[Promotum] How to screw with the RIAA and not get caught

Edmund A. Hintz ed@hintz.org
Wed Sep 24 12:16:03 2003 

So the RIAA has been going after folks lately in the much publicized
lawsuits, which are rather obvious intimidation tactics. And that got me
to thinking of ways one might continue to share while not getting nailed.
Mind you, I'm not sharing, as I don't care enough about the issue to risk
losing massive amounts of money, this is just a simple fairly obvious way
to shift the blame to some poor unsuspecting bastard. Which is not
something I endorse, but I expect it's already happening. And will happen
more as the RIAA gets more aggressive.

It all comes down to Peter Shipley's (rather old) work with wireless
security. Besides the war driving which has become so hip lately, he also
displayed a rather interesting side effect of 802.11. In this
presentation from Defcon9,

<http://www.dis.org/filez/openlans.pdf> 

with the use of an inexpensive 24db antenna, he demonstrated logging into
networks in the SF financial district from the Berkeley hills. This would
be an ideal setup to obscure the origination of the machine sharing the
contraband; you could be using some poor fools broadband connection from
as much as 10-20 miles away, and he'd get the heat from the RIAA. I
suppose it could be traced and triangulated, but it would not be an easy
task with a directional antenna. The victim probably wouldn't have the
savvy to do it, and the RIAA wouldn't listen to the victims protestations
of innocence; in their world everybody's a criminal. Given the ubiquitous
nature of wide open 802.11 networks, this would be simplicity itself to
setup. Additional steps to cloak ones identity would be to set the hw
address of the 802.11 card to something random, and change victim
networks once every month or two. And not routing any of your traceable
personal traffic over the hijacked connection.

While WEP isn't even close to being secure, I'd expect that using it and
filtering hw addresses would probably be sufficient to deflect this sort
of thing away from the average person. Nobody's gonna bother spending the
time to crack your WEP and spoof your HW addr if your neighbor's AP is
wide open.

Regards,

Ed Hintz
ed@hintz.org