Colorado Sheriffs To WarDrive For Safety

rwx writes "The Sheriff's Department in Douglas County, Colorado says it's going to start warning computer users that their networks may be vulnerable to hackers. It plans on equipping its patrol cars with devices that detect unprotected computer networks, and distributing brochures to computer users in vulnerable areas, instructing them on how to password protect their networks."

how long

[Nafai7 (53671)]

before governments try to make open wireless relays illegal? I set my wireless connection at home open on purpose...

Re:how long

[v1 (525388)]

I leave my WAP open. (of course I have set the administrator's password though) My wap's SSID is "call (my phone number)". So far I've only gotten one call but there are about 1/2 dozen regular users and the odd hit from a new MAC about once a week.

The bandwidth they use is inconsequential. I suppose if a neighbor decided to go wild on bittorrent or something I might have to take action, but for now it's free lunch if you're in my neighborhood. That's the way I'd like it to be everywhere, so it makes sense for me to help it along in any way I can.

The city next door has a public utility that does cable modems among other things. They have set up WAPs on street lights all over town, and if you have cable modem service you can use it to login to any WAP in the city. Coverage is pretty good, close to 100% downtown. It'd be nice if they would support it with tax dollars and open it up completely, but that's not terribly likely to happen. Maybe in a few years.

Re:how long

[Mysticalfruit (533341)]

I have a distinct feeling that when the FBI kicks in your door and takes your computer to see what kiddie porn sites you've been surfing, having random unknown people using your internet connection won't seem so cool anymore...

Re:how long

[2short (466733)]

Better be careful, and don't be nice to strangers, or some completely improbable bad thing might occur! Be afraid! Be afraid!

I can pick up 5-6 access points from my house. All are locked down except for one named "BeMyGuest"; I've used it a few times when my connection has been down, and when I figured out who's it was, I invited them to my barbecue. So I hereby counter your hypothetical, not very logical threat of an FBI raid, with the actual, already realized threat of: Free Beer.

Re:how long

[MooUK (905450)]

NO! Not the free beer! Save us all!

Re:how long

[Roskolnikov (68772)]

If the FBI shows up looking for kiddie porn and you've got it I suspect they're not worried about the anonymous individuals who might have got their attention from your free WAP.

In other words, if you've got an open WAP and there isn't any evidence on your systems you have little to fear and a lesson learned, freedom comes at a price;

my WAP is open, it is linked to a multi-homed router that can tell the difference between my systems and others, my wireless systems can see
my other home systems the rest are g

Re:how long

[ScrewMaster (602015)]

No, it depends upon who they want to have been surfing the kiddie porn sites.

Re:how long

[houghi (78078)]

I would welcome a law that at least forces manufacturors to sell them with secured settings by default.

First connection and you are forced to change the password. Default password? No connection on your WAN.
See it as car manufacturors selling cars with safety belts. That way when you decide to open your connection it is YOU who decide to do it.
Most people won't bother, just change the default settings and be done with it and end up with a securer network.

Re:how long

[Phillup (317168)]

Careful what you ask for.

The law of unintentional consequences dictates that in order to fulfil your wishes... you will have to upgrade to the latest version of Windows to run that configuration software.

(and yes... there are better ways to do it, but this is an industry pawning over the droppings of an 800 pound gorilla)

As long as that's all they're doing

[Jabrwock (985861)]

I don't see the harm. Now if they are doing anything like making notes on who's routers are open for future "fishing expeditions", I'd be concerned, but if all they're doing is saying "hey bud, your front door is unlocked, just ta let ya know..."

Seeing as how most people have no idea that their wireless routers are so insecure by default...

Re:As long as that's all they're doing

[QRDeNameland (873957)]

but if all they're doing is saying "hey bud, your front door is unlocked, just ta let ya know..."

Personally, I wouldn't like it at all if the cops went around checking my front door to see if it were locked (especially if they did not obtain my consent to do). Of course, that differs a bit from scanning for open wireless access points because checking my front door requires them to trespass on my property.

My bigger issue with the wireless scanning would be paying these public servants with my tax dollar

Re:As long as that's all they're doing

[Jabrwock (985861)]

so if a cop poked his head into your house because your front door was unlocked...you wouldn't mind?

Actually, in my neighborhood, they sent around an officer to advise people on how to save money on their insurance, pointing out stuff like window security, deadbolt strength, just general stuff. Things you wouldn't necessarily think of.

