and approximately $25 in parts, you too can create your own PoE injector for various electronic devices!
Yes, you can potentially fry your electronics, so have fun and responsibilty is all yours!
Hackaday < NYCWireless
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
May 19, 2005
Government has shoddy wireless security
The GAO has found that nine of twenty four major governmental agencies have not released wireless-security plans and of the six agencies tested, the WiFi signals were not masked (meaning they were broadcasting SSIDs probably) and there was evidence of unauthorized activity as well on all six tested networks.
Personal note: Did you expect anything else from the government? I've heard stories that would make most system administrators cringe on the shoddy IT policies and staff within the government.
Posted by darkmoon at 12:37 PM | Comments (0) | TrackBack
May 05, 2005
Protect yourself from WiFi Snoops
As usual, this cannot be the end all be all solution. But definitely the more you pack, the more the punch.
Some tips to protect your wireless network:
Using these three tips, you should be able to stop most script kiddies that are looking for easy targets.
The feature uses a Linksys box, as the example but while the steps may differ, the concept should remain the same.
Via OReillyHacks
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
May 04, 2005
Dartmouth nears the end of the "wired" age
Introducing voice over WiFi last year, and this year with video over WiFi, Dartmouth College is nearing the end of their "wired" age. With video lectures that you can get anywhere on campus, who needs to go to class?
Posted by darkmoon at 04:40 PM | Comments (0) | TrackBack
May 01, 2005
Howto make a EVDO-WiFi Hotspot
Here is a very good step by step on how to make a EVDO/WiFi hotspot. This is a costly solution and also takes a bit of Linux experience to hack these Soekris boxes, but they are all the more worthwhile when you understand what you're doing.
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
April 21, 2005
Are there potential legal risk to unauthorized WiFi access?
Everyone knows that you should protect your WiFi and that certain broadband users are bound by their contract to not share their connections, whether or not they have an unsecure access point. What people do not know is the legal complications that can come with accessing an open access point, especially if it falls in line with residential customers that have not secured their WiFi.
This analysis shows the legal complications to show if having an open access point is an invitation or in fact is illegal under the CFAA (Computer Fraud and Abuse Act.
Although prosecutors have tended to use the CFAA solely to punish theft-related acts involving computers, the proliferating use of Wi-Fi could change this, or provoke related activity at the state level or under federal wiretap laws, such as the Electronic Communications Privacy Act.
Schneier points out a great seventeen page analysis by attorney Robert Hale and is available via PDFs.
Posted by darkmoon at 12:41 PM | Comments (0) | TrackBack
April 05, 2005
FBI crack WEP key in 3 minutes
FBI demonstrated at an ISSA (Information Systems Security Association) meeting recently that it is possible to crack a WEP key in three minutes.
Personal note: NOW? WEP key cracking has been simplistic for ages. What's even more amusing is that they did the three minute crack by kicking off an authorized user from the network to collect the packets. They might have gotten into the network in three minutes, but with that many reauthentications from the authorized user, that would red flag to any system administrator. BAD way to hack. First rule of hacking: if you're going to break into a network, make sure that you're not detected. Idiocy.
Then the FakeAP gimmick was stupid also, since by the screenshot, I can eyeball which was a good network. FakeAP is a fun program, but if you don't name the fake access points well, it chooses names and keeps throwing out similar ones. A better way is to create evil twin effects with a hostapd. Note that they're using a GUI also, even though kismet and all wireless cracking tools are written in CLI. Obviously, speed is not an issue with the government and they're not in tune with the hacker criteria of having console windows. Looks like KDE in fact. Ew.
Only thing that I can claim at least the FBI do get somewhat. They used Linux.
Posted by darkmoon at 03:07 PM | Comments (0) | TrackBack
March 15, 2005
How to make wireless guests feel at home
If you run a business, WiFi access is both a detriment and a savior when it comes to usefulness. When your guests need access, it becomes a huge security risk to let them into the corporate network. Thus, if you follow a few simple tips from Tom's Hardware, you should be good with working out WiFi struggles with guests.
