Vegas ballooner seeks open WAPs for phun

It's IT Blogwatch: in which we float 150 ft. in the skies over Vegas, looking for open wireless access points. Not to mention the horse and the city...

Robert McMillan reports:

Rick Hill won't say where he launched his "wardriving" balloon on Friday, but he will tell you that it got a pretty good look at about 370 wireless networks, while scanning up and down the Las Vegas Strip.

Hidden in the back of a 22-foot moving truck, Hill and his team of about a dozen volunteers launched the balloon Friday morning, sending it 150 feet into the air for about 20 minutes to use special antennas and scanning software to scope out the Las Vegas skyline for unsecured wireless networks, an activity Hill calls "warballooning." Hackers have practiced wardriving for years, driving around in cars with computers and specialized software that sniffs for networks.
...
The tethered warballoon scanned the strip and found that about a third of the networks were unencrypted. From the balloon's 15-story height, they were able to survey about a 7 1/2-mile radius, Hill said. The balloon sent so much data, he said, it just started rushing by on his screen; he reports thatabout one-third of all the networks they spotted were unencrypted. more

Benjamin Eckel adds:

They are using a Kismet drone (a modified WRT54G), a webcam, and a few high gain antennas. The balloon will be launched at about 15 stories and will be remotely fed targets chosen directly by the Defcon participants. The the directional antenna will be mounted to the camera so pan and tilt can be controlled. The Kismet CSV files will be available for everyone after the event.

If you are interested in WarDriving or building you own high-gain antennas, we suggest you check out  this WiFi biquad dish antenna mounted on a car. If cars are too boring, or you do not have one, you could always go WarSailing or WarFlying. Yes, the permutations are endless. more

Benny Ketelslegers goes one better:

I was reading about warballooning. It's a new event at Defcon. Basically it's a Kismet drone based on a modified WRT54G with a webcam, and a few high gain antennas.
The balloon will lift the drone in the air and will be remotely aiming at targets chosen by the Defcon participants. So after this one, together with WarSailing or WarFlying, I thought I heard everything. But no, there is another variation to the theme.

"Warcarting: when wardriving, warwalking, warflying, warrocketing, warballooning, warbiking, and warboating are just not good enough."
...
Have a look at the warcart website (mit.edu). It is a little conspicuous. Maybe some camouflage is in order? more

But John "superj711" Porter pours cold water:

I don't believe this a good test of "security" since the majority of the hotels on the Strip have multiple unsecure Wifi networks for their guests. You have to go to a launch page first before you're even allowed access, sometimes entering a code. more

Bob "ishmalius" Jamison agrees:

Don't assume people's motives for having an open AP. Rather than security ignorance, altruism is a perfectly good reason to turn off WEP and WPA. more

And the whole thing makes speedtux worry:

Geeks are bringing us the police state.
...
If you enjoy body cavity searches, universal surveillance cameras, automated defense systems, and dealing with proprietary and intrusive access controls everywhere you go electronically or physically, then go ahead and keep wardriving and warballooning and defconnning.
...
Once a bunch of geeks stands up and says "hey, your infrastructure isn't secure and we are at risk", then politicians and lawmakers have to act. more

And finally...

• The Horse and the City
  

Buffer overflow:

• Jon Udell: Maurice Franklin reflects on the 2008 Space Elevator Conference
• Ryan Paul: Linux everywhere: mobile Internet devices and the cloud
• Matt Hines: Apple's Rotten Decision
• Jason Kincaid: The Noncompete Ruling Won't Change Anything, Anywhere
• Don Reisinger: Why laptops will kick desktop PCs to the curb

Other Computerworld bloggers:

• John Brandon: RIP AOL?
• John Traenkenschuh: Shooting the Messenger
• John Traenkenschuh: Cloud computing security--coming soon to a device near you.
• SJVN: Three things the Linux desktops needs to do to beat Windows
• Don Tennant: Free software pioneer Richard Stallman on his experience in Cuba
• Mike Elgan: Take laptop on holiday? UK shrink says you're 'stupid'
• Preston Gralla: Give an old Windows hand your Linux advice
• Todd R. Weiss: Linux Install 101, or How I Helped Build Refurbished Linux PCs for Disadvantaged Schoolchildren at LinuxWorld 2008
• Site-of-the-Day: Zoho
• John Brandon: Lycos WebOn gets its cred on
• Mark Hall: Live, eat, breath SharePoint
• Shark Tank: First thing first
• Shark Bait: Ok So why wont everything re-start

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 21 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.

Previously in IT Blogwatch:

• iPhone's so-called bad-app kill-switch: teacup-storm?
• There's more to DNS flaws than we thought
• TJX perps' huge wardriving conspiracy theory