Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Australia Security Wireless Networking

Queensland Police to Look For Unsecured WiFi Spots 255

Posted by samzenpus from the going-down-under-cover dept.
OzPeter writes "As a part of National Consumer Fraud week, the Queensland Police are going war driving in order to identify insecure WiFi setups. From the press release: 'The War Driving Project involves police conducting proactive patrols of residential and commercial areas to identify unprotected connections. Police will follow this up with a letterbox drop in the targeted area with information on how to effectively secure your connection.' While some people may like having an open WiFi AP its interesting to see that the Police also feel that 'Having WEP encryption is like using a closed screen door as your sole means of security at home. The WPA or WPA2 security encryption is certainly what we would recommend as it offers a high degree of protection.'"
This discussion has been archived. No new comments can be posted.

Queensland Police to Look For Unsecured WiFi Spots More

Queensland Police to Look For Unsecured WiFi Spots

Comments Filter:

  • Just incase you want to jump on board. (Score:3, Informative)

    by zippo01 ( 688802 ) on Friday March 23, 2012 @02:59AM (#39448319)
    http://www.wardriving.com/code.php [wardriving.com]

  • wifi security (Score:0, Informative)

    by Anonymous Coward on Friday March 23, 2012 @03:09AM (#39448355)

    If you don't have a secure WiFi then you may as well turn off the firewall on your network.

  • Broken security (Score:1, Informative)

    by NoobixCube ( 1133473 ) on Friday March 23, 2012 @03:25AM (#39448411) Journal

    Wifi security, including WPA and WPA2, is already broken. It's the equivalent of locking your house up with a six pin tumbler lock. It keeps the honest and the curious out, but it's nothing to someone who really wants in.

  • Re:Broken security (Score:5, Informative)

    by SilentChasm ( 998689 ) on Friday March 23, 2012 @03:38AM (#39448481)

    As far as I know WPA/WPA2 isn't broken, only WPS's PIN mode (enter an easy 8 digit number instead of a complicated alphanumeric passphrase). Granted you can still bruteforce the PSK itself instead of the PIN but then you've just got the same problem of weak passwords that many other things do.

  • Re:what's next (Score:4, Informative)

    by Aryden ( 1872756 ) on Friday March 23, 2012 @03:54AM (#39448531)
    Then you're littering.

  • Re:Broken security (Score:5, Informative)

    by thegarbz ( 1787294 ) on Friday March 23, 2012 @03:58AM (#39448541)

    WPA and WPA2 isn't broken. There's only a configuration problem in WPS (a system designed to bypass having to enter a WPA key, who thought that was a good idea anyway?). Even that isn't broken as such. The effect is that the brute force attack has been simplified to the point where it is achievable to actually perform rather than having to brute force the entire array of usable keys. A simple configuration change that either fixes the problem or better yet limits the number of tries or the rate of tries for connecting using WPS would instantly make it secure again.

    The irony? Older access points which support WPA and WPA2 but don't support WPS are quite secure.
    The double irony? I have never had WPS actually work on my access point even when the PIN is known, so I'm amazed that this is a suitable attack vector in the first place.

  • Re:what's next (Score:2, Informative)

    by Aaron B Lingwood ( 1288412 ) on Friday March 23, 2012 @04:03AM (#39448551)

    and why is it illegal to leave your car unlocked ?

    It is illegal as it encourages opportunistic crime resulting in more paperwork for the old bill.
    It is quite difficult to type up reports when your fingers are all sticky from doughnut icing.

  • Re:It's Basic Infrastructure (Score:5, Informative)

    by hawkinspeter ( 831501 ) on Friday March 23, 2012 @04:31AM (#39448645)
    Use HTTPS Everywhere https://www.eff.org/https-everywhere/> and make sure that any confidential data is over https and then it doesn't matter that the WIFI is un-encrypted.

  • Re:It's Basic Infrastructure (Score:2, Informative)

    by VortexCortex ( 1117377 ) <VortexCortex@pro ... m minus language> on Friday March 23, 2012 @05:25AM (#39448773)

    I have an open Wifi setup

    I have a SSL Strip and other ARP Poisoning MITM Attacks. What's your home address?
    Do you ever buy anything online? Would you like any script-kiddie to see AND MANIPULATE everything you do online?

    Here's some advice for you ignorant folk who insist on leaving their WIFI insecure: Turn on WPA. This defeats ARP Poisoning via per client encryption keys. WAIT! Hold your uneducated retorts for just a second: Set the password to "Welcome" and the SSID to "Password is Welcome". You can stencil "Our WIFI password is 'Welcome'." on a sign in the yard if needed, but the SSID broadcast should be more than enough. Get the teenager down the street to configure your network if you don't know how to RTFM and configure the router.

    Take the time to share free WIFI the right way, or not at all.

  • Re:It's Basic Infrastructure (Score:5, Informative)

    by Stalks ( 802193 ) * on Friday March 23, 2012 @06:41AM (#39449033)

    A linux box, iptables experience and a couple of WiFi cards/AP would be ideal, however there is an easier way..

    Your ADSL/Cable router plugged into your ISP offers unprotected WiFi.

    Buy another cable router and plug it into the above router offering protected WiFi behind its own NAT/Firewall.

    Internet <--> ROUTER <--> ROUTER <--> LAN

Slashdot Top Deals

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Close