As I said, as long as all they did was note you had an open network, and handed you a pamphlet talking about wireless security, and nothing further, no, I wouldn't have

Re:As long as that's all they're doing

[shotfeel (235240)]

Just for the fact that analogies must be stretched and abused, I'll say,

Its not like he's sticking his head in the door, he's only driving by to see if the door is already open. If yes, he leaves behind a safety tip on how to close and lock your door.

Limit access?

[JayDot (920899)]

Will this limit access on that great free wireless lan called "linksys"? I hope not; I didn't want to have to actually pay for Internet access after college.

What would happen...

[OctoberSky (888619)]

What would happen if they came to my house? I have a open network (really an access point). We share no files between computers and if someone (neighbors, friends, guys in cars out front) wants to hop on my signal I couldn't care less.

They can get online and I invite them too (network is titled "OPENNETWORK"). I wonder how the cops would respond if I told them that I purposely set it up to allow people to wardrive onto my internets?

Re:What would happen...

[Atzanteol (99067)]

They probably won't care? They're just letting people know that it can be insecure because most people aren't aware of it. It's like letting people know their front door is open. If you did it on purpose, that's okay. But if not then you may want to be told.

Re:What would happen...

[RexRhino (769423)]

While I think it is great that you are running an open network for the benifit of others... and I wish that our society wasn't so damn authoritarian that it was something we had to worry about.

But yikes, could you imagine the problems you could have if someone was using your open network for downloading child porn, or even for trading copyrighted music or movies, or for some sort of "terrorist" activity. Even if you have nothing to do with it, when the authorities have trouble catching the people actually doing the cimes they are going to look for a scapegoat, and that will be you for "recklessly enabling" the crime!

I am not saying you are doing anything morally or legaly wrong, I think what you are doing is a good thing. But I think what you are doing is a bit unwise. Just like it is morally right for Falong Gong to openly practice their religion in China, but it is a very bad idea for them to do so... I say it is a bad idea to run an open network! Sorry, but your instinct for self-preservation should be higher than your altruism.

Re:What would happen...

[2short (466733)]

Gee, you're right! Better not help anyone, because they might be bad! It starts with running an open network, but next thing you know you'll be helping an old lady cross the street, and she could be a terrorist! Don't you know it's dangerous to go around being nice? Stay locked in you home being afraid, it's safer.

Re:What would happen...

[Jude T. Obscure (721864)]

"Sorry, but your instinct for self-preservation should be higher than your altruism."

Isn't it often people for whom this is *not* true that really get things changed for the better?

Just saying.

People who want to share?

[SydShamino (547793)]

What do you want to bet that the police will hassle the first person who:
A) has permission from their service provider to offer a Wifi hot spot,
B) wants to leave it open for the public, and
C) tells this to the police officer who tries to give him a brochure?

Re:People who want to share?

[amliebsch (724858)]

Is that really allowed under most TOS? I was under the impression that most home service prohibited you from using it for public access.

Reminds me of the Movie Hackers

[neonprimetime (528653)]

FTFA
He also says hackers can upload or download such things as child pornography.

From a famous movie ... hackers penetrate and ravage delicate public and privately owned computer systems, infecting them with viruses...

Hackers?

[Gates82 (706573)]

I love how the articles makes it sound like you need to be a hacker to connect and access the web through someone else's open access point. As has been argued many times, when you leave a WAP wide open you are infact authorizing anyone who connects the privilege of using that network. A request is made and access is given, but using the Windows Wireless Connection utility to connect would hardly be hacking.

--

So who is hotter? Ali or Ali's Sister?

Oh good!

[Chabil Ha' (875116)]

I'm glad the policy are out making the city safe from wireless access points. Of course, now that all the drug dealers, rapists, pedophiles, theives, robbers, murderers, prostitutes, and school bullies are off the street, the next logical step is to make sure that the wireless APs are closed up.

I can feel the warm safety of encrypted radio waves already!

This isn't their 'department'...

[TheDarkener (198348)]

What do Sheriffs care about peoples' wireless network devices? Unless I'm bashing my wife over the head with my access point, I don't want a Sheriff to even tell me what to do with my freggin' network.

What's next? Are they going to start testing peoples' front doors to see if they're unlocked? Again, it's none of their business, and it's wasting taxpayer money. Stick to your department, which is upholding the law.

