[ISN] Unmasking the Neighborhood Network Watch

From: InfoSec News (alerts@private)
Date: Mon Apr 28 2008 - 00:10:15 PDT


http://www.theregister.co.uk/2008/04/24/neighborhood_network_watch_unmasked/

By Dan Goodin in San Francisco
The Register
24th April 2008 

Emery Martin is a man on a mission. The 23 year-old resident of Brooklyn 
has spearheaded the Neighborhood Network Watch, a grassroots group 
advocating the monitoring by volunteers of open Wi-Fi networks "to make 
sure that terrorists may not be using your own home network to plan the 
next attack on our nation or your very own community".

But there's an important catch: Martin's group, which claims to be 
supported by the US Department of Homeland Security, isn't for real. 
Rather, it's a sprawling art project and master's thesis cooked up by 
Martin to stimulate thought about how networks operate and the ability 
for them to be surveiled.

"The point that I'm making is raising awareness and critical 
engagement," explains Martin, who is a graduate student in the 
Interactive Telecommunications Program at New York University's Tisch 
School of the Arts. "What are the potential things that are lurking in 
technology itself, and how do they allow control and power?"

The site includes a primer that teaches laymen how to sniff wireless 
networks using programs like TCPDUMP and WinDump and explains how to use 
wardriving applications like Net Stumbler and Kismet to find open 
networks. "Since these networks often times are unsecured or offered as 
a free service to the public it allows any individual to use them, 
including terrorists," the site argues. It includes a Wiki that can be 
used to upload dumps of packets monitored from open networks in a 
volunteer's vicinity.

With a template that's taken straight from the DHS website [1], the 
Neighborhood Network Watch site [2] was convincing enough to prompt a 
discussion about it on a Security Focus mailing list.


'Set your watch back 24 years'

"From the 'Set your watch back 24 years' department," one participant 
wrote [3], in an apparent reference to the George Orwell novel 1984. 
"This has to be invasion of privacy in its purest form," a Reg tipster 
wrote in an email. "Please tell me this schmuck is not affiliated with 
the Department of Homeland Security."

Indeed, Martin doesn't have any ties to the DHS. But in an environment 
where Congress is actively considering handing out immunity to telecom 
companies [4] that cooperated with warrantless government wiretaps, he 
doesn't think groups like the one he fabricated are all that 
far-fetched.

"It could potentially happen in communities that are already invested in 
that ideology or don't question the motives behind such government 
policies," he says.

Of course, there are plenty of tell-tale signs taht the site is a hoax. 
It has no director listed, includes no contact information and the 
contact listed on whois records for the domain name is a 
jollyrogerjonesy at a gmail account. Martin also included a video and 
other statements with rhetoric so over the top that anyone looking long 
enough would figure out the hoax.

Still, he says the ambiguity, is part of the point.

"The fact [some people don't] get it isn't necessarily a bad thing," he 
says. "It is based very heavily on generating fear and paranoia. If 
someone is that concerned about it, that's good. Eventually, they'll be 
able to figure it out." ®


[1] http://www.dhs.gov/
[2] http://dhsnnw.org/
[3] http://www.derkeiler.com/Mailing-Lists/securityfocus/pen-test/2008-04/msg00110.html
[4] http://www.theregister.co.uk/2008/03/14/fisa_bill_passed/



_______________________________________________      
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Mon Apr 28 2008 - 00:17:43 PDT