How to Take Over a Train Station 356
ThinkComp writes "Everyone knows that home wireless networks are insecure, but who would expect a major transportation hub to be vulnerable to the same problems? Well, waiting for my friend's train at South Station in Boston, MA, I happened to notice that it was possible to take control of the entire station's wireless network, including its home page and authorization method (free wireless, anyone?)--and those of thirty other businesses throughout Massachusetts, thanks to a few coding errors on the part of the wireless company with which South Station contracted."
Google HTML version available :) (Score:5, Informative)
There is one silly error in an otherwise great art (Score:5, Informative)
Re:who did you tell? (Score:5, Informative)
Plain Text (Score:1, Informative)
accountability? (Score:4, Informative)
Very good article. However, one of the author's ideas for improving security doesn't actually hold water. The problem is to verify the identity of people being assigned dynamic IP addresses on a wireless network. He proposes
"... to force accountability,Actually, most network cards allow you to set the MAC address by software if the factory one isn't good for you. For example, this is needed for drop-in-replacement functionality.
misleading title and rather arrogant, IMHO (Score:3, Informative)
Re:There is one silly error in an otherwise great (Score:5, Informative)
-molo
Re:who did you tell? (Score:3, Informative)
Re:accountability? (Score:5, Informative)
Re:Of Astroturf and Grandstanding (Score:2, Informative)
That said, your point is right, and it's too bad, if not entirely unexpected, that this guy has too much of an ego. Of course, it would also help if timothy read articles before posting.
Re:Fork bombs (Score:2, Informative)
Re:There is one silly error in an otherwise great (Score:5, Informative)
Re:That's a stupid question (Score:5, Informative)
MAC addresses are not immutable! (Score:4, Informative)
The only way to really track people is by using a transport protocol with authentication. Somehow I don't think the world is ever going to agree on one.
-- Jack
Evidence? Who needs it? (Score:5, Informative)
While I agree with you on the fact that he's just speculating at that point, nevertheless a possibility exists for this sort of thing to happen.
Simple example: I went wardriving through town once. I found a lot of connections of course, but basically I just set the sniffer up on the laptop and drove around slowly. Later, when I got home, I checked out what I had found, and using timestamps I figured out where the different access points I had found were (I lacked a GPS then).
One of the ones I found was a drugstore. I looked at the raw trace and saw some really odd plaintext there. So I went back and left the laptop in the car while I went in and bought some stuff and took a look around.
What I found:
- Their cash registers were all wirelessly linked to some system in the back. When you scanned an item, the barcode was read, transmitted to the machine in the back, which looked up the price and spat it back to the register. Credit card authorization was handled the same way. All this was plaintext, as I looked at the data and found my credit card number as well as barcodes from the items I purchased in there. Didn't understand the formatting, but it wasn't too difficult to see my name and credit card number stand out like a shining beacon.
- Some kind of prescription transactions were wireless as well. While I didn't get a lot of data of this sort, there were packets containing various drug names, in plaintext, being sent over the air. I'd bet money that insurance information as well as whoever bought the prescription would have eventually gone out in the clear too.
The point being that security was basically non-existant for something you have a reasonable expectation of being private. I mean, when you design a wireless network to handle credit transactions, you'd think some form encryption would be pretty frickin' obvious, right? Let alone tossing somebody's prescription info out onto the airwaves.
So while he didn't state you could change the lights and has no idea if you can actually fuck with the trains, the point I think he was trying to make is that clearly security is not at the forefront of the minds of a lot of people for this sort of thing. Admittedly, my drugstore example happened a couple years back, and may have been fixed by now, but this sort of thing happens because people don't think about it being an issue. It's that part that needs to be fixed. Whether any given example can actually be compromised in a serious way is not the point.
Not wireless (Score:5, Informative)
So really, the site that served images from an unobfuscated directory allowed the person to know what to look for, the directory was fully listed in a way that directories shouldn't. The passwords were very, very insecure. This had nothing to do with wireless security, but rather web services security, and basic things for security that people don't do.
The passwords in the article, BTW, no longer function. At least, not form my remote machine. Anyone reading this from South Station wish to see if the passwords still work on-network?
Re:DecNet requires the ability tonchange your MAC (Score:1, Informative)
Re:wireless is insecure? (Score:1, Informative)
I believe the moderator's assumption is that people reading the thread are familiar with Slashdot memes and mythology, and is pointing out that this post could have been autogenerated down to the "pound him in the pass" prison cliche. A post doesn't have to be in the same thread to be redundant, as witnessed by thousands of "in Soviet Russia" posts...
On the other hand, both of us justly deserve to be moderated off-topic for having this exchange.
Re:Illegal access (Score:2, Informative)
More information on post 9/11 ATM Withdrawls [latefinal.com]
Press Release from the DAs office [manhattanda.org]
Fairly interesting story -- one that I hadn't heard before.
article full of lies and FUD (Score:1, Informative)
Slashdot bought out by Fox ? (Score:3, Informative)
Just some guy doing trivial guesswork to get free wireless access...that happens to be at Boston's South Station
Was writing the article his post-priori justification for the service theft ?
Re:That's a stupid question (Score:2, Informative)
How did I end up with this? Well, it's simply because as the office manager guy, I happen to know more about computers than the people that know more about the plumbing/HVAC/etc. in the building. That doesn't automatically make me an expert. And even if I outsourced it to a vendor, it doesn't mean they'd deliver a solution where I could verify its security via obscure exploits that I don't know how to use.