Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FBI Warns Companies About Wireless Warchalking

timothy posted more than 12 years ago | from the in-their-off-hours-i-hope dept.

Security 188

nobilid writes: "Well-meaning wireless activists have caught the attention of the U.S. Federal Bureau of Investigation. One of its agents has issued a warning about the popular practice of using chalk marks to show the location of wireless networks."

cancel ×

188 comments

Sorry! There are no comments related to the filter you selected.

First post! (-1)

Cubeman (530448) | more than 12 years ago | (#4089941)

I am a nerd.

Re:First post! (-1, Offtopic)

The Rivethead (601921) | more than 12 years ago | (#4090092)

No Sir! You are an idiot. Suck my balls! Sincerely, The Rivethead

yaw dawgz (-1, Troll)

Anonymous Coward | more than 12 years ago | (#4089945)

fr1st p0zt

linux iz fur bitchez

www.linuxisforbitches.com

Re:yaw dawgz (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#4089964)

that site, www.linuxisforbitches.com, is soooooo right on.

is it yours?

ep (-1, Troll)

Anonymous Coward | more than 12 years ago | (#4089947)

This early post for Ida!

FBI don't take know shit. (0)

Anonymous Coward | more than 12 years ago | (#4089949)

I'd listen to the FBI dude. After all, when it comes to telecommunications law, they are hard core! Look what happened to worldcom!.. oh wait, they are still in business despite losing 7 billion bucks.... Well... look at qwest!... oh.. no.. wait... they are too....

Maybe it would make more sense to build a centralized website where people can update this information and the system would correllate it with a real time map that a user could print out if they wanted. Traveling to Houston for the week? Print out a map of the wireless areas and take it with you. Seems much easier than anything else and no legal problems.

Re:FBI don't take know shit. (-1, Flamebait)

Anonymous Coward | more than 12 years ago | (#4090124)

What the hell are you talking about? What does the FBI, warchalking, telecommunication laws, and the allegedly illegal accounting practices of certain companies have to do with each other? Maybe you should finish 8th grade, read a few newspapers or just take your head out of your ass.

Chalk marks? (0)

Anonymous Coward | more than 12 years ago | (#4089950)

What about encription, surely that would be enough!!
Well unless you live in London!

misleading (5, Funny)

Bilestoad (60385) | more than 12 years ago | (#4089952)

Hey, great way to distort the truth and make "wireless activists" sound important! From the headline you would think "wireless activists" had themselves drawn the scrutiny of the FBI.

But all they said was that if you notice a chalk mark advertising your wireless network you should think about securing it. Well duh!

And "wireless activists"? More like geeks with toys. I wonder how long the novelty lasts for the average "activist". It's a network. But without wires! WOW!

Re:misleading (0)

Anonymous Coward | more than 12 years ago | (#4090024)

It truly is great to roam around campus with a notebook and no wires and read slashdot. In my school we dont use chalk but acctual signs as to where you can go and still keep your connection. Who the hell uses chalk? 4

Re:misleading (2)

guttentag (313541) | more than 12 years ago | (#4090144)

I would be far more concerned if the headline read "FBI Warns Activists About Wireless Warchalking."

So? (4, Insightful)

leviramsey (248057) | more than 12 years ago | (#4089953)

The FBI is not saying that setting up free wireless networks is a bad thing. They're warning companies that run WLANs to check for warchalking around their buildings and check their LANs for security. This is what they should be doing, but considering how many idiot admins there are out there, they need the FBI to give them security advice.

Typical.

Re:So? (1)

capnjack41 (560306) | more than 12 years ago | (#4090053)

idiot admins there are out there, they need the FBI to give them security advice.

It's like leaving your front door unlocked, letting people notice, and needing the FBI to step in and letting you know (although the article said that it's not an 'official' warning, just the passing on of helpful info).

Rick Austenson is GHEY! (-1, Troll)

Anonymous Coward | more than 12 years ago | (#4089954)

First Post... Rick Austenson is Ghey!!!

Right target for once. (2, Insightful)

undeg chwech (589211) | more than 12 years ago | (#4089956)

At least the FBI are warning the companies and not arresting the warchalkers.

They can't... (4, Insightful)

kyletinsley (575229) | more than 12 years ago | (#4090042)

At least the FBI are warning the companies and not arresting the warchalkers.

Well maybe that's because warchalking isn't ILLEGAL... All they're doing is walking around with a laptop and noting when someone else is broadcasting networking signals in an area. It's against federal law to attack the computers on that network, or misuse their bandwidth to mess with other people's computers, but putting a chalk mark on a wall to signify that the schmucks inside need to tighten their security is probably the least destructive thing they could do to them. It's like publicly announcing a security hole in a Microsoft product, except they do so by taping a notice to the door of Microsoft's front lobby. Sure, it's public so anyone can read it, but the number of people who pass by it is very small (compared to putting this info on a web page like another poster mentioned), and most of those people are are very likely to be the Microsoft employees themselves...

Re:They can't... (2, Informative)

Sheetrock (152993) | more than 12 years ago | (#4090119)

I wouldn't make a blanket statement like this right now unless you have done some conclusive research into federal, state, and local laws or have some knowledge the rest of us aren't privy to. It strikes me as being very plausible that the laws on the books could be interpreted as making something as simple as turning on a laptop running Windows with a wireless LAN card in the area of somebody else's wireless network a crime, particularly if it is argued that warchalkers are doing this with the specific purpose of determining whether or not it is possible to use a network that doesn't belong to them. Just as, say, buying pills from the suspicious man on the corner to turn over to the authorities as proof of drug dealing or randomly turning handles on doors in a neighborhood to determine whether or not they're locked might be misinterpreted, warchalking too is something that people shouldn't bother with unless they're fully cognizant of how bad it's going to look if they get caught.

