Wardrive shows Wireless Networks still Wide Open

A wardrive was performed at a recent computer security class in Texas. The results… stunning.

Wardriving usually consists of driving around in a vehicle searching for Wi-Fi Wireless networks using Aircrack-NG, Netstumbler, Kismet or another similar program. Information can be gleaned from available Wi-Fi networks including what type of security that they are using. It is the modern version of wardialing which was very popular in the 80’s and early 90’s where hackers would call blocks of numbers looking for a computer.

According to the graph, 13% of the Wi-Fi networks had no security at all.  And a whopping 45% were using WEP, which has been cracked a long time ago. Only 18% were using WPA2. So in effect, 58% of the detected networks would have been easy pickings for a hacker. They might as well have hung a big “Welcome!” sign on their network.

San Francisco did not fare much better:

 Here, 47% had either no security or easily defeated security. WPA is not 100% safe either, your safest route is the current WPA2.

I was actually shocked at the high percentage of unsecure Wi-Fi systems. With the dangers of Wi-Fi so well-known, it just doesn’t make sense. In fact for a product to even qualify for the Wi-Fi label, it must have WPA2 security. And that has been the standard since 2006!

You would think at this stage of the game, manufacturers would have taken the choice out of consumers hands and make the default security WPA2 out of the box.

Please check your Wi-Fi security settings to be sure that they are not set to “WEP” or worse yet, “None”. Also, if you have a wireless box that only supports WEP, it needs to be replaced with a newer, more secure version. When hackers scan your network from across the street, you want them to find a “No Admittance” sign!

(Photos courtesy of Sam Bowne. Sam has done amazing work in advancing the legitimacy of Ethical Hacking in mainstream academia. Check out his website at http://samsclass.info/)

4 thoughts on “Wardrive shows Wireless Networks still Wide Open”

  1. I’m really not surprised that wireless is still so insecure. All wireless security is turned off by default so that the average user can get the thing to work. Can you image what would happen if it came with the security turned on? LOL

    The technology on both ends need to be changed to be secure from the first minute it’s turned on. We need something like this:


  2. WEP = Where Everyone Penetrates. FFS, I don’t think the department stores even use that anymore. Have had to fix up a few friends and relatives machines set to standard WPA though. I gotta agree, anything below WPA2 is asking for trouble.

    1. I hear you Philo!

      I was an executive at a small engineering company for a couple years. The CEO bought a wireless AP and connected his machine to it. He was having some wierd problems and I checked it out.

      The AP was turned on and my boss was getting a great connection to it. It just couldn’t see the other machines. Upon further inspection, the company next door just happened to have the same AP and never changed any of the defaults, including administrator password.

      His computer was connecting to their AP. Crazy…. 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.