Via Tom's Hardware
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
March 10, 2005
Bleh WiFi security advice from Triangle IT security specialist
I happen to check E-NC every so often to run across an article out of the News Observer (RTP). To paraphrase, the article was telling someone that was connecting to a insecure hotspot (an unknowning neighbor who didn't put up his/her wireless correctly) if there were security risks.
Mr. Jeff Crume, an IT security specialist (IBM Corporation), tells the person to not login to take advantage of insecure hotspots since hackers could be sniffing the networks.
This is a great idea. Not to mention, while it is not illegal to log into someone else's insecure WiFi, it is unethical. The violation of the network service agreement is on the user that is paying for the service, not the "uninvited guest", so it does not play a part from the guest's point of view.
Then Mr. Crume says one of the most generalized things known in security field:
As for security issues, the bottom line is that you should not connect to any network that "you don't personally control or can't be sure is trustworthy unless you are willing to assume that everything you see at your end of the connection could be seen by others," Crume advises.
Hello? Anyone home? Every network in the world is not controlled at the end-user. If you want to use the Internet, there is the chance that your cable company is sniffing your modem, a hacker is sitting at the node-router sniffing the network, and so on, so forth. Even applied to WiFi, his argument lies invalid since even if you own the WiFi hotspot, there is nothing that says a hacker can't still sniff the network. Wireless feeds mean that the laptop generates a signal and broadcasts to whatever range its little antenna can handle. Then hopefully, some antenna from the user-owned hotspot picks it up and decrypts the messages and sends it off to the wild blue yonder of the Internet. There is nothing stopping anyone from sniffing the airwaves (unless you think WEP/WPA actually does something). There is a reason behind Netstumbler, Kismet, and other wireless sniffing tools. The pairing of Kismet and Ethereal allows any hacker to read wireless packets if they are not encrypted.
Truthfully, I could probably bet that most insecure hotspots are usually from non-technical people trying to join the world of wireless without reading the manuals rather than hackers setting up evil twin-nodes. Twin-nodes rarely exist in residential areas since they are very low traffic.
All the respect for you and your work, Mr. Crume. I have always loved your work. But next time, note wireless protocols (WEP/WPA + Radius) instead of generalized network security protocols (VPN, SSL). Perhaps touch on what a person with an insecure hotspot can do to secure the site.
With all the precautionary measures, at the end of the day, there really is no wireless signal that is safe.
Posted by darkmoon at 02:31 PM | Comments (0) | TrackBack
March 03, 2005
Increase the range of your WiFi router without voiding warranty
Practically everyone now that has a laptop made in the last six months to a year has wireless built-in. For the last couple of years, the technological rage has been to get unwired.
With wireless access points/routers dotting up and own the neighborhoods, a constant annoyance is range and privacy. Different antennas can create different patterns and ranges but can also void your warranty.
With some reflector dishes, both can be accomplished! The technique is basically taking the wave pattern (omni) and redirecting it in a general direction. Take a look at this tutorial.
Via Freeantennas
Posted by darkmoon at 12:01 AM | Comments (2) | TrackBack
February 23, 2005
VoIP over WiFi tested for public safety but at what cost?
Very geeky. RoamAD and WI-VOD have just finished testing for VoIP over WiFi up to 80mph in Arizona. This was funded by a Homeland Security grant for public safety personnel.
Slashdot and WNN via MuniWireless
Personal note: Similar to all public safety WiFi networks across the country, the City of Greensboro is deploying a network by Tropos Networks, but I cannot help but wonder why people (especially public officials) do not take heed when applying WiFi to public safety.
As a wireless consultant, I have again and again implored officials to take caution in mission-critical applications over these ISM bands. Not only are these public bands that cannot be allocated strictly for public safety, there is overflow of RF overlap and a bottleneck for bandwidth. There is nothing stopping any semi-intelligent crook to use a jammer for the 2.4Ghz range. Even applying the 802.11 standards flaw would take a tremendous hit on public safety in general. The CERT advisory is published here (2004-13-05).