Personally, I'd say screw it; security consultants get paid better than warchalkers, they're better appreciated, and they don't do jail time. There are plenty of better ways to be a good samaritan without having to second-guess the law.

Re:They can't... (1)

A coward on a mouse (238331) | more than 12 years ago | (#4090309)

So... all I need to do to legally prevent my neighbor from using WLAN is to use it myself? This is great. I hate that guy.

Re:They can't... (2, Insightful)

undeg chwech (589211) | more than 12 years ago | (#4090170)

I didn't say it was illegal ... but would you have been surprised if the headline was "FBI arrests warchalkers" ?

Re:They can't... (2)

bsartist (550317) | more than 12 years ago | (#4090295)

Well maybe that's because warchalking isn't ILLEGAL

I get what you're saying here, and for the most part I agree. But technically, unless you own the building you're chalking, you could get arrested for graffiti, vandalism, or some such.

If companies don't bother... (4, Insightful)

Lawmeister (201552) | more than 12 years ago | (#4089957)

to install M$ patches for well known exploits, what are the chances that they'll take the additional effort to lockdown their wireless networks, then modify all their client PC's?

They will only do this after they've been 0wN3d. As per usual.

Kinda Misleading (4, Interesting)

mo (2873) | more than 12 years ago | (#4089958)

Wow, reading the header I though that the FBI is going after people who create the warchalk marks. But, if you RTA it's a lot less interesting. Basically, the FBI is saying that companies should be clued in if they get a warchalk marking an open WLAN next to their office. Duh. Dunno why I need the FBI to tell me that.

Re:Kinda Misleading (3, Informative)

Myco (473173) | more than 12 years ago | (#4089978)

I don't see what you're talking about. The headline starts "FBI Warns Companies." It states clearly what they're doing. It doesn't say "FBI Goes after Warchalk[ers,ing]" or anything like that.

Re:Kinda Misleading (4, Insightful)

garcia (6573) | more than 12 years ago | (#4089991)

you don't, but the companies do.

Most would probably think that those marks were either a) gang related or b) random garbage.

Re:Kinda Misleading (1)

kyletinsley (575229) | more than 12 years ago | (#4090075)

This article title isn't that misleading, but a couple other ones I read gave that impression moreso. It's all the same bullshit memo from the FBI, but different people tried to skew it into a more interesting story to varying degrees:

There was another one I read before that was even worse, but I can't seem to find it now. You can read the actual letter from the FBI here though: http://www.politechbot.com/p-03884.html [politechbot.com] .

Re:Kinda Misleading (2)

Sancho (17056) | more than 12 years ago | (#4090081)

No joke...that second one was:
FBI warns 'warchalking' practice could expose business data to hackers--or terrorists.

It's not the warchalking that exposes the data, it's the dumbasses not securing their networks!

Re:Kinda Misleading (0)

Anonymous Coward | more than 12 years ago | (#4090289)

"Basically, the FBI is saying that companies should be clued in if they get a warchalk marking an open WLAN next to their office. Duh. Dunno why I need the FBI to tell me that."

Well, duh. The FBI isn't tell *you* that. They are telling the clueless people who have left their WLAN's open to access from the outside.

kids... (1)

skydude_20 (307538) | more than 12 years ago | (#4089967)

and i just they were just innocent kids doddling on the sidewalk

Warchalk sightings (5, Interesting)

raju1kabir (251972) | more than 12 years ago | (#4089969)

Has anyone actually come across any examples of warchalking in real life? (it doesn't count if you did it yourself, or if you found out about it from a news article and went to go see it).

I walk and bike around DC more or less constantly and I've never seen one despite keeping my eyes peeled. And I know there's no shortage of WLAN networks here (netstumbled the 20-minute walk home from work and got about 40).

Re:Warchalk sightings (2, Informative)

Peale (9155) | more than 12 years ago | (#4089977)

Re:Warchalk sightings (1)

anjrober (150253) | more than 12 years ago | (#4090064)

this is the 'reading about it'...this was posted a while ago...that doesn't count...

Re:Warchalk sightings (0)

Anonymous Coward | more than 12 years ago | (#4090068)

this should not have been moderated. It was actually linked in the article. Bah.

Re:Warchalk sightings (0)

Anonymous Coward | more than 12 years ago | (#4090302)

On a business trip about a month ago, I was walking through downtown Bethesda and saw one... Didn't have my iBook with me to check it out though

Re:Warchalk sightings (1)

Herkum01 (592704) | more than 12 years ago | (#4090335)

Abe Simpson: Look here Bart, these are Hobbo signs(points to signs on a fence). They use these to communicate with each other.
Bart Simpson: So what does these signs say?
Abe Simpson: They say there is an attractive woman lives here, fine vittles and a hobbo graveyard in the basement!

Bart & Abe:AAAAAAAAAAAAAAAAAA!

actual letter (5, Informative)

martissimo (515886) | more than 12 years ago | (#4089971)

link to the actual Pittshburgh FBI email [politechbot.com]

better read than the linked article which is kinda light on detail. interesting to note that the FBI states in it that using a 802.11 access point without "explicit authorization" may be a federal crime

Re:actual letter (3, Informative)

mgkimsal2 (200677) | more than 12 years ago | (#4090058)


"Identifying the presence of a wireless network may not be a
criminal violation, however, there may be criminal violations if the
network is actually accessed including theft of services, interception
of communications, misuse of computing resources, up to and including
violations of the Federal Computer Fraud and Abuse Statute, Theft of
Trade Secrets, and other federal violations."


If they wanted to press harder, essentially anyone who even 'wardrives' (what a stupid term!) looking around for open networks could be violating some federal law. You wouldn't be able to know if a network is open or not until you tried to access it, and you're attempt doesn't have explicit authorization. It'd be like tuning into a radio station (which plays just fine on your radio) that you didn't have authorization to listen to. You would be breaking the law just by checking if you get the station, because that's 'accessing' it.

