Wardrivers, leeches and hackers…oh my!

About 10 years ago, I found myself getting a drive home with a friend and veteran shortwave radio hobbyist whose K car had more hardware than the Batmobile. With a home made directional antenna on the roof and lots of scanners, he was able to eavesdrop on cell phones and other wireless devices. The experience left a definite impression on me regarding how vulnerable wireless communications can be.

Wireless networks have given birth to a new and similar hobby known as “wardriving”. Basically, the point of this is to cruise around looking for Wi-Fi networks. Once found, the wardriver logs the location or in some cases accesses the network. Technically, wardriving is not about accessing a network and using someone’s bandwidth. It’s only about detecting and mapping network APs (Access Points).

Law enforcement is certainly concerned about the issue since some professional criminals are now using wardriving tools to locate open Wi-Fi networks and commit crimes. Consider the scenario where a person downloading illegal material or engaging in criminal activity rides around a city accessing public or privately owned Wi-Fi APs. How would you track this?

Once again, law enforcement is playing catch up on the techno-logy front. There have been some examples of people being busted for stealing (leeching) bandwidth, but, according to constable Mark Fenton of the Vancouver P.D. Internet Crime Unit, it’s unusual for a person to be arrested just for this.

A report of someone sitting on a street in a car with a laptop may initiate an investigation, but it’s more likely the activities of the person via the open network that can really result in charges being laid.

According to Michael Geist of the University of Ottawa, making charges stick for accessing an open Wi-Fi system just to use the bandwidth is a bit of a stretch which needs to be tested in the courts. While breaking into a secured network (even a Wi-Fi) is considered a crime, Geist makes a distinction regarding an open network.

“What we are talking about here is someone who’s left the system itself open and you’re simply accessing it. In many respects, there’s a credible argument that, if it’s open, it’s designed to be open,” states Dr. Geist.

However, if someone does access your open Wi-Fi, don’t expect that alleging your network is open will protect you if someone uses it to download illegal material or for some other nefarious purpose. This might be enough to provide some doubt, but it’s no guarantee of reasonable doubt. Likely, you’d need a good alibi or another solid piece of evidence to make this defence work. So, despite some blog posts to the contrary, don’t assume you are protected just by leaving your Wi-Fi network open.

Geist agrees, stating that “If this (an open network) is the only thing to hang your hat on, then you might have a problem.”

Given all these variables, should you or should you not leave your Wi-Fi network open? Keep in mind that your open network could provide access for any number of spammers and unsavoury characters whose actions might come back to haunt you. And if your intention is to provide free access to the web for all your neighbours you should read your end user agreement. It’s likely that it specifically states the connection is for your personal use — you cannot provide access to third parties. I know my broadband ISP’s EUA does.

The answer seems pretty obvious to me — I’d button down a Wi-Fi network tighter than a pair of leather pants on Fat Albert.

QuickLink 062211

— Ducharme is editor of PCWorld.ca. Contact him at editor@pcworld.ca.

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now