Forgot your password?
typodupeerror

Turning Network Free-Riders' Lives Upside Down 658

Posted by timothy
from the shake-it-like-an-etch-a-sketch dept.
An anonymous reader writes "You discover that your neighbours are using your unsecured wireless network without your permission. Do you secure it? Or do you do something more fun? A few minutes with squid and iptables could greatly improve your neighbours' Web experience ..." Improve is a relative term, but this is certainly gentler than certain other approaches.
This discussion has been archived. No new comments can be posted.

Turning Network Free-Riders' Lives Upside Down

Comments Filter:
  • I use WEP (Score:2, Funny)

    by celardore (844933)
    I use WEP, but this certainly looks a laugh. Might turn that off, and see if I can have some fun!
    • Re:I use WEP (Score:2, Insightful)

      by rivaldufus (634820)
      Well, if you're using WEP, you should still do it. Someone's probably cracked your encryption long ago...

      It makes me think about turning off WPA, though.

  • Every link could be tubgirl.
  • Goats (Score:5, Funny)

    by ajiva (156759) on Thursday July 27, 2006 @01:02PM (#15792194)
    I'm surprised the guy didn't send every link to goats.ex... He was being way too nice.
    • Re:Goats (Score:5, Interesting)

      by Roody Blashes (975889) on Thursday July 27, 2006 @01:06PM (#15792223) Homepage Journal
      If you don't secure a wireless connection that spills onto other people's property, why shouldn't they use it until told otherwise? You could argue that you're not really encroaching, but I guarantee you that's not true. There's another network near us that was too weak to always show in the list of nearby nets, but was just strong enough to cause intermittent signal pollution until one day I happened to move the router to get at something else, and noticed it next time I connected.

      If you let your signal spill over onto other people's space, too bad.

      In fact, I wouldn't be mad if someone were using my connection without my approval unless they were encroaching on my space to do it. In fact, I only secured it because of bandwidth concerns and the potential for other people to use it for illicit purposes.
      • Re:Goats (Score:5, Insightful)

        by trewornan (608722) on Thursday July 27, 2006 @01:20PM (#15792372)
        I chose to leave my wireless network open so that if someone nearby needed a connection it would be available for them. If someone was to impose an unreasonable load on the network I might do something about it but so far (12 months) I've had about half a dozen people connect and download relatively small amounts of data - my guess is they were checking email. Why would I object to that? No . . . why would *you* object to that? The way I see it it's a chance to do something nice for other people, why not get yourself some good karma.
        • Re:Goats (Score:5, Insightful)

          by generic-man (33649) on Thursday July 27, 2006 @01:28PM (#15792435) Homepage Journal
          I've lived in two places where I set up my access point with no encryption. In both places, I've fired up iTunes to see someone else sharing music on my LAN. This didn't bother me until I read the name of the share: "(name)'s LimeWire Tunes."

          I don't mind if people want to check their e-mail on my WAP. I do mind when they idle on file sharing services, using lots of bandwidth and exposing me to potential legal liability.

          It's a shame that I have to protect my router somehow, especially because one of my devices (a Nintendo DS) doesn't support WPA at all.
          • Re:Goats (Score:5, Informative)

            by Starker_Kull (896770) on Thursday July 27, 2006 @01:35PM (#15792506)
            It shouldn't be too hard to set up some fixed IP addresses for your home machines, and let "guests" use a different IP range, for which you have implemented port blocking for all but 80, 25 and a few others for https and sending email, if you wish.
            • Re:Goats (Score:5, Interesting)

              by jasen666 (88727) on Thursday July 27, 2006 @01:59PM (#15792804)
              That's exactly what I've setup at my wife's salon, where she has an open wireless for her customers. The office computers have full internet access, any wireless guests have their ports limited to the basics. The cheapy D-link router had this capability built-in, making it a no brainer.
            • Re:Goats (Score:3, Interesting)

              by osssmkatz (734824)
              You would let a guest use port 25? One word: spam. Not a good idea. especially with zombies.
          • Re:Goats (Score:4, Informative)

            by feepness (543479) on Thursday July 27, 2006 @02:27PM (#15793071) Homepage
            It's a shame that I have to protect my router somehow, especially because one of my devices (a Nintendo DS) doesn't support WPA at all.