It's a bit of a stretch, I know, but damn it, this kind of stuff just gets my goat. With all the money people spend on wireless networks and subsequent 'consultants' why the hell can't they lock these things down too? Is it because the bulk of these people really shouldn't be adminning or setting up any sort of network in the first place? Probably.

Re:actual letter (0)

Anonymous Coward | more than 12 years ago | (#4090111)

I dunno, that's pretty far out there, on my laptop at least I don't have to even actively check to see if there are any open wireless networks, it just tells me if I have come into the range of a base station (that includes closed base stations)

That would be like saying it's illegal to walk down the street and notice if someone's door were open or closed, not even go near the house, but just see that it's there.

Re:actual letter (2, Insightful)

autarkeia (152712) | more than 12 years ago | (#4090249)

To clarify: it does not mean operating an open 802.11 access point is a crime, but instead that using someone else's 802.11 access point without their permission is a crime. That's a good point, and should be used as the basis to prosecute spam and DOS attacks.

Signs (5, Funny)

Tablizer (95088) | more than 12 years ago | (#4089973)

Someone disguised as a kid made a hop-scotch pattern next my driveway with chalk. They are out to get me. My foil hat is not working anymore! Help!

Re:Signs (-1, Troll)

Anonymous Coward | more than 12 years ago | (#4090073)

MODERATORS Crack smoke wafts though air - Dumb shit moderator - Try to suck less, please
KAZAA Fuck R I A A - Network sold behind their backs - Stupid fucking cunts
Slashdot, Where Editors come to SUCK © ® (TM)
HAIKUS
Haiku: to the Slashfags. Fuck slash editors - The cumlicking fags they are - I shit upon them
TACO pondering GOATSE: I stare at the goat - His huge gaping ass so wide - And I want to eat
Haiku: The ancient haiku: - Flame Taco and CowboyNeal - With lame poetry.
CowboyNeal A mountain of fat, - butt cheeks jiggling like Jello. - What an odd poll choice!
CmdrTaco Watching Pokemon - With cum stuck on his goatee. - Newbie loser scum.
Stinky Kathleen Fent Cockeater Taco, - Proposing to Fent online, - I fingered her too.
Rob Malda and Kathleen Fent Chubby breasts, fat ass - Distract us from Rob's boylust. - But they both suck cock!
Taco Tuesday: Too much mexican. - Angry poo, firey hot. - Where's my antacid?
CHOAD licking Taco: Malda in the dark - Swallowing chode for profit - He rips his anus
Fuck KATZ Katz is a Jew - michael is a Mormon - Or is it Timothy?
Martini Fuck off That is fucking good. - I nearly spilt martini - On my nice trousers.
Slap my Ham, rub it off, fuck Spank fast wank it hard - Jerk that dick to Pokemon - Party at Taco's
GOAT I just came again - looking at the goat-see man - more kleenex required
Cock BIRD The Dead Penis Bird - Nailed to the member always - Never falling off
BSD Stare into the night - Sun is setting on your sys - BSD is dead
Michael Michael User Simms - Sifting through all our comments - Censoring bastard
Klerk Trolltalk hard to read - Information desires - Wideness for us all
Cobalt Really tired now - Off to masturbate to sleep - See you at the day
Humorless Moderator Crack smoke wafts through air - Humorless moderator - Why do you hate me?

Taco, I want you to fuck me in the ass please. I am dying to be anally accosted. I want to be ravaged like hog. I want you to dress like a farmer and make me oink like a pig. I want an ass reaming like no other. Taco, I haven't had this kind of lust for you since the crazy college days. We used to butt fuck each other in the stalls. You always told me not to flush and preferred using my feces as apposed to real lubricant. I remember your chocolaty member, your manhood, draped in my feces. Man, Robbie, I remember. I was day dreaming, escaping into a nether world where we used to fornicate, and live in fornicatory bliss. You used to like to keep your tubes socks on to enhance they gay look. We were so flitty and light on out feet. I am so very confused these days. I have difficulty conceptualizing the time that was then in contrast to now. I mean, first you were a raging homosexual, now you deprecate me in favor of this "woman." I know that bitch is a transvestite. You are closeting your homosexuality and denying your roots in my ass!

Don't be fooled! This man knows how to suck a dick. He may nibble, and bite, and pretend to be sheepish at first, but deep down this cock loving acolyte of shaft licks cock like a bar maid.

I am destabilizing. The world is going dark to me. I have scintillating threads of motley thoughts, my ability to control my self evanesces away! I have only an adamantine desire to see your balloon knot once again, and to have you ravage mine! I see a world of GOATS. A goat fucking extravaganza. I invoke the ANUS of DOOM! I hate Taco.

SON of the GOAT, HUGE ASS WIDENER, This is a massive, massive ass attack from the Minister of Goat, Ayatollah man-meat. [bmezine.com]
Dilated Meat Pie. Most suppressed people really like seeing this. It gives them new masturbatory fodder. [bmezine.com]
Two cucumbers, better than one. This is to show that the giver is really smaller than what is needed to fill GOATSE man. He east Cheerioatse brand O's [bmezine.com]
A Disney product right where it belongs. Up a goat's ass. Death to Mike Eisner, the butt buddy of Commander Tak0. [bmezine.com]
Raw and dilated man-pussy. Put back the trouser snake, Tako. You dick is way too small for this man's ass. [bmezine.com]
A Prolapsed rectum is sure to whet even the most jaded flaming fuck's appetite. Tak0, your penis is regrettably way too small, even for your "Fiancée's" unfettered anus. She doesn't want to dirty her ass with the likes of your pathetic member. [bmezine.com]
GOAT KORAN [goatse.cx]
Classic HIT ME IN THE SHITTER BABY, UNGH HUH [es.org]
Classic Oh yeah, in the shitter some more, in the shitter. [es.org]
Classic More ass stretching goodness. [es.org]
Female Goater My pussy is too small for this APPLE. [es.org]
Goatse Grandpas - GRANPA GOAT S3X0R5 [es.org]
Son of a Goat - Holy fucking son of a goat. Kind of looks like Tako from behind, but to be sure I'd have to ask CowGryl Kneel [conhugeco.org]
1 Oh, pardon me sir, would you happen to have any ANAL LUBE? [conhugeco.org]
2 UNGH FART, pssssbt, ungh, tweeep, squeaaaaaak ungh [conhugeco.org]
3 PFFFFFFFFFFT AHH pffft [conhugeco.org]
4 FOOOOOOOOOOOOF blud dribble dribble [conhugeco.org]
Prime Number Shitting Goatse Man See The Prime numbers flow like the river SHIT [massivewang.com]
Goatse Returns! Fuck yeah, the goat man is a coming back to Trollaxor [trollaxor.com]
I summon the powers of HUGE GAPING ASS!
1 You Will Love to Goatse on all the things of Internet.

