[spectre] News about the the exhibition "Touch me" in Zagreb,
fritz.d at chello.nl
Tue Sep 20 00:49:05 CEST 2005
Printers made people mad
During the exhibition "Touch me" in Zagreb, Croatia, art group NRD Van
broke into local insecure wireless networks. The group hijacked several
users printers and fooled them into believing they became alive by
printing information about their online habits. Two people suffered
injuries as result of fearful reactions. In an exclusive interview with
... we tried to shed some light as to why there was so much
manipulation with and abuse of animals, and in the end also people, in
the "Touch Me" exhibition. The talk with the artists lead us also to
check up on certain information with the T-Com, whose unprotected
wireless networks were used by the NRD Van artists as their chosen
medium of manipulation. But let start from the beginning:
What happened? What is your work about?
To do our work we have chosen completely uprotected wireless networks
that the T-Com is installing around with such a hype. These networks
provided us a good example for end user ignorance meeting corporate
greed for profit.
There is a large number of them installed all around Zagreb and we have
decided to tinker with that setting in order to start, in an
entertaining way, a communication with users of particularly insecure
Networks that particularly appealed to us were those where we could
find printers that could be accessed once you were connected to their
It needs to be noted that those are not simply networks that you can
connect to and access Internet, but networks where the key network
component "wireless router" was left without a password, so that we
could do anything we please without owners of those wireless nodes ever
By using the router user name and T-Com's on-line telephone directory
we could soon dig out the address and the first and last name of the
account owner. The remaining data used in printing on remote printers
were recorded by monitoring and rdirecting the network traffic our way.
With a little bit of knowledge about network technologies in such
insecure networks in real time one can track in real time data such as
address and content of a web page that user is visiting at the moment
or text of an email message that user is receivig or sending at that
How were you entering the "communication" with users?
After intercepting their private data, we would initially first print
out on their printer: "Dear so and so, can you please check if I have
enough paper? I was silent for so long that I would now like to print
out entire novels..."..
After that we would wait for couple of minutes to send another message:
"What do you mean who?! Me, your printer that has finally come to life,
isn't that exciting :)"...
..After that we would most commonly relate the messages to the current
stream of data that we would get if the person would start to search
the web (and some of them immediately googled for the message) or to
the data we had already before printing out the first messages.
For us this seemed as a amusing and interesting way to let people know
that their communication infrastructure is fragile and that they should
do something about it...
Yet two people got hurt... One smashed his printer against the floor
and injured his foot in the process, while the other jumped through the
window freaked out by the printer that "came to life"?
When we speak of jumping through the window, we're not sure it can be
said that it was our intent to make people do such things.
The genious radio experiment "War of the Worlds" that Orson Welles did
in 1938 has proven that art can and, in a way, must question the limits
of mediation through media.
In our talks with the injured and their families it was Orson Welles's
example that people could grasp and accept as a key reference and
acknowledgement that our work can indeed be called art.
Besides shocking them, you also made them learn something new, didn't
Learning through shock, manipulation and complex mediation are exactly
the artistic forms and procedures that we find interesting and that we
use in our work. Here we'd like to take a quote from Walter Benjamin
who says: that a revolutionary author should overcome the constrains of
dealing with product in order to bring about a transformation of "tools
of production"., and that culture and art must contain a dialectical
Such a statement in these post- times probably seems too doctrinary,
but we think that the society lingers behind the modern condition
established by communication technologies, and therefore to start
catching up we need to resort to the old school ideas of K.Marx or
What do you think what will the people whom you have scared,
manipulated and, in the manipulated, injured think of such
Those who got scared live in a state of permanent fear anyhow, while
for those whom we have manipulated and we continue to manipulate we
wish that the process of learning will start as soon as possible. To
those who got hurt we apologized and promised to buy them a new
printer, DVD release of "War of the Worlds" and a GNU/Linux LiveCD. We
also configured their router, so they are secure now. And they typed in
their own passwords ;)
... yet it was their accident that helped you get into the coverstories
of CNN, BBC, ...
The whole media coverage in our case is a complete scam, that is pure
You quoted the corporate greed as a reason that there is so many
insecure networks in Zagreb?
We have quoted a combination of user ignorance, complete absence of
will to learn anything related to computers _and_ corporate greed for
profit as instrumental in generating such situations.
Ignorance and absence of will to learn new things became so deeply
rooted through decades of tradition and culture of using computer and
new technologies. Those who have contributed most to this situation are
the two technological mega-corporation Microsoft and Apple. Their users
are proud dummies.
In this particular case of our insecure wireless networks the T-Com
knows all to well that leaving wireless nodes installed in users'
appartments completely unprotected, even without a password for loging
into and taking control over the node, leaves users at the mercy of
anyone who commands basic knowledge of how networks function. The only
reason for leaving nodes as they are is to reduce costs of maintenance
and user support, and thus to increase profits. In this way the T-Com
allows its users an easy log on onto the node, but users are not aware
that this means also an easy log on for anyone in their vicinity.
You claim that leaving nodes without password is solely the
responsibility of T-Com?
Solely. The Telecommuncations Act, Article 105 clearly states: (1)
Provider of public telecommunication services must undertake necessary
technical and organizational steps in order to make secure own
telecommuncation services, and together with the operator undertake the
necessary steps to protect the security of telecommuncational network.
Steps undertaken must ensure the level of security adequate to the
level of danger for network security, provided that technical and
technological solutions exists and costs of such steps are reasonable.
(2) In case of a particular danger for telecommuncation network
security, the provider of public telecommuncation services must notify
users of its serevices of the existence of such danger. If the danger
is beyond the reasonable steps the services provider must undertake,
the services provider must notify users of its services of possible
counter-measures to remove the danger and/or its consequences,
including the notification of potential cost of such steps.
(3) Provider of public telecommuncation services is required to
delegate a person resposible for impelementation of steps from this
In the case of wireless networks, the T-Com is not implementing any
level of security it is required to, and we still recall the dialer
bills that it tried to push its users to pay. A low level of security
means low maintenance costs, low costs of user care and often, as in
the dialer case, just another chance to rip off the ignorant. When
viewed against the background of a culture of ignorance promoted by
leading actors of software industry, the existing condition can hardly
What could in your opinion change this existing condition?
More information about the SPECTRE