If a person leaves no trace that they were there and just utilizes the internet connection, is wardriving wrong? Just curious to know what people think of it..

Hi neighbor. It shouldn't be if it is.

Depends what you do with the info. Depends on the situation.

The way I see wardriving, all you're doing is identifying useable networks. Now, if you USE those networks...well.

Just surfing around, its a dark grey area, because for example, if you were surfing on my network, well you're incurring costs to ME because I get charged if I download more than a certain limit per month...and if you're really surfing hard, you're slowing down my UT online game

So, its black because you are essentially trespassing and possibly incurring extra cost to someone. Even if its a big company, I mean morally there isn't a different between adding 10 bucks to my monthly bill and adding 10 bucks to a big company bill...I'm just more liable to notice it...stealing is stealing, no matter how you slice it.

Its possible that you aren't incurring any extra costs to either me or big co with open network (tm)...however, since you don't know ahead of time (and possibly will never know), its not moral to risk inflating my bill.

That being said, if I had a wireless NIC, I'd be doing the same thing...if I was somewhere sitting around, I'd scan to see if there's an open network somewhere so I can surf a little.

most connection doesnt have a download limit and if i surf the web while u are playing ut it is not going to hurt u.

I don't think it is. I would say that if someone has a wide open network you need to tell them how to secure it. I have hit open wireless networks with my wireless card and a laptop. I have, in every occasion, let them know how to secure it.

It is bad to just use the network or take info from it.

If someone leaves there door unlocked at home and you walk up and get in......is it ok to take stuff.....?

You get the point.

I do it because it is fun, and because I can help people secure their wide open Wi-Fi networks.

My .02 cents

Depends on what you're surfing. Just browsing, sure....but what if you're viewing some videostreams, running gnutella or something and downloading your pop3 email at the same time?

And maybe where you are most connections are unlimitted, but as far as I know, most highspeed net access around here has limits...high enough limits, but they are still there (I have 10 gig download/6 gig upload I think). It would take in REALITY a whole lot of intrusion to bust that....but that's not the point...the point in THIS situation, my connection is finite and any unauthorized use is taking away from MY use. Whereas unlimitted access, unauthorized use does not take away from my use. And if you don't know which is which with certainty, then its wrong to try.

In my mind its not right...just because I forgot to lock my door this morning doesn't mean that my house is intended to be shared. But using an unsecured network to surf isn't really taking anything unless as I said, unless you are somehow preventing the legitimate owners/users of functionality and/or increasing their bill.

I think it depends on the situation...
But, I don't think how much you are using the network is any factor at all. It's like being "a little bit preggers," (there is no grey area). Or stealing a stapler from your employer - It's still wrong, even if it's not a horrible crime.
That being said, I have war*ed. The only buildings I've chalked are public buildings (the library at my school has a great wireless network, which few people know about - definitely visitors wouldn't know). I've also chalked government buildings that don't tell anyone they have a wireless network - I figure everyone is paying for it anyway.

A lot of admins have the temptation to treat their users with contempt.

I hate that, I get it a lot at work from over-priced, under-skilled MCSEs that have no love for what they do, unless you count some of the contempt they apply liberally.

I'm also underemployed, I've got a job that has nothing to do with what I spend 80% of my free time fiddling with, so in Fin's little world, most of these 1/3rd witted admins have my friggin' job.

Still, when I'm talking to users or admins, or the computer lab workers, students mostly, I assume an irrationally high level of understanding when I'm asked something. I can tell you it makes posts here longer, a lot longer, when I assume at least a familiarity with the command line and after a short few replies I'm explaining the use of 'su' and its relationship with 'iwconfig'. I do it anyway, maybe in a futile attempt to bouy the overall knowledgebase out there and get people to monkey around with the laughable 'defaults' that are inherent to pretty much every operating system short of OpenBSD.

So, where am I going with this?

I've been out wardriving before, not out to |-|/\X0r into some office's wi-fi network in adolescent throwback rebellion. I was curious as to just how many hot spots there were in Atlanta, and how many of them were running WEP. A lot, and damn few, in that order.

In keeping with the above statement, if I were then in some dire need of internet access and drove downtown with an AC inverter (my laptop's battery sucks now), and sent a DHCP request, a standard so universal as to be a more commonly used piece of ISC software than Bind, backed up by not 1, but 4 RFCs, and I get a reply with an IP and a functional route, then I am at a loss as to a morality, or even a legality question. I think we can all agree the first is much more debatable than the second, but stay with me for a while.

This standard is so universal, so permeant in computing, so as to be the exact equivalent of knocking on a door with all intent of being let inside if allowed.