            A really easy method is to allow access only to specific MAC addresses. I hate encryption since it's such a pain and I don't do anything secure wirelessly anyways. Now all I have to do is set the MAC address on the router and I'm in!
            • Re:Goats (Score:4, Informative)

              by g4c (919548) on Thursday July 27, 2006 @08:36PM (#15795795)
              It is trivial for somebody to sniff your wireless card's MAC and spoof it. However, it requires enough knowledge to operate a sniffer and a MAC spoofer, thus eliminating 99% of the population. And even at that, they have to catch you while you are using the computer in order to find out your MAC, which potentially requires a time investment. After that, they might have to flood the ARP tables (does this even work over wireless?) if your computer is still on while they are trying to spoof your MAC. I guess trivial is a relative term... Why I am even posting this? Somebody please mod me down...
          • Re:Goats (Score:4, Informative)

            by squiggleslash (241428) on Thursday July 27, 2006 @02:28PM (#15793079) Homepage Journal

            The DS supports WEP. While WEP is immeasurably inferior to WPA, it does at least make your intentions absolutely 100% clear.

            While some in the tech community continue to believe they have implied "permission" to use your network if it's not secured, that isn't how the courts see it. Nonetheless, you can satisfy both schools of thought by securing your network even if it's just with WEP. Anyone who persists in connecting to your network will not merely have difficulty using the non-existant permission argument, but they can't pretend they used it by accident either.

            At the same time, as you've taken reasonable precautions to prevent misuse of your network, your liability for anything the person who broke in did will be considerably lower too.

            • Re:Goats (Score:4, Informative)

              by TheGreek (2403) on Thursday July 27, 2006 @04:22PM (#15794245)
              At the same time, as you've taken reasonable precautions to prevent misuse of your network, your liability for anything the person who broke in did will be considerably lower too.
              But it'll be harder to prove it wasn't you.
          • Re:Goats (Score:3, Interesting)

            by vertinox (846076)
            It's a shame that I have to protect my router somehow, especially because one of my devices (a Nintendo DS) doesn't support WPA at all.

            I've got the same problem with my DS, but I've just setup MAC address filtering and not publicly broadcast the SSID. The DS plays just fine and the average person in my neighborhood isn't smart enough to know that there is a wireless network at all and I'd doubt they'd be smart enough to sniff the packets and modify their wifi to match my list addresses.

            Sure half of Slashdo
          • Bandwidth (Score:3, Interesting)

            by Jetson (176002)

            I don't mind if people want to check their e-mail on my WAP. I do mind when they idle on file sharing services, using lots of bandwidth and exposing me to potential legal liability.

            The bandwidth part is easy to handle, assuming you've got a Linux box between the WAP and the gateway. Amonth the various iptables modules are ones that do rate-limit matching and per-IP queueing. You could easily give each poacher access to the internet without restricting the available ports but at a rate that resembles a

        • Re:Goats (Score:3, Insightful)

          by spyrochaete (707033)
          It's the same reason you shouldn't feed pigeons in a park. It might be a friendly thing to do, but not everyone is as nice as you. One day a pigeon that has been conditioned not to fear man will come across a mean spirited kid who will feed it poison. In the case of the USA, that mean spirited kid is the archaic law about accessing a wide open WiFi port without permission.

          Do your neighbours a bigger favour - change their mooched web browsing data to kittens to let them know their actions are not cland
          • Re:Goats (Score:5, Funny)

            by StikyPad (445176) on Thursday July 27, 2006 @10:46PM (#15796255) Homepage
            That's why whenever I go to the park, I always run toward the large flocks of pigeons while flapping an umbrella and crying out "PAKAW! PAKAW!" Sure, it's a little embarrassing, and the people who get droppings on them in the ensuing mass migration get a little upset, but if it saves even one pigeon, then it's worth it.

