[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Unmasking the Neighborhood Network Watch
From: InfoSec News <alerts () infosecnews ! org>
Date: 2008-04-28 7:10:15
Message-ID: Pine.LNX.4.61.0804280210040.18463 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.theregister.co.uk/2008/04/24/neighborhood_network_watch_unmasked/
By Dan Goodin in San Francisco
The Register
24th April 2008
Emery Martin is a man on a mission. The 23 year-old resident of Brooklyn
has spearheaded the Neighborhood Network Watch, a grassroots group
advocating the monitoring by volunteers of open Wi-Fi networks "to make
sure that terrorists may not be using your own home network to plan the
next attack on our nation or your very own community".
But there's an important catch: Martin's group, which claims to be
supported by the US Department of Homeland Security, isn't for real.
Rather, it's a sprawling art project and master's thesis cooked up by
Martin to stimulate thought about how networks operate and the ability
for them to be surveiled.
"The point that I'm making is raising awareness and critical
engagement," explains Martin, who is a graduate student in the
Interactive Telecommunications Program at New York University's Tisch
School of the Arts. "What are the potential things that are lurking in
technology itself, and how do they allow control and power?"
The site includes a primer that teaches laymen how to sniff wireless
networks using programs like TCPDUMP and WinDump and explains how to use
wardriving applications like Net Stumbler and Kismet to find open
networks. "Since these networks often times are unsecured or offered as
a free service to the public it allows any individual to use them,
including terrorists," the site argues. It includes a Wiki that can be
used to upload dumps of packets monitored from open networks in a
volunteer's vicinity.
With a template that's taken straight from the DHS website [1], the
Neighborhood Network Watch site [2] was convincing enough to prompt a
discussion about it on a Security Focus mailing list.
'Set your watch back 24 years'
"From the 'Set your watch back 24 years' department," one participant
wrote [3], in an apparent reference to the George Orwell novel 1984.
"This has to be invasion of privacy in its purest form," a Reg tipster
wrote in an email. "Please tell me this schmuck is not affiliated with
the Department of Homeland Security."
Indeed, Martin doesn't have any ties to the DHS. But in an environment
where Congress is actively considering handing out immunity to telecom
companies [4] that cooperated with warrantless government wiretaps, he
doesn't think groups like the one he fabricated are all that
far-fetched.
"It could potentially happen in communities that are already invested in
that ideology or don't question the motives behind such government
policies," he says.
Of course, there are plenty of tell-tale signs taht the site is a hoax.
It has no director listed, includes no contact information and the
contact listed on whois records for the domain name is a
jollyrogerjonesy at a gmail account. Martin also included a video and
other statements with rhetoric so over the top that anyone looking long
enough would figure out the hoax.
Still, he says the ambiguity, is part of the point.
"The fact [some people don't] get it isn't necessarily a bad thing," he
says. "It is based very heavily on generating fear and paranoia. If
someone is that concerned about it, that's good. Eventually, they'll be
able to figure it out." ®
[1] http://www.dhs.gov/
[2] http://dhsnnw.org/
[3] http://www.derkeiler.com/Mailing-Lists/securityfocus/pen-test/2008-04/msg00110.html
[4] http://www.theregister.co.uk/2008/03/14/fisa_bill_passed/
_______________________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic