Kevin Poulsen, SecurityFocus 2003-11-12
In a rare wireless hacking prosecution, federal officials this week accused two Michigan men of repeatedly cracking the Lowe's chain of home improvement stores' nationwide network from a 1995 Pontiac Grand Prix parked outside a suburban Detroit store.
Colapse all |
Post comment
Wireless hacking bust in Michigan
2003-11-13
-=CORE=- (5 replies)
-=CORE=- (5 replies)
Wireless hacking bust in Michigan
2003-11-13
Anonymous (1 replies)
Anonymous (1 replies)
Surprised there aren't large and more varied criminal enterprises at stake here given how simple the task of cracking wireless (well, cheap wireless anyway)....
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-18
Joseph (2 replies)
Joseph (2 replies)
It seems so easy to just change the settings of a wireless network, and yet administrators don't go that extra mile.
Security should be taken more seriously in general and things like patching and anti-virus updates should not be neglected by anyone.
It's time that we all wake up...
J...
[ more ] [ reply ]
Security should be taken more seriously in general and things like patching and anti-virus updates should not be neglected by anyone.
It's time that we all wake up...
J...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-13
dual_parallel (3 replies)
dual_parallel (3 replies)
The BestBuy store located in Chesapeake, VA "needs to be looked at".
LinkSys WAP54G/Admin/_blank_...
[ more ] [ reply ]
LinkSys WAP54G/Admin/_blank_...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Anonymous (1 replies)
Anonymous (1 replies)
Um... I agree that those punks are immature and do seem to deserve what they are getting.
Also, Lowe's security needs to be scrutinized. After all, they are just inviting attacks if they don't use encryption and yet transferring transactions datas wirelessly.
Hopefully, this will opens the ...
[ more ] [ reply ]
Also, Lowe's security needs to be scrutinized. After all, they are just inviting attacks if they don't use encryption and yet transferring transactions datas wirelessly.
Hopefully, this will opens the ...
[ more ] [ reply ]
Re: Wireless hacking bust in Michigan
2008-03-13
Simple
Simple
I don't forsee the wireless security of many stores changing for the better any time soon. Mostly because most people dont think much about. Until companys start personaly enforcing a rule that it's stores must use atleast WEP. As for what they did yes it was immature, and they take it to far. On t...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-13
Anonymous (1 replies)
Anonymous (1 replies)
Wireless hacking bust in Michigan
2003-11-14
<secure72 (at) hotmail (dot) com [email concealed]> (1 replies)
<secure72 (at) hotmail (dot) com [email concealed]> (1 replies)
ITT
2003-11-14
Anonymous (2 replies)
Anonymous (2 replies)
An ethics class at ITT. HA!... HA!
2007-02-13
Anonymous
Anonymous
Anybody making money from ITT tuition is going straight to hell when they die. The school is a cruel joke. The classes get worse and worse every quarter and the credits don't transfer to anywhere. The fact that this scam has been going on makes me lose all faith in humanity. I am going to go to...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
MINDeSET (1 replies)
MINDeSET (1 replies)
Since Lowe's does business in California, are they subject to the new disclosure law?...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Anonymous (1 replies)
Anonymous (1 replies)
the way i see it is all websites that use personal data would have to disclose intrusions due to the fact that Californians can visit a site in say Vermont and the consumer still lives in California ( did that sound right?)...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
CC_Guy (1 replies)
CC_Guy (1 replies)
Wireless hacking bust in Michigan
2003-11-14
bachroxx
bachroxx
Theres another angle that should be harped on here. Its bad enough that they were able to penetrate the system, but that is (to me) not the worst thing that happened. Why were they able to use Lowes network to get unfettered access to other stores and why weren't they detected until they made a wh...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
David Feligno (2 replies)
David Feligno (2 replies)
Loews is the one to blame here. Any kid can make a Sniffing device and roam around for a signal. It is not against the law to sniff, but it IS against the law to steal CC information. Loews should have known better than to allow a thing like this to happen, and it will cost them dearly. Luckily for ...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-17
Anonymous (1 replies)
Anonymous (1 replies)
How can you say Lowes is the "one" to blame? I agree that they should have some security measures in place. But not having a secure wireless network does not give everyone the right to use it. Lowes should have protected their customers, but the crime was committed by the two individuals....
[ more ] [ reply ]
[ more ] [ reply ]
Re: Wireless hacking bust in Michigan
2008-03-13
Anonymous
Anonymous
I dont know about that, I believe that if a wireless network does not have any kinda enncryption it sould not be ilegal to for anyone to use is. Think of it as using walkie talkies right. Your on a PUBLIC channel, normally anyone can listen or transmit over that channel. As with most walkie talkies ...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Wireless hacking bust in Michigan
2006-06-03
Anonymous
Anonymous
this whole "hacking" thing is getting out of control! screw anyone saying you cant "borrow" wireless service from a neighbor, well I say hell yes you can!!! If he is a retard and doesnt encrypt the he has it coming! thyre wireless waves are invading my home and personal space wether im in my home or...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Anonymous (2 replies)
Anonymous (2 replies)
Gents;
One CRITICAL point in this article just does not make any sense. It suggests to use the
BASIC, EASILY CRACKABLE, POORLY IMPLEMENTED AND INSECURE WEP Encryption Protocol.
Some of you might remember how easy it is to crack with a simple scientific calculator, I mean, at least, suggest ...
[ more ] [ reply ]
One CRITICAL point in this article just does not make any sense. It suggests to use the
BASIC, EASILY CRACKABLE, POORLY IMPLEMENTED AND INSECURE WEP Encryption Protocol.
Some of you might remember how easy it is to crack with a simple scientific calculator, I mean, at least, suggest ...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Kevin Poulsen <klp (at) securityfocus (dot) com [email concealed]>
Kevin Poulsen <klp (at) securityfocus (dot) com [email concealed]>
I really wasn't recommending WEP, as such (though it's certainly better than nothing). IMHO, whether or not Lowe's was using WEP is relevant context to the story, not because WEP would have prevented intrusions altogether, but because it serves as a no-trespassing sign and a barrier against casual ...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Anonymous (1 replies)
Anonymous (1 replies)
Well, if you read the article it suggested using WEP as a "No Trespassing" sign of sorts. Not the is all and ever-will-be of encrytion....
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-18
Anonymous
Anonymous
A "No Trespassing" sign in and of itself is not a security measure. However, it does serve as notification that crossing into the perimeter that it defines will give the rightful owner the admittedly dubious right to shoot you.
In this instance, had Lowes deployed WEP deliberate actions would ha...
[ more ] [ reply ]
In this instance, had Lowes deployed WEP deliberate actions would ha...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-14
Anonymous (1 replies)
Anonymous (1 replies)
This will become more commn as Companies go with a Cheaper solution, affraid to spend the money for Security, 802.1x
I have seen Small business ask for the cheapest Linksys available only to open themselves to further security risks. We all know WEP is not a security mechanism....
[ more ] [ reply ]
I have seen Small business ask for the cheapest Linksys available only to open themselves to further security risks. We all know WEP is not a security mechanism....
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-15
==Maclover==
==Maclover==
The security of wep isn't really the issue, just turning on wep, even a wimpy 40bit, legally (at least in the US), declares the site off limits and allows violators to be prosecuted, even if they aren't like these idjits and actually deploy the 'tools' they found websurfing.
I personally enjoy wi...
[ more ] [ reply ]
I personally enjoy wi...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-15
Anonymous (1 replies)
Anonymous (1 replies)
damn. my local coffe shop has more security. Im not going to shop at lowes anymore. hasn't anyone heard of repeaters??...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-17
Pee
Pee
I feel that WEP could work better if it was implemented better, any system broadcasting the same key for a long period of time is putting themself at risk to a cracker. Although in saying that its not always possible with a great detail of traffic on the WAP becuase as has already been proven it can...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-17
Mark Addams
Mark Addams
It comes as no surprise; however, many of these retailers that *claim* that they have "securified" their wireless networks have done nothing shy of a smokescreen to dispel any rumors and raise consumer confidence levels back up again.
If customers *feel* that they're secure, then they'll buy/spen...
[ more ] [ reply ]
If customers *feel* that they're secure, then they'll buy/spen...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-17
Mark Addams
Mark Addams
I have another question to ask, one that even Kevin Poulsen will attest to. What if a suspected person is a ham radio operator???
I haven't met a ham radio operator that DOES NOT HAVE LESS THAN 3-4 antennas on the top of their vehicle. If I were smart, I'd tell the local PD that I was participa...
[ more ] [ reply ]
I haven't met a ham radio operator that DOES NOT HAVE LESS THAN 3-4 antennas on the top of their vehicle. If I were smart, I'd tell the local PD that I was participa...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2003-11-18
Anonymous
Anonymous
Its this simple, people are lazy and no one takes pride in their work. Why use wireless to begin with, especially in a store where running cables isn't a big deal. The one reason that there will always be security problems is because people look for shortcuts. In cases like lowes, not doing the simp...
[ more ] [ reply ]
[ more ] [ reply ]
Wireless hacking bust in Michigan
2005-06-24
Aspnet74
Aspnet74
More companies need to be well aware of Wireless Network Vulnerabilities such as:
 Unencrypted wireless traffic
 Unauthorized APs
 RF signals that are too strong
 Wireless equipment that?s easy to Access physically
 Default configuration setting e...
[ more ] [ reply ]
 Unencrypted wireless traffic
 Unauthorized APs
 RF signals that are too strong
 Wireless equipment that?s easy to Access physically
 Default configuration setting e...
[ more ] [ reply ]
Wireless hacking bust in Michigan
2005-09-03
JHN (2 replies)
JHN (2 replies)
I can't believe they did their first access to the Lowe's system at 11:20 PM. I'm curious if they did the rest of their accesses at the same time. How suspicious looking. It seems like people who get caught stealing WIFI fit into two concise scenarios:
1) Committing criminal acts (fraud, id theft, ...
[ more ] [ reply ]
1) Committing criminal acts (fraud, id theft, ...
[ more ] [ reply ]
Re: Wireless hacking bust in Michigan
2006-04-19
Anonymous (1 replies)
Anonymous (1 replies)
Why the hackers did get only 6 credit card numbers? They could have got more than that?
...
[ more ] [ reply ]
...
[ more ] [ reply ]
[ more ] [ reply ]