War Driving is a favorite pastime among hackers and if you know how to spot them, you’ll be shocked at their numbers!
DURHAM, New Hampshire a land where white pines easily outnumber wireless computer users, New Hampshire may seem an unlikely haven for the free networking movement.
But the state, known for its Live Free or Die motto, could become the first in the United States to provide legal protection for people who tap into insecure wireless networks.
A bill that’s breezing through New Hampshire’s legislature says operators of wireless networks must secure them — or lose some of their ability to prosecute anyone who gains access to the networks.
House Bill 495 would, experts say, effectively legalize many forms of what’s known as war driving — motoring through an inhabited area while scanning for open wireless access points.
Increasingly popular with businesses and consumers, wireless networks use radio waves to transmit data between computers in a network. The convenient, low-cost equipment often is deployed to allow employees or household members to share a single Internet connection.
To simplify installation, wireless systems typically ship without any security features enabled. Because the radio waves broadcast by wireless base stations are relatively powerful, it’s not uncommon for residential neighbors or adjacent businesses to inadvertently connect to each others wireless networks.
Some wireless owners leave their access points unsecured on purpose. A grassroots effort known as the open network movement is attempting to create a worldwide grid of Internet-connected wireless access points. A computer enthusiast with a DSL or cable modem at home may, for example, intentionally provide free wireless access to the connection while he’s away at work.
New Hampshire’s proposed wireless law was hailed as "enlightened" by the Electronic Frontier Foundation, a California-based digital rights advocacy group.
Lee Tien, a lawyer for the EFF, said the bill would help clarify the legality of the open networking movement.
"It seems like a fairly clean way of accommodating the geek-culture practice of having open wireless access points without doing anything bad for security," said Tien.
The appeal of tapping into free Internet connections while on the go has led to an activity known as war chalking, in which wireless fans scratch special markings on pavement to indicate open connections. Thousands of wireless "hotspots" offered by hotels, restaurants and other commercial establishments also are listed in online databases such as 80211hotspots.com.
To understand the genesis of New Hampshire’s proposed law, just boot up a wireless-enabled laptop at the Fusion Internet Cafe and Espresso Bar on Elm Street in Manchester, the state’s largest city.
Fusion has been offering free wireless access to coffee drinkers for the past four months. But co-owner Carlos Pineda said he sometimes turns on his laptop at the cafe and finds himself connected instead to a wireless local-area network, or WLAN, operated by the CVS drugstore located across the street.
"I don’t even think their employees are aware the signal from their Internet is being broadcast outside of their space," said Pineda. "That means I have access to their (Internet protocol) address so I can break into their system. Personally I can’t, but other, more-savvy people could do it."
The legality of such inadvertent wireless network intrusions is murky. Last year, a Texas man was indicted, but later cleared, on charges that he illegally gained access to the wireless network of the Harris County district clerk.
Like most state and federal computer crime laws, New Hampshire’s existing statute says it is a crime to knowingly access any computer network without authorization. By analogy, just because someone leaves his house unlocked doesn’t mean you are authorized to walk inside, sit on the couch or help yourself to the contents of the fridge.
But HB 495 turns that thinking upside down, experts said. It defines an operator’s failure to secure a wireless network as a form of negligence. According to the proposed amendment, "the owner of a wireless computer network shall be responsible for securing such computer network."
What’s more, if an alleged intruder can prove he gained access to an insecure wireless network believing it was intended to be open, the defendant may be able to get off the hook using an "affirmative defense" provision of the existing law.
As a result, some legal experts contend that New Hampshire’s proposed amendment to its computer laws could make it harder to throw the book at criminals who take advantage of insecure wireless systems.
"If (wireless network operators) want to be able to prosecute people for hacking into their wireless networks, they need to have done something to have secured the networks," said Mark Rasch, a former head of the Justice Department’s computer crime unit.
Despite repeated warnings from experts, at present many wireless users haven’t secured their systems.
A 10-minute war drive down the main business district of Manchester earlier this month using a laptop with a standard wireless card revealed nearly two dozen open wireless access points, including some operated by banks and other businesses.
A variety of techniques can deter, if not eliminate, unauthorized access to wireless networks. For example, enabling a technology called Wired Equivalent Privacy, or WEP, can provide some security by encrypting wirelessly transmitted data. Wireless networks also can require users to provide a password before connecting. Another technique, called MAC address filtering, only allows access to computers on a designated list.
But according to Jeff Stutzman, CEO of ZNQ3, a provider of information security services, such security techniques are beyond the ken of many home and small-business users.
"When I do a vulnerability assessment for a client, one of the first things I do is test for open (wireless) access points. And I’ve been in places where every access point I’ve picked up is un-WEPed," said Stutzman.
Pineda said the salesman at Best Buy who sold Fusion Internet Cafe its wireless gear didn’t even bring up the subject of enabling security features.
War Driving Gone Mad!
"People talk about wireless technology but no one talks about the security problems … people stealing the signal, hacking your system," said Pineda. "That’s not their concern. Their concern is to push a product out of the store."
Passed by the New Hampshire House last month, HB 495 currently is being reviewed by the state’s Senate Judiciary Committee. If signed into law, it would take effect in January 2004.
Committee Chairman Andrew Peterson said the goal of the proposed law is to protect those who innocently stumble upon insecure wireless networks. But Peterson said the committee is open to arguments from anyone who believes the bill could undercut existing protection for victims of wireless hacking.
"We want to be sure that it wasn’t the case that, through trying to protect people under certain circumstances, we were opening up greater opportunity for criminal activity," said Peterson.
Story location: www.wired.com/news/wireless/0,1382,58651,00.html