2 Will Search and initiate to new members, and you will show the way to the light (www.goatse.es.org)
3 When they return of to see our God Goatse, you mock of them.
4 To fuck, to fuck that are shocked the planets!

* g o a t s e x * g o a t s e x * g o a t s e x * [goatse.cx]
gcccccccccccccccccccccccccccccccccccccccccccccc cg
oc/ccccc\ccccccccccccc\cccccccccccc/cccc\ccccc cco
a|ccccccc|ccccccccccccc\cccccccccc|cccccc|ccc ccca
t|ccccccc`.ccccccccccccc|ccccccccc|ccccccc:c cccct
s`cccccccc|ccccccccccccc|cccccccc\|ccccccc| cccccs
ec\ccccccc|c/ccccccc/cc\\\ccc--__c\\cccccc c:cccce
xcc\cccccc\/ccc_--~~cccccccccc~--__|c\ccc cc|ccccx
*ccc\cccccc\_-~cccccccccccccccccccc~-_\c ccc|cccc*
gcccc\_ccccc\cccccccc_.--------.______\ |ccc|ccccg
occcccc\ccccc\______//c_c___c_c(_(__>c c\ccc|ccc c
accccccc\ccc.ccCc___)cc______c(_(____>cc|cc/ccc c
tccccccc/\c|cccCc____)/cccccc\c(_____>cc|_/cccc c
scccccc/c/\|cccC_____)c_Taco_|cc(___>ccc/cc\ccc c
eccccc|ccc(ccc_C_____)\_ccccc/cc//c_/c/ccccc\cc ce
xccccc|cccc\cc|__ccc\\_________//c(__/ccccccc| ccx
*cccc|c\cccc\____)ccc`----ccc--'ccccccccccccc |cc*
gcccc|cc\_cccccccccc___\ccccccc/_cccccccccc_ /c|cg
occc|cccccccccccccc/cccc|ccccc|cc\ccccccccc ccc|co
accc|ccccccccccccc|cccc/ccccccc\cc\ccccccc cccc|ca
tccc|cccccccccc/c/cccc|ccccccccc|cc\ccccc cccccc|t
sccc|ccccccccc/c/cccccc\__/\___/cccc|ccc ccccccc|s
ecc|ccccccccccc/cccccccc|cccc|ccccccc|c cccccccc|e
xcc|cccccccccc|ccccccccc|cccc|ccccccc| ccccccccc|x
* g o a t s e x * g o a t s e x * g o a t s e x *

Re:Signs (2)

llamalicious (448215) | more than 12 years ago | (#4090217)

Obviously, that "kid" works for NASA [slashdot.org] .
Please read Skiboo's reply to my post with important information regarding proper usage of tinfoil hats.

In other news... (3, Funny)

evilviper (135110) | more than 12 years ago | (#4089985)

In related news, this same FBI agent has filed another warning. This time, the warning talks about the dangers of writing down your passwords on post-it notes, and leaving ot near your computer.

Oh, what a crazy new world we live in.

Phew... (1)

TheHouseMouse (589773) | more than 12 years ago | (#4089986)

Thank god that an FBI member told us this info. I would've never checked to make sure my wlan was secure if it weren't for them advising me to do so. I was always under the assumption that my network was suppose to be insecure. Phew, excuse me while I drown in a pool of my own sarcasm. <BR> <BR>

Just read Slashdot (0)

Anonymous Coward | more than 12 years ago | (#4089988)

Wouldn't it just be cheaper for companies just to hire one designated employee to sit around reading Slashdot, The Register and similar websites all day? Since my company is essentially already paying me for this service, they might as well just make it part of my job description...

Re:Just read Slashdot (1)

SoSueMe (263478) | more than 12 years ago | (#4090104)

"Pick Me!, Pick Me! I'm more than qualified!", cried a member of the chorus.

Oh no! They're on to us! (0)

Anonymous Coward | more than 12 years ago | (#4089989)

Stop using chalk! Start using... spray paint! They'll never find out we switched methods. They'll just assume it's kids doing graffiti!

From the article... (5, Insightful)

Heem (448667) | more than 12 years ago | (#4089992)

"The FBI is now telling companies that, if they see the chalk marks outside their offices, they should check the security of wireless networks and ensure they remain closed to outsiders. "

Hey, how about you do this even if you DONT see chalk marks?

Re:From the article... (0)

Anonymous Coward | more than 12 years ago | (#4090023)

Dude with the recesion and all the american public can`t afford that kinds of warnings, tax dollars at work here!

You mean (0)

Anonymous Coward | more than 12 years ago | (#4090001)

They're not all busy hunting down terrorists? Damn, Ashcroft had me fooled all along. I thought that was the FBI's expertise, particularly preventing actions like 9/11 from happening.

Re:You mean (0)

Anonymous Coward | more than 12 years ago | (#4090241)

but hackers are [cyber]terrorists!

