Free Wireless Networks at Airports 295
WallytheWalrus writes "Today's Minneapolis Star-Tribune is carrying an article about the installation of a wireless network throughout Minneapolis-St. Paul International Airport, the first of five such airports across the nation to get a uniform wireless network system. The system, which cost only $250,000 to install, will be free to business travellers passing through the airport (who have the correct hardware), and available through a number of kiosks throughout the airport. One can only hope this is the first step towards bigger and bolder public wireless network projects."
Austin Airport (Score:5, Interesting)
ChiefArcher
Re:Austin Airport (Score:3, Informative)
No, that's because it was a "trial period" by Wayport [wayport.com]. There was at least one other company (MobileStar) providing 802.11b, but they went FC [f---edcompany.com] a few months back. Both of them had a login screen that totally fucked up my browser cache (or something) such that it kept trying to access their stupid login server whenever I tried to go to my home page.
Re:Austin Airport (Score:2)
They got some angel capital from Voicestream and Starbucks, and they seem to be doing alright. I'm a subscriber, and I thought their service would drop off at any day, but it's doing well.
Re:Austin Airport (Score:2)
Heh. Why bother filtering the domain bracketing when they can just go ahead and fucking swear anyway?
Re:Austin Airport (Score:2)
If you're going to keep such vulgarities from the virginal eyes of the Slashdot crowd, at least try to be uniform about it.
LAN PARTY (Score:5, Funny)
Re:LAN PARTY (Score:5, Funny)
"I'm gonna shoot yer ass off and take your big frazzin' gun!" you yell airport security get deployed on your position in force!
=tkk
Re:LAN PARTY (Score:2)
Re:LAN PARTY (Score:2, Funny)
Apple slogan... (Score:3, Funny)
Mad Apple promotion? Or useful technology?
Cryptnotic
Free wireless networks... (Score:2)
My thoughts anyway..
HEY WAIT A MINUTE, perhaps they'll be doing this and gathering marketing data? Could be easily done, and profitable over a 5 year timespan.
Well, that would be useless. (Score:2)
A transparent firewall blocking non-standard services might be useful, but keep IPSec, POP/SMTP, etc.
Re:Well, that would be useless. (Score:5, Informative)
Last time I was at the IETF, in Pittsburgh, Marconi was running the show and gave everyone 802.11 cards. I plugged mine into my notebook and fired up my Ethernet sniffer, which collected approximately 700+ webmail username/password pairs, over 100 POP logins, a good littering of telnet logins, a bunch of tunneled CIFS logins, and other assorted good stuff. Enough to crack into a user account at a large portion of the represented telco R&D firms. What I learned at IETF that year: the telecommunications world was still too stupid to be allowed to own wireless ethernet.
That was the IETF. This is an airport. IPSEC? Nah. It's easier to jail the occasional teenager for "sniffing" than it is to actually fix the problem.
--
You're reading Managed Agreement [slashdot.org].
Re:Well, that would be useless. (Score:2)
You've just given me a great idea on how to upgrade from cattle class to business class!
Dangeous honesty (Score:2)
BTW, what sniffing software do you prefer?
Re:Well, that would be useless. (Score:2)
Any automobile owner who does not own LoJack (tm) in today's auto theft market deserves what they get. Car theft is completely ubiquitous today, with 1 out of every 15 Honda Accords being stolen. Only an IDIOT would fail to employ a third party keyless entry system and LoJack!
In short, I don't blame the criminal. I blame the victim.
--
You're reading Managed Agreement [slashdot.org].
Re:Well, that would be useless. (Score:2)
If your system comes with Telnet, and you're not a security expert, installing SSH costs time, which is money. Installing a free standards compliant SSH client on all your Windows boxes (does such a thing exist?) takes time, which is money. Using telnet to steal information requires a criminal to present false credentials (user/pass or some other hack) in order to break in and steal data.
--
You're reading Managed Agreement [slashdot.org].
Re:Well, that would be useless. (Score:2, Informative)
Like PuTTY [greenend.org.uk]?
Good business people use IPSec... (Score:2)
Re:Free wireless networks... (Score:2)
Or a filez 133ch. Let's see... www dot giganews dot com... alt.binaries.anime... extract binaries... :-)
In other news.... (Score:2, Funny)
There goes the neighborhood... (Score:2)
This being the community of paranioa, need I say more?
Baggage Hacking (Score:2, Insightful)
Who wants to bet they're not going to have the security they need to protect themselves because they go with the lowest contract bid?
