Email Delivery

Receive new posts as email.

Email address

Syndicate this site

RSS | Atom

Contact

About This Site
Contact Us
Privacy Policy

Search


November 2010
Sun Mon Tues Wed Thurs Fri Sat
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30        

Stories by Category

Basics :: Basics
Casting :: Casting Listen In Podcasts Videocasts
Culture :: Culture Hacking
Deals :: Deals
FAQ :: FAQ
Future :: Future
Hardware :: Hardware Adapters Appliances Chips Consumer Electronics Gaming Home Entertainment Music Photography Video Gadgets Mesh Monitoring and Testing PDAs Phones Smartphones
Industry :: Industry Conferences Financial Free Health Legal Research Vendor analysis
International :: International
Media :: Media Locally cached Streaming
Metro-Scale Networks :: Metro-Scale Networks Community Networking Municipal
Network Types :: Network Types Broadband Wireless Cellular 2.5G and 3G 4G Power Line Satellite
News :: News Mainstream Media
Politics :: Politics Regulation Sock Puppets
Schedules :: Schedules
Security :: Security 802.1X
Site Specific :: Site Specific Administrative Detail April Fool's Blogging Book review Cluelessness Guest Commentary History Humor Self-Promotion Unique Wee-Fi Who's Hot Today?
Software :: Software Open Source
Spectrum :: Spectrum 60 GHz
Standards :: Standards 802.11a 802.11ac 802.11ad 802.11e 802.11g 802.11n 802.20 Bluetooth MIMO UWB WiGig WiMAX ZigBee
Transportation and Lodging :: Transportation and Lodging Air Travel Aquatic Commuting Hotels Rails
Unclassified :: Unclassified
Vertical Markets :: Vertical Markets Academia Enterprise WLAN Switches Home Hot Spot Aggregators Hot Spot Advertising Road Warrior Roaming Libraries Location Medical Public Safety Residential Rural SOHO Small-Medium Sized Business Universities Utilities wISP
Voice :: Voice

Archives

November 2010 | October 2010 | September 2010 | August 2010 | July 2010 | June 2010 | May 2010 | April 2010 | March 2010 | February 2010 | January 2010 | December 2009 | November 2009 | October 2009 | September 2009 | August 2009 | July 2009 | June 2009 | May 2009 | April 2009 | March 2009 | February 2009 | January 2009 | December 2008 | November 2008 | October 2008 | September 2008 | August 2008 | July 2008 | June 2008 | May 2008 | April 2008 | March 2008 | February 2008 | January 2008 | December 2007 | November 2007 | October 2007 | September 2007 | August 2007 | July 2007 | June 2007 | May 2007 | April 2007 | March 2007 | February 2007 | January 2007 | December 2006 | November 2006 | October 2006 | September 2006 | August 2006 | July 2006 | June 2006 | May 2006 | April 2006 | March 2006 | February 2006 | January 2006 | December 2005 | November 2005 | October 2005 | September 2005 | August 2005 | July 2005 | June 2005 | May 2005 | April 2005 | March 2005 | February 2005 | January 2005 | December 2004 | November 2004 | October 2004 | September 2004 | August 2004 | July 2004 | June 2004 | May 2004 | April 2004 | March 2004 | February 2004 | January 2004 | December 2003 | November 2003 | October 2003 | September 2003 | August 2003 | July 2003 | June 2003 | May 2003 | April 2003 | March 2003 | February 2003 | January 2003 | December 2002 | November 2002 | October 2002 | September 2002 | August 2002 | July 2002 | June 2002 | May 2002 | April 2002 | March 2002 | February 2002 | January 2002 | December 2001 | November 2001 | October 2001 | September 2001 | August 2001 | July 2001 | June 2001 | May 2001 | April 2001 |

Recent Entries

DD-WRT Ported to WRT54Gv5 by Linux Developers
Researchers Find Way to Hack Laptop through Wi-Fi Driver
Venezuelans Set World Wi-Fi Record?
The L in Linksys WRT54GL Stands for Linux
Treo 650 Wi-Fi Hack
The Legality of Wardriving
Insecurity through Clarity
Warkayaking
Wi-Fi's Function Starts to Infiltrate Homes
NetStumbler 0.4.0 Released

Site Philosophy

This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator. Part of the FM Tech advertising network.

Copyright

Entire site and all contents except otherwise noted © Copyright 2001-2010 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.