            Unfortunately, I believe it's only scaring them away from people who charge them with umbrellas while screaming which, in my experience, is not a significant number. I fear I'll soon have to resort to more drastic measures, like holding out some popcorn and then cold-cocking the first sonofa dove that makes a lunge for it. Of course I'll tell them it's only for their own good, and it hurts me more than it hurts them.
        • Re:Goats (Score:5, Insightful)

          by b0bby (201198) on Thursday July 27, 2006 @02:21PM (#15793017) Homepage
          Yeah, that's what I do too. My neighbors also have open access points mostly. I check the logs every so often, but I've never seen anyone but me having connected. Still, if someone wants to check their email, it's there. I don't have a problem using open points to check mail while I'm travelling, might as well return the favor. I'd lock it down if someone were leeching 24/7, but I don't see any of my neighbors doing that.
          • Re:Goats (Score:5, Insightful)

            by ShawnDoc (572959) on Thursday July 27, 2006 @02:51PM (#15793320) Homepage
            You've got two problems you've overlooked. If someone uses your connection for illegal activity (downloading Meet the Fockers, kiddie porn) it will be your IP address that the RIAA/MPAA/FBI will trace. Good luck convincing them it wasn't you. You might be able to do it, but it will take up time and money (lawyers) to clear your name. And in the case of kiddie porn or other criminal act, expect every computer, PDA, and cell phone in your home to be confiscated to be analyized for incriminating data. The second problem is you are allowing strangers access to not only your Internet connection, but also your LAN. I have multiple computers and put files in shared folders so I can access them from different machines. I don't want some strange to have access to those files, or worse, have their computer be infected with a worm/virus that propogates across the network.
            • Re:Goats (Score:3, Informative)

              by cptgrudge (177113)
              Well, the whole LAN issue can be solved by a router with a DMZ. Or, segment the wireless network into a different VLAN. I have an ipcop router at home, and I would just put the wireless network in the DMZ. That way, I know that if the wireless security gets compromised, the router still protects the main network.
        • Re:Goats (Score:5, Insightful)

          by element-o.p. (939033) on Thursday July 27, 2006 @02:23PM (#15793045) Homepage
          Unfortunately, not everyone is as kind (or patched/anti-virus'ed/etc.) as your neighbors are.

          I spent three years as an abuse admin at an ISP, and spoke with a number of customers where the only likely culprit for an abuse complaint was someone "borrowing" their Wi-Fi connection (nmap [insecure.org] is a wonderful tool for finding likely infections/file sharing clients). In almost all of these cases, securing the Wi-Fi access point made the problem go away.

          It's possible that my customers were lying and that they just latched on to the Wi-Fi excuse to get me off their backs, but after three years, it (usually) wasn't too hard to tell when someone honestly had no clue and when they were covering up :)

          So *that's* why I object to people using my Wi-Fi without permission.
      • Re:Goats (Score:5, Insightful)

        by sammy baby (14909) on Thursday July 27, 2006 @01:51PM (#15792703) Journal
        If you don't secure a wireless connection that spills onto other people's property, why shouldn't they use it until told otherwise?


        Conversely, if you find someone else's unsecured wireless network, why would you complain if they decided to flip all the images?
      • Re:Goats (Score:3, Insightful)

        by Shakrai (717556)

        If you don't secure a wireless connection that spills onto other people's property, why shouldn't they use it until told otherwise?

        If your cordless phone connection spills onto their property, why shouldn't they use your base station or listen to your calls until told otherwise?

        Of course, they can't do that you'll say, because it might cost you money. Using their internet connection might cost them money! Granted, it's rare, but what if they receive internet service from celluar and pay for each megab

    • Alex? Is that you?
    • Go to one of the translation websites and type the following:

      Osama Bin Laden has just been killed and [your neighbor's name and address here] has just collected the $25 million reward from the Americans!