Scenario:
Felon A puts semtex in a bag, and checks it at the curb, but never gets on the plane. Felon B is inside the airport and reassigns that bag to a passenger who DID get on the plane. Since the passengers and bags now match they won't do a cargo search for the unclaimed baggage.
Boom.
Abuse over wireless networks (Score:3, Interesting)
If I sat in an airport with a laptop, I could use the (surely) fat pipe of the building to DoS some poor person, and who would catch me? The user reports to his isp, who gives it to the airport's upstream provider who give it to airport personnel. By that time, I'm way the hell out of there.
Of course, I'm using "I" in this post hypothetically - I hate DoS and the packet kiddies that do it, but what security is being put in place to prevent it?
Re:Abuse over wireless networks (Score:2)
I think the abuse issue is very serious. All you need is a script kiddie field trip to an airport for a bit and you have almost no accountability. How many airports would dispatch security guards with detection equipment to isolate an offender? How fast would that ever happen? Scary.
Re:Abuse over wireless networks (Score:2, Insightful)
1. The airport could lower the bandwidth available to individual users or at least monitor severe spikes in bandwidth use caused by one user. Once they see you doing it, it isn't tough to shut you off.
2. Denial of Service attacks from a single user are history. All reasonable targets have protections against single users. The real damage is done by Distributed Denial of Service attacks where a large number of nodes flood a target.
Granted, your point was how to catch abusers of the system and not that your attack would necessarily work. This problem plagues all wireless networks. While it may be difficult to track you down to an exact location, you are still in a post 9/11/01 airport. They are on the lookout for strange behavior.
I don't envy the first 'terrorist' caught packet flooding his least favorite web server.
A DDoS waiting to happen (Score:2)
You're missing the big picture. Said DDoS hacker has his laptop in his bag, with a nice high-gain antenna so he gets more range. It automatically connects to the network, then begins scanning all connected machines for vulnerabilites. If it finds one, it dumps the trojan/DDoS client on it- he doesn't care about launching an attack there and then- the important thing is to hack the laptops. Once they're hacked, the software will automatically call home to the IRC channel to await commands. Of course, it'd be smart for the trojan to wait a few hours before trying to connect so the airport wirless doesn't lock onto the IRC traffic and notify the user.
Said DDoS hacker stands at the magazine rack for a while. Then heads to the food court. Maybe stare out the window at the planes, things everyone else is doing, while his laptop is busy finding insecurities. After a while, he moves on to the next terminal. How many machines do you think he can hack in a short time? How many could a small group in a short time? A concentrated effort by a large group at major airports across the country?
Pretty scary if you ask me.
Re:A DDoS waiting to happen (Score:2, Insightful)
The only argument is that he is more anonymous at the airport but I think he has less of a chance getting caught/in trouble from home. Have you ever tried to go after a person who port scanned you? You can spam abuse@hisisp all you want, they don't do crap. I know because I manage a lab at a college and I've tried to get peoples accounts pulled for trying to break into my systems. If you want the law involved its even worse because you need to prove >$5000 of damage was caused and all that crap.
With the paranoia around airports now a days I don't even want to bring my laptop with me. The less crap I have on me the less I have to worrry about.
Or I could just be blowing steam out of my ass... oh well.
Re:A DDoS waiting to happen (Score:2)
From the airport, he hits laptops heading different directions around the world. A true DDoS. Once the laptop is plugged back in a the owner's office, the hacker also has an opening into that company's network. That's was my point.
As for security, well, I think it's probably overrated, and they're more concerned with other issues.
Well, I guess that's enough on this topic, I don't want to give the kiddies too many ideas.
Re:Abuse over wireless networks (Score:2)
Assuming there's no per-user cap on bandwidth, which is unlikely enough, but
It also assumes there's no one at the airport monitoring abuse of the system, which is very unlikely, especially on a $250,000 network. If they have the network set up right, they could triangulate your position (or at least the offending computer), tell security, and they'd be on your ass in a few minutes. But I'd still like to see someone try it.
This will last long... (Score:2, Funny)
People are human. Lotsa bandwith+free+no accountability=ISO FRENZY!!!
Airport? (Score:2)
Why go all the way to the airport when you can get plenty of wireless coverage [news.com.au] for next to nothing* (here in Sydney at least)
*conscience not included
Finally 802.11 for the masses (Score:2, Interesting)
I heartily encourage everyone with a home network and highspeed internet to purchase an 802.11 access point and place it by a window. Just make sure that you place the access point is on the external side of your firewall.
