Monday, January 29, 2007

Dilbert - The Knack

Got this from Adrian (thanks! I love you, Man!)

This is my mom and me when I was young. Adrian pointed out what a great voice the guy has.

Sunday, January 28, 2007

How to Increase Your Wi-Fi Signal

OK, this guy is dorky and the tin-foil hat/antenna he made is so ghetto BUT his thing on carrier waves and the CAT 5 wrapped cell phone - pure genius.

Monday, January 22, 2007

Repost: Why Would Anyone Think Wireless Is Easy?

I really love this post over at Tech Dirt. It illustrates the fallacies that most people have about implementing Wireless VOIP. The VOIP guys think all they have to do is plop down an AP and shebang! VoWiFI.

I especially love this sentence, "When we begun developing the mobile phone version we didn't realize the number of technical obstacles. It is challenging and is taking much longer than expected"

What are some undiscussed issues surrounding San Francisco's Metro WiFi plans?

I am a San Francisco resident and I have been pondering this Google/Earthlink deal for quite awhile. I authored a couple of postings at Glenn Fleischman's WiFiNetNews site and Om Malick's GigaOm and I am just reposting because I feel that I did not get a sufficient answer to them , although there were some interesting comments later. Here are some open questions to the world at large:

How does the SF WLAN look to affect existing WLANs? What about the businesses that are in and around SF that already have WiFi? Is this new network going to stomp all over the existing networks? Causing co-channel and adjacent channel interference? Are employees of these networks going to connect to the free network while still connected to the wired Ethernet cable of their company's network. Possibly opening up a security hole? What if your company has a "No Wireless" policy, will you be able to just sit by a windows and connect to the MetroWLAN to check your stocks, Gmail account etc? What kinds of security/ authentication system (if any) are going to be used in the big Muni wireless deployments like Philadelphia and San Francisco to ensure the privacy of your internet communication.

Many companies have invested a great deal of time and money into putting up wireless networks in their offices. Some financial companies spent up to a million dollars on their WLAN. This new network may cause a whole host of problems for them. Did anyone consult with any of the existing businesses in downtown SF and/or Mountain View as well? [Editorial Note: I later learned there was an open forum and the results were hilarious. I have also learned that the City's Board of Supervisors is less than optimistic about the whole plan, regardless of the PR steamroller that The SF Chronicle has implemented] Should citizens and businesses have a say in how their "airspace" is used?

It sounds honorable and good to provide free WiFi to the community. I live here in SF and nobody asked me nor did they put up a votable resolution, They are just doing it. This was proposed years ago for a fraction of the cost it would take to implement now by the BARWN folks but was dropped. Why?

I still have to pay for Water, Trash, Phone, Streets, Schools etc. Why should I get free WiFi? I would rather get free trash pickup, or lower local taxes. (We liberals love taxes ;-)

If Gavin Newsom, Mayor of our fine city, has so much buy-in, or Mountain View as well, then why are so many of the companies in these areas scared to death that their investment of hundreds of thousands of dollars might just have been for naught. I have personally spoken to several IT people in Mountain View that really do not want Google's WiFi to tempt their users to connect to it instead of the encrypted and authenticated network that is provided for them.

I also have heard that people who are near one of the Metro WLAN APs cannot use their internal WLAN because the free city WLAN is MUCH LOUDER than their own (Caps are intended). So now what do they do? The Tropos APs that are being implemented in Mountain View and are being considered for San Francisco, are 1 watt (4 Watt effective output) transmitters. thats 40x more powerful that a default configured Cisco unit (which comes at 100mw). Additionally, there are only 3 non overlapping channels, so chances are 100% that this network will stomp all over the internal WLANs of Wells Fargo, PG&E, Charles Schwab and whoever else has offices downtown.

Similarly, in SF we already have around 100 APs per block, residentialy. We have been unwired for years. Heck, every coffee shop in town, of which there are legion, has free WiFi. So why do we need all this other WiFi drowning everything else out?

I actually asked a gentleman that works for a Mesh AP firm about this, He said not to worry about it, that the skin of the building would block a majority of the signal. Then after I distracted him with a tangential question I brought him back around with this question, "how do get access to the signal from my house, this is supposed to provide the community with Internet Access. will I be able to hear it from the core of my building?" and he replied, "...of course you will we will be transmitting at 4W (effective). It will be like I was right there in your living room."

Friday, January 19, 2007

I was in the papers a few times also...

So maybe I am in a, "toot your own horn" kinda mood. (I must not get enough love at work) but I thought I would catalog some props from my past.

I have been printed in a variety of articles in the mainstream press, most of which I am very proud of. For example, I just happened to be a a h@x0r convention in Washington DC called ShmooCon on behalf of AirMagnet when Simple Nomad relased a [kinda] zero day for wifi. I was just hangin out afterwards when a reporter from the Washington Post grabbed a seat at my lonely table to discuss it. Brian Krebs is very well respected and I was happy to talk to him so we chatted about how lame it was that Microsoft kept having stuff blow up on them and this one was such a silly thing. It really blew us away. He asked for a real interview to learn how this had been effecting some of my customers - which it had - and then we went a had a few beers.

You see I was getting calls from a bunch of my customers saying that they were seeing bizarre SSIDs showing up on the Dashboard of our IDS, AirMagnet Enterprise. And to top it all off, they were all in Ad-Hoc, or peer-to-peer mode. SSIDs with names like, linksys, tmobile, hpsetup and wayport-access. My customers were blaming our software, saying we were, "sending false positives". Well, it turns out it was Microsoft's fault the whole time. Go Figure.

Brian is a great guy so I will probably grab a few beers with him this year when I go out in March, but it just goes to show you that 80% of success is just showing up (thanks Woody Allen).

Here are some other links to press on me:

Here is the Washington Post piece. And almost exactly a year later, here is Microsoft's resolution to the vulnerability.

I conducted a walk around with the New York Times (didn't get a mention but my neighborhood did).

And here are a bunch from DefCon 13 where I found a bunch of radio interference:

Wireless Week


EE Times

Information Week

There is also some stuff from waaaaayyyyy back with computer world and a ton of ISSA, ISACA and other speaking engagements. too old to worry about.

Hey, I was on TV!

So a long time ago, I was asked by my V.P. of Marketing at the time, Rich Mironov (One of the best Marketing guys I know, BTW), to assist our PR firm with a show they were putting together. Tactical to Practical on the History Channel. It is a show where in the first half hour they show the military doing something really cool and then, for the second half hour they show you how you, The average American, can do something similar with stuff you can pick up from Frys.

It was a fun shoot. I brought along a friend of mine, Jon Erikson, who wrote a fabulous book called the Art of Exploitation. One of the most well received books on security exploits I know of. He and I were to conduct an actual hack over wireless at a hotspot in downtown San Jose for the cameras.

Jon had a few prepared 'splots he wanted to run. One was a MitM attack with stream injection. I would search for, oh, lets say, "shrimp" at Google and he would substitute, say, "giant" for "shrimp" so all the returns from Google were about really big things. Kinda funny but a hard concept to convey in 15 minutes to a TV audience.

The other idea was pretty simple (read:LAME), I would log into my mail account and he would snarf my password and go read my mail. It came off OK and they kept it as the final for the show. It was fun to do and we got a ton of inquiries. I actually get about 15 minutes of airtime. So there is my Andy Warhol quote for the day. Here is the link: Bruce_on_TV