      Translate it into Arabic then cut-and-paste it into one of the Jihad web sites in the Middle East where the beheading videos always get uploaded to first.

      Check that your insurance papers are in order and then go take a couple days vacation a few hundred miles away
  • Liability? (Score:5, Interesting)

    by lecithin (745575) on Thursday July 27, 2006 @01:04PM (#15792203)
    What are the odds that a neighbor would use your network and then sue you for the content that your are sending to him?
  • The "upside-down" stuff was great.

    He could always have made a script to redirect every third or fourth or nth click to goatse...
  • by nick_davison (217681) on Thursday July 27, 2006 @01:06PM (#15792224)
    How can you blame people for connecting to a wireless router with the ID "Free Porn"?

    Granted, my neighbors didn't intentionally set their router up with that ID but they did leave it unsecured with the default password for the admin account. It was simply the neighborly thing to do to change their ID and resecure it with a new password (that, admittedly, they didn't know).
  • Should be legal (Score:5, Interesting)

    by gilroy (155262) on Thursday July 27, 2006 @01:07PM (#15792231) Homepage Journal
    In our topsy-turvy legal system, it might not be. :( But it should be. The nieghbors have no right to expect anything so they should have to just accept whatever the router sends them. As allegedly was said by Truman Capote:

    The trouble with living outside the law is, you put yourself beyond its protection.
    • Re:Should be legal (Score:3, Insightful)

      by larien (5608)
      Pfft, what are they going to sue you for? It's your network, you can do what the hell you want with it. If they choose to use it of their own free will, what do they expect?
      • Re:Should be legal (Score:4, Insightful)

        by edmudama (155475) on Thursday July 27, 2006 @01:34PM (#15792490)
        IANAL, but your machine is manipulating those bytes as they go by, and therefore you're tampering with their communications which may be legally protected.

        As funny as this might be, I don't see it as being worth the potential liability. If the DMCA can attempt to outlaw drawing on your CD with a sharpie, then you could get in trouble for just about anything.

    • Re:Should be legal (Score:3, Interesting)

      by kfg (145172)
      Well, yes. That's what the word "outlaw" originally meant. It was a sentence, as punishment for a crime the law formally expelled you from its oversight. The hangers on could stone you as you left the proceedings and this act would be invisible to the law.

      This is not at all the same thing as being a criminal, because a criminal still acts under the jurisdiction of the law.

      In our topsy-turvy legal system we do not have outlaws, merely criminals. You may live counter to the law, but you cannot live outside it
  • by Klaidas (981300) on Thursday July 27, 2006 @01:07PM (#15792234)
    After reading the article and it's comments, I've decided that the best would be to make it allways load an upside-down goatse
  • I redirected all their dns querries to goatse.

    I'm going to burn in hell =/
  • by MECC (8478) * on Thursday July 27, 2006 @01:09PM (#15792248)
    Could just watch their traffic, and when they try to bid on ebay, just slow their traffic down, then out bid them. They'll rue the day they tried to outbid 'yourneighborfromhell' on ebay.

  • by truedfx (802492) on Thursday July 27, 2006 @01:09PM (#15792249)
    You discover that your neighbours are using your unsecured wireless network without your permission.

    If your wireless network is unsecured, permission to use it is implied, and there are operating systems that will automatically use such networks, are there not?

    • Even if it is implied there is no implied level of service, if you decide to degrade the connection or alter the data passing through your personal equipment then thats up to you.
    • by squiggleslash (241428) on Thursday July 27, 2006 @01:56PM (#15792772) Homepage Journal

      No, it's not implied. As the law stands, it's illegal unless you get something more explicit in terms of permission. Yes, illegal. Yes, people have lost in court. No, not civil court, criminal.

      (And it makes sense that no implied permission is given by simply having your router be unsecured, given "unsecured" is the default configuration of most off-the-shelf routers.)