Great - but how much will it cost to use? (Score:2, Interesting)
1. They could make it cheap, and ensure that just about anyone at an airport can get minimal 'net access, or
2. They could make it expensive, and ensure that high-class business-types can get a fat pipe.
Of course, the OPTIMAL solution would be to do both: Rent a low-bandwidth node for $5.00/hour, or a high-bandwidth node for $0.25/minute.
If they choose to only provide an expensive connection for corporate use, though, I'm not sure it'll be a step in the right direction.
Low Budget Colocation! (Score:5, Funny)
Re:Low Budget Colocation! (Score:2)
Re:Low Budget Colocation! (Score:2)
I am on to your plan, terrorist boy!
Re:Sounds interesting...a few thoughts (Score:2, Funny)
Comment removed (Score:5, Funny)
Virus Launch (Score:2)
If I were ever trying to launch some virus or whatnot using one of these open networks would be just the place were all they would have to so was probably drive through the drop off section...
Anyone else see this as a problem?
Re:Virus Launch (Score:2, Interesting)
Anyone using Windows 2000 on thier laptop that's unpatched for Code Red will get infected right away. There will undoubtedly be some schmuck - who's laptop is already r00ted - that will be waltzing through the airport broadcasting away that particular snippet of malicious code. Bleah.
There should be some qualification system before you get on a public network like this, IMHO.
Soko
Re:Virus Launch (Score:2)
No, if this is going to work it can't be a pain. You've got to be able to turn on your laptop and start working, or at a maximum have to just pay a fee for use.
Could they make payment kiosks where you swipe your credit card and insert your pcmcia card into a slot so it can read the mac address and then allow access based on that? If you did this it seems that there could be at least some level of accountability.
.
Re:Virus Launch (Score:2)
Does that clear up what I was saying, or am I totally missing something.
.
Flight delayed, laptop hacked. (Score:5, Funny)
A public wireless network with a revolving roster of addled sales execs is a veritable shooting gallery, the proverbial barrel full of fish!
Anyway, I will not be surprised when suits rush back to the home office after a stopover in Minneapolis, their laptops having mysteriously come down with the clap.
Re:Flight delayed, laptop hacked. (Score:3, Insightful)
But I guess they're all too stupid to have thought of anything as simple as that...
(Frighteningly though, you may be right)
Re:Flight delayed, laptop hacked. (Score:2)
I think his [valid] point was that airports will suddenly become popular for hackers with wireless cards and laptops. What good is an airport firewall if the hackers are already behind it?
Louisville Airport; probably others (Score:2)
Curious that this is happening in some of the smaller airports first. I'd have expected San Francisco's airport to be an early adopter. They certainly spent enough on construction costs to throw in a few wireless routers around without anyone noticing. Still, at least it's getting out there somewhere.
Re:Louisville Airport; probably others (Score:2)
(in)Security (Score:5, Insightful)
Well, what about it? How different is wireless from an airport different from that shared ethernet in the airport hotel? Or having folks check in from those ubiquitious web terminals in airports that half of the time have cache's full of info?
Yes, it is possible that sitting there in the terminal your stream will get intercepted. So understand/teach others that these aren't secure, that pluggin in in *any* public pace isn't gonna be secure and certainly not at a client's office etc. Use a tunnel back to the home/corporate proxy server or don't go near any important content and *don't* use any passwords.
But don't go getting all upset of wireless and airports, it's not really different from all of the others.
Re:(in)Security (Score:2)
I think it is a corporate IT/security officer's responsibility to ensure that corporate laptops follow these policies:
good passwords (7 characters or more expiring every 30 days)
pgp encryption of sensitive data
have the server service disabled (on NT machines)
no running NetBIOS unless absolutely necessary, and then only when bound only to the interface needed
absolutely no web server (personal or otherwise)
connections to the Internet via VPN connection to corporate LAN, *then* through the corporate proxy.
802.11 what? no freaking way.
Re:(in)Security (Score:2)
Dealing with Delays.. (Score:3, Interesting)
London Heathrow (Score:3, Interesting)
JKF at New York has some small network, but nothing intresting and no internet.
Frankfurt (Germany) has also some network but also nothing fun, all I see is novell broadcasts.
If anyone want, I still have the NAI
Security this.. Security that.. (Score:5, Interesting)
Re:Security this.. Security that.. (Score:3, Insightful)
802.11b can be made pretty secure, and it's not even that hard. Yes, wireless will never be secure as other methods, but it's not a big gaping whole either (or at least it doesn't have to be).
So unless you know what you are talking about,
how do you trace the cracker? (Score:2)
Re:how do you trace the cracker? (Score:2)
Then you pull up all the video from that cavered area at the airport, and the time it happened.
then you profile the people with laptops.
then you begin investigating those pepole who fit your profile.
is it 100%? no, but the people who do this kind of work are damn good.
