Wardrivers: Pioneers or Pirates?

Wardrivers: Pioneers or Pirates?

Photo of author
Written By Eric Sandler

By Daniel Casciato

August 06, 2008

For as long as there has been Wi-Fi, there have been wardrivers. This fringe community of geeks and Wi-Fi enthusiasts have made significant contributions to the worldwide Wi-Fi industry–and they’ve also gotten a bad rap. UPDATE: On August 5, 2008, the Department of Justice cited wardriving as a key element in the largest hacking and identity theft case it has ever prosecuted. But was it right?

Related Articles

Update: On August 5, 2008, the Department of Justice (DOJ) issued a press release announcing the indictments of eleven defendants in what is believed to be the largest hacking and identity theft case ever prosecuted by the DOJ. It states that the co-conspirators “obtained the credit and debit card numbers by ‘wardriving’ and hacking into the wireless computer networks of major retailers.” Since some would say that wardriving is as much like hacking as driving down a street and cataloging the number and location of mailboxes is like mail fraud, we are reprising this article from May 16, 2008 to help clarify the term.

What initially attracted Lee Almodovar of Fremont, CA to wardriving was the possibility that he was breaking the law. He began wardriving in 2000, right out of high school, after discovering Walmart stocked inexpensive Wi-Fi cards.

“At this time, I also acquired my first car and had a few computers that dual-booted between Windows and Linux,” said Almodovar, adding that he had a custom built ‘cantenna’ on his car for the purpose of wardriving. “The initial thrill of the thought that I could be breaking some random law drew me to wardriving—to mapping the neighborhood—and just overall experiencing the Internet in a method unlike I had ever experienced with dial-up.”

Today, Almodovar (below, right) rarely wardrives, but admits that he does find himself looking for open networks when he’s out on business or pleasure with his laptop or PDA. 

“While the cantenna mount on my first car doesn’t exist on my current car, and a wireless access card affords me the pleasure of 3 Mbps Internet on-the-go, the occasional thrill of jumping on someone’s network for a quick e-mail download or YouTube video is still a guilty pleasure,” he said.

“Wardriving”—the act of driving around with a computer, PDA, or GPS, and logging Wi-Fi networks that are open, secured, or protected—comes from the movie War Games, where a young Matthew Broderick “wardialed” by having his computer repeatedly dial numbers to search for a modem connection. While the terminology makes it sound like it is something nefarious, the purpose of wardriving is more about simply mapping the locations of Wi-Fi hotspots. Many wardrivers would then add these locations to helpful online databases, like Wefi.com, Wigle.net, or Netstumbler.


End of the road?

Although wardriving was a popular activity in the late 90s, Ryan Woodings, founder of the Wi-Fi company, MetaGeek, believes that wardriving is a dying trend.

“With more and more open networks, it’s becoming less popular,” he said. “There’s less need to log where the open networks are when there are so many open networks now, no matter where you go. The geeks who are doing the wardriving are losing interest because there are just so many open networks.”

Marc Kolb (below, right), who works with Best Buy’s Geek Squad in New York City, offers two main reasons why it’s no longer popular.

“One of the reasons is the sheer cost of it,” he said. “People who wardrive generally try to get the most advanced receivers that they can. This is a costly expenditure and it doesn’t exactly improve their chance at wardriving. It’s not fiscally feasible to wardrive.” 

Additionally, the connection is usually intermittent, he said. “When you’re not actually close to the network, the performance exponentially drops. So, if someone is cruising in their car, trying to wardrive, they’re not going to get a very good signal.”

Marc Fossi, manager of development for security response at Symantec in Calgary, believes that interest in wardriving is waning, but only to some extent.

“I suspect that, potentially on the hobbyist side, it has died off a bit, but there are still criminals out there who see if they can get into corporate networks, and those guys are going to be doing it very quietly and not publishing any of their findings,” he said. “So of course, it will seem there’s no more interest in wardriving, but those guys are still out there looking to access corporate networks.”

Mistaken identity

Marc Kolb 3.jpg

Evert Bopp, founder of Ireland-based Air Appz maintains that wardriving is not malicious and has gotten a bad rap. Many people confuse wardriving with piggybacking—the act of logging on to an unauthorized network. This, says Bopp, should not be confused with true wardriving, which is merely the act of locating and documenting or mapping the networks.

“There are a lot of negative connotations there because people mistake wardrivers with hackers, which they are not,” Bopp said. “A wardriver would never access the network. Wardrivers can detect networks without ever accessing them. All you need to do is pick up that signal and that’s enough for wardriving—that’s all the information a wardriver wants.”

Bopp, who has done some wardriving, acknowledges that some wardrivers do cross the line.

“But when they do, that’s no longer part of wardriving,” he said. “Wardriving in its essence has nothing to do with accessing unsecured Wi-Fi networks. It’s pure and simple an activity that will detect and map Wi-Fi networks, secured or unsecured. This can be done on foot, driving, or even cycling.”