Who the hell (1)

swaic (541592) | more than 12 years ago | (#4090004)


is making up these damn terms!

description of the marks and thier uses (4, Informative)

10 Speed (519184) | more than 12 years ago | (#4090006)

Warchalking PDF [blackbeltjones.com]

A handy businesscard sized description of the marks and thier uses...

Re:description of the marks and thier uses (1)

Weffs11 (323188) | more than 12 years ago | (#4090028)

Thanks, I was just gonna ask what the marks are.

Taking sailing lessons from the Titanic captain... (3, Funny)

mellonhead (137423) | more than 12 years ago | (#4090013)


Well-meaning wireless activists have caught the attention of the U.S. Federal Bureau of Investigation. One of its agents has issued a warning about the popular practice of using chalk marks to show the location of wireless networks."

And in other news...

Careless FBI agents have caught the attention of well-meaning wireless activsts. One of its members has issued a warning about the frequent practice of losing laptop computers, not to mention weapons. As reported by CNN on July 19, 2001, "The FBI reported Tuesday it had tentatively determined that more than 400 firearms and another 184 laptop computers -- including one that contained classified information -- are unaccounted for."

Warn? (5, Funny)

jmd! (111669) | more than 12 years ago | (#4090018)

> One of its agents has issued a warning about the popular practice of using chalk marks

Warn? WARN?! Why warn when you can just outlaw chalk! It's this kind of thinking that's getting government computers hacked and innocent civilians killed.

Re:Warn? (1)

Ziviyr (95582) | more than 12 years ago | (#4090060)

Why warn when you can just outlaw chalk!

Really, we should have a branch of military that shoots on sight people found holding chalk. We could have them patrol schools since thats where drugs and gangs are.

we should extend this principle (4, Funny)

jukal (523582) | more than 12 years ago | (#4090019)

...why is it that only nerds come up with good things. Why don't everyone start chalking, when there's some good resource to steal...erm... use. Like, we could chalk the neighbour's wifes excellent pizza, another neighbour's apples, that lady who is always ready, local tobacco shop which sells marijuana as well. The list could go on and on! We could also invent a fancy name for it, though "war" is cool already :)

Re:we should extend this principle (2)

lpontiac (173839) | more than 12 years ago | (#4090043)

We could also invent a fancy name for it, though "war" is cool already :)

War on Payment!

Re:we should extend this principle (0)

Anonymous Coward | more than 12 years ago | (#4090168)

"local tobacco shop which sells marijuana as well."

Late night fast food places do this a lot. Ask for another company's food sometime when you go in there.

Re:we should extend this principle (1, Informative)

Anonymous Coward | more than 12 years ago | (#4090250)

Warchalking is a modern form of an old communication method. Read more about hobo signs [worldpath.net] . These signs were actually used for the kinds of things you jokingly suggest.

bah (1)

wo1verin3 (473094) | more than 12 years ago | (#4090022)

Have they banned chalk yet? Soon the chalk companies will be in same kind of trouble the Sharpee people are!

What's the Big Deal? (2, Insightful)

dmarx (528279) | more than 12 years ago | (#4090025)

The FBI is telling companies, "If you see this symbol outside your building, it probably means that your network is accessable from the outside. Make sure this is what you want." What's so wrong with that?

well meaning?? (4, Interesting)

blaine (16929) | more than 12 years ago | (#4090032)

OK, these "wireless activists" go around searching for insecure wireless networks, and when they find them, instead of telling the owners of said networks about the problem, they covertly mark the information down so that others can use that network illegally.

How the hell is this in any way "well meaning"?!

I swear, only on slashdot ...

Re:well meaning?? (1)

Ziviyr (95582) | more than 12 years ago | (#4090052)

instead of telling the owners of said networks about the problem, they covertly mark the information down so that others can use that network illegally.

This is the first time I've heard people were doing this covertly.

Also an open wireless network is an open wireless network, they should like close it or something if they don't want people who have the signal being beamed through their skull using it.

If people hop up and down going "WIRELESS, COOL! WIRELESS, COOL!" and then get posed with a question to which they respond "Security? Huh?" then they're hidelously unqualified and should be fired and blacklisted for compromising the business.

You don't walk around holding your wallet open and point it at people and mutely follow them around within a certain area and expect some people aren't going to look and maybe even take. You shouldn't be surprised when it happens.

Re:well meaning?? (2)

blaine (16929) | more than 12 years ago | (#4090154)

Bad analogy. A better one is as follows:

You're a locksmith, and you're out doing some shopping. While stopping in a cafe, you happen to notice that the lock on their front door is a model of lock that you know from experience is easy to jimmy. However, instead of telling the owner, you go outside, step into an alley, and pull out some chalk. You then proceed to write out some marks on the wall that inform others who are knowledgeable about the marks exactly how to break into this cafe.

Tell me again how this sort of activity is "well meaning"? Oh, that's right, it's the cafe owner's fault for not realizing the lock could be a problem. You're not doing anything wrong at all by intentionally telling only those with an interest in abusing this information about it, really.

bad example? (2)

mgkimsal2 (200677) | more than 12 years ago | (#4090240)

bad example - anyone else could see the lock on the front door too, any could bring to bear their knowledge of locks on that with or without your symbols. It's much harder to 'see' invisible bandwidth availability that it is to see the type of lock on a door.

The store owner probably wouldn't press charges against a locksmith who happened to walk by the store, stick his head through the open door and say 'hey, I see this lock here is insecure - you should get it replaced with a better lock'. Random Joe walking in off the street to company X saying 'hey, your wireless network is insecure - trust me' is not going to get the same respect. There aren't federal laws about looking at someone's lock on a front door. There ARE federal laws against 'looking' at someone's network (you have to interact with it at some level to gain ANY knowledge about it at all).