Re:how do you trace the cracker? (Score:2)
Back then, people were up in arms about it. Wanna take a guess how easy it would be to do now?
--
Re:how do you trace the cracker? (Score:2)
jon
Already exists in Asia (Score:3, Informative)
Wireless?! What about power??? (Score:5, Insightful)
However, it's going to be somewhat worthless to offer your travelers wireless without also giving them a place to plug in your laptop. Yes, I know laptops have batteries and don't have to be plugged in to be used. However, if you're like me, you hoard your battery's power for the actual flight instead of using it in the terminal. It *IS* possible to plug in at the terminal, but outlets are far and few in between, and you have to work around the rechargeable golf carts (or whatever they call those things) and other laptop users.
Lastly, with all the other concerns they have at airports these days, I am doubly amazed that they have the time to think about this. Not that I mind, it just makes me wonder.
Just unplug that vending machine.... (Score:2)
Re:Wireless?! What about power??? (Score:2)
>>However, it's going to be somewhat worthless to
>>offer your travelers wireless without also
>>giving them a place to plug in your laptop.
Ummmmmm........ you should fly out of your own airport more. Minneapolis/StPaul is actually pretty good at having desks available in the terminal WITH power outlets.
Sure, it could always be better, but it's about the best airport i've seen in that regard.
Ok.. (Score:2)
What desks? Argh!
BTW - I've only ever attempted to use my laptop in the airport while I'm at the gate. I suppose that was my most critical error.
Re:Wireless?! What about power??? (Score:2)
I'm curious if you can setup an 802.11 network in flight or if it will muck with anything they run. I think another thing that would take off well for the planes is having a game/lan server and either cat5 or 802.11. Being able to play Counter Strike/Quake3/Starcraft on the flight would be awesome. I'd pay extra for that capability, assuming you knew other people on the plane could play
Re:Wireless?! What about power??? (Score:2)
But yeah, electrical outlets are generally few and far between in airports.
Steve
Power in Airports (Score:2)
[Simple fact is -- they use 'em for vaccuum cleaners. Some airports have 'em in the floor, with some sort of locking panel over 'em...as we can't carry pocket pliers or pocket knives on us anymore, we can't open those up, but quite a few airports have 'em just as normal circuits along the wall, under some seats.]
Weird (Score:5, Informative)
I think it's fishy as hell. As 802.11 adoption increases, profits go through the floor. Or they charge for IPSec separately from other protocols, and people develop work-arounds. Meanwhile, JoeHaxor is downloading .isos all day and tying up the service.
Anyone want to bet on how quickly they stop giving away 802.11 free (or ask the airport for a bailout)? Three months?
Re:Weird (Score:2)
C'Mon, how stupid do you take the network admins for? What do you want to bet there is:
1. A proxy complete with ultra-restrictive firewall (except for special arrangements through business partners).
2. IP logging and abuse auto-shutdown and/or ban of network card from the service, plus possible triangulation of abusers for security.
3. Upload and download caps on the service.
4. Possible blacklisting of sites to discourage people from surfing to porn sites in a public place like an airport.
Maybe the upload and download caps will be raised on the corportate service, but I don't think there's going to be a way Joe Haxor is going to download an ISO in any amount of time he'd want to spend at an airport - and even then that kind of downloading abuse would get you red-flagged and possibly banned.
AOL To Buy Airports (Score:2, Funny)
Disaster Management? (Score:2)
Re:Disaster Management? (Score:2)
you want to know whayt the US is going to be like in 10 years? look at how things are run in an airport.
SPAM Abuse (Score:3, Insightful)
Don't expect it to be free for long... (Score:2)
And, like most other airport goods and services, it won't be cheap.
Re:Don't expect it to be free for long... (Score:2)
Want to get access? It's free. Just go to the bar. Of course, you'll have to buy an $8 drink.
In related news (Score:2)
Film at 11.
A couple thoughts (Score:2)
Security: In an airport you are always being watched. Its been this way for years. If you log into the netowork, you can bet they'll find you if they want to. Its a matter of determining when the event took place and which wireless "hub" was the originator, then searching through the video files. They get everybodies picture with a laptop, then profile them. Once they have someone they feel best fits the profile, they will get every recording of you, i everyplace you've been on there property. thids means they know what Bus, car, cab, plane, you got there with. This is just basic security work from that point.
Terrorist: this in no way makes airplane more vulnerable to attack. Of course the current security measures in know way prevent the events from 9/11 happening again either.(of course if you pull a knife out now, the other passengers will probably kill you. THAT will prevent another 9/11.
