http://www.theregister.co.uk/2008/04/24/neighborhood_network_watch_unmasked/ By Dan Goodin in San Francisco The Register 24th April 2008 Emery Martin is a man on a mission. The 23 year-old resident of Brooklyn has spearheaded the Neighborhood Network Watch, a grassroots group advocating the monitoring by volunteers of open Wi-Fi networks "to make sure that terrorists may not be using your own home network to plan the next attack on our nation or your very own community". But there's an important catch: Martin's group, which claims to be supported by the US Department of Homeland Security, isn't for real. Rather, it's a sprawling art project and master's thesis cooked up by Martin to stimulate thought about how networks operate and the ability for them to be surveiled. "The point that I'm making is raising awareness and critical engagement," explains Martin, who is a graduate student in the Interactive Telecommunications Program at New York University's Tisch School of the Arts. "What are the potential things that are lurking in technology itself, and how do they allow control and power?" The site includes a primer that teaches laymen how to sniff wireless networks using programs like TCPDUMP and WinDump and explains how to use wardriving applications like Net Stumbler and Kismet to find open networks. "Since these networks often times are unsecured or offered as a free service to the public it allows any individual to use them, including terrorists," the site argues. It includes a Wiki that can be used to upload dumps of packets monitored from open networks in a volunteer's vicinity. With a template that's taken straight from the DHS website [1], the Neighborhood Network Watch site [2] was convincing enough to prompt a discussion about it on a Security Focus mailing list. 'Set your watch back 24 years' "From the 'Set your watch back 24 years' department," one participant wrote [3], in an apparent reference to the George Orwell novel 1984. "This has to be invasion of privacy in its purest form," a Reg tipster wrote in an email. "Please tell me this schmuck is not affiliated with the Department of Homeland Security." Indeed, Martin doesn't have any ties to the DHS. But in an environment where Congress is actively considering handing out immunity to telecom companies [4] that cooperated with warrantless government wiretaps, he doesn't think groups like the one he fabricated are all that far-fetched. "It could potentially happen in communities that are already invested in that ideology or don't question the motives behind such government policies," he says. Of course, there are plenty of tell-tale signs taht the site is a hoax. It has no director listed, includes no contact information and the contact listed on whois records for the domain name is a jollyrogerjonesy at a gmail account. Martin also included a video and other statements with rhetoric so over the top that anyone looking long enough would figure out the hoax. Still, he says the ambiguity, is part of the point. "The fact [some people don't] get it isn't necessarily a bad thing," he says. "It is based very heavily on generating fear and paranoia. If someone is that concerned about it, that's good. Eventually, they'll be able to figure it out." ® [1] http://www.dhs.gov/ [2] http://dhsnnw.org/ [3] http://www.derkeiler.com/Mailing-Lists/securityfocus/pen-test/2008-04/msg00110.html [4] http://www.theregister.co.uk/2008/03/14/fisa_bill_passed/ _______________________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
This archive was generated by hypermail 2.1.3 : Mon Apr 28 2008 - 00:17:43 PDT