If the admin in charge of the network has set up their kit so as to honor that knock at the door, from anyone within a 150m radius, without MAC checking to a DB of cards in their dhcpd.conf file (or OS equivalent), or without running WEP (which would actually make the network invisible to a roaming card baring me doing something obviously immoral, so lets keep this example completely clean), or without a password block http reroute (a good, common way to keep things clean without munging with WEP), then I can only assume that the admin in charge of that network is in complete control of their faculties and understands that they are giving out their band to the world. To assume otherwise is to treat them by default as a fool, and I just can't do that.

Even if the essid of the WLAN is "linksys", and I'm somewhere up by Buckhead where the offices get smaller, and therefore the IT guy might just be the marginally adept guy with a totally unrelated job, the manual is less than 50 pages long and is mostly pictures.

We're not talking about exploiting a hole in Sendmail or Bind here, this is not using Kismet or Airsnort to tread somewhere where it is obvious to anyone that we're not supposed to go, this is a simple matter of "contempt prior to investigation". If you assume that the admin is a fool, then realize that you are being just as much of a jerk as that admin downstairs that comes up and barks at you without understanding what he's talking about, or that clerk at CompUSA that treats you like a leper when you ask him if the NIC you're holding works under Linux.

This may seem in direct response to Whitehat's analogy, but oddly enough it isn't, this one got me so fired up by the title, that I composed the argument in my head downstairs while waiting for the coffee to brew before reading the rest of the thread and replying. I respect Whitehat's argument to inform them by default too, but for the above reasoning I'm not, just in them same way that when I give un-requested advice I usually get treated with disdain isn't going to make me take a different tack when I can do it anonymously. I have to admit to once being a nasty little geek sitting in a coffee shop without a wireless network, plugged in and firing up my dhcpd server and then letting all of the windows boxes in the house auto-connect to my connection while I also clicked on smbclient and left a note on the desktop of any open machine to the effect of: "You might want to turn off your wireless card when not using it, or turn off passwordless file sharing." There were only two of a file that got eight leases, so its good to see that by default Windows isn't nearly as stupid as the Win98 days.

By the way, I run a wide open node and the essid "homenet" in Atlanta Georgia, US. Use it if you feel like, you'll have to get really close, its an old WPC11 card and WDT11 adapter so the range sucks even through my paper-thin apartment walls at a range of 50ft. If you poke at my router with nmap, you'll find your connection dead and your MAC blacklisted. The wireless and wired networks are seperate so don't bother to think about that either.

Cheers,

Finegan

What is wardriving? I haven't been able to pin down exactly what it means from the context of previous posts.

Whoops, posted when I meant to edit, haven't done that one in a while, I'll blame it on the ire and the lack of coffee....

Word,

Finegan

Wardriving: getting a car, getting a friend to drive you, getting a linux laptop, a wireless card, and cruising your city for open wireless networks that aren't running WEP or security measures.

http://www.warchalking.org/

Cheers,

Finegan

I don't think it's immoral, but then I leave my wireless open to all. . .

My own tiny-brained take on this subject:

If you're hosting a wireless network you're broadcasting and it's up to you to secure it from anybody listening to your traffic. If you are hosting services for which users of that service expect or are due a reasonable level of privacy then you may be in violation of a few FCC regulations. Think of it this way - If you're standing at the front of the bus and your're shouting (broadcasting) to your friend (reciever) at the back of the bus you have no reasonable expectation of privacy as anybody in the vicinity can hear you. If you choose to converse in pig-latin you may believe you have more privacy, but you run the risk of another listener knowing pig-latin. If you create a whole new language based on RSA encryption you have a greater degree of privacy, but you still can't be 100% sure.

Participating in a wireless network is where things get a bit murky. To go back to the house analogy - your unlocked house/car is not an invitation to be used, entered or robbed. In fact they are private property. But when a wireless card broadcasts for an address and your unsecured network responds with an address isn't that an invitation to participate in that network? But that's my network you say. Not really. Your expectation of wireless privacy ends at your front door. When you converse on your wired telephone you expect a reasonable degree of privacy as covered by law. In order to listen to your conversation someone has to touch someone else's stuff; ie: the copper wire and switch gear which belongs to the phone company (private property).

<edit> What's the topic? Wardriving? Oh, of course. I had a point to make when I started writing this but I lost it. If anybody can find it, please send it home as it's past supper time.

'Daily Planet' ran this story recently.
http://www.exn.ca/video/?video=exn20...wardriving.asx

Unfortunately the story is available only if you have Micorosoft media player... :-\ Kind of a sad statement for a show that is based science news...

Cool. Thanks for all the input. I am new to this whole wireless thing, but I am sooooo tempted to wardrive. I bought the netgear ma701 compact-flash wifi nic (works in both my laptop and my pda). I don't want to harm anyones network, just surf the web while out and about.. Thanks again folks...

BTW: It was far easier to set up the card in Linux (autodetected) than it was in XP (hunted for older cards drivers and then had to tweak to make work). Coming along nicely I must say. Go Tux!!