Don't send any data in a public network that you wouldn't post on the front page of a newspaper, ever. If you do, it will be found out. I wish we lived in a world where you could send data and not worry about it, but alas, we do not.
Finally, If you want to know what life will be like in the US 10 years from now, just look at an airport and expect to have the same level of privacy.
the FBI is behind this (Score:2)
oh well (Score:2)
Until then, oh well.
Ready to go (Score:2, Interesting)
Anyway, I'm sorry that last paragraph was so confusing. I guess assigning another meaning to the word Airport wasn't so smart on Apple's part.
Script Kiddies? (Score:2)
Last I checked, most of these folks were 15 years old. Chances are the only time they will be in an aiport is when they fly back to New Jersey to visit grandma. Mom and Dad won't let them take there expensive laptops with them because they know it will break.
Chances are the'll be too busy looking at the assult rifles the national guard is carrying and wondering what a death match in the airport would be like.
--
Security education opportunity (Score:2)
Homeland Security? (Score:2)
Now all they have to do is sit at the airport with their trusty wireless laptop and sniff corporate IDs and passwords to their heart's content. At least the company I work for only allows wireless access through a VPN!
This is just beautiful.
Re:Well (Score:2)
Re:Well (Score:3, Funny)
Oh, you mean Northwest Airlines! Silly me.
Re:I'll rip out my left testicle when its "free" (Score:2, Interesting)
This is kind of funny in light of the recent article [cnn.com] discussing security devices running on unsecured 802.11b networks (as if there's another sort of 802.11 network) You won't even look out of place walking around with airsnort running...
Re:I love it but... (Score:5, Insightful)
Re:I love it but... (Score:2, Insightful)
Just becuase you know its a public untrusted network doesn't joe nobody does. They feel safe beacuse it's regulated by the airport therefore they will do things on the network you probably shouldn't do in an untrusted network. Just like people who do insecure wireless netoworking in there home and then bitch when all their information and credit card numbers are compromised.
If you are runnning an open network or anything open to multiple users (even a shell server) you should try to protect the security of your users as much as possible, you shouldn't forget about it just because you know you wont do anything stupid on it.
not only that but great for spammers (Score:2, Insightful)
Re:I love it but... (Score:2)
It's an untrusted network.
Do you have some illusion that nbody can snoop on what you are doing when you surf slashdot normally from home?
How is this any different?
SEcurity must be in the hands of the end stations, not the carriers.
Re:I love it but... (Score:2)
Well.. it's FREE (Score:2)
What SHOULD they do for security? Nothing. not their problem.
Re:I love it but... (Score:2, Insightful)
Tom
Re:I love it but... (Score:2)
Re:security? (Score:2, Insightful)
On the other hand, the whole thing might be useful for catching terrorists who felt the need to shoot out a last minute email -- provided that traffic is monitored closely.
Re:security? (Score:3, Insightful)
Second, there are security concerns and as you pointed out, these are two fold. We don't want people snooping the airlines system. On the other hand if we're using the system to say, pre-pay for a rental car at the destination, we don't want people snooping credit card numbers either. There has been a lot of talk in the past about insecure 802.11 networks. It was my impression that these networks were configured incorrectly, and that it is possible (with later high bit key tech) to have a secure network. If the airports were to offer a good secure network, I think it would be of great benefit to flyers.
And then there are all the fun apps like being able to monitor arrivals and departures from your palm. As well as gate changes and whatnot. These can be as insecure as you like because it's really just another way of disseminating public information.
In all I think it'll be a good thing, with problems at first, but will become the norm in time. As far as The Man snooping the network, I think you'll get that no matter where you go. Don't not use a great public utility for that reason alone.
Re:Government Networks (Score:2)
Re:Call me a steinge, but... (Score:2)
The present problems in the airline industry come from a lack of federal oversight and funding; to say it's the otherway around is foolhardy at best. Notice the almost unbelievably low amount of new runways and airports built during a period when air travel rose by leaps and bounds - all following the deregulation of the air travel industry.
Unless your advocating the elimination of any airline industry in the United States, I fail to see how your point is at all valid. The airline industry is entirely unique in its suceptibility to attack and role in our nation and the world and needs to be treated differently. Globally, nations with socialized air travel systems provide a far more convenient and secure solution. Perhaps this comes at the cost of higher ticket prices and an increased tax burden, but that's the price of living in a modern world.
Re:Suppose you did this (Score:2)
Re:Great! I can just see it now... (Score:2, Insightful)