Re:well meaning?? (5, Insightful)

BenHmm (90784) | more than 12 years ago | (#4090072)

Because this isn't the point of warchalking. Most warchalkers - and I made the first ever warchalking mark - use them to mark out their own open nodes, for the sake of others using them. I've seen many many warchalking marks around London, and none of them is for an unintentionally available network.

The FBI's whole premise is bollocks, and you shouldn't assume that because it's possible to mark up a wlan that isn't yours that people actually do.

Re:well meaning?? (3, Insightful)

blaine (16929) | more than 12 years ago | (#4090122)

Maybe I'm crazy, but every single article I've ever read about warchalking has implied to me that the purpose of warchalking was to break into networks not owned by you. This includes articles both by people for and by people against the practice. I have never heard of using warchalking in order to tell people about an intentionally accessible network.

In fact, to me, that makes absolutely no sense. Why not just put up a flyer? Why use obscure chalk marks on the wall that can wash away? The only benefit that warchalking marks have over a flyer is that most people won't recognize them. The only reason that you wouldn't want people to recognize the marks is if you don't want the people running the network to realize that it is open.

Might I also add that if you did "invent" warchalking, you chose just about the worst name possible. Every technical person I know who has heard that word immediately associates it with the term "wardialing". Wardialing is not a benevolent act, and in fact, is about as rude and hostile as possible. Perhaps you need to think a little more about these things next time around, and perhaps you need to talk to the people out there warchalking, because I've never been given any impression by their words and actions excepting that all they want is a free ride on a network that isn't theirs to play with.

Re:well meaning?? (4, Informative)

BenHmm (90784) | more than 12 years ago | (#4090175)

You may have been reading articles written by the clue-lacking. The NYT piece is good [nytimes.com] . BusinessWeek [businessweek.com] isn't bad either.

Meanwhile, I totally agree about the name. It is misleading: but it, and the use of chalk for that matter, were just chosen because, well, they sound cool.

As for why an icon and not a flyer - well, because iconography is inherently more understandable. Why have roadsigns that are symbols and not words? Because they're easy to understand, and to see.

Have a look at Warchalking.org [warchalking.org] - Matt Jone's site, for better examples.

Re:well meaning?? (2)

blaine (16929) | more than 12 years ago | (#4090215)

Iconography is not inherently more understandable. It is more understandable when the icons used are well known and useful. Warchalking marks fall into neither of these. They are not (and most likely never will be) well known, and for most people, they are of no use.

I mean, I'm the kind of person who could benefit from an intentionally open network, but you know what? I'm never going to take the time to learn yet another "standard" written by someone who felt the need to make things much more complex than is necessary. However, if I was in the city, and I saw a sign that said "If you'd like to use my wireless node, the info is: blah blah blah", that'd be easy to use, obvious, and useful to even those who aren't inherently technical people.

To me, warchalking is just another geek attempt at being "cool" and "elite", as if knowing what chalk marks on the wall mean somehow makes someone a better person. That might not be the intent, but it's how it comes off to most people who aren't into it. It's an unnecessarily complex method of conveying information when there are already good methods of doing conveying such information.

Re:well meaning?? (2)

BenHmm (90784) | more than 12 years ago | (#4090242)

It's not complex - because you don't need to know the SSID to access an open node - you just need to know it's there in the first place. The additional information in a warchalking mark is totally superfluous.

But fine, if you don't want to know that a big curly X on a wall means "Wireless bandwidth here" then go without. nerr nerrrdy nerrr nerrr.

It's not easy to report holes (5, Insightful)

mgkimsal2 (200677) | more than 12 years ago | (#4090076)

Have you ever TRIED telling someone that you're not employed by that they have security issues? (If you're an employee, it's still a hard enough issue sometimes, depending on politics).

I had a friend who had a friend who ran a webshop, with everything running NT. We benignly poked around for all of about 90 seconds probing for 2 known NT holes (had been known about for over a year at that point) and found the entire database for a local HR company completely exposed via the web (SQL Server 7 I believe it was). Repeated phone calls and emails to that shop went unnoticed. Notifying the HR company that their data was exposed and that they should notify their webshop resulted in threats of lawsuits and other less legal retaliatory measures for 'hacking', 'breaking in', etc.

Walking in to someone's house through their open front door is seen as bad, even if you're simply trying to tell them that their door is open and they should close/lock it because of burglars. Hell, you might even be a master locksmith, but they'll probably still call the police.

It's just not that easy to tell the network owners they are vulnerable. You may very well face 'hacking' charges.

Re:It's not easy to report holes (4, Insightful)

blaine (16929) | more than 12 years ago | (#4090133)

So you're saying that, because it's too hard to tell someone about the problem, it's better to share that information covertly to others who will abuse it?

This isn't like revealing security problems in software publicly for all to see. Warchalking is in no way going to help the problem, because the covert nature of it pretty much precludes any possibility of the owner of the network finding out about the problem. It'd be one thing to send a letter to them, or, alternately, try to publicize the problem somewhere. However, warchalking does not take a public approach. All it does is make the problem worse, by inviting unscrupulous people to come in and abuse the network.

Re:It's not easy to report holes (3, Interesting)

mgkimsal2 (200677) | more than 12 years ago | (#4090195)

I don't subscribe to the idea that these people are doing something 'covertly'. If it was 'covert' they wouldn't put it out in public, for starters. It'd be on a password-protected website or something else harders to get to.

Also, as many others have pointed out, some people chalk themselves to let people know that they can use the wireless access.

Your point was that people should tell the network point owner about the 'openness'. I say no - let people find out for themselves. Unless a company has some sort of 'contact us' form for technical people to submit real technical issues (website problems, security issues, etc) that will in fact be addressed by technical people who won't respond with lawsuits, I'm not bothering to do their work for them for free.

try to publicize the problem somewhere
Putting chalk marks outside a building seems pretty public to me. I guess they could make the chalk marks larger, but then you'd be in trouble for graffitti (IBM/Linux chalkings). Warchalking IS a public approach, but it's not necessarily signifying a 'problem' - it's just pointing out a circumstance. The label of 'problem' is for the network owner to decide.

