Wardriving: Problemo o No Problemo?

Happy (belated) Cinco de Mayo!  In honor of Mexico (whose El Tri I actually like a heck of a lot less than Les Bleus), today's discussion of Guerra de ConduccĂ­on has a Spanish language title.  

As noted by noted sarcastor Keith R. "The R Stands for Reassociation" Parsons, in some ways wardriving is a topic whose time has passed.  We've known about it for years.  Wardriving tells hackers where your network is.  Most WiFi networks are encrypted.  What else is there?  Hackers can try to connect, but if you use a long WPA2 Personal passphrase, they won't be able to.  Hackers can try to sniff, but if you're using WPA2 Enterprise, then decryption of data frames is impossible (as far as us non-NSA employees know).

But imagine you are an NSA employee.  Or the CEO of a noted defense contractor.  Or holder of some other high-profile job where the nation's prosperity is dependent on your secrecy (like USC's head football coach).  Then if a hacker knows where you live or work, it could be a problem even if your WiFi is encrypted.  Maybe.

The topic is of interest to the author after a recent discussion with a person who is, in fact, an employee of a noted defense contractor.  The author's position is that Wardriving could be a problem.  His position is that it isn't.

Yours truly's scenario lays out as follows.  Important Person gets on an airplane.  Important Person opens her laptop and dutifully attaches her laptop privacy screen.  After browsing adult videos for an hour (that's what Important People really do behind those screens, isn't it?), Important Person does a little bit of work, all the while ensuring that she doesn't connect to the airline's potentially-unsecure WiFi.

What Important Person may be unaware of is her laptop is revealing her location.  Check out the capture of probe request frames I got on a recent MCO-LAX (WiFi-enabled) flight:


Highlighted in that Wireshark screenshot is a probe request frame looking for the SSID of "BHNTG862G2332".  That means that somebody somewhere connected to a WiFi network with that SSID some time prior to fleeing Orlando.

If an enterprising hacker were to take advantage of wardrivers' data, an enterprising hacker could pin down the location of this Important Person's home or work.  Check out what Wigle shows when querying the SSID of "BHNTG862G2332":


Eso mapa (returning to our Mayo de Mejico theme) tells us that somebody on the author's flight lives pretty darned close to 2450 Euston Road, Winter Park, FL 32789.  

The argument that wardriving doesn't matter boils down to this: What's the hacker do now?  The hacker possibly has no idea which person has the probing device.  And even if the hacker does, additional information would be required to make this a National Security issue.

Still, "nadie sufre mas que un hombre pobre o una mujer fea" (I tried to find the Spanish clichĂ© equivalent of "it's better to be safe than sorry", with no luck).  If you don't like the idea that someone can find out where you work or live and you think that wardriving is un problemo, then you can do the following:
  • Disable WiFi when it's not in use.  (Because no WiFi means no probing.)
  • Broadcast your SSIDs.  (Because most non-Android devices only probe for Hidden SSIDs.  With Android devices you're unsecure no matter what.)
  • Avoid unique SSIDs.  (If our flyer on his/her way to America's finest [or second-finest, depending how much you like Milwaukee] city had used a generic SSID like "Radius" at home, then a bunch of wardriving results would've popped up on Wigle.  That makes it near impossible for a hacker to narrow down a home or work location.)
Preventing your WiFi devices from revealing your location via wardriving data requires such simple steps.  Home users can just log in to their wireless routers/modems and make sure they have a generic SSID that is broadcasting.  Changes an enterprise's WiFi configuration to make it tougher for hackers to know where your office is may take some work, but it's a good idea to at least make that part of the plan the next time the WLAN gets an update.

Of course, all of this is moot if you're an Android user.  Android smartphones and tablets probe for all saved WiFi networks, whether hidden or broadcasting.  With Android phones, the only way to keep hackers from get information that could reveal the location of su casa is to keep the WiFi turned off when it's not in use.

Comments

  1. Jame BevinsJanuary 10, 2023 at 11:11 PM

    Ideal and Most economical Jabodetabek Confidential Training, our personnel as well as teachers arrive to your house, set your personal research program and might opt for any area regarding review ... click https://kursus-ekonomi.netlify.app/les-privat-ekonomi-jakarta-barat.html for more details

    ReplyDelete
  2. Jerald CowherJanuary 24, 2023 at 3:56 PM

    You could will see a cheaper fee versus the table above, make sure again concerning the qualifications in the teacher / Kindergarten teacher recommended for your requirements ... for more information https://fisika-exed.blogspot.com/2022/04/les-privat-fisika-di-bekasi-temurah.html

    ReplyDelete

Post a Comment

Popular posts from this blog

Five Facts About 6 GHz Wi-Fi

Image
Two pieces of important news hit the wire recently: the 6 GHz band was approved for Wi-Fi, and alcohol sales have skyrocketed .  Combine the two, and what do we get? A five-pack of Coors Light Cold Hard Facts about Wi-Fi in the 6 GHz frequency band. Editor's note: This is a relatively long post, but 6 GHz Wi-Fi is an undoubtably robust topic. If you have questions after reading this blog, comment below or contact Ben via email or Twitter using the information below, and Sniff Wi-Fi will address those answers in a future post. We may be knee-deep in a global pandemic, but that doesn't mean your humble blogger can't brew up a post on the topic of 6 GHz Wi-Fi. Wi-Fi professionals will soon have unlicensed frequency available in the 6 GHz band. Here, then, are five facts to know about Wi-Fi in the soon-to-be-available 6 GHz frequency band. Fact #1: The 6 GHz band adds 1,200 MHz of spectrum for Wi-Fi The Federal Communications Commission (FCC) is the federal
Read more

Chips, Glorious Wi-Fi 6E Chips!

Qualcomm, owners of the Atheros line of Wi-Fi radios, recently announced the availability of Wi-Fi 6E chips. Game onnnnnnn! 6 GHz Wi-Fi is here. Sort of... Qualcomm is selling Wi-Fi 6E (802.11ax w/ 6 GHz support) chips, but we don't yet know when enterprise-grade APs and mobile devices will begin supporting 6 GHz Wi-Fi. Chip-to-product timelines can vary. Wi-Fi 5 (802.11ac) saw enterprise WLAN vendors sell products only a few months after chip announcements. Wi-Fi 6 (802.11ax) saw the big vendors wait a year or more before introducing new AP models. A ton of concerns factor into a vendor's decision on when to develop, manufacture and market new AP technology. Vendors with small market share may be extra eager. Aerohive tried to boost their enterprise Wi-Fi profile by being a leader in Wi-Fi 6. On the other hand, some vendors' enthusiasm for new Wi-Fi hardware may be dulled by competing organizational initiatives. Aruba/HPE, for example, was veering f
Read more

Go To Sleep, Go To Sleep, Go To Sleep Little iPhone

Image
In some circles, Apple Wi-Fi devices are knows to have problems with lost connections.  iPhones and iPads will unexpectedly miss incoming calls, have delays in receiving push notifications and even be forced to reauthenticate. There is a solution to Apple devices' connection problems, and as with most "device problems", the fix resides on the infrastructure.  The DTIM setting needs to be increased.  ( Apple recommends a setting of 3 or higher .)  Here's why: Some Apple Wi-Fi connection problems stem from Apple iOS devices' use of 802.11 power management.  To understand what Apple devices are doing with power management, one must first understand how 802.11 power management works. Let's start with unicast data.  The 802.11 standard allows devices' Wi-Fi radios to enter the Doze state in order to conserve battery life.  Wi-Fi radios in the Doze state are unable to receive data from the AP, so APs buffer all unicast data that has a destination MAC addr
Read more