Read this if you care about Wigle's rep!

Talk about whatever

7 posts • Page 1 of 1
ok i searched the forums "before posting" i didint know where or if to post this, i hope this is informative and mabe you already know,http://www.lucidlink.com/ has a flash presentation on how "hackers" can get into wireless networks ... naming wigle , it just bugs me that they are selling there product and profiting off of wigle

if you already know im sorry about the b/w-db useage and wasting your time

timmylc
ps: this is were i found out about this flash ... http://wifi.weblogsinc.com/entry/1234000637049414

Postby uhtu » Wed Jul 06, 2005 12:47 pm

that's one of the funnier bits of FUD i've seen in a while.
on the plus side, it does have a nice coverage of some of the tools used by networking professionals to operate and secure their own networks.

pop the firewall, reroute the encryptions!

Postby bobzilla » Tue Jul 12, 2005 1:29 am

Wow is that amusing. If wardriving is so evil, why are they showing netstumbler ssid/lat/long/wep output right in their demo? Incredibly sensational, but many of their facts are at least right. Using our imagery for commercial use without consent, for sensationalized scare selling, is irking.

I'm going to go drink a small coke now.

Postby brhodes » Fri Mar 09, 2007 4:02 pm

faster than that.

Postby themacuser » Sat Mar 10, 2007 11:16 am

Using our imagery for commercial use without consent, for sensationalized scare selling, is irking.
You know what to do. It's C&D time :)

I also note that they have nice "featured on Fox" buttons, that'd be about right :)

Interesting, there's BSSIDs in plaintext. Theoretically one could use WiGLE to find out where they did their wardriving run, and maybe even notify them that a news crew just broadcasted their network details to the world?

Also, interestingly, they have AirCrack running on Windows. Hmm, that must've taken a while... but wait, that key found is one of the test keys from the example that comes with the software (or so it looks)!

I also find it funny that somehow the program prevents IVs from being sent over the network (not enough IVs found!). Gee, I wonder if that was just faked?

Oh, and look, one of those products they sell is the cliche "Windows Registry Cleaner"! Wow!

Interestingly, they also named various commercial antenna makers - libel? Suggesting that someone's products are used by hackers?

Also, in that flash demo, I notice that several images were ripped directly from other websites. It also switches back and forward between Windows and Linux for some reason.

Also, interestingly, somehow they seem to think that WiGLE stores people's WEP keys :).

"And it's not our intention to scare you out of using WiFi" (but I guess it is into buying / using our products?)

Anyone know someone who could give us a legal opinion on some of the points here? Using WiGLE's data set publicly for commercial gain, like they just did breaks the EULA, and likely copyright laws. Suggesting that WiGLE is something used by evil bad hackers that steal people's personal data (when it's clearly not) is probably libel.

Edit again:
http://www.lucidlink.com/blog.htm

Shall we leave them a few comments?

Edit yet again: Maybe not, they're moderated...

We should put a note on the frontpage referring people to a page where they can get the facts on what this project is really about, and perhaps inform people that they are being scared into using something they don't need by someone who'se just attention-whoring. Something like:

If you just came from LucidLink's site, please read this:
The purpose of WiGLE is to gather data on network usage and positioning. It is not intended to provide lists of networks to hack, and with the prevalence of wireless, despite what LucidLink says, you do not stand out because you are logged on WiGLE. If you have any objections to being listed here, please contact the admins, and we will be happy to remove your accesspoint from our database.

We do not support wireless hacking, and we do not store any data besides a basic statistic of whether your network has a password or not. This is absolutely no use to an attacker. Why would they single out your network if there are so many others to attack? Despite what LucidLink say, you are not that likely to be attacked. The vast majority of attackers do not target a specific person. They pick the "low hanging fruit" - the people with insecure open networks. Put a password on your network, and you will deter 99.9999999% of hackers.

They state that 1 in 2 attacks happen over wireless. This statistic does not seem accurate, and they do not define what an "attack" is. Considering that they seem to define a compromise of security as your network being detected, it seems as if they would be counting attacks that aren't.

Their definition of wardriving is also misleading. It is the process of finding networks, but not of touching them. We do not advocate connecting to any networks which you do not have permission to use.

The FBI have released a statement saying that the detection of 802.11 accesspoints is not a cribe, but associating with and using them is. This backs up our philosophy of only detecting and never connecting. What we are doing is perfectly legal in at least the US.

Also, we must look at why they are attempting to scare us here. It looks like a cheap attempt to raise publicity for their product. Which looks like exactly what they have succeeded in doing - with their two interviews by Fox News. Sensationalist journalism as usual.

Once again, if you do feel uncomfortable with your accesspoint being listed here, please contact the administrators of the site, and we will remove it from our database.

Thankyou.
Sorry for the long post, but I have no patience for those that attempt to profit off scaring people with regards to computer security.


Edit again: I just looked at when this thread was started. Guess I posted what should've been done two years ago, when this happened :)

Postby goldfndr » Mon Mar 19, 2007 5:54 pm

Put a password on your network, and you will deter 99.9999999% of hackers.
That would be deterring all but one out of approximately one billion hackers. Do you honestly think it's that strong of a deterrent?

Postby themacuser » Tue Mar 20, 2007 4:00 am

Put a password on your network, and you will deter 99.9999999% of hackers.
That would be deterring all but one out of approximately one billion hackers. Do you honestly think it's that strong of a deterrent?
Figure of speech :) Make that "All but the most determined to specifically target you instead of the people down the street with the open AP". Which is not many really...

7 posts • Page 1 of 1

Return to “General Grabbag”

Who is online

Users browsing this forum: No registered users and 16 guests