Re:It's not easy to report holes (2)

blaine (16929) | more than 12 years ago | (#4090228)

Warchalk marks are not public because the people who would benefit from the information (ie. the network owners) most likely aren't going to know what the hell the information means. The may be in public places, but nobody (aside from a few geeks) is going to know what they say.

I mean, this is like saying "Of course I told the network owner about the problem! I wrote out the pertinent information very clearly on the wall, in sanskrit!"

Re:It's not easy to report holes (0)

Anonymous Coward | more than 12 years ago | (#4090321)

If the network owners don't know what it means, then they can learn. For years people have had to learn obscure shit to better secure their networks, these few marks seem pretty simplistic by comparison.

Re:It's not easy to report holes (5, Funny)

bokmann (323771) | more than 12 years ago | (#4090216)

A guy I know had a wireless network appear in his building one day... and it wasn't his... it belonged to another company in the same building.

He periodically sent pages to their printer that said in big letters, "The wireless network is insecure! Please secure your wireless network!"

After a couple of weeks, it went away.

Re:It's not easy to report holes (2)

mgkimsal2 (200677) | more than 12 years ago | (#4090224)

That's classic. :)

Re:well meaning?? (3, Informative)

Pfhor (40220) | more than 12 years ago | (#4090227)

If you take a look at the war chalking card [blackbeltjones.com] , which includes the 3 different symbols used. One of which is a Wep Node , where you can list the SSID and the contact email address of the person running the node (to ask for permission to get on).

So war chalking is again a tool used to identify wireless access points. ones that are open, closed, and ones that require permission to access. How people use this tool is up to them.

Re:well meaning?? (0)

Anonymous Coward | more than 12 years ago | (#4090328)

The thing I noticed on that card image was:

"leave a chalk symbol for others to find."

That sort of implies the point is to get the word out, but in a way that the owner of the network wouldn't perceive.

Workaround (0)

Anonymous Coward | more than 12 years ago | (#4090047)

Once people start checking for these things, more advanced hax0rs ("advanced hax0rs"? Didn't know they exsisted...) will use those cool markers that you can only see under blacklight!!!

Interesting Location (1)

CajunArson (465943) | more than 12 years ago | (#4090051)

The FBI agent in question issued the warning for
Pittsburgh, home of Carnegie Mellon University (so what?) Well CMU has one of the most elaborate wireless networks in the country, and a whole bunch of guys who are experts at using it (and probably are responsible for many of the chalkings).
Also, I have an access point I was using at my old school in Indiana where very few other people
had wireless setups (Purdue only had it in 2 buildings, but that has expanded since I left). Anyway, my point is that from my room in a Pittsburgh townhouse, Kismet [kismetwireless.net] found 2 other access points, and I'm sure that would only grow if I went war-walking with my laptop. I'm no longer using the access point, because even though it might sound cool to share your connection, if you can't control who is using it, you run all kinds of risk for legal liability. If someone were to use an access point I owned to trigger DDOS attacks, I would be the one to get screwed, and wireless just makes doing that a little too easy.

So it seems someone at the FBI... (2)

Rui del-Negro (531098) | more than 12 years ago | (#4090065)

...watches "Click Online" on the BBC. That will shut up a lot of people who say they are completely clueless. :-)

