[spectre] News about the the exhibition "Touch me" in Zagreb,
Croatia
Darko Fritz
fritz.d at chello.nl
Tue Sep 20 14:30:48 CEST 2005
well, as far i get it, the hacker's ethic is about to show weakness of
the system in order to improve it.
in this case it get little unexpected ways ...
more about Touch me exhibition , curated by Kontejner, Zagreb:
http://www.kontejner.org/dodirni%20me%20e.swf
best
d
On Sep 20, 2005, at 11:16, martin pichlmair wrote:
>
> when i was in edinburgh last week it amazed me to see how few wireless
> networks up there are open. in fact, the only way of checking email
> would have been to buy an account at t-mobile (think it was 5
> pound/hour) and sit in a starbucks cafe to read my mails. so much for
> the mega-corporations.
> in contrast, the city of tallinn (the estonian state?) seemed to have
> equipped half of the city with free hotspots and here in vienna there
> is certain tradition of running open wireless networks in cafes. of
> course the access points themselves are usually password-protected.
>
> so: what is this project about?
>
> is it art as an attack on free networks and freedom in general?
>
> don't they know that real evil crackers are not attracted without
> challenges?
>
> one more story:
> there is a shop near vienna that has no cashiers, and neither
> cash-desks. goods - mostly from farmers living in the village - are
> there in plenty; mostly sheep and goat products e.g. milk, meat and
> cheese. everything is price-tagged and the customer is ordered to drop
> the money into a box in the shop. now if i were one of the NRD Van i
> would presumably walk into that shop and exchange all price tags or do
> any other funny stuff to teach people about their (quote from below)
> "... combination of user ignorance, complete absence of will to learn
> ...", would i?
>
> maybe i'm just a bit critical today and teaching people computer
> security is right by all means - even when enforcing behaviour through
> code (by encrypting and securing wireless networks without any need)
> ........
> martin
>
> ps: my wlan at home is open. use ssl to protect my proprietary laptop
> (from the "technological mega-corporation" that builds on bsd). i
> trust people not to misuse it and so long, no one did. would be happy
> if someone ever contacts me when i'm online at home.
>
>
>
> On Sep 20, 2005, at 12:49 AM, Darko Fritz wrote:
>
>>
>> http://www.kontejner.org/priopcenje/
>>
>> from bbc
>> http://nrd.picigin.net/app/backend/Spoof_9/news.bbc.co.uk/frames.html
>>
>> Printers made people mad
>>
>> During the exhibition "Touch me" in Zagreb, Croatia, art group NRD
>> Van broke into local insecure wireless networks. The group hijacked
>> several users printers and fooled them into believing they became
>> alive by printing information about their online habits. Two people
>> suffered injuries as result of fearful reactions. In an exclusive
>> interview with the artists...
>>
>>
>>
>> ... we tried to shed some light as to why there was so much
>> manipulation with and abuse of animals, and in the end also people,
>> in the "Touch Me" exhibition. The talk with the artists lead us also
>> to check up on certain information with the T-Com, whose unprotected
>> wireless networks were used by the NRD Van artists as their chosen
>> medium of manipulation. But let start from the beginning:
>>
>>
>> What happened? What is your work about?
>>
>> To do our work we have chosen completely uprotected wireless networks
>> that the T-Com is installing around with such a hype. These networks
>> provided us a good example for end user ignorance meeting corporate
>> greed for profit.
>>
>> There is a large number of them installed all around Zagreb and we
>> have decided to tinker with that setting in order to start, in an
>> entertaining way, a communication with users of particularly insecure
>> networks.
>>
>> Networks that particularly appealed to us were those where we could
>> find printers that could be accessed once you were connected to their
>> wireless network.
>>
>> It needs to be noted that those are not simply networks that you can
>> connect to and access Internet, but networks where the key network
>> component "wireless router" was left without a password, so that we
>> could do anything we please without owners of those wireless nodes
>> ever noticing.
>>
>> By using the router user name and T-Com's on-line telephone directory
>> we could soon dig out the address and the first and last name of the
>> account owner. The remaining data used in printing on remote printers
>> were recorded by monitoring and rdirecting the network traffic our
>> way.
>>
>> With a little bit of knowledge about network technologies in such
>> insecure networks in real time one can track in real time data such
>> as address and content of a web page that user is visiting at the
>> moment or text of an email message that user is receivig or sending
>> at that moment...
>>
>> How were you entering the "communication" with users?
>>
>> After intercepting their private data, we would initially first print
>> out on their printer: "Dear so and so, can you please check if I have
>> enough paper? I was silent for so long that I would now like to print
>> out entire novels..."..
>> After that we would wait for couple of minutes to send another
>> message: "What do you mean who?! Me, your printer that has finally
>> come to life, isn't that exciting :)"...
>> ..After that we would most commonly relate the messages to the
>> current stream of data that we would get if the person would start to
>> search the web (and some of them immediately googled for the message)
>> or to the data we had already before printing out the first messages.