      It really isn't an issue in practice. If you want to use someone else's network, all you have to do is ask them. With 802.11, you're close enough to be able to do so. There's no reason not to ask, other than knowing that "no" is likely to be the answer. And I think that's why people tell themselves the myth that somehow they have implied permission simply because the "door" was left unlocked.

      • ASk who?

        How does someone know whose netowrk it is?

        It should be that if you are freely braodcasting for connections, and no effort is made to limit access, then free use is implied.

      • What cases? Because every case where this has come up, the person was charged with something else, never accessing a WAP. The guy in Tampa, was charged with something like loitering.
      • No, it's not implied. As the law stands, it's illegal unless you get something more explicit in terms of permission. Yes, illegal. Yes, people have lost in court. No, not civil court, criminal.

        I would be interested to hear of any such case. Just like the RIAA implies it is illegal to download, they have never charged a single person with downloading. I've heard of people being arrested after using an unsecured AP brought them to the attention of the authorities, but never have I seen anyone charged or t
      • Citations please (Score:3, Insightful)

        by snowwrestler (896305)
        For some of these cases you refer to.

        I'm legitimately interested in them, not just looking for a chance to bash you.
  • by Ryan Stortz (598060) <ryan0rz AT gmail DOT com> on Thursday July 27, 2006 @01:09PM (#15792252)
    One of my all-time favorites. :)

    (Mootar) morons.
    (Mootar) these people who live in my apartment complex are connected to my wireless
    (Mootar) they must think they're super-cool hackers by breaking into my completely unsecure network
    (Mootar) unfortunatly, the connection works both ways
    (Mootar) long story short, they now have loads of horse porn on their computer

    http://bash.org/?202477 [bash.org]
  • Stealing? (Score:5, Insightful)

    by SecurityGuy (217807) on Thursday July 27, 2006 @01:09PM (#15792253)
    It's as much stealing as sending the signal into their home is trespassing.

    I think you just shake your head at your failure to secure it in the first place, decide if you care, and if you do, lock it down.

    Funny way to deal with it, though.
  • by Tackhead (54550) on Thursday July 27, 2006 @01:09PM (#15792255)
    Substituting everything with Goatse or Tubgirl (Goatse was already done with airpwn [evilscheme.org] at DEFCON 12) would be funny, but Joe Sixpack would call tech support, and they'd all shrug it off saying he'd been cracked with some sort of virus.

    But can you imagine Joe Sixpack trying to explain to Pradeep that all the images in his web pages were being displayed upside-down (or better yet, blurry, or upside-down and blurry!), while all the text in the very same web pages was being displayed upside-right in crystal clarity?

    Joe Sixpack probably doesn't know the differences between images and text. Pradeep would hear the word "upside down" or "blurry" and immediately think it was a hardware problem.

    It'd probably take any of us half an hour to convince a second-tier tech that we weren't trolling him, never mind Joe Sixpack.

    I'd give my left nut to hear the support calls on this. (Particularly as I'm pretty sure that those of you in tech support have no use for my left nut. :)

  • by spyrochaete (707033) <spyrochaete.hyppy@zapto@org> on Thursday July 27, 2006 @01:10PM (#15792260) Homepage Journal
    When my neighbour mooched my wireless I had a little fun with Cain & Abel [www.oxid.it]. I got some good recipes from their private documents. Romano cheese really is better than parmesan on spaghetti!

    You can have a lot of phun with this all-in-one cracker suite. Hell, if my neighbours had a MS-SQL server or Cisco switch I could have 0wned those too!
  • Feh (Score:5, Insightful)

    by NitsujTPU (19263) on Thursday July 27, 2006 @01:10PM (#15792262)
    Improve is a relative term, but this is certainly gentler than certain other approaches.

    I don't really see the point. It's funny as a practical joke. In terms of protecting your network... why not just secure it instead?
  • Funny, yes... (Score:3, Insightful)

    by jawtheshark (198669) * <[slashdot] [at] [jawtheshark.com]> on Thursday July 27, 2006 @01:11PM (#15792282) Homepage Journal

    Frankly, if you don't want others to use your wireless, just encrypt it. Annoying freeloaders this way is pretty much childish. Set up WPA-PSK (which is much easier than WEP and more secure, AFAIK) and be done with it.

