The U.S. Secret Service has hooked up Pringles cans to notebook computers equipped with wireless LAN access cards and begun “war driving” around Washington and other cities in an effort to sniff out unsecured WLANs.
That puts the Secret Service, whose primary mission is to guard the president, in the company of hobbyist WLAN war drivers who cruise cities and towns around the world to detect and map unsecured WLAN systems.
(The term war driving is derived from the “war-dialing” exploits of the teenage hacker character in the 1983 movie WarGames, who has his computer randomly dial hundreds of numbers and eventually winds up tapping into a nuclear command-and-control system. )
Brian Marr, a Secret Service spokesman, said the agency conducts its war drives as part of its protective mission and is searching for unsecured WLAN systems in venues in “close proximity” to its protective assignments, including hospitals, convention centers and hotels. Besides Pringles cans — which Marr said make “fairly good” antennas — Secret Service agents also use commercial high-gain antennas to sniff out unsecured LANs.
When the agents from the Secret Service Electronic Crimes Task Force detect an unsecure WLAN, they contact the enterprise operating the system, identify themselves and inform the business of any vulnerabilities they have detected. Marr described this as a “community outreach program,” in the same spirit as local police officers going door to door in a neighborhood to talk to residents about physical vulnerabilities.
Sarosh Vesuna, chairman of the technical committee for the Wi-Fi Alliance (formerly the Wireless Ethernet Compatibility Alliance) in Mountain View, Calif., viewed the Secret Service war driving as a good idea. “It raises the bar for security,” he said.
Vesuna, who is also director of strategic alliances at Symbol Technologies Inc. in Holtsville, N.Y., said the Secret Service war-driving and notification project is the electronic version of a police officer “telling someone their door is unlocked.”
The Secret Service will soon have a lot of war-driving competition. A loosely organized band of WLAN sniffer hobbyists plans to conduct what it bills as the “World-Wide War Drive” from Oct. 26 through Nov. 2. So far, hobbyists covering a wide swath of the U.S. and Canada — as well as in Barcelona, Spain; Germany; Wellington, New Zealand; and Perth, Australia — have indicated that they plan to participate in the exercise.
Using notebooks equipped with WLAN cards and sniffing freeware, such as NetStumbler, the hobbyists detected and precisely mapped (using Global Positioning System receivers) 9,374 WLAN access points in the first World-Wide War Drive, which ran from Aug. 31 to Sept. 7. Almost 70 percent, or 6,549 of the access points, didn’t have the simplest form of WLAN security, Wired Equivalent Protocol, turned on.