Re:This isn't their 'department'...

[value_added (719364)]

What's next? Are they going to start testing peoples' front doors to see if they're unlocked?

And that would be a bad thing? Some years ago cities and police departments figured out that abandoned building were a breeding place for crime and started going after landlords to either secure the property or face penalties ranging from fines to loss of the property. The result was that crime dropped, and the neighbourhood became livable.

Mind you I'm not suggesting an open network is analogous to a vacant crack house, but being a good and responsible neighbour is good for everyone involved, whether that's a residential area or the internet doesn't make much difference. It's perfectly reasonable that the responsibility is shared by everyone.

If one of my neighbours leaves their door open, that's fine by me. But if the habit or a laissez-faire attitude starts inviting problems (allowing strangers to party, kids hanging out, etc.) it's a different story altogether. Similarly, I couldn't care less if the average Windows user can't or won't grasp the necessity of securing his or her system, but if that system starts spewing out spam that ends up in my inbox, then yes, I would care. Someone taking the trouble to get involved and checking up on such dimwits can only be A Good Thing.

Stick to your department, which is upholding the law.

Given the state of affairs today, I'd prefer everyone be required to pass a proficiency test and receive a license to use a computer. No, I'm not kidding. Until that or something similar happens, the "law" is going to remain a hodge-podge of rules and regulations that remain mostly unenforced leaving people to think It's All Good and what people do or don't do doesn't really matter since no one's in charge anyway.

Re:This isn't their 'department'...

[QCompson (675963)]

And that would be a bad thing?

Yes, how could police officers going onto your private property and testing your doors to see if they are locked possibly be a bad thing?

I actually have a local policeman that comes into my house at night and makes sure I place my wallet in a secure location before I go to sleep. He also checks all the window-blinds to make sure no terrorists or pedophiles can see into our windows. Recently, I put in a request for a uniformed officer to monitor my children while they draw pictures; I wouldn't want them to poke themselves in the eye with a crayon.

Given the state of affairs today, I'd prefer everyone be required to pass a proficiency test and receive a license to use a computer.

Agreed. Computers are very, very dangerous if they fall into the wrong hands. If there was some way we could pour money into a complicated beuraucratic licensing system, I'd be all for it.

 

Check to see if my front door is locked

[bigtrike (904535)]

While they're at it, they may as well check to see that people's front doors are locked too. Criminals might break in and use their computer when they can't get a wireless signal.

This just give them an excuse...

[johnny cashed (590023)]

To surf for porn^H^H^H^H information while they are sitting in the cruiser at a remote location with the A/C running. Hey boss, I'm just in the neighborhood looking for open access points. Child porn is one of the big "boogeymen" out there. I'm suprized they didn't throw "terrorism" in there somewhere.

This is what real cops do

[MikeRT (947531)]

Cops aren't supposed to armed and trained like the military. Their purpose is to keep the peace and peacefully prevent crime where they can. A large part of that is politely informing private citizens if they see something that could get them victimized. It's not common anymore because riding around with a loaded gun and the ability to bust down doors to raid drug users/dealers (if your stash is big, you must be a dealer). It's just not cool to do such old granny policing when the SWAT offers you the chance to play urban warfare with targets that typically don't fight back.

Re:This is what real cops do

[alshithead (981606)]

In a lot jurisdictions you can get your local police department to come and give a security inspection of your property. They'll look at lighting, locks, shrubbery, etc. If they were just adding this as an item on to their checklist for the service the already offer, I think it wouldn't bother me so much.

Why is everyone so upset?

[Ocular Magic (948250)]

I don't understand why everyone is getting so mad. It's not like they're going to use signal strength monitors to track the router in your moms basement. They're going to find neighborhoods that have a lot of vulnerabilities and distribute "FLYERS" to let people know how to secure their networks. If you don't want to secure it, don't. They aren't going to knock down doors and force you to do it. In my opinion, what they're doing is just a service. Of course, if they take it to the extreme and start forcing people to close their networks, it would be bad.

The best example I can think of is the police driving through my grandparents neighborhood and noticing a lot of roll up garage doors partially opened to vent the heat buildup in the garage. Do they knock down your door and force you to close it? No, they sent out a flyer notifying people of the possible crimes that could happen as a result of it being rolled up. Am I missing something here?

