Licensed to War Drive in N.H.

[InfoSec News <isn () c4i org>]

http://www.wired.com/news/wireless/0,1382,58651,00.html

By Brian McWilliams
April 29, 2003

DURHAM, New Hampshire -- A land where white pines easily outnumber
wireless computer users, New Hampshire may seem an unlikely haven for
the free networking movement.

But the state, known for its Live Free or Die motto, could become the
first in the United States to provide legal protection for people who
tap into insecure wireless networks.

A bill that's breezing through New Hampshire's legislature says
operators of wireless networks must secure them -- or lose some of
their ability to prosecute anyone who gains access to the networks.

House Bill 495 would, experts say, effectively legalize many forms of
what's known as war driving -- motoring through an inhabited area
while scanning for open wireless access points.

Increasingly popular with businesses and consumers, wireless networks
use radio waves to transmit data between computers in a network. The
convenient, low-cost equipment often is deployed to allow employees or
household members to share a single Internet connection.

To simplify installation, wireless systems typically ship without any
security features enabled. Because the radio waves broadcast by
wireless base stations are relatively powerful, it's not uncommon for
residential neighbors or adjacent businesses to inadvertently connect
to each other's wireless networks.

Some wireless owners leave their access points unsecured on purpose. A
grassroots effort known as the open network movement is attempting to
create a worldwide grid of Internet-connected wireless access points.  
A computer enthusiast with a DSL or cable modem at home may, for
example, intentionally provide free wireless access to the connection
while he's away at work.

New Hampshire's proposed wireless law was hailed as "enlightened" by
the Electronic Frontier Foundation, a California-based digital rights
advocacy group.

Lee Tien, a lawyer for the EFF, said the bill would help clarify the
legality of the open networking movement.

"It seems like a fairly clean way of accommodating the geek-culture
practice of having open wireless access points without doing anything
bad for security," said Tien.

The appeal of tapping into free Internet connections while on the go
has led to an activity known as war chalking, in which wireless fans
scratch special markings on pavement to indicate open connections.  
Thousands of wireless "hotspots" offered by hotels, restaurants and
other commercial establishments also are listed in online databases
such as 80211hotspots.com.

To understand the genesis of New Hampshire's proposed law, just boot
up a wireless-enabled laptop at the Fusion Internet Cafe and Espresso
Bar on Elm Street in Manchester, the state's largest city.

Fusion has been offering free wireless access to coffee drinkers for
the past four months. But co-owner Carlos Pineda said he sometimes
turns on his laptop at the cafe and finds himself connected instead to
a wireless local-area network, or WLAN, operated by the CVS drugstore
located across the street.

"I don't even think their employees are aware the signal from their
Internet is being broadcast outside of their space," said Pineda.  
"That means I have access to their (Internet protocol) address so I
can break into their system. Personally I can't, but other, more-savvy
people could do it."

The legality of such inadvertent wireless network intrusions is murky.  
Last year, a Texas man was indicted, but later cleared, on charges
that he illegally gained access to the wireless network of the Harris
County district clerk.

Like most state and federal computer crime laws, New Hampshire's
existing statute says it is a crime to knowingly access any computer
network without authorization. By analogy, just because someone leaves
his house unlocked doesn't mean you are authorized to walk inside, sit
on the couch or help yourself to the contents of the fridge.

But HB 495 turns that thinking upside down, experts said. It defines
an operator's failure to secure a wireless network as a form of
negligence. According to the proposed amendment, "the owner of a
wireless computer network shall be responsible for securing such
computer network."

What's more, if an alleged intruder can prove he gained access to an
insecure wireless network believing it was intended to be open, the
defendant may be able to get off the hook using an "affirmative
defense" provision of the existing law.

As a result, some legal experts contend that New Hampshire's proposed
amendment to its computer laws could make it harder to throw the book
at criminals who take advantage of insecure wireless systems.

"If (wireless network operators) want to be able to prosecute people
for hacking into their wireless networks, they need to have done
something to have secured the networks," said Mark Rasch, a former
head of the Justice Department's computer crime unit.

Despite repeated warnings from experts, at present many wireless users
haven't secured their systems.

A 10-minute war drive down the main business district of Manchester
earlier this month using a laptop with a standard wireless card
revealed nearly two dozen open wireless access points, including some
operated by banks and other businesses.

A variety of techniques can deter, if not eliminate, unauthorized
access to wireless networks. For example, enabling a technology called
Wired Equivalent Privacy, or WEP, can provide some security by
encrypting wirelessly transmitted data. Wireless networks also can
require users to provide a password before connecting. Another
technique, called MAC address filtering, only allows access to
computers on a designated list.

But according to Jeff Stutzman, CEO of ZNQ3, a provider of information
security services, such security techniques are beyond the ken of many
home and small-business users.

"When I do a vulnerability assessment for a client, one of the first
things I do is test for open (wireless) access points. And I've been
in places where every access point I've picked up is un-WEPed," said
Stutzman.

Pineda said the salesman at Best Buy who sold Fusion Internet Cafe its
wireless gear didn't even bring up the subject of enabling security
features.

"People talk about wireless technology but no one talks about the
security problems ... people stealing the signal, hacking your
system," said Pineda. "That's not their concern. Their concern is to
push a product out of the store."

Passed by the New Hampshire House last month, HB 495 currently is
being reviewed by the state's Senate Judiciary Committee. If signed
into law, it would take effect in January 2004.

Committee Chairman Andrew Peterson said the goal of the proposed law
is to protect those who innocently stumble upon insecure wireless
networks. But Peterson said the committee is open to arguments from
anyone who believes the bill could undercut existing protection for
victims of wireless hacking.

"We want to be sure that it wasn't the case that, through trying to
protect people under certain circumstances, we were opening up greater
opportunity for criminal activity," said Peterson.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.