Risky business

D. Kent Pingel, (below, right) a public relations professional from a world-wide public affairs firm and blogger, known as The Wi-Fi Guy, warns that whether you are warwalking, wardriving, or warcycling, this can be a dangerous activity, especially for novices.

“There has been much discussion of evil twins, the sites that are designed to look like a known, branded hotspots, but are actually fake sites or traps, designed for the innocent to log on and give up personal/financial information,” he said.  “Beware.  Pay attention when you log on.”

Robert Siciliano, CEO of IDTheftSecurity.com agrees.

“For the uninformed wardrivers, they may happen upon an unsecured free wireless connection that has been set up specifically for their uninformed naive selves in the form of an ‘evil twin’ that will intercept all the data they transmit for purposes of committing fraud,” Siciliano said.

Siciliano offers these security precautions:

·  Consult your wireless carrier or the manufacturer of your devices to determine what steps you need to achieve wireless security.

·  Install virus protection and set to automatically download and install updates. 

·  Pay close attention to the settings on the main servers for all wireless devices.

·  Protect your wireless connections.

·  Set administrative privileges.

The greatest impact that wardriving has made on the wireless industry is that it has forced wireless device manufacturers to think about security as well as usability.

WFG Leans Tilt.jpg

“Wardrivers inadvertently raise awareness that access points need to be secured—for the protection of the home or business and for the end-user as well,” said Pingel. “The security angle certainly gives AT&T and Starbucks a leg up over the mom and pop shop that has little if any security for their access point.”

“I would actually say that in the U.S. it seems to have dropped a bit, but in Europe, the number is actually growing every year,” he said. “There are people constantly doing this.”

John Gordon, chief architect at Devicescape Software, Inc., says that today’s wardrivers go beyond just finding an open connection. Specific databases are now being linked to such applications as Google Maps so that you can pull up a map online that not only shows the detected Wi-Fi networks, but also shows you who was the last person to detect the information, who was the first person, and whether it is a secure or an unsecure network.

“Most of these databases include the BSSID as well as the SSID and the geographic location,” he said. “Since the BSSID is unique—or at least should be—this makes these databases usable for geo-location as well. The iPhone’s Google Maps application has shown that this can be made to work pretty well in areas where there are plenty of access points to get a fix from.”

Since the new generation of wardrivers has become more sophisticated, Pingel says the activity is here to stay. “They’re using better equipment such as GPS units and capturing more data about the access point… I think most wardrivers do it because ‘it is there’ as the mountain climbers say, or because ‘they can.’  It is challenging to a degree.  It is exploration and discovery… it is all about the hunt.” 

Monetizing the map

Skyhook Wireless CEO, Ted Morgan, says wardrivers played a crucial early role in helping to map the Wi-Fi hotspots that make up the Skyhook database. In a February 2008 interview, he told Wi-FiPlanet, “The hobbyists–wardrivers who do this for fun—it struck us that we could use this for determining location, that you could get incredible value out of something you didn’t build.”


An example of a wardriver’s map.

“Wardrivers drive around to see who can pick up more signals, and then they upload them and have contests to see who has the most,” said Morgan. “We got into that to see what they’d found, and that’s what got us thinking about what new models could emerge from this phenomenon. The signals have grown exponentially. We’ve mapped 31 million access points.”

Skyhook has signed major partnership deals in recent months to provide Wi-Fi mapping services to Apple’s iPhone and geo-tagging to Eye-Fi’s Eye-Fi Explore (coming out in June). What started as a curious hobby has turned the company Morgan founded five years ago into a very successful venture. As of this month, Skyhook says it has mapped hotspots that cover more than 70 percent of the population in North America; in Europe, the top 50 metropolitan areas are mapped, along with 70 percent of the population in Germany, France, and the UK. The rest of Western Europe should be covered by mid-summer. Coverage expansion in key Asian markets, including Japan, Korea, Taiwan, and other countries is also in the works. His team has done this, essentially, by wardriving.

“We send out hundreds of people in trucks with devices scanning for signals and mapping the locations,” says Morgan. But, instead of calling them wardrivers, he calls them “data collection specialists.”

“They drive every single street–think about LA and how large that area is—we’ve driven every single street. It takes hundreds of people. We have 300 people now doing it across the world.”

As for the true wardrivers, Morgan says, “We learned a ton about the growth of Wi-Fi by doing that for a while, but I don’t proclaim to understand the wardriver thing. We tried working with that community a lot early on, but it’s hard to work with them because it’s hard to know what motivates them. They don’t do it for money. They like to be on the hacker fringe, doing the different thing. It’s a very active group, all over the world. They communicate regularly on Web sites. They’re nice people.”

Daniel Casciato is a freelance writer from Pittsburgh, PA. In addition to writing for Wi-FiPlanet, he writes legal, medical, real estate and technology-related articles for trade and consumer publications and recently launched his own copywriting business. For more information, visit www.danielcasciato.com. Additional reporting by Naomi Graychase.

Leave a Comment