RMN
~~~

Destroying Hop-Scotch players (0)

Lieutenant_Dan (583843) | more than 12 years ago | (#4090071)

I mean, there I was, along with my buddies from the pub playing hop-scotch, when the federales busted us for drawing lines on the sidewalk.

Also, what the fsck is a "subnet mask"?

When only law enforcement agencies are allowed to hack into wireless networks then the terrorists have already won.

"Well-meaning wireless activists" (1)

frostgiant (243045) | more than 12 years ago | (#4090074)

"Well-meaning wireless activists". Yeah. I am sure they are "well-meaning". If you saw these marks, would you understand them? Or are they for other people who understand them to breach your security and get on your network. Do not make this sound like some noble cause because it is not!

Re:"Well-meaning wireless activists" (1, Insightful)

Anonymous Coward | more than 12 years ago | (#4090097)

If you leave your lights on at night with the windows open does this make it immoral for me to stand outside and read my newspaper in the glow emitted?

Re:"Well-meaning wireless activists" (0)

Anonymous Coward | more than 12 years ago | (#4090120)

YES! that's my light damn it, give it back!

stupid linking (1)

Scudsucker (17617) | more than 12 years ago | (#4090083)

One of its agents has issued a warning about the popular practice of using chalk marks [slashdot.org]

The point of a referal link is so we can find out what you are talking about, not to send us to another page with another bad link explaining what Warchalking is.

Thoughts (0)

Anonymous Coward | more than 12 years ago | (#4090090)

So, the FBI, they of the "terrorists, what terrorists? oh, them in the plane" mentality, finally get round to spotting that corporate America is merrily beaming its data out to anyone who wants to look for it and who gets written up as being to blame? The hackers. Not the IT security consultants pocketing the greenbacks for another audit.

Two questions:
1) don't the FBI have better things to do than worry about a few geeks and their chalk?
2) why this blame culture against hackers? they're the ones finding the weaknesses (for free) that the paid-for consultants missed?

THE ARMY OF THE 12 Monk... Wait its just WLAN Crap (0)

Anonymous Coward | more than 12 years ago | (#4090091)

I bet dude that is investigating the chalk markings was sent by bruce willis himself to make sure we don't screw up the future with knowledge of knowing where each WLAN node is.

sigh (1)

Mr]-[at (71563) | more than 12 years ago | (#4090118)

2002-08-16 16:33:47 FBI warchalking (articles,news) (rejected)

Protect yourself (5, Informative)

wazzzup (172351) | more than 12 years ago | (#4090127)

There's a great article at Extreme Tech [extremetech.com] that discusses 802.11b insecurity and what you can do to make it secure enough to make it uninteresting to the casual bandwidth thief - particularly if there are enough wide open networks in the vicinity.

In a nutshell:

1. Enable WEP. Yes it can be hacked but it does add a barrier to entry that the casual wardriver won't bother with if there are other wide open networks around.

2. Change the default SSID. Don't change it to your company's name or your street address as it makes it easier to zero in on your location.

3. Disable "broadcast SSID" if your access point allows it. That way the SSID of the client must match the SSID of the access point. Having it enabled allows any SSID to be accepted.

4. Change the default password of your access point. Programs like NetStumbler display your access point MAC address which can then be used to determine what make and model your access point is. Once it's known what you've got, the default password may be easily known.

5. Control access via MAC addresses. Yes, MAC addresses can be spoofed but it requires an extra level of sophistication for the would-be bandwidth thief to get in.

6. Disable DHCP in your wireless router. Allow access via static IP's from your NIC's MAC addresses. Yes, IP addresses can be sniffed out but it's another barrier put up for the casual "drive by".

7. Change your IP subnet. If you're using a wireless router and you've disabled DHCP, change the default subnet addresses as well, otherwise it's easy to guess a valid IP address.

8. Move your access point away from windows. Move it to the center of your building to make the signal to the street that much weaker.

9. Buy access points with flashable firmware. Helps you keep up with changing security protocols rather than being stuck with the ones that came with the access point.

10. Some access point manufacturer's have non-standard security features. Orinoco access points are able to "close" thier networks by not broadcasting thier SSID. They also have additional (not 802.11b standard) authentication features such as RADIUS servers.

11. Use VPN. Virtual Private Networks add a level of encrytion and authentication to your network

Yes, these methods can all be easily circumvented to somebody that really wants to get in. As long as you try to make it a pain in the arse to get in, then the crushing masses of 802.11b networks out there that have zero barriers to entry make your little bubble a waste of time.

Know Your Enemy (4, Informative)

Anonymous Coward | more than 12 years ago | (#4090298)

Yes, these methods can all be easily circumvented to somebody that really wants to get in.

1. Enable WEP...and enjoy the 20% bandwidth loss. Airsnort [shmoo.com] .

2. Change the default SSID. SSIDs are not needed to zero down on the AP. Triangulation and GPS are effective enough.

3. Disable "broadcast SSID". The beacon frames can easily be captured otherwise. Attack by enabling your cards monitor mode [shmoo.com] (not to be confused with promiscious mode which only captures packets on the current network), sniffing all air traffic.

4. Change the default password of your access point. However, I'd like to point out even changing ones password can be insecure. My access point, and I'm sure others as well, send the admin password in a urlencoded form, unencrypted, in plaintext for anyone with a monitor-mode NIC to sniff.

5. Control access via MAC addresses. Spoofing as trivial as ifconfig eth0 down; ifconfig eth0 hw ether 00:00:00:00:00:01; ifconfig eth0 up. On OpenBSD use sea.c [freezope.org] . Use arping [freshmeat.net] to sniff MACs.

6. Disable DHCP in your wireless router. Static IP addressing, subnet range determined from arping [freshmeat.net] . Private addressing:

  • 10.0.0.0 - 10.255.255.255 (10/8 prefix)
  • 172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
  • 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

7. Change your IP subnet. See above.

8. Move your access point away from windows. No match for high-gain antennae.

Hope this helps an aspiring black hat! Remember, no network is completely secure. WaReZ anyone?

Important FBI notice (in tomorrow's paper) (4, Funny)

LupusUF (512364) | more than 12 years ago | (#4090218)

Notice,
If you are in a business that leaves it's doors unlocked at night, and you notice that someone writes "DUL" (which is engineer speak for doors unlocked) in chalk outside of your office building you might think about locking your doors at night.

When installing doors many people forget to lock them, and malicious users can check your doors and gain access to your company's building.

signs (0)

Anonymous Coward | more than 12 years ago | (#4090235)

first crop signs
now chalk signs.
atleast the first signs had to do with intelligent life forms
-Phiber

Just Curious.... (5, Interesting)

cyberon22 (456844) | more than 12 years ago | (#4090257)

Realistically, why bother?

If the FBI is concerned with the unauthorized use of wireless networks, they'd be better off cracking down on Starbucks, airport coffee bars, or even Bryant Park, NY. [nycwireless.net]

Frankly, I'm surprised people still bother to hack from home. If I was looking to break into a guarded system, the FIRST thing I'd do would be to on a casual jaunt for a warhacking hotspot. The explosion of public 802.11 spaces opens up completely unprecedented possibilities for physical and network anonymity. The REAL question becomes what happens when someone actually uses this type of vulnerability to cause real and substantive damage to someone. Is Starbucks criminally negligant when one of their network users DOSes the DOD?

If the FBI wants to get companies to lock-down 802.11 services, all they need to do is remind firms of their legal liability for "unauthorized" uses of unguarded 802.11 networks.

Flaw in arguments of "Warchalkers" (2, Insightful)

Henry Stern (30869) | more than 12 years ago | (#4090280)

Warchalkers have questioned the scare stories surrounding the phenomena, saying that anyone with malicious intent is unlikely to publicly mark their target.

It's not the warchalkers themselves that are the great security risk, it's the people who are going to use the open WLANs for malicious purposes who otherwise wouldn't have done the legwork to go out and find the open holes.

Well meaning wireless activists? (2)

bsartist (550317) | more than 12 years ago | (#4090312)

Oh, come on. Let's call it like it is, shall we? It's not "well meaning wireless activists," it's "cheapskate freeloaders on the lookout for free bandwidth."
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>