  • Secure? (Score:4, Interesting)

    by TCM (130219) on Thursday July 27, 2006 @01:11PM (#15792283)
    He already uses the notion of trusted and untrusted networks, yet he makes no effort at all to prevent 1) spoofing 2) non-IP protocols 3) access from the untrusted network to his trusted network.

    If you plan to take on others, make sure your own stuff is secure.
  • by insomniac8400 (590226) on Thursday July 27, 2006 @01:11PM (#15792284)
    It's impossible to steal unprotected wifi. If you leave your connection unprotected, that means you are purposely sharing it. Although flipping the pictures upsidedown is pure genious.
    • by realmolo (574068) on Thursday July 27, 2006 @01:19PM (#15792367)
      Hey man,

      I think that someone is redirecting your requests through a proxy server that randomly inserts the letter "o" into the word genius.

      Moran.
    • HuH? (Score:5, Insightful)

      by bennomatic (691188) on Thursday July 27, 2006 @02:28PM (#15793086) Homepage
      If I leave my bike outside unlocked for 10 minutes, am I giving explicit permission to anyone who sees it that they can take it? No. Am I allowing it to happen through negligence? Sure, but call it what it is; it's still stealing, or at least trespassing.

      Even something as amorphous as bandwidth is a limited resource. To paraphrse the head of the commerce committee, an open wireless connection is not a dump truck you can just load up with as much as you like; it's a tube!

      Sure, if you want to make sure nobody uses your tube, you should protect it. But just because you don't doesn't mean you're giving explicit permission. If I leave my bike on my front lawn without a lock and someone steals it--even if they give it back before I notice it was gone--it's still theft.

  • by blantonl (784786) on Thursday July 27, 2006 @01:18PM (#15792349) Homepage
    For those that are struggling to understand how the author of this article is accomplishing his approach, here is some further information.

    The author obviously has a Linux server in his house, that is running DHCPD [freeshell.org]

    To selectively send some clients to some locations, and others to the normal internet, he assigns an IP address on a different network to clients that don't have MAC Addresses [wikipedia.org] that he knows about.

    Forwarding on to sites of his choice is done by using IPTables [netfilter.org], which is a utility that allows you to configure the packet filtering components of the Linux TCP/IP Stack. In this instance, the Linux box is just functioning as a firewall, and he is selectively sending requests from certain IP addresses to different hosts of his chosing.

    Finally, the Up-side-down and blurry-image conversions is accomplished by sending page requests from those before-mentioned IP addresses to a proxy server, which in this case is Squid [squid-cache.org] - and then allowing the proxy server to run a script which calls an ImageMagick [imagemagick.org] command called mogrify [imagemagick.org] which allows you to resize an image, blur, crop, despeckle, dither, draw on, flip, join, re-sample, and much more.

    And that folks, is the rest of the story.
    • by hab136 (30884) on Thursday July 27, 2006 @03:37PM (#15793794) Journal
      $url = $1;
      system("/usr/bin/wget", "-q", "-O","/space/WebPages/images/$pid-$count.jpg", "$url");

      This line gives me chills. He's passing a completely unsanitized input (the bandwidth thief's URL) to a system() function.

      At least he didn't concatenate everything so that system() would run the entire string as a shell command.. then simply adding a semicolon or pair of backticks to the url would cause the system to run any command the attacker liked, including deleting all files squid has access to and running a custom backdoor. There are a lot more local root-escalation flaws than remote.

      Even without the shell character vulnerability, who knows what kind of failures you can induce out of wget given the right parameters. He should sanitize the URL before passing it out.

      There's also the possibility of a vulnerability in mogrify, given the right corrupted image file to work on. Mogrify should be run in a separate user account that has no access to anything other than the input file.

