Home » Data Protection » Network Security

News

Covert Operation Floats Network-Sniffing Balloon

After Riviera hotel management nixed his planned demonstration, one defcon hacker found a way to launch what he calls a warballoon

By Robert McMillan, IDG News Service( San Francisco Burea)

August 12, 2008 — CSO —

Rick Hill won't say where he launched his "wardriving" balloon on Friday, but he will tell you that it got a pretty good look at about 370 wireless networks, while scanning up and down the Las Vegas Strip.

Hidden in the back of a 22 foot (6.7 meters) moving truck, Hill and his team of about a dozen volunteers launched the balloon Friday morning, sending it 150 feet into the air for about 20 minutes to use special antennas and scanning software to scope out the Las Vegas skyline for unsecured wireless networks, an activity Hill calls "warballooning."

Hackers have practiced wardriving for years, driving around in cars with computers and specialized software that sniffs for networks.

Two years ago Hill set his sights a little higher and fired off a model rocket loaded with similar equipment -- and gave a Defcon presentation on that project -- but warballooning is something new. In his day job Hill is a senior scientist with Tenacity Solutions, a security services consultancy in Reston, Virginia, that works with the government.

Despite methodical preparation for this year's Defcon, and Federal Aviation Authority (FAA) approval, Hill's warballoon almost didn't take off at all.

That's because management at the Riviera Hotel, host of the Defcon hacking conference, changed its mind late last week and told him that he could not launch the balloon from hotel property. In fact, the Riviera said, he couldn't even bring the warballoon into the hotel. The reason for the grounding was vague. Riviera staffers told Hill that local police were concerned after a nearby casino had complained of the operation.

Hill suspects that local authorities might have been spooked by the fact that he called his device a warballoon. Something less bellicose might not have caught anyone's attention.

Still, he and the team who helped him were upset at being grounded. They felt that they had met all the legal requirements, but they couldn't get FAA approval to launch the balloon from another nearby location on such short notice.

But Hill, an amateur rocketeer, knows his FAA regulations, and he realized that if he launched the balloon more than five miles from Las Vegas's McCarran International Airport, he wouldn't need any federal sign-off.

The balloon he was using was rented from a national company that rents out the devices for real-estate photography. And though he knew that the balloon was perfectly legal to fly, he was still a little worried about local police shutting him down."That's when we did plan B: the covert operation," he said.