Catch issues early, fix them fast – Free trial
[ad] With GFI Cloud you can easily manage and secure your remote workforce – wherever they are, from wherever you are! The simple IT management platform includes patch management, antivirus, web protection, monitoring and remote control. Get the benefit of endpoint protection with the ease of central management. Start a free trial now.
Great articles on other sites
- Sydney Opal card travel history can be accessed by police
- NBN analysis 'like foxes reviewing the hen house': Clare
- Call made to end inflight phone ban
- Australian government undoing profit shifting clamp down: Labor
- National security law reforms
- Victorian Government calls for contributions to shape Victoria’s digital economy
- Will IBM pip Azure at the Aussie cloud post?
- Competition watchdog should break up Foxtel monopoly: Ludlam
- Susan Sly gives up on the CIO game
- Vic Labor puts its support behind mobile police
Analysis - Written by External Contributor on Thursday, April 5, 2012 15:29 - 9 Comments
Wardriving & surviving: Who’s using your Wi-Fi?
The “wardriving” project involves police driving the streets of Queensland, searching for unsecured Wi-Fi coming from houses and businesses. (Given Wi-Fi signals can have a range of up to 100 metres, a family’s Wi-Fi connection can be accessible from well outside the home.) When an open or poorly secured Wi-Fi access point is found, it is logged by Queensland Police, who will later send a letter with information on how to secure Wi-Fi access points (such as routers).
What does “unsecured Wi-Fi” mean? Well, it means there is no password set and that open access to the Wi-Fi access point is available to anyone with a compatible device. “Poorly secured” Wi-Fi refers to access points that are set up using older security measures, such as Wired Equivalent Privacy (WEP). WEP is an encryption system that utilises a security technique developed in 1999 and which was outdated and replaced in 2003 by Wi-Fi Protected Access (WPA).
As Detective Superintendent Brian Hay said in a statement for the Queensland Police Service News: “Having WEP encryption is like using a closed screen door as your sole means of security at home. The WPA or WPA2 security encryption is certainly what we would recommend as it offers a high degree of protection.”
According to Hay, the consequences of not acting could be significant: “Unprotected or unsecured wireless networks are easy to infiltrate and hack,” he said. “Criminals can then either take over the connection and commit fraud online or steal the personal details of the owner. This is definitely the next step in identity fraud.” Furthermore, a person that has access to open residential Wi-Fi can use this connection to browse the web or or illegally download movies, music or – at the extreme end – child pornography.
As Nicolas Suzor, a law lecturer at Queensland University of Technology, highlighted in the Sydney Morning Herald, the homeowner could be landed with responsibility: “It could be quite difficult to prove that it wasn’t in fact you [downloading copyrighted or illegal material].”
This is potentially a major problem for residential Wi-Fi users and one that the Queensland Police has decided to reduce by committing resources from the Fraud and Corporate Crime Group. Another concern is that Wi-Fi users often have mobile devices and computers connected to the one broadband connection. As a result, when someone gains access to their open Wi-Fi they can access all of the devices and computers on that home network.
A long drive
The Queensland Police wardriving effort is certainly not the first of its kind. In fact, wardriving has been occurring since the inception of Wi-Fi in the 1990s.
In 2010, Google Australia was found to be collecting Wi-Fi information by cars sent out to record street views. At the time, Communications Minister Stephen Conroy claimed Google’s actions constituted “the largest privacy breach in the history of Western democracies”.
The Queensland Police have commenced the project and to ensure they do not commit a breach of privacy have configured their systems to collect only limited information; just enough to be able to identify open or poorly secured Wi-Fi so the owner can be notified.
And when you look at the statistics, it seems there are a lot of homeowners that need to be notified. In a test done across Sydney in July 2011, the Sydney Morning Herald identified “unsecured Wi-Fi networks in ten out of 20 residential locations … In total, 328 networks were detected with 2.6% operating without password protection.”
Needless to say, the problem of unsecured Wi-Fi is not an exclusively Australian problem. In December 2004, students worked to map Wi-Fi in Seattle over a few weeks and found 5,225 Wi-Fi access points, of which 44% were secured with WEP encryption, 52% were open, and 3% were pay-for-access. The wardriving by students in Seattle was legal, but several issues – such as privacy, security and people downloading pornography – were identified.
The information collected by students identified that in areas with large numbers of overlapping Wi-Fi access points, signals can cause interference and open wireless networks can cause security risks. Students found some of the Wi-Fi access points had names “Open to share, no porn please” and “Free access, be nice”.
Tools of the trade
Over the years, many tools have been developed to assist in the capture of Wi-Fi details during a wardrive. One classic wardriving tool is NetStumbler. Other, more modern, tools can be found at wardrive.net. After Wi-Fi access point information is collected using one of the above tools, the data can be uploaded to an online map, such as those featured on wigle.net.
The results from Queensland Police’s wardriving efforts are yet to be seen but in the meantime, it would be wise to make sure your Wi-Fi is being used by you, and no-one else.
For more information on the War Driving Project or tips on how to secure your connection, visit the Queensland Police Service website.
Blog, Enterprise IT - Jul 5, 2014 13:53 - 0 Comments
More In Enterprise IT
- Qld’s Grant joins analyst firm IBRS
- Westpac dumps desk phones for Samsung Android mobiles
- Ministers’ cloud approval lasted just a year
- WA Govt can’t fund school IT upgrades
- Turnbull outlines Govt ICT vision
Blog, Telecommunications - Jul 5, 2014 12:12 - 0 Comments
More In Telecommunications
- Telstra gets $150m for NBN FTTN trial
- How Australia got online 25 years ago
- Palmer pushes for minimalist NBN policy
- NBN debate heats up at IEEE conference
- Spirit deploys 200Mbps FTTB to Southbank
Analysis, Industry, Internet - Jun 23, 2014 10:33 - 0 Comments
More In Industry
- ABC tech reporter founds micro-transactions startup
- Australia’s got ICT talent: So how do we make the most of it?
- ‘Thriving’ Aussie tech incubator scene a ‘mirage’
- Corporate highs: The US P-TECH model for schools in Australia?
- Facebook wants to hide its Australian earnings
Blog, Digital Rights - Jun 30, 2014 22:24 - 0 Comments
More In Digital Rights
- “Rational debate” needed around surveillance
- Web blocking technically impossible: iiNet reminds Govt of undisputed fact
- We like e-readers – but library users are still borrowing books
- Coalition, Labor support new surveillance laws
- Anti-piracy laws will increase piracy, says Budde