      Never trust your input, especially from an already-admitted evildoer.

      Yes, I'm paranoid - I work in information security. :)

  • Other ideas (Score:4, Funny)

    by necro2607 (771790) on Thursday July 27, 2006 @01:19PM (#15792368)
    This is hilarious! My coworker and I just sat here laughing and coming up with other great ideas for having fun with hijackers' browsing experience:

    -Occasionaly replace images with random google-image-searched images
    -Translate any text on a web page on the fly into some very English-like language but different enough to make the pages impossible to understand
    -Translate text on the fly into languages with non-arabic characters
    -The obligatory replacing all images with random porn images
    -Keep the first/last letters of every word the same, but jumble the letters in between. You have seen this site [cam.ac.uk], haven't you? ;)
    -Invert the colors of all images on the web pages
    -Convert all graphics to grayscale, or 16-color

    etc. etc.

    The possibilities are obviously pretty extensive... I think after hearing about this I'll be a little more careful with my usage of other peoples' wireless networks! ;)
  • by tdvaughan (582870) on Thursday July 27, 2006 @01:23PM (#15792392) Homepage
    I just moved into a new flat and as it took a while to get internet access, I had to "steal" someone else's wireless (although I take the position that if they want to beam radition through my property, I can do what I want with it). I took the strongest unsecured signal but because (being a sneaky bastard) I know what I would do if I ran an unsecured wireless access point I just tunnelled everything through an SSH tunnel to a proxy at work.
  • by MImeKillEr (445828) on Thursday July 27, 2006 @01:25PM (#15792404) Homepage Journal
    If you're so intent on leaving it open, I'd suggest just getting their mac address and assign it back to 169.254.x.x or 127.0.0.1. That way, if they actually do anything illegal, its not tracked to you.

    You're just flipping webpages, right? What's to stop them from getting on a P2P network and sharing/downloading files? What's to stop them from visiting illegal porn sites?

    Doing this to them will just make their internet useless. Not as funny, but safer IMO.

    Another thought: Is there some way to randomly route their requests to a totally different webpage? Say they want to go to Google, etc. Is there some way to redirect their request to a randomly-generated (but real) URL? I'd suggest something in a foreign country.

  • Open Networks (Score:5, Interesting)

    by Elektroschock (659467) on Thursday July 27, 2006 @01:26PM (#15792422)
    sorry, I am a supporter of open networks. I think the freifunk olsr-protocol approach of open wireless networks [freifunk.net] is best. We don't need internet providers and we don't need internet provider which leak our communication data to the governments and endanger the freedom of the net. The net should be a net and wireless technology is great for the creation of a real P2P internet.

    I cannot support any action against people who use your network. It is against my understanding of hacker ethics. When you don't like it then close your network. But no childish games please.

    I may even say that I find it unethical to exclude your neighbours from using your network but I respect your opinions. When your network is open it means: Be free to use it. Not: You can use it but I will fuck up or intercept your communication.
  • blurry-net (Score:5, Funny)

    by Sloppy (14984) on Thursday July 27, 2006 @01:35PM (#15792515) Homepage Journal

    At first, I thought there were way too many screenshots. I mean, ok, we get it. But then at the bottom of the FA, it pays off. After the dumb kitten and upside-down stuff (where they know someone is fucking with them) we get to the treasure: blurry-net. That's subtle and I love it. The ideal prank for the proverbial Man In The Middle would be to do things to confuse the endpoints, not merely annoy them.

    The next step is to spy on them and see what websites they visit, and then insert some fake content one day. For example, if they use it to read CNN, insert a casual story about a nuclear weapon getting used in the Middle-East or South Asia, or a story about the president of USA selecting a new vice-president due to the assassination last week ("What?! I didn't hear about that!"), or the CDC in Atlanta is investigating the recent rash of improbable claims about the dead returning to life to feast on the flesh of the living, etc. If they visit Slashdot, then the jig is probably up, but maybe it would be great to have a story where a security study found Windows98 to kick OpenBSD's ass and then a bunch of comments where everyone agrees that the findings pretty much match their own experience, along with complains about "how is this news for nerds?!"