Observations from WarBussing

[Hannah E. Davis (870669)]

I'm actually surprised that they didn't do this sooner. There are a hell of a lot of unsecured wireless networks in any city, and it's not like the cops are peeking into anything that isn't incredibly public already. As an experiment, I once spent an entire bus ride home repeatedly scanning for wireless networks on my DS. Most of the ones I found were unprotected, including one which even had the word "secure" (written in l33t, no less) as part of its name. Unfortunately, all of the networks with particularly interesting or creative names were secure, including one called "No free internet for you", and another with the particularly clever moniker of "I steal credit card numbers." Gotta wonder what the cops would think of that one...

Awfully inefficient

[johnsu01 (759478)]

The idea that an open network could be used for nefarious purposes is irrelevant. When you leave a tip at a restaurant, you might be enabling your waiter to go home later and purchase some child porn, or maybe even to buy a gun and kill somebody. There are any number of ways to connect each of us and the resources we control to criminal activities. But the ability to connect dots like this is not a sufficient justification for making policy that restricts the way we use or share our resources. Not only is it my right to share my network how I choose (assuming it's within the bounds of my ToS, although even then this is a contract issue and not one the police need to be involved in), but it is beneficial to society to allow this kind of sharing to happen, as people will use that connection for economically productive uses, and waste less time investing in security measures. It seems to me that they should be policing a little closer to the actual specific crimes they are worried about. If they are worried about child pornography, then monitoring close to the supplier is surely a lot more efficient than trying to monitor the wifi network of every single person in the county.

Here come the kiddy porn cops to sniff your ports

[gelfling (6534)]

C'mon at least make up a better bullshit story than "It's for your own good". You guys are parking on WiFi LANs so that you can claim you're looking for

Kiddy Porn
Child molesters
Porn Molestors
Sexual predators
Kiddy porn predator molestors
And terrorists.

And you'll catch almost nobody except some innocent person as always.

Well, it'll take them awhile

[Mr. Freeman (933986)]

Seriously, I walked around my (small) neighborhood the other day with a laptop and netstumbler. I picked up over a hundred networks, 90% of which were open.
And yeah, I live in Colorado.

It's great to know that the cops will now be focusing on the real danger. Instead of those drunk and/or reckless drivers, we'll be warning people about their wireless networks.

In a related news story...

[Gat0r30y (957941)]

the Douglas County Sheriff's Office now gets free high speed internet from Comcast for their tireless efforts in making everyone pay for thier own cable internet... It's Craptastic!

don't they have something better to do?

[Ralph Spoilsport (673134)]

According to their OWN statistics, crime in Douglas county is on the increase, some of it quite serious, and these mutton heads want to go around wasting resources looking for open networks.

You can find the statistics here [dcsheriff.net]

The numbers were up in all but a handful of categories.

Murder & Non-Negligent Manslaughter - 3
Negligent Manslaughter / Vehicle - 1
Sexual Assault by Force - 73
Sexual Assault on a Child - 104
Incest - 15
Robbery - 16
Kidnapping - 72
Assault with Weapon - 80
Assault without Weapon - 551
Burglary to Residence - 446
Burglary to Non-Residence - 186
Theft over $500 - 1021
Theft under $500 and over $100 - 758
Theft under $100 - 764
Embezzlement - 1
Possession of Stolen Property - 106
Motor Vehicle Theft - 245
Arson - 41
Criminal Mischief - 1240
Drug Violations- 569
Bribery, Extortion - 22
Gambling - 1
Fraud - 899
Pornography, Prostitution - 9
Weapons Violations - 35

The douglas county cops need to ge their priorities straight.

RS

That's no way to do it

[Deadstick (535032)]

distributing brochures to computer users in vulnerable areas, instructing them on how to password protect their networks

Lame approach...that brochure will go in the basket with the aluminum siding ad. Better to leave them an email or an IM: "Hi there, Mr. Joe Blow! We were just driving down Partridge Meadows Blvd while you were browsing www.kidpoontang.com and thought you'd like to read this page about encryption and passwords..."

rj

Re:Open nets are good for everyone

[by Anonymous Coward]

Let's see:
-I can intercept the data being sent so I can passively and actively (I believe someone made a program that let's one return arbitrary data to webrowsers on wireless networks):
--steal passwords
--steal private information

-Take advantage of unsecured systems as there is no firewall/router blocking the ports

-Possibly change the settings of the wireless router

except the ignorant owner

[bunions (970377)]

I can't believe any significant percentage of residential open networks are open on purpose. Most are linksys or netgear or whatever routers, still set to the default channel, ssid and password.

