[ISN] RenderMan to the rescue

From: InfoSec News <alerts_at_private>
Date: Thu, 24 Jul 2008 04:02:33 -0500 (CDT)

Globe and Mail Update
July 22, 2008

One day last December, Brad Haines pulled a long black trench coat over 
his black shirt and pants, perched his trademark black fedora on top of 
his straight, shoulder-length hair and strapped on a backpack filled 
with a laptop and other electronics. And, like many people in Edmonton 
during the holiday season, he headed to the West Edmonton Mall.

The mall is home to more than 800 stores and occupies a space equivalent 
to roughly 48 city blocks, so Haines knew he'd have no trouble finding 
gifts. But he wasn't here to shop. No, this expedition was all work. His 
mission: Take a "warwalk" of North America's largest mall, using his 
equipment to search out unsecured wireless networks as he walked past 
the building's stores. (Do it in a car and it's called wardriving; on 
public transit, it's warriding.) The point of wardriving isn't to 
actually access anyone's wireless network.that could result in 
warjailing. Rather, the idea is to simply survey the number of wireless 
networks within the building, evaluate their level of security and alert 
the owners to any vulnerabilities.

Haines, 28, had been wardriving through the streets of Edmonton since 
2002 and had catalogued roughly 80,000 wireless networks, whether 
home-based or those belonging to companies. But the mall represented 
uncharted territory. "Nobody had done a good wireless survey of the West 
Edmonton Mall, and if you throw in Christmas shopping crowds, it's a 
little more interesting," he says. "Everything lined up for a really 
good guerrilla analysis, because you have big crowds and a massive 
amount of spending going on. If you're thinking as an attacker, that's 
the time of year you want to do something, because there are so many 
more targets."

Haines's fondness for wardriving, plus his all-black "uniform," would 
lead the average executive to conclude that he's a nefarious hacker. But 
since he first began mapping WiFi networks in and around Edmonton, 
Haines has become well known as a wireless security expert, often 
consulting for companies and government agencies (non-disclosure 
agreements prevent him from naming names). And he's regularly invited to 
speak at major security and hacking conferences in North America and 
Europe, including DefCon, ShmooCon and Hackers On Planet Earth, or HOPE. 
(A few of his recent presentations: "Legal and Ethical Aspects of 
Wardriving," "Standards Bodies ... What Were These Guys Drinking?" and 
"New Wireless Fun From the Church of WiFi.")


Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on Thu Jul 24 2008 - 02:02:33 PDT

This archive was generated by hypermail 2.2.0 : Thu Jul 24 2008 - 02:15:38 PDT