  • by spaceyhackerlady (462530) on Thursday July 27, 2006 @01:38PM (#15792553)

    Reminds me of my first run-in with wireless at home.

    After noting that the same bozos kept connecting to my network as soon as I powered it up, I tried configuring the wireless router to only accept the MAC addresses of my computers. No dice: at best it didn't work, at worst the router locked up and I had to do a hard reset.

    So I phoned tech support. Rather than answering my question ("Why can't I lock the router to specific MAC addresses?") they proceeded to attempt to walk me through setting up WEP. I told them that wasn't what I wanted to do, that it was my router, my network, and I did in fact know a thing or two about networks. Eventually 2nd level tech support called and admitted that locking to MAC addresses was broken, and they had no ETA for a fix. I took the router back and bought one from a different manufacturer. It works fine.

    I still like the idea of leaving part of it public and dispensing scrambled content...LOL!

    ...laura

  • by Anonymous Coward on Thursday July 27, 2006 @01:46PM (#15792641)
    Network freeloaders put themselves at risk... It would be trivial for someone to set up a "Free Internet" wireless AP and then run phishing attacks, sniff IM conversations, e-mail, etc. Considering how little the average internet user even pays attention to SSL, one could very easily imitate a bank, ebay, paypal, etc... One should certainly think twice before freeloading on someone's wireless network - and if you do, at least tunnel your connection securely (even socks5 over an SSH tunnel, etc)..

  • Frame this (Score:5, Funny)

    by Midnight Thunder (17205) on Thursday July 27, 2006 @02:12PM (#15792934) Homepage Journal
    I suppose you could also add a frame to every page and then sell advertising space. Since you probably know a bit about your neighbour it is much easier make targeted advertising. Of course you could always make the top frame read:

          "This is borrowed bandwidth. Have you thought about getting your own connection."

    Oh and make sure it is flashing. Actually you could make it so that the whole content flash. Now that would be annoying.
  • by jpellino (202698) on Thursday July 27, 2006 @02:13PM (#15792946)
    Upside down is cute, but blurry is just too fantastic.
    You know they were on the horn to the vendor after punching every monitor control and several loud screaming matches and an expensive service call for a monitor that then worked just fine on the bench...
    As a webmaster I can now say April 1 just got very far away...
  • Poor neighbors.... (Score:4, Insightful)

    by natet (158905) on Thursday July 27, 2006 @02:35PM (#15793155)
    This was hillarious. I loved the upside-down images! The comments for this story have been entertaining...

    However, I suspect the neighbor of just not understanding how things work. I'll bet they set up a wireless access point in their house, put in the wireless card, and fired up the machine, which connected to the first network it could see, and they assumed it was theirs.
  • by qazwart (261667) on Thursday July 27, 2006 @02:48PM (#15793284) Homepage
    What would be the legal implications if your neighbor decided to use your WiFi connection to do illegal activities? What would be your liability? Especially if you already knew that your neighbor was using your WiFi access? It's one of the reasons I clapped down on my WiFi access. That can also be one of the problems of having "fun" with your neighbor's free loading your WiFi access. You can't use the claim you didn't know they were doing it.

    I also don't buy the idea that "if they didn't secure it, it's an invitation to use it." If I leave my front door unlocked or left a window open, I still don't expect the neighbors to come right in and rummage around my icebox. You certainly won't be successful in that argument if they complained to the police.

    If you want to piggy back on someone's network, ask first. It's not that hard to do, and most people don't mind.

    If you want to open your network to the public, divide it into two networks (one secured and one unsecured), close potential trouble ports, and direct everyone to an opening page where you make no claims of any warrenty for service, and that your network can only be used for legal purposes. That'll protect you from most legal problems.

Weekends were made for programming. - Karl Lehenbauer

Working...