I think the idea of cops (or anyone) delivering a note explaining what the threats are and what you can do to fix it (if you'd like to fix it) is great. Good for Douglas County.

Re:Wireless broken? noo....

[MindStalker (22827)]

So what, I can pick your front locks in a matter of seconds do I do it? No. If your front door is left wide open will I walk in? Maybe probably not. Point is in polite society we lock doors that we don't want people to casually go through. If you presist and go through them anyways you are a criminal. Otherwise you can get by with the "I didn't know any better" defense. Lock door are a sign that you don't want intruders not the ultimate defense against intruders, same as WEP. (Or course you can go with WPA

Re:Yeah

[88NoSoup4U88 (721233)]

Seriously, why is every, -every- idea immedeately shot down because of -some- negative rammifications it might have: Ohyes, don't warn people of nearby pickpocketeers, as it might certainly hint other people to pickpocket in that area!

As soon as I read the article summary, first thought was that this is finally an active (and not too expensive) stance against this sort of vulnerabilities: All the time people here on Slashdot complaint that Joe Average doesn't know shit about protecting his own computer/co

Re:Yeah

[script_daddy (846338)]

Heh, the first response to a story is almost always a snarky putdown; I think it's become something of a tradition. God forbid the story is a dupe, then there's going to be snark overload.

I swear to God, if a news-item such as this would appear on the frontpage ..

Bill Gates has announced that he's realizing that Microsoft Windows is an inferior product and has decided to rebuild Windows Vista on a Linux kernel and release it under a FOSS license. Additionally, he is reported to have bitchslapped Steve Ballmer repeatedly claiming that "[sic] Man, I've been fucking longing to do that."

.. it's a pretty safe bet that the first reply would be something like this:

Yeah, so why didn't he hit him with a proper blunt weapon or shoot him in the face or something like that?

Pickpockets

[teasea (11940)]

Actually there was story I read once where the sign 'Beware of pickpockets' was put up by pickpockets. The people would see the sign and check the pocket with their wallet in it. Then the pickpockets knew which pocket to pick.

Amusing actually.

Re:Pickpockets

[Kamineko (851857)]

I would have just stolen the sign, myself.

Re:Yeah

[blueZhift (652272)]

Actually this sounds like a decent and neighborly idea. It would be better though if they had someone other than law enforcement do the notifying since the real point isn't that some horrible criminal things might happen if you leave your access point open. The point is to make people aware of something that maybe they did not intend to do and thereby give them a choice. Having "the man" come by to tell you about it can have nothing but negative vibes. Some people want to leave there access points open, but

Chicken, meet Egg.

[Elemenope (905108)]

Cases of abuse aside (and they really do happen, perhaps not as often as is perceived, but often enough that nearly everyone has had at least one bad experience), the reason that cops get such a chilly reception is that they do "too much protecting" and "not enough serving". That is, usually people only are interacting with a cop if one, they are in trouble, or two, are recently a victim of trouble. If police departments put as much emphasis on the public service announcement schtick, people might react to them with less chill. But, as you point out, they can't perform that function well if people feel chilly towards them. Its a cycle that needs to be broken somewhere, and its easier to change department policy than to spontaneously change the public's attitudes.

Of course, it might also help if police departments changed some of the policies that feed into the disquiet that most people have with their police, such as the 'blue wall', or de facto harrassment, or discouraging legitimate complaints, or not having a system for filing said complaints anonymously. That might help too.

Re:Chicken, meet Egg.

[TheJediGeek (903350)]

Well, since I LIVE in Douglas County, Colorado, I think I have a valid opinion.
The Douglas County Sheriff's Department has NOTHING better to do. Seriously. There's a lot of them for a county that's not very big. They also have a reputation for being... shall we say... a little over zealous. (the earlier /. story from NH would fit right in here) This is the type of law enforcement that WOULD take this too far.
Also, there's TONS of open APs in town. Almost the entire county residents are middle class

Re:Waste of Time

[jrockway (229604)]

This is very important police work. If there are open APs, people might be able to communicate freely and anonymously. We don't want any of that now, do we?