We posted the first part of this "interesting" article back at the start of March, Hack a Mac in an Apple store (8th March 2002), so here is part 2, via NewOrder... :)
- After setting up each respective laptop with the required software and wireless cards, Off we went to the mall, each with our respective machines in backpack and an itch to explore, we initially setup shop right outside our target.
*turning machines on...*
*select kernel...*
*blinky lights on the NIC...*
We stumbled onto a completely unprotected 2megabit pipe to the internet. No obscure channel settings. No obscure host settings. No WEP encryption present. Completely default settings on the Mac store"s wireless links.
Through further examination, we also found that there was no cap set on bandwidth (meaning we had complete access to the capacity). As much as we laughed initially, this was really more sad than anything. It"s unfortunately common to run into this sort of situation. A newer technology hitting the retail markets, consumers (and some technicians) not familiar enough with it"s capabilities.
Many people we"ve brought our findings to have insisted that this was an isolated incident and that what could potentially happen has been exaggerated. I"d love to think that was the truth. I"d love for you people to prove me wrong, but so far that just isn"t the case.
Although it wasn"t documented as thoroughly as our Mac store exposé, we were also able to confirm connection to an open wireless router connected to a partial ds3 (21megabit) in one of the largest metropolis" in the US.