Powered by
Movable Type

Recently in Hacking Category

June 26, 2006

DD-WRT Ported to WRT54Gv5 by Linux Developers

By Glenn Fleishman

The new firmware can be installed over the VxWorks operating system found in the Linksys WRT54G version 5 router: This router caused some irritation among those who wanted to use it with modified firmware that worked in version 4 and earlier, which relied on embedded Linux and contained double the volatile and flash memory. Linksys says it shaved costs on memory because the Linux they used couldn't be shrunk enough. (For more on this, see this very long set of comments on a thread I started after having reproducible, continuous problems with two newer Linksys devices that use VxWorks.)

Linksys did recognize the interest among the open-source and community wireless movement, and added the WRT54GL to its line-up, which is essentially the WRT54G v4--and which sells for about $20 more than the v4 and v5.

This latest wrinkle allows a non-reversible installation of a very compact version of the DD-WRT distribution. However, this is clearly a step along the road to more functionality. Making code smaller is always tricky because it often means stepping down below high-level programming languages to optimize inefficient libraries, which in turn requires much more testing and is harder to debug. (Take it from a guy who cut his teeth on 6502 machine language.)

Posted by Glenn Fleishman at 6:53 PM | Permanent Link | Categories: Hacking, Open Source

June 21, 2006

Researchers Find Way to Hack Laptop through Wi-Fi Driver

By Glenn Fleishman

Details are few because the researchers are withholding the goods until an Aug. 2 presentation at the Black Hat USA 2006 conference: The two researchers--one with ISS and the other at the US Naval postgrad school--say that they have uncovered techniques that allow them to hack into a laptop through flaws in the driver software that manages the way in which the radio interprets signals and passes them to the operating system. Most horrifying? Half the flaws they found don't require the Wi-Fi adapter to be connected to a network--just active.

Posted by Glenn Fleishman at 11:37 PM | Permanent Link | Categories: Hacking, Security

April 26, 2006

Venezuelans Set World Wi-Fi Record?

By Glenn Fleishman

Venez060426Let's trust their reporting, but it's an informal record: A team in Venezuela went up a mountain and came down the unofficial holders of the longest Wi-Fi link record at 167 miles. They used Linksys WRT54G using open-source firmware (DD-WRT) using retrofitted satellite parabolic dishes.

When I read this story initially I thought, well they may have used Wi-Fi protocols, but this isn't Wi-Fi in the sense of regulation-conforming unlicensed use within the signal limits. The last Wi-Fi distance winner, Cincinnati teenagers who created a 125-mile link for DefCon's Wi-Fi Shootout, clearly exceed Part 15 rules, but claim they were using Part 97 (amateur radio) rules. Part 97 ain't regular Wi-Fi.

But I ran the math for the South American claim of 279 kilometers (167 miles), and it seems to check out under FCC Part 15 rules. I don't know whether Venezuela is regulated in the same fashion, however.

They said they were using 100 mW output from the Linksys WRT54G with a very short cable to reduce signal loss. Their antennas they calculate at 32 dBi, although that's a rough number. That gives them an extremely high EIRP (effective isotropic radiated power) of 158 W, which seems very high. I went to look up the FCC Part 15 rules and found that rule 15.247 allows a 30 dBi antenna with a 22 dBm or 158 mW power-at-antenna signal. With no amplifier between the Linksys and the antenna, I believe they qualify there. So they might be slightly over on the antenna gain, but this allows them an EIRP of up to 158. So far, so good.

The next question would be link budget: with two identical setups over the 270 kilometers of the test they set up with an unimpeded Fresnel zone--no obstacles through the entire spread beam between the two locations--they have a pretty clear formula. Assuming 20 dBm (100 mW) at the Linksys, a very small -3 dB cable loss, two 30 dBi antennas, and a 149 dB of free-space loss, with a receiver sensitivity of -85 dBm (which checks out with what they saw)...they have a 10 dB link budget. Which should be sufficient for a test.

If any of these numbers are off by a relatively small percentage, they'd be violating the law or the test wouldn't work. But it's a fairly impressive link at the edges of what (at least in the US) is legal and certainly what's possible.

I'm not an engineer, and thus I may have made errors in my assumptions. Please add notes in the comments if you'd like to correct my math or figures. (I used this WLAN Link Planner for link budget, this reference for Part 15.247, and this EIRP calculator.)