>>
>> For us this seemed as a amusing and interesting way to let people
>> know that their communication infrastructure is fragile and that they
>> should do something about it...
>>
>> Yet two people got hurt... One smashed his printer against the floor
>> and injured his foot in the process, while the other jumped through
>> the window freaked out by the printer that "came to life"?
>>
>> When we speak of jumping through the window, we're not sure it can be
>> said that it was our intent to make people do such things.
>>
>> The genious radio experiment "War of the Worlds" that Orson Welles
>> did in 1938 has proven that art can and, in a way, must question the
>> limits of mediation through media.
>>
>> In our talks with the injured and their families it was Orson
>> Welles's example that people could grasp and accept as a key
>> reference and acknowledgement that our work can indeed be called art.
>>
>> Besides shocking them, you also made them learn something new, didn't
>> you?
>>
>> Learning through shock, manipulation and complex mediation are
>> exactly the artistic forms and procedures that we find interesting
>> and that we use in our work. Here we'd like to take a quote from
>> Walter Benjamin who says: that a revolutionary author should overcome
>> the constrains of dealing with product in order to bring about a
>> transformation of "tools of production"., and that culture and art
>> must contain a dialectical component too.
>>
>> Such a statement in these post- times probably seems too doctrinary,
>> but we think that the society lingers behind the modern condition
>> established by communication technologies, and therefore to start
>> catching up we need to resort to the old school ideas of K.Marx or
>> W.Benjamin. ;)
>>
>> What do you think what will the people whom you have scared,
>> manipulated and, in the manipulated, injured think of such
>> interpretations?
>>
>> Those who got scared live in a state of permanent fear anyhow, while
>> for those whom we have manipulated and we continue to manipulate we
>> wish that the process of learning will start as soon as possible. To
>> those who got hurt we apologized and promised to buy them a new
>> printer, DVD release of "War of the Worlds" and a GNU/Linux LiveCD.
>> We also configured their router, so they are secure now. And they
>> typed in their own passwords ;)
>>
>> ... yet it was their accident that helped you get into the
>> coverstories of CNN, BBC, ...
>>
>> The whole media coverage in our case is a complete scam, that is pure
>> unadulterated lie.
>>
>> You quoted the corporate greed as a reason that there is so many
>> insecure networks in Zagreb?
>>
>> We have quoted a combination of user ignorance, complete absence of
>> will to learn anything related to computers _and_ corporate greed for
>> profit as instrumental in generating such situations.
>>
>> Ignorance and absence of will to learn new things became so deeply
>> rooted through decades of tradition and culture of using computer and
>> new technologies. Those who have contributed most to this situation
>> are the two technological mega-corporation Microsoft and Apple. Their
>> users are proud dummies.
>>
>> In this particular case of our insecure wireless networks the T-Com
>> knows all to well that leaving wireless nodes installed in users'
>> appartments completely unprotected, even without a password for
>> loging into and taking control over the node, leaves users at the
>> mercy of anyone who commands basic knowledge of how networks
>> function. The only reason for leaving nodes as they are is to reduce
>> costs of maintenance and user support, and thus to increase profits.
>> In this way the T-Com allows its users an easy log on onto the node,
>> but users are not aware that this means also an easy log on for
>> anyone in their vicinity.
>>
>> You claim that leaving nodes without password is solely the
>> responsibility of T-Com?
>> Solely. The Telecommuncations Act, Article 105 clearly states: (1)
>> Provider of public telecommunication services must undertake
>> necessary technical and organizational steps in order to make secure
>> own telecommuncation services, and together with the operator
>> undertake the necessary steps to protect the security of
>> telecommuncational network. Steps undertaken must ensure the level of
>> security adequate to the level of danger for network security,
>> provided that technical and technological solutions exists and costs
>> of such steps are reasonable.
>> (2) In case of a particular danger for telecommuncation network
>> security, the provider of public telecommuncation services must
>> notify users of its serevices of the existence of such danger. If the
>> danger is beyond the reasonable steps the services provider must
>> undertake, the services provider must notify users of its services of
>> possible counter-measures to remove the danger and/or its
>> consequences, including the notification of potential cost of such
>> steps.
>> (3) Provider of public telecommuncation services is required to
>> delegate a person resposible for impelementation of steps from this
>> article.
>>
>>
>> In the case of wireless networks, the T-Com is not implementing any
>> level of security it is required to, and we still recall the dialer
>> bills that it tried to push its users to pay. A low level of security
>> means low maintenance costs, low costs of user care and often, as in
>> the dialer case, just another chance to rip off the ignorant. When
>> viewed against the background of a culture of ignorance promoted by
>> leading actors of software industry, the existing condition can
>> hardly be changed.
>>
>> What could in your opinion change this existing condition?
>>
>> GNU/Linux
>>
>> ______________________________________________
>> SPECTRE list for media culture in Deep Europe
>> Info, archive and help:
>> http://coredump.buug.de/cgi-bin/mailman/listinfo/spectre
>>
>>
>
More information about the SPECTRE
mailing list