http://www.canada.com/search/story.aspx?id=25c5ce8f-6388-46ea-9741-65a7f3593c47 Jim Bronskill The Ottawa Citizen February 13, 2003 Two Alberta men with a passion for locating and mapping wireless computer networks have come under the scrutiny of Canada's spy agency. Newly obtained documents show the Canadian Security Intelligence Service took careful note last summer as computer hobbyists Jason Kaczor and Brad Haines invited participants to help find access points to wireless networks in Red Deer, Alta. The high-tech phenomenon, known as war driving or net stumbling, involves cruising around a neighbourhood in search of networks in a car equipped with a laptop, wireless networking gear and a global positioning unit. In a confidential intelligence report, CSIS painted the activity as a threat to the security of sensitive information. Many organizations in the retail, health care, education and financial services sectors have adopted the use of wireless networks due to their ease of installation, low cost and portability, CSIS noted in the August report. "Hackers can break into wireless computer networks in homes, businesses and government offices using a laptop or portable PC, an antenna, a wireless access card and wireless-sensing software," the report said. "Wireless technology makes it easier for system intruders to search for data and invade the privacy of network users, since computer networks have no physical barriers." A declassified version of the report was released to the Citizen under the Access to Information Act. Such CSIS briefs are distributed to key federal departments, selected police services and other intelligence agencies. The report said a number of cities in British Columbia, Alberta, Saskatchewan, Ontario and Nova Scotia had already been the focus of war-driving activity and the results were presented on Web sites. CSIS singled out "a computer enthusiast from Edmonton" -- a reference to Mr. Haines, who goes by the nickname Render -- as preparing an Aug. 21 press release about the Red Deer event, adding he "stated that wireless networks in Calgary, Edmonton and other communities in Alberta had been mapped but that no one had done a significant scan of Red Deer." Mr. Kaczor and Mr. Haines insist the Aug. 31 Red Deer initiative, part of the first international war driving day, was intended to raise awareness about the potential security pitfalls of wireless networks -- not to breach systems or exploit confidential information. Mr. Kaczor, a Calgary computer consultant, is offended by the CSIS report's tone, considering he has invested time, money and his professional reputation in what he deems a rather thankless task. He compares war driving to birdwatching, whereas breaking into a wireless network would be analogous to duck hunting. CSIS has blurred the line between the two activities, Mr. Kaczor said in an interview. "I'm upset that they don't make that distinction between detection and access." The press release, which also included Mr. Kaczor's name and contact information, featured the tongue-in-cheek headline "Wireless hackers invade Red Deer!" But it also stressed the usefulness of the exercise. "While there are no prizes, no rules and definitely no glamour, this activity is constructive in that it raises awareness with regards to: privacy, security (or alternatively a complete lack of security), and the growing number of wireless networks sending information over, around and through an area." Mr. Haines sees war driving as beneficial to CSIS because it points out network vulnerabilities. "We're actually out to help them in their job, because we've already done a lot of the legwork for them," he said. "It's perfectly legitimate, it's fun. Nobody's being hurt by it, in fact they're gaining knowledge from it." He was particularly surprised at the attention from the spy agency in light of an encounter at a computer hackers convention in Las Vegas last summer. Mr. Haines met a woman he believes was a Canadian intelligence officer doing research on wireless security tools. "Her job was to test out hardware and software for their use." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 25 2003 - 08:32:56 PST