Posted by Glenn Fleishman at 7:25 AM | Permanent Link | Categories: Hacking, International, Unique | 2 Comments

December 1, 2005

The L in Linksys WRT54GL Stands for Linux

By Glenn Fleishman

SatelliteThe Linux flavor of the WRT54G is still in production, despite newer VxWorks-based version: Good news for the community of hackers, developers, and experimenters who rely on the Linksys WRT54G to power their projects: while the product sold under this model number will no longer use the Linux operating system as its basis, Linksys has created an offshoot model that will continue down the Linux path under the name WRT54GL.

The WRT54G in versions 1 through 4 used free and open-source software components for its embedded operating system and most of its functions. After some negotiation a few years ago, Cisco's Linksys division released all the code they had modified as they were ostensibly required to under the terms of the GPL (General Public License) and other software licenses for components they had used. Wireless hackers immediately figured out how to replace the baked-in firmware with their own firmware images to take advantage of the WRT54G's low cost and high availability. This appeared to end with the November 2005 release of v5, which switched to a proprietary OS while halving the RAM in the unit.

The new Linksys WRT54GL, however, is the v4 version of WRT54G stabilized on Linux. It will list for $79 MSRP (Amazon.com has it in stock for $71) and Linksys expects to sell 10,000 of them per month. The firmware for the WRT54GL (version 4.30.0) is already up on the Linksys GPL Code Center. Some folks on Slashdot have complained about the price difference between this perpetuated Linux model and the cheaper proprietary OS WRT54G--but that's how the market economy works. With 120,000 potential sales per year or $8,500,000 in gross retail sales, a competitor could engineer a better box for that market.

In an interview with Linksys, they told me that they had this model in the works for some time, but didn't want to tip their hand until shipping product was available in the channel. Company spokespeople emphasized that while the "GL" model can be flashed, they don't support any firmware but what Linksys officially releases. Still, they've kept a Linux model because the market is there for it. Linksys confirmed what some analysis firms have been saying: to their knowledge, the WRT54G is the single bestselling model of Wi-Fi gateway in the world. I'm not sure what model gets the No. 2 nod.

Peter Rysavy wrote in Network Computing today about his disappointment with the disappearance of the Linux-based WRT54G--he didn't get feedback from Linksys before he filed his piece--and what he sees as the lower-stability of the licensed VxWorks operating system that underlies the v5 release of the gateway. (I've heard this from others, including a colleague as recently as yesterday.) VxWorks is a closed-source system that Linksys told LinuxDevices.com uses half the RAM of the embedded Linux OS. This lets them conserve costs in a commoditized market in which they sell hundreds of thousands of WRT54Gs per month--every dollar saved is millions a year recouped.

Linksys, by the way, didn't develop their embedded Linux, but in turn licensed it from Broadcom, who created the Linux-based code for its reference design. Reference designs are built by chipmakers to provide a ready-to-go product that incorporates their chips. They can often be bid out and built without much effort beyond designing a case and customizing or replacing an installation wizard.

Posted by Glenn Fleishman at 12:51 PM | Permanent Link | Categories: Hacking | 16 Comments

December 17, 2004

Treo 650 Wi-Fi Hack

By Glenn Fleishman

Treo 650 users don't need to wait to use Wi-Fi: PalmOne promised Wi-Fi drivers for their Wi-Fi SD card at some point, but a developer hacked a Tungsten driver to give that functionality now. [via Engadget]

Posted by Glenn Fleishman at 10:58 AM | Permanent Link | Categories: Cellular, Hacking, Hardware | 2 TrackBacks

September 13, 2004

The Legality of Wardriving

By Nancy Gohring

The Virginia Journal of Law & Technology has published an article about wardriving: I confess that I haven't had the chance to read the whole piece, but the author concludes that wardriving is legal and that hackers are informally developing an ethical code that demarcates between essentially identifying hotspots and stealing information transmitted over the networks. The article cites some historical court cases surrounding wardrivers and looks at the positive changes in vendor security standards that wardrivers have affected.

Posted by Nancy Gohring at 10:01 AM | Permanent Link | Categories: Hacking

June 24, 2004

Insecurity through Clarity

By Glenn Fleishman

World Wide Wardrive finds most access points unprotected: The fourth week-long international wardrive found 288,000 access points in their survey, more than 50 percent of which had no security enabled. Since these were passive scans, it's impossible to tell whether those access points were inside or outside corporate firewalls, and thus not open portals, but it's likely that the overwhelming majority were just plain open. Nearly 30 percent had the default SSID or network name set.