Note that the standards flaw is within the 802.11 protocol standard when using DSSS (direct spread spectrum sequence) and the 2.4Ghz range. This vulnerability is immune to any encryption scheme since it is at the lowest layer and was discovered back in May of 2004.
*sigh*
Local governments should take heed when applying any mission-critical data on such networks. There is no way to assure quality of service on a publicly shared band with this technology.
Cybercriminals are getting hardier by the minute. Unfortunately, the bomb is ticking and there is no one around to blow out the fuse.
Posted by darkmoon at 12:56 AM | Comments (0) | TrackBack
February 22, 2005
Howto use your PocketPC as a WiFiphone
It's an older HOWTO and Vonage doesn't have unlimited minutes with their Softphone plan anymore. But still a good one to follow if you're interested in cutting the wires and being able to be reached anywhere there is broadband.
Via Engadget
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
February 20, 2005
Howto secure your e-mail over Public WiFi
Saw this post for MacOS-X, but it conceptually works exactly the same for every other OS. This tutorial covers why you should secure your email over public WiFi and how to do it. Most of the howto covers SSH tunneling which can be done through Windows (PUTTY), or Linux. Good when you don't want the next guy over in the airport to just happen to read your e-mail about what you drank last night.
Posted by darkmoon at 12:01 AM | Comments (0) | TrackBack
February 07, 2005
Taking over wifi routers
This is another example of the poor engineering in the world of WiFi. Here, a Slashdot reader points out the WiFi in Boston's South Station that is running on default passwords.
Personal note: This goes back to my personal opinion that most IT people have no clue what they are doing when it comes to WiFi. I have personally run into more than enough people in the world of WiFi, that do not understand how radio waves work. Yes folks, there is something called "INTERFERENCE". And you do share spectrum in the ISM bands. Why people do not realize this simple fact is beyond me since this is exactly the same when it comes to network engineering. Perhaps they never learned Networking 101 in their certification courses.
Posted by darkmoon at 12:16 AM | Comments (0) | TrackBack
February 03, 2005
WiFi Detector Ring
WiFi Detector Ring. Neato. Now if only came in a box of Captain Crunch.
Slashdot < WiFi Detector Ring
Posted by darkmoon at 05:12 PM | Comments (0) | TrackBack
January 19, 2005
WiFi in Philly by Mid-2006, but at what cost?
AP has an article by Michael Rubinkam, on Philadelphia's surge forward on its municipal WiFi cloud. The Chief Information Officer Dianah Neff spoke about the pricing for the Internet blanket covering 135 square miles.
Businesses and other residents will pay more for the service but still get broadband speeds at dial-up rates.
Rubinkam also writes:
Neff said Philadelphia's service will offer upload and download bandwidth of 1 megabit per second. In early March, the city will ask companies to submit proposals to build and run the wireless network, which is expected to cost $10.5 million to erect.
Personal note: This REALLY bothers me. Why? A couple of matters. First off, I founded a nonprofit that provides wireless Internet to low-income housing (still looking for more projects to launch in Greensboro area). I know for a fact that the lowest you can go for pricing with a volunteer staff of maintenance is around $5-10 a month, that's with Greensboro fiber pricing. So how is Philadelphia, where cost of living is probably more, going to provide "dial-up" pricing? Interesting thought provoker.
Second, Philadelphia is going to provide upload and download bandwidth of 1Mbps? With WiFi? Who are they kidding. They should scrap their RFP right now, since that RFP is fine-tuned towards corporations like Vivato only (phased-array antennas are the only solution to guaranteed 1Mbp movement). Otherwise, bandwidth will likely go down as userbase goes up.
Last, 2006? Can we say OLD TECHNOLOGY? I'm bringing on low-income folks because they have nothing: no cable, no DSL, no wireless broadband. I'm even researching WiMax and Motorola Canopy, in search of better solutions to bring any inner city child's connectivity up to par with any suburbia's connection. Municipal clouds should be looking to WiMax, or MIMO technology, not WiFi anymore.
WIFI HOTSPOTS ARE A FAD. Look to new technology to build out for cheaper and better solutions. Well, this definitely proves that city governments are not on top of technology base. Most obviously Philadelphia is lagging behind some.
Posted by darkmoon at 09:22 AM | Comments (0) | TrackBack
January 13, 2005
Verizon makes marketing boo-boo
The chief marketing officer for Verizon falls for reading sales pitches instead of knowing the technologies.
"For the business customer, especially the laptop guy, it’s all about speed and ubiquity,” Mr. Stratton added. “I think this really puts a hurt on the entire Wi-Fi concept for the business user."
Glenn Fleishman of WiFiNetNews is correct in the speeds that EVDO brings. On average, EVDO test markets are averaging about 300kbps. With more users on these systems, the bandwidth will drop depending on how the timeslots are handed out. While this technology is cutting edge for the United States market (Asia is already testing 1Gbps over cellular), this is not a replacement for WiFi. Both in cost-effectiveness, and scale, WiFi has 1X and EVDO beat. Until people realize that you need WiFi to supplement cellular data technology, no one will ever understand from what perspective Verizon is coming from.
If you don't understand what was just said above, here is the simplified version: Would you rather log onto a free hotspot via a WiFi card, or pay through your minutes via cellular?
I would assume that most would choose the former if it was available.
Posted by darkmoon at 10:27 AM | Comments (0) | TrackBack
January 09, 2005
CES pictures of new Vonage WiFi phone
I've spoken about the Vonage WiFi phone from UTStarcom called the F-1000. Engadget luckily has had the chance to take pictures of it at CES 2005 and graced the rest of the world with pictures of the phone they've been lucky enough to touch and play with a few months back. Not the super sexiest thing that I've seen when it comes to phones, but for the estimated $100 price tag, I'll definitely be waiting for this to hit the market.
Posted by darkmoon at 03:23 PM | Comments (0) | TrackBack
January 07, 2005
Free WiFi Filtering needs to go
Over at Pulver:
Jeff Pulver, VoIP evangelist, reports
While there is "free" Wi-Fi access at the Las Vegas airport at the moment, the network administrators at McCarran are port blocking most applications including: VoIP, IM and telnet.
WiFiNetNews reported.
Interestingly enough, I was on my way home from Columbus International yesterday, and the same thing was true. Everything was blocked off. Cincinnati Airport doesn't have free service so I suppose Columbus has one up on them.
Posted by darkmoon at 04:51 PM | Comments (0) | TrackBack
January 04, 2005
More drooling over new Vonage products
As I posted earlier, Vonage is finally putting a WiFi phone in our hands. Slashdot covers a link to USAToday where the approximation of $100 for the pricetag of this hot and sexy device. Unfortunately, the rollout date is sometime between April and June.
Some battery issues have rolled out on LightReading:
Tribolet says that there were some technical hurdles that had to be overcome before the company could introduce a WiFi option to its subscribers. “The predominant issue has to do with battery life,” he says. “It’s different than a traditional cell phone which can go into sleep mode. A WiFi handset must always stay awake and be able to search for hotspots. The F-1000 has a battery life of about 100 hours, similar to a standard cordless phone.”
Personal note: The battery life quote obviously comes from a management type and not an engineer. ANY device can be made to sleep, and there just needs to be a page flag just like cellular. It would take a bit of specialized coding, from my perspective, very achievable. While 100 hours isn't much, you can guarantee that I'll be sporting one of these babies when they come out if it truly is only $100.
Posted by darkmoon at 02:54 PM | Comments (0) | TrackBack
Come to daddy... oh boy it's a WiFi phone!
Engadget JUST posted on Vonage having a WiFi phone that will be able to make a call from any WiFi hotspot using your Vonage account. Made by UTStarcom, the F-1000 will provide me with "free" service anywhere there's a hotspot. Greensboro's CenterG hotspot will definitely be the first public drooling grounds.
Posted by darkmoon at 12:26 AM | Comments (4) | TrackBack
December 02, 2004
Chinese delegates refused visas to ISO/IEC
Mid-November, there was a ISO/IEC conference in Florida. Three days before the conference, all four of the technical presenters (WAPI) were denied visas to the United States without reason. The two non-technical members of the group went to the conference. Complaints were filed, with the support of member countries and several U.S. corporations. Speculation by the media on reasons for the denial could stem from the U.S. corporations being against the Chinese implementing a new WiFi security protocol called WAPI. Coverage is here.
Personal note: I think this is ridiculous. Nothing to do with the visas, but everything to do with US corporations. They want to play in Asia, and make large amounts of revenue since it's an untapped market. Yet, when someone brings in some "competitive" know-how, they try to squash it. Bravo to the Chinese for doing something that creates competition. Can we say, VHS vs. Betamax? The last thing the world needs is a technology where if it fails, everyone goes down with the ship. At least in this fashion, it keeps everyone on their toes for the next "BIG" thing. SCDMA? Fine. WAPI? Fine. U.S. corporations need to understand that you can't pull a Qualcomm anymore (they brought commercial CDMA to everyone and made a tremendous amount off the royalties). That was a one time deal. Just look at the craziness behind Toshiba's HD-DVD and Sony's Blu-Ray, or closer to home, Intel vs. AMD. Competition drives technology forward.
Posted by darkmoon at 09:22 AM | Comments (0) | TrackBack
November 19, 2004
Stealing Neighbor's WiFi
According to an article linked from WifiNetNews, Paul Boutin says that the FCC has said that they're not "aware" (keyword is aware) of any federal or state laws that prohibit from logining onto an open network.
Amusingly enough, aside from ethics, I don't think there is anything stopping you from logging onto your neighbor's networks. I've actually accidentally done it at my apartment complex when I was trying to make a SVEASOFT linksys box work. There's about 7 802.11B APs half of them have the usual default name of "linksys".
You might hose up their contract about sharing the line if you stream and download huge things, but it's amusing none-the-less that FCC has said this. In any case, it's a good article, I suggest reading it.
Posted by darkmoon at 08:28 AM | Comments (0) | TrackBack
November 18, 2004
Misguided media on WiFi
Interestingly, there was an article today on WiFi on CNN. Scary how media picks up on the fact that WEP is "flawed" after at least over a year of coverage on the fact that WEP can be cracked. What's amusing is that they don't say anything about WPA. Take a look at WiFiNetnews on Nov. 5th here. Hmm. Crackable WPA? Wow.
Word of advice for CNN. If you want to be a respectable news source (not like Fox really is that either), please at least do some research on the topic you're writing about. The industry knew about the WPA issue and would have been happy to share. Forget fair and balanced, or being the most trusted news source. How about getting all the facts before it airs?
Posted by darkmoon at 10:31 AM | Comments (0) | TrackBack
November 16, 2004
Tampa Airport obviously never heard of "public" spectrum
Glenn Fleishman of WiFiNetNews has an interesting tidbit on how the Executive Director and the trade association of Tampa International Airport say that the FCC cannot regulate the spectrum where their 802.11 resides.
Two words seem to stand out on this one. "PUBLIC SPECTRUM". Now if the airport deployed cellular or some other band where you have to bid for the spectrum, I don't see any problem with the aiport going nuts on managing it. Along the same lines, that would mean that public safety can use the public spectrum and kick off anyone else that uses it (like FRS) just because the FCC doesn't have any right to "manage the spectrum."
Posted by darkmoon at 09:03 AM | Comments (0) | TrackBack