Posted by Glenn Fleishman at 9:46 PM | Permanent Link | Categories: Hacking, Security

June 22, 2004

Warkayaking

By Glenn Fleishman

Watch out, houseboat dwellers and nearby shore residents: sniffing hits human-powered water vehicles!: In my hometown of Seattle, some intrepid souls pack their gear in plastic bags and kayak around Lake Union, a mid point in the connected bodies of water from Elliot Bay through to Lake Washington. Lake Union is home to high tech and biomed companies around the periphery and houseboats and marinas directly on it. The lake is a little dodgy--I wouldn't want to swim in it--but it's a pretty view from the shore or out in it.

Warkayaking is the latest variant in the war- prefix series of sniffing Wi-Fi signals from various places or indicating the presence of Wi-Fi through various means. There's been warflying, wardriving, warchalking, and even warwalking.

Posted by Glenn Fleishman at 4:32 PM | Permanent Link | Categories: Hacking | 1 TrackBack

June 18, 2004

Wi-Fi's Function Starts to Infiltrate Homes

By Glenn Fleishman

Wi-Fi isn't just for networking any more: devices hang off home networks for audio, video, voice: Julio Ojeda-Zapata files a round-up of the transformation of a home wireless network from an early adopter's geeky add-on to a mass-market offering with support from companies like Comcast and Qwest. Remember when cable firms threatened users who shared their network connections with their families?

Ojeda-Zapata notes the increasing variety of devices that can use Wi-Fi networks as their Internet or local network feed, including Apple's new AirPort Express for beaming music to home stereos, Microsoft's Media Center Extender for their home entertainment hub, and Gateway's streaming DVD player.

Posted by Glenn Fleishman at 8:56 PM | Permanent Link | Categories: Hacking, Home, Mainstream Media

April 21, 2004

NetStumbler 0.4.0 Released

By Glenn Fleishman

Long-awaiting update to NetStumbler appears: The program's developer notes using extreme understatement: Since I released NetStumbler 0.3.30, I have experienced birth, death, illness, new job, and increased bandwidth costs. None of these will be helped by the arrival of both NetStumbler and MiniStumbler versions 0.4. Download and enjoy. Sorry it took so long.

The NetStumbler (Windows) and MiniStumbler (Pocket PC) applications let you scan for access points and record information about them, such as their unique interface address and whether security is enabled. You can pair scans with a GPS to build location-based awareness. [link via Gizmodo]

Simultaneously, iStumbler 84 was released for Mac OS X 10.3.

Posted by Glenn Fleishman at 12:22 PM | Permanent Link | Categories: Hacking

December 19, 2003

Hackers Worked Wi-Fi Planet

By Nancy Gohring

AirDefense monitored the air at Wi-Fi Planet and found a huge number of security breaches: The company saw 21 attempted man-in-the-middle attacks, of which 16 were successful. The rest of the numbers are pretty shocking. In just one day, AirDefense also found 75 denial-of-service attacks targeted at APs, 125 attempted identity thefts by spoofing MAC addresses and 24 fake AP attacks.

With that kind of activity, you'd better use the best security options you've got. But most people didn't. Only 6 percent of corporate email downloads used a VPN and 89 laptops were configured to allow ad hoc networking. I think this kind of data is an argument for not using Wi-Fi in an environment like Wi-Fi Planet unless you know how to secure your laptop.

Posted by Nancy Gohring at 11:31 AM | Permanent Link | Categories: Hacking | 2 TrackBacks

November 24, 2003

Once a Hacker, Always a Hacker...

By Nancy Gohring

The cops late last week arrested a third man accused of breaking into Lowe's Wi-Fi network and stealing credit card numbers: This one is not released on bond because in 2000 he was one of the first to be charged under Michigan's computer crime law for hacking into a local ISP.

I'm still really curious to know how secure Lowe's network was. While clearly these guys shouldn't have done what they did, Lowe's has some responsibility for making the network at least reasonably secure. Otherwise, it's an attractive menace.

Posted by Nancy Gohring at 10:24 AM | Permanent Link | Categories: Hacking

November 12, 2003

Busted

By Nancy Gohring

A couple guys got nailed for hacking into Lowe's national computer system using a Wi-Fi connection from the parking lot of one of the stores: They're accused of changing files, stealing credit card info and installing malicious software. TechDirt wonders if those accusations are unfounded and if the press is going to have a field day with this.

This may offer an interesting case to watch. The original story says that the guys have been charged with causing damage to a protected computer system. I wonder how the court will define a protected Wi-Fi network. Will WEP count?

Posted by Nancy Gohring at 9:44 AM | Permanent Link | Categories: Hacking

Main Index | Archives